| View previous topic :: View next topic |
| Author |
Message |
quietman7
Warrior Addict
Joined: 20 Dec 2004
Last Visit: 28 Mar 2012
Posts: 768
Location: Virginia, USA
|
 Posted: Thu Jul 20, 2006 9:23 am Post subject: ProtectionBar Adware Offers Bogus Security Apps |
 |
|
| Quote: |
| Newly discovered adware in the wild tries to dupe users into installing fake security applications. According to Panda Software's PandaLabs, the adware program, ProtectionBar, warns users that their computers are infected with malware, and they must purchase a license for the "security app" to remove the bad code...This isn't the first exploit to play on fear of infection...the ruse is similar to previous exploits, such as RazeSpyware and SpySheriff, which offered to clean users' computers of spyware that either didn't exist or had been planted by the apps... |
darkreading.com
_________________
Microsoft MVP - Consumer Security 2007-2012 
Member of UNITE, Unified Network of Instructors and Trusted Eliminators |
|
| Back to top |
|
 |
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 18 May 2013
Posts: 10271
Location: sunny California
|
| Posted: Thu Jul 20, 2006 10:03 am Post subject: |
|
|
Already discussed here.
http://www.spywarewarrior.com/viewtopic.php?t=21979
There is no such app as ProtectionBar that I can see. I have no idea where Panda got that.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.  |
|
| Back to top |
|
|
paperghost
Site Admin
Joined: 28 Aug 2004
Last Visit: 20 Feb 2012
Posts: 2048
Location: On a ROFLcopter
|
| Posted: Thu Jul 20, 2006 10:14 am Post subject: |
|
|
bit odd, isn't it?  |
|
| Back to top |
|
|
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 18 May 2013
Posts: 10271
Location: sunny California
|
| Posted: Thu Jul 20, 2006 10:16 am Post subject: |
|
|
You mean Panda's statement, or ProtectionBar is odd?
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. |
|
| Back to top |
|
|
quietman7
Warrior Addict
Joined: 20 Dec 2004
Last Visit: 28 Mar 2012
Posts: 768
Location: Virginia, USA
|
| Posted: Fri Jul 21, 2006 1:14 am Post subject: |
|
|
I thought this sounded familiar. Couldn't remember where. Looks like darkreading.com was a few days late in reporting their story.
_________________
Microsoft MVP - Consumer Security 2007-2012
Member of UNITE, Unified Network of Instructors and Trusted Eliminators |
|
| Back to top |
|
|
Panda Software
Malware Expert
Joined: 06 Feb 2005
Last Visit: 16 Jan 2008
Posts: 59
|
| Posted: Fri Jul 21, 2006 2:27 am Post subject: |
|
|
The toolbar is a new versión of Safetybar.
The name of the file of the toolbar is iesplugin.dll. |
|
| Back to top |
|
|
fcukdat
Warrior Addict
Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.
|
| Posted: Fri Jul 21, 2006 7:52 am Post subject: |
|
|
| Panda Software wrote: |
The toolbar is a new versión of Safetybar.
The name of the file of the toolbar is iesplugin.dll. |
So why not call it a safetybar variant and save the confusion 
_________________
Malware hunter....Got Bot ?
MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html |
|
| Back to top |
|
|
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 18 May 2013
Posts: 10271
Location: sunny California
|
| Posted: Fri Jul 21, 2006 7:59 am Post subject: |
|
|
| Quote: |
The toolbar is a new versión of Safetybar.
The name of the file of the toolbar is iesplugin.dll. |
Where does one download this toolbar? I did not see any links or indication that that there really is such a toolbar at that site.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. |
|
| Back to top |
|
|
Panda Software
Malware Expert
Joined: 06 Feb 2005
Last Visit: 16 Jan 2008
Posts: 59
|
| Posted: Mon Jul 24, 2006 2:25 am Post subject: |
|
|
| The toolbar is downloaded by some versions of emediacodec (alias Zlob) |
|
| Back to top |
|
|
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 18 May 2013
Posts: 10271
Location: sunny California
|
| Posted: Mon Jul 24, 2006 7:42 am Post subject: |
|
|
Thanks for that info. I was really puzzled.
| Quote: |
| So why not call it a safetybar variant and save the confusion |
Well, if it's name is ProtectionBar, that wouldn't make sense. Typically variants are given a different name.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. |
|
| Back to top |
|
|
suzi
Site Admin
Joined: 27 Jul 2003
Last Visit: 18 May 2013
Posts: 10271
Location: sunny California
|
|
| Back to top |
|
|
fcukdat
Warrior Addict
Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.
|
| Posted: Mon Jul 24, 2006 12:06 pm Post subject: |
|
|
| Panda Software wrote: |
| The toolbar is downloaded by some versions of emediacodec (alias Zlob) |
I went looking for the E-media codec knowing that it is pushed by a collection of free pr0n sites.
It appears emedia codec has relaunched itself under another name,
Its worth going over to the darkside and look on the usual suspect urls
HTH
_________________
Malware hunter....Got Bot ?
MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html |
|
| Back to top |
|
|
fcukdat
Warrior Addict
Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.
|
| Posted: Mon Jul 24, 2006 1:00 pm Post subject: |
|
|
Just a little extra info
The new z-lob variant imports SpywareQuake vers2,protectionbar toolbar and a bho from the pb crew
Fake alert central 
_________________
Malware hunter....Got Bot ?
MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html |
|
| Back to top |
|
|
|
