AntiSpyware vs AntiSpyware XP
p2pnet news view Freedom | P2P:- A little while back I had an email from a long-time p2pnet reader accusing me of allowing a scam company to advertise on p2pnet. She also posted a ‘warning’ comment.
I deleted it and emailed her saying she’ d made a mistake, and telling her why.
But this wasn’t the first time.
Every now and then I get an email complaining p2pnet advertises spyware. Or someone posts a comment to that effect.
They’re referring to AntiSpyware (right), which has been a valued p2pnet supporter for a long time.
It is NOT a scam app. But there is a second rogue application called AntiSpyware XP, or XP AntiSpyware, which, “redirects the user to a fake/scare scan page of the infamous XP AntiSpyware /XP AntiVirus rogue security applications,” says Bharath’s Security Blog, going on »»»
The WinSoftware, Inc aka LocusSoftware Inc aka Innovative Marketing is behind this scam. They are using many sites to redirect the users to their fake/scare scan pages.
Even the XP AntiSpyware logo is an AntiSpyware rip-off.
The AntiSpyware XP people change their active scam site all the time, says Bharath, adding:
“The site XPDownloadings.com works as a repository for the rogue installers while the XP-Antivirus.com site is used for payment processing.
“The scammers also avails a user to sign up for an upgrade to File Shredder 2008 FileShredder2008.com, which is again a crapware they are exploiting Lavasoft’s application name ‘File Shredder’.”
If you’re still not convinced, there are tons of other references to AntiSpyware XP, or XP AntiSpyware.
And since I’m on the subject of the real AntiSpyware, McAfee is also responsible for incorrect data.
Linked to red sites
“When we tested this site we found links to antispyware.com, which we found to be a distributor of downloads some people consider adware, spyware or other potentially unwanted programs,” says McAfee’s much (by McAfee) vaunted Site Advisor.
McAfee has been defaming p2pnet with ‘warnings‘ for years and the pic on the right is just the latest iteration in a series of graphs created, presumably, to prove the point that it’s dangerous.
Because of this, under Spyware or Adware WOT (Web of Trust) states unequivocally that p2pnet is “engaged in the distribution of malware”.
Earlier versions of the McAfee charts are below.
We’re surprised the People’s Republic of China hasn’t sued it for defamation. You’ll note that in the graph on the right and below, Xinhuanet.com and AntiSpyware are in red.
According to MacAfee, red means “adware, spyware, or viruses”.
We can see how all three claims could apply to the PRC.
China is, after all, one of the most repressive regimes in the world and spying on its citizens is just one of the many crimes against humanity it can be charged with.
But Xinhua is the official China state news agency and it’s doubtful that it engages in planting spyware and viruses, or carries adware. Or maybe it does and perhaps McAfee is correct.
Meanwhile, as of yesterday, McAfee also had a ‘user review summary’ (screenshot) in with seven ‘green’ listings and a single red one.
Sixteen people said No Worries, but one claims we’re a spam site, and eight others list us as carriers of, “adware, spyware, or viruses”.
But in its tests comprising seven downloads, “we found [all seven] downloads on this site were free of adware, spyware, and other potentially unwanted programs,” admits McAfee.
Under Online affiliations for p2pnet.net, “When we tested this site we found links to antispyware.com, which we found to be a distributor of downloads some people consider adware, spyware or other potentially unwanted programs.”
Some people. They must be security experts, then. But No. McAfee bases its statements on “reviews” like these »»»
P2P Sites period are no good that includes this one. Recommendations: DO NOT VISIT THIS SITE OR GO NEAR IT IF ANOTHER SITE USES THIS SITE FOR ANY PURPOSES DON’T USE THAT SITE EITHER!
jcamp1991
And »»»
Another site that offers other content in addition to it’s malware, so novices will be inclined to rate the site as “good.”
However, if you educate yourselves enough to know that people who pay for webhosting by hosting ads with malicious content are not “legitimate” news sources.
This site should remain red, those reviewing it as green should have their future “advice” ignored.
MWS
Back to AntiSpyware, in a comment post under a McAfee-slags-p2pnet story, “So I was looking into this, and I can tell you what`s going on with AntiSpyware.com being suspicious,” said Josh, continuing »»»
AntiSpyware.com has an affiliate program for which they allow people to sell some of their products at huge markups. They use a service called ClickBank, which is notoriously used by malware writers throughout the world. Essentially, a spyware company will set up an antispyware or antivirus product which is full of fake detections and allows for free installs for scan only, and then sells the removal product. However, the scans are all faked. I`m not saying this is what AntiSpyware.com does. However, they sell their product right along side these vendors on ClickBank. Many botnet controllers will sign up at ClickBank, and then in turn force installs of the free scan only antivirus into all of their infected computers with their affiliate ID (getting a few cents for each install), and then if anyone buys the repair product, they get an even bigger cut. So, essentially AntiSpyware.com is joining this sort of filth by selling their free product along side these other malicious products. McAfee has called them suspicious by association, and hasn`t yet determined whether antispyware.com is legit or not. Honestly, I`m not sure myself yet.
I asked Chris over at AntiSpyware to give us his views, and here’s what he said »»»
I have my own thoughts about the fundamental flaws with the concept of SiteAdvisor, but I won`t go into them now.
But I WOULD like to clarify some of the issues brought up about Antispyware.com, affiliate advertisers and Clickbank.
The main problem is affiliate advertising has become a highly competitive business and pay per click ads are expensive.
Many sites pay affiliates 70-75% commissions but even with that, most affiliates don`t make a profit. The affiliates that make a lot a money do so because they constantly monitor their ads and research new ones.
As far as Clickbank being a haven for malware writers is concerned, this may have been true in the past, but it certainly isn`t the case now, and I don`t know of any current examples.
Any company using clickbank is held responsible if too many customers complain, or there`s a suspiciously high refund rate.
Currently, Clickbank has more than 10,000 publishers. With that many companies generating revenue, it`s not in their best business interests to risk promoting malware makers, even if they wanted to, which they don`t.
That`s why Rogue antispyware companies usually have their own payment system.
Any affiliate we`ve found not following Clickbank`s terms of service, or ours, has been dealt with effectively and quickly.
We`ve also permanently blocked not only rogue affiliates, but also the keywords they used in their deceptive ads.
A lot of work goes into AntiSpyware and 24-hour research centers in the US at the University of South Alabama Research and Technology Park (http://usatechpark.southalabama.edu/parkpartners.html), as well as our offices in Bangalore, to guarantee timely database updates.
Calling it a bad product because of old rumors of Clickbank problems isn`t fair.
Antispyware.com`s goal is to market an honest service which provides an effective, easy-to-use solution to cleaning spyware.
To achieve this, we`ve built an intuitive interface, and we`ve also made sure the program runs happily on the older machines many people still use.
Check it out for yourself here: http://www.antispyware.com/register_trial.php
(Note: Most p2pnet users here will want to un-check p2p files in the settings window
)
Cheers!
Jon Newton – p2pnet
Use free p2pnet newsfeeds for your site. It`s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php
Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.
January 12th, 2009 at 11:30 am
I have a hard time buying this. Mainly because last week I removed an
Antispyware 2009 infection from a machine. It’s logo was exactly like the
Antispyware 2009 logo above.
It resisted all attempts to uninstall by normal means.
It constantly brought up fake lists of virii, which were in fact NOT
on the machine and offered to remove them for a 39.99 fee.
Normal methods of MANUAL REMOVAL also failed.
This is not the behavior of a benign app.
This is the SECOND tangle I have had with this app.
The next time I have to go rounds with it, I will be certain to photo document the
fight at every stage and post it.
January 12th, 2009 at 12:53 pm
Well Dredd, I suspect that PC wasn’t running the app advertised on Jon’s site – malware often masquerades as someone elses legitimate app.
To try and check out this program, a while back, I ran one of my spare Windows installs and clicked the link for Antispyware on here. I downloaded the trial app and ran it. It found a few suspicious cookies and that was it, which is a perfectly normal result. I checked the PC for infections with Kaspersky Internet Security and it came up clean. I was then able to remove Antispyware via the normal add/remove method. I didn’t get an spammy popups while I was using it either, or see any other suspicious behaviour. I didn’t get any suspicous-looking network activity either. I ran a second Kaspersky scan and it came up clean. Note that well designed malware of course won’t show anything of course, so it’s hard to tell the difference between that and a legitimate app, hence the scan with Kaspersky.
I tried googling this product to see if it came up as malware, but there was nothing conclusive, just one or two places down the search results thinking that it was and others saying it was ok. If you try googling a known malware app such as Antispyware XP, then search results light up like a Chistmas tree with warnings about the rogue app. Hence, I would say that Antispyware 2009 is unlikely to be malware.
If anyone can check out Antispyware 2009 more thoroughly, I’d be interested to see their results.
January 12th, 2009 at 1:20 pm
@ Dreddsnik:
Did it ever occur to you that the criminals that make the malware Antispyware 2009 might not have enough respect for copyright to make their own logos, and maybe, just maybe, it’s easier to rip it from a the legit app? DUH!
January 12th, 2009 at 5:32 pm
Being in the IT service industry i think we have responded to over 10 calls in the last week and half becuase of the fake product and the residual infected dll’s from it, i can see how with the name being so close as to why so many people are concerned, but it all stems down to a lack of education of the users, we have been explaining to no end that if something on the internet pops up telling you that you have a virus it is 9 times out of 10 a virus itself and you should just close the window, before you download something google the filename and do some reading, cuz in the end an educated used is one that is less likely to have to phone us for problems like these that can mostly be avoided
January 12th, 2009 at 7:14 pm
” Did it ever occur to you that the criminals that make the malware Antispyware 2009 might not have enough respect for copyright to make their own logos, and maybe, just maybe, itâs easier to rip it from a the legit app? DUH! ”
Why yes, it did actually.
That is why my next go round will be fully photo documented and uploaded.
Most likely I will send the Documentation to Jon.
It also occurred to me that some companies that pretend to be of good will and ‘Well Respected’ often lie to public
sources, knowing that in most cases their facts will not be checked.
The next fight will be CAREFULLY documented and photgraphed for all to see.
January 12th, 2009 at 7:36 pm
@Dredd
There’s a zillion malware programs out there. Why don’t you grab a spare PC/spare Windows install* and try repeating the test I did? That way, you can satisfy yourself that the crapware you were dealing with wasn’t AntiSpyware 2009?
I’m sure that logging your experience here with it would be useful and help clear the air that Jon isn’t peddling malware.
*XP is better, because it’s more infectable.
January 12th, 2009 at 10:12 pm
I’ve run into a couple of people that had the rogue Antivirus2009 on their site. They got it becuase of a popup on a site saying their computer was infected with x amount of virus and to download this app to fix it. They did, ran scans and was then telling them to buy the full version 39.99 to completely remove the virus’s. THey then phoned me and I fixed the problem and told them that seeing they have Norton installed they should never ever believe any popup saying they had virus’s unless it was to come directly from the Norton icon by the clock, and that Norton would deal with the virus or whatever the problem is.
I’ve had no problems with the one on Jon’s site. I’ve installed and removed it on a few machines with no problems.
January 22nd, 2009 at 3:06 am
Hi all,
I am working for a software integrator company. My projects includes working on Java and Ruby on Rails and Ajax. I think Web Services is really cool. We also recently have to now work on REST and they are talking about mashups and Struts. Can anyone tell me if there are some good training or conferences so that me and my team members can get to speed with these technologies. Learning from books is not my cup of tea, even not when I was doing engineering
All the help that group members can provide in this regard is much appreciated.
Thanks,
Vaibhavi
January 22nd, 2009 at 6:41 am
Hi Vaibhavi,
There are several online resources available that you just google for. If any of your team like to read then quality books from wiley and oreilly cover such technologies in detail.
I also highly recommend you could attend the upcoming Great Indian Developer Summit ( developersummit dot com) that is covering Java, Agile, REST, JAX-RS, mashups, .NET, Rich Web, JPA, SOA, rich user experiences, Spring, Groovy and more. They have most of the creators of these technologies as speakers. My team is attending this summit 22-25 apr at IISc campus where we are attending the web conference on April 23 and java on April 24. We have been able to get very good discounts. Maybe all those who are interested from your group can sign up together and get a good bargain from them. what say? I also attended last year’s conference and had a really cool time.
In Hyderabad there is Sun Tech Days with some sun speakers.
Thanks,
Anaz