Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

ProtectionBar Adware Offers Bogus Security Apps

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News
View previous topic :: View next topic  
Author Message
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 May 2014
Posts: 768
Location: Virginia, USA

PostPosted: Thu Jul 20, 2006 9:23 am    Post subject: ProtectionBar Adware Offers Bogus Security Apps Reply with quote

Quote:
Newly discovered adware in the wild tries to dupe users into installing fake security applications. According to Panda Software's PandaLabs, the adware program, ProtectionBar, warns users that their computers are infected with malware, and they must purchase a license for the "security app" to remove the bad code...This isn't the first exploit to play on fear of infection...the ruse is similar to previous exploits, such as RazeSpyware and SpySheriff, which offered to clean users' computers of spyware that either didn't exist or had been planted by the apps...

darkreading.com
_________________
Microsoft MVP - Consumer Security 2007-2014
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 20 Nov 2014
Posts: 10335
Location: at the beach

PostPosted: Thu Jul 20, 2006 10:03 am    Post subject: Reply with quote

Already discussed here.

http://www.spywarewarrior.com/viewtopic.php?t=21979

There is no such app as ProtectionBar that I can see. I have no idea where Panda got that.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
paperghost
Site Admin


Joined: 28 Aug 2004
Last Visit: 20 Feb 2012
Posts: 2048
Location: On a ROFLcopter

PostPosted: Thu Jul 20, 2006 10:14 am    Post subject: Reply with quote

suzi wrote:
Already discussed here.

http://www.spywarewarrior.com/viewtopic.php?t=21979

There is no such app as ProtectionBar that I can see. I have no idea where Panda got that.


bit odd, isn't it? Shocked
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 20 Nov 2014
Posts: 10335
Location: at the beach

PostPosted: Thu Jul 20, 2006 10:16 am    Post subject: Reply with quote

You mean Panda's statement, or ProtectionBar is odd?
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
quietman7
Warrior Addict


Joined: 20 Dec 2004
Last Visit: 28 May 2014
Posts: 768
Location: Virginia, USA

PostPosted: Fri Jul 21, 2006 1:14 am    Post subject: Reply with quote

I thought this sounded familiar. Couldn't remember where. Looks like darkreading.com was a few days late in reporting their story.
_________________
Microsoft MVP - Consumer Security 2007-2014
Member of UNITE, Unified Network of Instructors and Trusted Eliminators
Back to top
View user's profile Send private message
Panda Software
Malware Expert


Joined: 06 Feb 2005
Last Visit: 16 Jan 2008
Posts: 59

PostPosted: Fri Jul 21, 2006 2:27 am    Post subject: Reply with quote

The toolbar is a new versión of Safetybar.
The name of the file of the toolbar is iesplugin.dll.
Back to top
View user's profile Send private message
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Fri Jul 21, 2006 7:52 am    Post subject: Reply with quote

Panda Software wrote:
The toolbar is a new versión of Safetybar.
The name of the file of the toolbar is iesplugin.dll.


So why not call it a safetybar variant and save the confusion Wink
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 20 Nov 2014
Posts: 10335
Location: at the beach

PostPosted: Fri Jul 21, 2006 7:59 am    Post subject: Reply with quote

Quote:
The toolbar is a new versión of Safetybar.
The name of the file of the toolbar is iesplugin.dll.


Where does one download this toolbar? I did not see any links or indication that that there really is such a toolbar at that site.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
Panda Software
Malware Expert


Joined: 06 Feb 2005
Last Visit: 16 Jan 2008
Posts: 59

PostPosted: Mon Jul 24, 2006 2:25 am    Post subject: Reply with quote

The toolbar is downloaded by some versions of emediacodec (alias Zlob)
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 20 Nov 2014
Posts: 10335
Location: at the beach

PostPosted: Mon Jul 24, 2006 7:42 am    Post subject: Reply with quote

Thanks for that info. I was really puzzled.

Quote:
So why not call it a safetybar variant and save the confusion


Well, if it's name is ProtectionBar, that wouldn't make sense. Typically variants are given a different name.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 20 Nov 2014
Posts: 10335
Location: at the beach

PostPosted: Mon Jul 24, 2006 11:02 am    Post subject: Reply with quote

I found a couple of HijackThis logs with Protection Bar.

http://66.102.7.104/search?q=cache:VkCSScUEJe0J:gladiator-antivirus.com/forum/index.php%3Fshowtopic%3D40419+iesplugin.dll&hl=en&gl=us&ct=clnk&cd=5

http://www.lavasoftsupport.com/lofiversion/index.php/t1862.html
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Mon Jul 24, 2006 12:06 pm    Post subject: Reply with quote

Panda Software wrote:
The toolbar is downloaded by some versions of emediacodec (alias Zlob)


I went looking for the E-media codec knowing that it is pushed by a collection of free pr0n sites.

It appears emedia codec has relaunched itself under another name,
Its worth going over to the darkside and look on the usual suspect urls Wink









HTH Smile
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
fcukdat
Warrior Addict


Joined: 01 Jan 2005
Last Visit: 08 Apr 2009
Posts: 757
Location: Yeovil,England.

PostPosted: Mon Jul 24, 2006 1:00 pm    Post subject: Reply with quote

Just a little extra info

The new z-lob variant imports SpywareQuake vers2,protectionbar toolbar and a bho from the pb crew Wink

Fake alert central Rolling Eyes
_________________
Malware hunter....Got Bot ?

MIRT Handler >>>
http://www.castlecops.com/c55-MIRT.html
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Spyware/Adware in the News All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group