Announcement

Collapse
No announcement yet.

Rogue/Misleading/Scareware that are not false positive

Collapse
This is a sticky topic.
X
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Tim Xue
    started a topic Rogue/Misleading/Scareware that are not false positive

    Rogue/Misleading/Scareware that are not false positive

    Recently, we found that there are many Rouge/Misleading program on the internet, they often use Google Adwords, Yahoo Overture to place an ad then bring user to their website.

    Some user even paid for those software. Unfortunately it's not false positive, but they are rogueware.

    There are 2 programs like what I said above, they are "Registry Easy" and "Registry Winner".

    First, Registry Easy is the clone of known rogueware "Registry Great", please check the following page:

    http://www.411-spyware.com/remove-registry-great-v5-0

    http://www.spywaredetector.net/spywa...ry%20Great.htm

    http://www.pcthreat.com/parasitebyid-6838en.html

    And there is a page that tell us how to remove Regstry Easy:

    http://www.scanspyware.net/info/RegistryEasy.htm





    So, we can confirm that Registry Great is a fake registry cleaner, it gives misleading result to goad user to purchase it. Full of the fake error and alarm, it's a rogueware.

    From the screenshot and the file MD5 result, you can see that Registry Easy is just Registry Great! And these 2 products are made by the same author. They changed the name and the image, they are cloned products!

    This is the proof why we think Registry Easy is Rogueware.

  • Bicicletas Cosme
    replied
    Yo tengo el spywaredetector y me va muy bien. Taller Bicicletas Madrid

    Leave a comment:


  • wozofoz
    replied
    Guidelines for requesting malware removal assistance

    Originally posted by yin View Post
    After running my scan, it seems that I have a misleading spyware on my computer. I just want to check if 'Vista Anti-Spyware' is indeed a misleading spyware. Messages from this programs keeps popping up alerting me of spware.

    Also, is there any way to get rid of this program?
    Welcome to the forum yin :smile:

    A quick search of the internet does indicate it is Rogueware (misleading)
    Please follow the procedure in the thread Guidelines for requesting malware removal assistance and then wait for a Malware Fighter to respond.

    All the best, woz of oz

    Leave a comment:


  • yin
    replied
    After running my scan, it seems that I have a misleading spyware on my computer. I just want to check if 'Vista Anti-Spyware' is indeed a misleading spyware. Messages from this programs keeps popping up alerting me of spware.

    Also, is there any way to get rid of this program?

    Leave a comment:


  • Alicia
    replied
    Hi Davidcam12,

    For your concern, please try to scan your computer by Security 360.
    Below is the link to download the Security 360 Free version.
    http://download.cnet.com/IObit-Secur...-10967594.html

    Leave a comment:


  • Davidcam12
    replied
    Tim,
    I have used Perfect optimizer 4 in my computer for the last 3 days..

    It is a trial version..But I don't want to purchase..

    Will this software harm my PC?:???:

    Please let me know...

    Leave a comment:


  • fwhoover
    replied
    PC Optimizer Pro, False-Positave?

    Originally posted by Tim Xue View Post
    Others:

    "Registry Winner"



    "Registry Victor"



    From the digital sinature and file info, we can see that they are one product with different name and a little change of the UI.


    And more like "Fix Tool"






    and "Perfect Optimizer"



    These cloned programs report false or exaggerated errors on the computer. Then the user is prompted to pay for a full license of the application in order to remove the threats.
    ==============================================

    TIM,

    I would like to check if "PC Optimizer Pro" is a valid program, It seemes to have helped me but I am not sure. The log file showes all files as suspect!
    Floyd

    Leave a comment:


  • sansurface
    replied
    but virustotal.com says different

    i may be late to respond on this post but here is the scanned link from virustoal.com, scanned Regsitry Easy by 40 antivirus scanners.

    http://www.virustotal.com/analisis/4...12b-1253263193

    what are your comments?

    Leave a comment:


  • leofelix
    replied
    I hope I'm not off topic,
    but according to Google Spywaresignatures . com is compromised by rogue currently pushing a Fakealert trojan

    Source
    Last edited by leofelix; Aug. 28th, 2009, 21:46.

    Leave a comment:


  • Tim Xue
    replied
    The reason is not similar but rogue. I listed the similar products is to show you that they are the same vendor. As some AV detected them as virus, so the vendor change the name, the UI and made a different one to rogue once again.

    Leave a comment:


  • Tim Xue
    replied
    Here is the reason why they should be deleted.

    http://www.symantec.com/business/sec...450-99&tabid=2

    The program reports false or exaggerated errors on the computer, the user is then prompted to pay for a full license of the application in order to remove the threats.

    Cheat user for money, isn't it a threat? The first generation of threat is Virus that just damage computer, delete data. Then the second generation is Spywre, Adware that generate money from popup and advertisement. And the third generation of threat is rogueware, those program goal user to purchase, they use Google Adwords, Yahoo Overture to spam their product and then goal user to purchase their rogueware. That's the reason why more and more Antivirus product report them as threats. Registry Easy used to be clean, but now Symantec, NOD32, Kap and ect all detected it as threat.

    Leave a comment:


  • jean-charles
    replied
    Similar products

    Registry Winner and Registry Victor do resemble each other closely. But even so, is one of them a rogue program? Malware? Scareware? Where are the complaints? Have you had a bad experience with them? :|

    Leave a comment:


  • Tim Xue
    replied
    Others:

    "Registry Winner"



    "Registry Victor"



    From the digital sinature and file info, we can see that they are one product with different name and a little change of the UI.


    And more like "Fix Tool"



    and "Perfect Optimizer"



    These cloned programs report false or exaggerated errors on the computer. Then the user is prompted to pay for a full license of the application in order to remove the threats.

    Leave a comment:

Working...
X