My response back to VirusRescue…
…after their comment they made to my recent post!
What I would like to ask Mr. VirusRescue is the following:
If this is the case, what about being related to SpyAxe, SpywareStrike and SpyFalcon? Both known as Rogue/Suspect Anti-Spyware Products. Can you deny or confirm you are related?
SpyAxe:
desktop hijacking, aggressive/deceptive advertising (1, 2); uses inadequate scan/detection scheme; same app as AdwareDelete, AntiVirus Gold, SpyFalcon, Spyware Sheriff, SpywareStrike, TitanShield AntiSpyware, & VirusBlast [A: 10-24-05 / U: 1-4-06]
SpyFalcon:
desktop hijacking, aggressive/deceptive advertising (1); uses inadequate scan/detection scheme; same app as AdwareDelete, AntiVirus Gold, SpyAxe, Spyware Sheriff, SpywareStrike, TitanShield AntiSpyware, & VirusBlast [A: 2-14-06 / U: 2-14-06]
SpywareStrike:
aggressive/deceptive advertising, desktop hijacking (1); uses inadequate scan/detection scheme; same app as AdwareDelete, AntiVirus Gold, SpyAxe, SpyFalcon, Spyware Sheriff, TitanShield AntiSpyware, & VirusBlast [A: 1-5-06 / U: 1-5-06]
Why am I asking this? Well mainly because the whois information from 13 days ago for VirusRescue showed that the registrant was from SunShine Ltd under a David Taylor. The same registrant as the programs I mentioned above. But this time the whois info is from someone in Australia! But also:
“6 records found for virusrescue.com
* indicates a significant change in the whois records
2006-08-16
2006-08-15*
2006-08-14
2006-08-11
2006-08-10
2006-08-03″
Now call me blind, stupid or whatever you like. It looks to me like changing so quickly and using the name associated with previous rogues and then changing it is hiding something. I mean it doesn’t really matter that the fact you are all on Estdomains or all use Segpay. Not to mention the ASN name: Intercage thrown into the mix with some of the rogues! All the same as previous rogue programs. That is not relevent heh?
Let me get away from the whois stuff. Let me quote you:
“The problem is that it is really hard to track all adverts and the ways they promote your program. Very often these ways are not honest and this article is a sample of such way of promotion.”
I have always said to myself and others. If you have a software and obviously want to promote it. One, don’t spam it. Two, keep track of the promotion process.
These in my eyes are basic rules. If your product is “one of the best scanning & detection engines in industry” as you say it is. People will automaticlly form their own opinion of it and come and use it.
But when you use aggressive advertising, then you will have problems. Because then you will have guys like me chasing you about! And you will see posts forming an opinion. The opinion you want for your program. All be it I and others tell it like it is!
Can you honestly say that when a user gets a system tray warning insisting they may be infected, that it is a genuine warning from their operating system? And not just something they have downloaded that has to do with your product? I think the warnings are a classic SmitFraud infection. Thus the user panics and installs your program. Then needs to pay to remove what the program says they may have. In my experience of helping users, having programs like the ones I mentioned above seem a pain to have on a system. And something I could do without, let alone the users with less experience.
What about the following:
“It removes everything including mentioned SpywareQuake.”
If that is the case, going back to the whois stuff. Why is it that all rogues, including SpywareQuake, operate the same as you do? It doesn’t take a genius to know that SpywareQuake also is on Estdomains. And this David guy sure is popular! Look at the image below. This David pops up on every rogue known to man!
I am not questioning the program itself. I am questioning the way you advertise it and manage to get on users computers sometimes without them even knowing! Like the codec package way!
You know where to answer….And where to Digg this!
Media Coverage – Bits from Bill – VitalSecurity – RealTechNews – SpywareGuide – BlueTack – MalwareTeks and others. Stick that in yer pipe and smoke it!
Update – We now have a removal guide: Remove VirusRescue (removal instructions)
