Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

New rogue security program: WindoFix

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> General Software Discussion
View previous topic :: View next topic  
Author Message
FlyingPenguins
Newbie


Joined: 26 Jul 2009
Last Visit: 10 Sep 2009
Posts: 5

PostPosted: Sun Jul 26, 2009 11:47 am    Post subject: New rogue security program: WindoFix Reply with quote

I have found a new rogue security program called WindoFix ([url=http://www.windofix.com/]link here[/url]). I discovered it while going through their website's [url=http://www.siteadvisor.com/sites/windofix.com]page on SiteAdvisor[/url], where a user called roger_m continually defends WindoFix. At the moment, the site is still rated green.

Why do I suspect this program to be rogue?

*It has the usual signs of a rogue program's webpage: use of scareware tactics, fake testimonials, an [url=http://www.windofix.com/aff/]affiliate program[/url] on their webpage, and a high price tag to buy the program of $37.99 ("LIMITED TIME OFFER"; "50% off the retail price").
*The trial does a free scan, but won't remove anything.
*Reports of false positives from SiteAdvisor users.
*Links from SA users that prove WindoFix's website is on malware blacklists.
*WOT [url=http://www.mywot.com/en/scorecard/windofix.com]rates the site red[/url].
*I am unable to launch the installer under Sandboxie; an error pops up, saying "The system cannot find the file specified." However, the installer launches up fine unsandboxed.
*Again, the presence of roger_m on SA aggressively defending WindoFix.


Even though VirusTotal and Jotti.org shows that no antivirus vendor's program detects it at the moment. Because this is my home computer, and I am unable to run the WindoFix installer sandboxed, I do not want to test the program unsandboxed; would anyone like to verify that this program is in fact rogue?
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 24 Apr 2014
Posts: 10311
Location: sunny California

PostPosted: Sun Jul 26, 2009 6:01 pm    Post subject: Reply with quote

Hello,

I've disabled the live links in your post. If this is a rogue, you surely should not be linking to it.

Or are you a spammer? Confused
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Sun Jul 26, 2009 11:53 pm    Post subject: Reply with quote

Well to start with WindoFix is a registry cleaner, not what I would really consider a 'security' program.

The laughable 'argument' at SiteAdvisor consists of one user who appears to have actually tested the program and found it harmless but fairly useless, and several others (including one called FlyingPenguins) who haven't tested it, quote sources that provide no real evidence for their belief that it is a rogue, and in some cases indulge in personal attacks when they are called out on this.

FWIW at the time of wriing SiteAdvisor still lists WindoFix.com as green (no significant problems), not that I have any great faith in a site rating from MacAffee.

This review of the product suggests some dodgy marketing practice, but also fails to provide any hard info regarding rogue behaviour: http://truthcomputer.blogspot.com/2009/02/windofix-review.html
_________________
Inperfect.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 24 Apr 2014
Posts: 10311
Location: sunny California

PostPosted: Mon Jul 27, 2009 9:03 am    Post subject: Reply with quote

Thanks for the post aBenG. The OP seems to have some axe to grind with this program going by the posts at SiteAdvisor.

I'll move this to the General Software discussion forum since it's not a security app.

If we were updating the rogues page here (which we are not) this app would not be listed because it's not an anti-spyware or anti-malware app. Also we never listed any apps based on hearsay. Everthing listed was meticulously tested and documented.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
FlyingPenguins
Newbie


Joined: 26 Jul 2009
Last Visit: 10 Sep 2009
Posts: 5

PostPosted: Mon Jul 27, 2009 12:57 pm    Post subject: Reply with quote

No, I'm not a spammer... why would I be reporting rogue software here if I were? Neutral

Yes, I am the same FlyingPenguins from SiteAdvisor. Gotta love SiteAdvisor for keeping a site green even though most trusted users that have commented on the site/program rated it red. Rolling Eyes The problem with trying to test the program myself is that am unable to do so under a sandbox (read my first post) - the installer won't even run in a sandbox. I would rather not test the program under non-sandboxed conditions on my home computer, even if the Virustotal results show the program will not harm my computer.

I would now have to agree that it's not a "true" rogue security program, and that it wouldn't be posted on the Spyware Warrior List. (Also, sorry for linking to the rogue sites... I thought this was normally allowed on this forum.) But you can't blame a guy for trying (in a futile effort) to expose one rogue program out of possibly thousands of rogues, eh?

To aBenG: That link to the Blogspot blog seems rather shady, and I wouldn't trust it, even given the negative review for WindoFix on that site; it does, however, gives positive reviews to numerous other rogue security programs.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 24 Apr 2014
Posts: 10311
Location: sunny California

PostPosted: Mon Jul 27, 2009 1:53 pm    Post subject: Reply with quote

FlyingPenguins wrote:
No, I'm not a spammer... why would I be reporting rogue software here if I were? Neutral


Spammers use many tricks to get us to think their posts are not spam. Wink It's the links that cause suspicion.

Quote:
I would now have to agree that it's not a "true" rogue security program, and that it wouldn't be posted on the Spyware Warrior List. (Also, sorry for linking to the rogue sites... I thought this was normally allowed on this forum.) But you can't blame a guy for trying (in a futile effort) to expose one rogue program out of possibly thousands of rogues, eh?


Well, it's not even a security program, so not sure why you call it that. There are lots of crappy registry cleaners around, but just because they are crappy, doesn't make them rogues IMO.

I'm a lot more worried about the real rogues that are downloaded by trojans through exploits and try to extort money from uneducated users.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 24 Apr 2014
Posts: 10311
Location: sunny California

PostPosted: Mon Jul 27, 2009 2:00 pm    Post subject: Reply with quote

It looks like whoever runs that blog is a ClickBank affiliate, so not really a source I would take seriously either.
If you hover your cursor over the link to Windofix, you can see the ClickBank affilate ID.
_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Mon Jul 27, 2009 2:22 pm    Post subject: Reply with quote

FlyingPenguins:
Quote:
Gotta love SiteAdvisor for keeping a site green


I've also known SA red flag perfectly legitimate sites.

Quote:
That link to the Blogspot blog seems rather shady, and I wouldn't trust it


Do disable the link please Suzi if it's dodgy!

Honestly based on the info available for this program I wouldn't trust any review sites. That was simply the most legible of the various paraphases of the exact same review (down to the order of phrasing and number of errors found) given on different review sites by (hoho) different reviewers. Every other 'review' I found was advertising/descriptions from dl sites.

I fully expect that WindoFix is at best an average tool, but until it is found to be unloading malware it's not a rogue in my book, just another unneccesary low grade commercial prog.
_________________
Inperfect.
Back to top
View user's profile Send private message
suzi
Site Admin


Joined: 27 Jul 2003
Last Visit: 24 Apr 2014
Posts: 10311
Location: sunny California

PostPosted: Mon Jul 27, 2009 5:57 pm    Post subject: Reply with quote

I think that blog link is ok, there are no direct downloads there I could see.

Agree with this:
Quote:
Honestly based on the info available for this program I wouldn't trust any review sites.

_________________
Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn. Smile
Back to top
View user's profile Send private message Visit poster's website
FlyingPenguins
Newbie


Joined: 26 Jul 2009
Last Visit: 10 Sep 2009
Posts: 5

PostPosted: Mon Jul 27, 2009 5:58 pm    Post subject: Reply with quote

suzi wrote:

I'm a lot more worried about the real rogues that are downloaded by trojans through exploits and try to extort money from uneducated users.

aBenG wrote:
I fully expect that WindoFix is at best an average tool, but until it is found to be unloading malware it's not a rogue in my book, just another unneccesary low grade commercial prog.

Those arguments seem fair enough to me.

And to be honest, I do trust WOT more than SiteAdvisor nowadays, mainly because of these problems with false positives/negatives, though I do have both of these installed on my browser concurrently, for extra security.
Back to top
View user's profile Send private message
olliver
Expert Developer


Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes

PostPosted: Mon Jul 27, 2009 10:22 pm    Post subject: Reply with quote

suzi wrote:
If we were updating the rogues page here (which we are not) this app would not be listed because it's not an anti-spyware or anti-malware app. Also we never listed any apps based on hearsay. Everthing listed was meticulously tested and documented.


My impression is the following:
1. It's just one of those phony applications promoted via Clickbank.
2. Search results suggest, whenever someone does call this application rogue, the arguments boil down to false analogies and hearsay.

Rating systems are doomed to fail, whenever they are solely based on comments about subjects the participating users have no expertise in. Without facts, however, ratings are prone to arbitrary subjective criteria and these are incompatible with a "lawsuit proof" determination of an application's characteristics. Therefore, unless FlyingPenguins can point out some hard facts (for example logs that demonstrate how a test system was converted to a spam zombie, "elite proxy" or local ad-server), I'd consider this application as legitimate.

O.
_________________
Petcord netlabel :: Synflict post-digital arts :: Leftob audio cast
Each click on any of the links above will save the life of a cute kitty somewhere in the universe.


Last edited by olliver on Tue Jul 28, 2009 2:21 am; edited 1 time in total
Back to top
View user's profile Send private message
roger_m
Warrior Addict


Joined: 24 Feb 2006
Last Visit: 06 Mar 2014
Posts: 605
Location: Blackwater, Australia

PostPosted: Mon Jul 27, 2009 11:01 pm    Post subject: Re: New rogue security program: WindoFix Reply with quote

FlyingPenguins wrote:
I*Again, the presence of roger_m on SA aggressively defending WindoFix.


I would hardly say that I am aggressively defending it. I have just pointing out that personally I have tested it and found to be safe. And rouge or not, this a registry cleaner and not a security program.

It did nothing at malicious on my computer when installed and ran it.

My opinion reflect that of the other posters on this thread - that it should not be deemed to be a rogue or malware unless there is actual evidence to support this.

Someone saying that is is bad with no actual document evidence of what "bad" things it does can not be counted as a valid opinion.

FlyingPenguins wrote:
I do not want to test the program unsandboxed; would anyone like to verify that this program is in fact rogue?


I have done this, and don't consider it to be a rogue.

Just another one of ever increasing number of registry cleaners. This one appeard to give no false posatives unlike the majority of such programs, but as usual cleanining the registry usually won't provide any benefit.
Back to top
View user's profile Send private message
olliver
Expert Developer


Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes

PostPosted: Tue Jul 28, 2009 2:49 am    Post subject: Re: New rogue security program: WindoFix Reply with quote

FlyingPenguins wrote:
*Again, the presence of roger_m on SA aggressively defending WindoFix


As an abstract, the statement would boil down to the following:
I don't like A. Therefore, everything A does or mentions is suspicious.

That does not exactly look like an argument a reasonably sane and intelligent person would even consider using for making decisions. I even start to wonder whether the only purpose of registration was to attack roger_m and what online identity "FlyingPenguins" had prior to this thread.

O.
_________________
Petcord netlabel :: Synflict post-digital arts :: Leftob audio cast
Each click on any of the links above will save the life of a cute kitty somewhere in the universe.
Back to top
View user's profile Send private message
FlyingPenguins
Newbie


Joined: 26 Jul 2009
Last Visit: 10 Sep 2009
Posts: 5

PostPosted: Tue Jul 28, 2009 11:58 am    Post subject: Re: New rogue security program: WindoFix Reply with quote

olliver wrote:
I even start to wonder whether the only purpose of registration was to attack roger_m and what online identity "FlyingPenguins" had prior to this thread.

My intention was not to do a personal attack on roger_m, but rather to investigate the program because of Roger refuting any negative comment on SA.

Fair enough, Roger. I've done a test of WindoFix on my computer, unsandboxed. Here are the results.

Observations:
- Nothing suspicious found in EULA.
- Scan speeds were very sluggish; it was quick at the beginning, before starting to scan very slowly around the 8000 key mark; it was going 1 key per second around the 10,500 mark; but became very quick again from ~15,000 keys to the end. In total, the scan took around 15-20 minutes.
- The program detected 479 errors; seems like a legit amount to me, as I had done a CCleaner registry sweep right before the WindoFix scan.
- Scan results do not actually show the keys that should be fixed, only the number of problems.
- The trial removes nothing unless you buy the program.



In conclusion: WindoFix seems like a mediocre program at best. However, while it does use some rather shady techniques to advertise (high rates for becoming an affiliate, and a trial that doesn't remove anything), it does seem like it actually goes through my registry, looking for bad keys and values.

My apologies to Roger for previously stating that WindoFix was not at all legit. I was pretty suspicious of why you were defending an unknown piece of software so greatly on SiteAdvisor though.
Back to top
View user's profile Send private message
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Tue Jul 28, 2009 2:21 pm    Post subject: Reply with quote

From reading the SA posts I think roger_m was obliged to answer a lot of aggressive attacks from people who weren't willing to do what you have just done FPs. Congrats!

Not even a default toolbar install in there?
_________________
Inperfect.
Back to top
View user's profile Send private message
olliver
Expert Developer


Joined: 27 Jan 2006
Last Visit: 02 Dec 2010
Posts: 1157
Location: yes

PostPosted: Tue Jul 28, 2009 11:34 pm    Post subject: Re: New rogue security program: WindoFix Reply with quote

FlyingPenguins wrote:
olliver wrote:
I even start to wonder whether the only purpose of registration was to attack roger_m and what online identity "FlyingPenguins" had prior to this thread.

My intention was not to do a personal attack on roger_m, but rather to investigate the program because of Roger refuting any negative comment on SA.


And that can't be done without ad hominem attacks? Trying to stigmatise roger_m because of his refusal to accept non-arguments (see above) was totally uncalled for in my opinion.

Quote:
I've done a test of WindoFix on my computer, unsandboxed. Here are the results.
[snip]


Thanks. I think this is the way your post should have look like from the start.

Quote:
WindoFix seems like a mediocre program at best. However, while it does use some rather shady techniques to advertise (high rates for becoming an affiliate, and a trial that doesn't remove anything), it does seem like it actually goes through my registry, looking for bad keys and values.


I disagree with your definition of the term "shady". Neither high affiliate rates nor a trial that does not remove anything are signs of shady business practices. One may well argue whether affiliate marketing in itself is problematic (especially with unscrupulous spammers as business partners), but even this cannot be attributed to WindoFix alone. And as you yourself admit, it does not seem to create fictitious problems, leave potentially unwanted components or generate nag screens that would qualify as shady business practices.

Quote:
My apologies to Roger for previously stating that WindoFix was not at all legit. I was pretty suspicious of why you were defending an unknown piece of software so greatly on SiteAdvisor though.


This is not what I consider an honest apology, because it does not address the actual problem. Let's go back to the original post:

Quote:
Why do I suspect this program to be rogue?
  • It has the usual signs of a rogue program's webpage: use of scareware tactics, fake testimonials, an (url=http://www.windofix.com/aff/)affiliate program(/url) on their webpage, and a high price tag to buy the program of $37.99 ("LIMITED TIME OFFER"; "50% off the retail price").
  • The trial does a free scan, but won't remove anything.
  • Reports of false positives from SiteAdvisor users.
  • Links from SA users that prove WindoFix's website is on malware blacklists.
  • WOT (url=http://www.mywot.com/en/scorecard/windofix.com)rates the site red(/url).
  • I am unable to launch the installer under Sandboxie; an error pops up, saying "The system cannot find the file specified." However, the installer launches up fine unsandboxed.
  • Again, the presence of roger_m on SA aggressively defending WindoFix.


(emphasis and formatting mine)

To me, adding the statement about roger_m to the list of indicators borders on libel, because it implies that roger_m systematically gives his ok to rogue applications. Since you apologised for your wrong suspicion about WindoFix, this means that your accusation of roger_m being an indicator for possible rogue software still stands.

O.
Back to top
View user's profile Send private message
FlyingPenguins
Newbie


Joined: 26 Jul 2009
Last Visit: 10 Sep 2009
Posts: 5

PostPosted: Wed Jul 29, 2009 1:40 pm    Post subject: Re: New rogue security program: WindoFix Reply with quote

olliver wrote:
I disagree with your definition of the term "shady". Neither high affiliate rates nor a trial that does not remove anything are signs of shady business practices. One may well argue whether affiliate marketing in itself is problematic (especially with unscrupulous spammers as business partners), but even this cannot be attributed to WindoFix alone. And as you yourself admit, it does not seem to create fictitious problems, leave potentially unwanted components or generate nag screens that would qualify as shady business practices.

First of all, a 75% affiliate commission rate seems far out of the norm. A rate that high wouldn't raise suspicion to you at first glance? While high affiliate rates for a program are not a definite sign of it being rogue, it generally is a sign. Here are some examples that I looked up from known antimalware vendors:
- Trend Micro: 25%
- Kaspersky: 20%
- ESET: 18%
- Norton: 13-25%
- Sunbelt: 30%
- Webroot: up to 50% (up to is the key word)
Secondly, a trial that will not remove anything at all (versus a registry cleaner trial that removes up to a certain number of bad keys, or is time-limited) is generally a sign of shady business practices...

olliver wrote:
To me, adding the statement about roger_m to the list of indicators borders on libel, because it implies that roger_m systematically gives his ok to rogue applications. Since you apologised for your wrong suspicion about WindoFix, this means that your accusation of roger_m being an indicator for possible rogue software still stands.

Well, previously, having seen roger_m's posts on SA in which he greened WindoFix and a number of other questionable (at least to me) security/utility programs, it seemed to me that WindoFix was rogue enough to employ someone to defend their program, and the like, on the Internet. For that accusation, I apologise to roger_m. I now understand that roger_m takes a similar stance on these types of "not-at-all-good-but-not-quite-rogue-either" types programs as other members of the Spyware Warrior forums: leave 'em alone unless they show false positives, install adware/spyware, or is installed through exploits or other malicious means; in which case they should be dealt with harshly, which (now) seems reasonable.
Back to top
View user's profile Send private message
roger_m
Warrior Addict


Joined: 24 Feb 2006
Last Visit: 06 Mar 2014
Posts: 605
Location: Blackwater, Australia

PostPosted: Thu Jul 30, 2009 2:15 am    Post subject: Reply with quote

Thanks for all the support guys, it i nice to be able to come here where there are people who want to have an informed discussion.

However the reason I'm posting here also is to announce that I have been permanently banned from SiteAdvisor.
why have I been banned well the following explanation is a good example in my opinion of the standard of postings in general there:

"You have been banned for the following reason:
None

Date the ban will be lifted: Never"

I mean why give a reason, lots of "experienced" reviewers there will rate a site as red without giving any explanation. Often too they will rate a site as red because one of the other siteadvisor type sites such as MyWOT has users giving the site a red rating. (other sites are typically quicker to rate sites than SiteAdvisor)

Usuall there is absoultely no evidence to support the claims people make about websites, but this does not stop people with their enthusiasm to rate sites red greatly exceeding their knowlege of spyware or rogue websites and software posting sites as red - becuase other people think it is "bad" therefore it must be "bad". Not the greatest of logic there!

I will admit I have continually aruged with experienced reviews at SiteAdvisor and ocassionally made fun of them too (it seems some people have no sense of humor these days, hence my ban). But I must point out it has always been with a reason. If I find a website or software on a website to be safe I will give it a green rating. Now these were often not highly trusted and respected software vendos, but every program I said was clean I had tested extensively.

However as soon as I would give a website a green rating, some users would immediatley come to the wrong conclusion that by raiting the site as green I was promotig the website and the software on it. I would refute these claims, and say that by testing the software on the site, they would more than likely too come to the same conclusion as me. But these self proclaimed "experts" quite simpply refused to do this no matter how many times I asked, and instead would continually post links which said the software was "bad" or dangerous, but NEVER giving any actual evidence of this.

Since I've been banned all my posts have been deleted.

Also some users claimed by repuation score at SiteAdvisor was as low as -15 which I find strange as my posts and my profile page showed my rating as 0!

Anyway I've got to go now, but I will continue this discussion later.
Back to top
View user's profile Send private message
aBenG
Warrior


Joined: 06 Apr 2006
Last Visit: 28 Feb 2012
Posts: 297
Location: Darkest UK

PostPosted: Thu Jul 30, 2009 5:46 am    Post subject: Reply with quote

Hearsay won't stand up in court, but apparently it works for SiteAdvisor...

One side of an argument resorting to insults usually means the arguer is aware of standing on shaky ground. Seems the SA admins stand there too.
_________________
Inperfect.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> General Software Discussion All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group