watch dodogg MAXIMUM PC TAKES A BITE OUT OF BAD GEAR dog
Got a bone to pick with a vendor? Been spiked by a fly-by-night
operation? Sic the Dog on them by writing watchdog@maxi-
mumpc.com. The Dog promises to answer as many letters as
possible, but only has four paws to work with.Our consumer advocate investigates...
PThe Web of WinFixer PLast.fm Keeps
Launching PPriorityElectronics.com
Lincoln, watchdog of the month16
THE WINFIX IS IN
Have you ever heard of http://www.virussw.com? I had a
charge from them pop up on my bank account today.
I have never heard of the company and don’t know
how they were able to charge my account. The web-
site screams scam. I called the number on the site
and waited to talk to someone. After being told the
whole time that I would speak to a person, I could only
leave a message. I am working with my bank on this
but was hoping you had some info about them.
— MichaelMichael, you did the right thing by following your
instincts and contacting your bank about the
questionable charges. Many people wait until it’s
too late to dispute fraudulent charges.
The Dog started his investigation by simply
calling the company. After two minutes on hold,
the Dog was transferred to a customer service
rep who would not tell the Dog her name or
even the name of the company she was work-
ing for. When the Dog asked her if she thought
that was suspicious, she would not respond
and instead transferred the Dog to “Jennifer’s”
voice mail. No surprise, “Jennifer” did not
return the Dog’s call.
A check of the domains registered to
Virussw.com’s IP address (66.244.254.64)
turned up several other websites the Dog has
written about, including WinAntivirus.com and
WinFixer.com. The Dog was also able to con-
nect Virussw.com to WinFixer by searching
for Virussw.com’s toll-free support number.
WinAntivirusPro.com, DriverCleaner.com,
ErrorSafe.com, and WinFixer, amazingly, have
also used that number.
In the January 2006 issue of Maximum PC,
the Dog warned readers away from these appli-
cations, which clearly have a checkered his-
tory and have been rated as malware. Google’s
Stopbadware.org. has since banned people
from visiting the WinFixer 2005 and 2006 site
if they find the URL via Google’s search engine.WinFixer popups have plagued
not only PC users. Reports
on the Internet indicate the
popups that goad people into
visiting WinFixer’s site have
also impacted Mac and Linux
Firefox users.
So, who the hell is behind
these terrible programs?
Menlo Park, CA, attorney
Joseph M. Bochner thinks
he may have the answer.
Bochner filed a class-action
suit on behalf of Beatrice
Ochoa, who claims WinFixer
did a number on her PC after
she paid the company $
for the program. The suit,
filed in Santa Clara Superior
Court, alleges that WinFixer,
ErrorSafe, WinAntivirus, and
WinAntispyware are “fraud-
ware” and use messages to
trick users into installing the
packages on their PCs. The suit says: “These
representations are fraudulent (and very often
flatly false) in that Defendants have designed
and intended the Fraudware to report that the
host computer is infected regardless of the
truth. The Fraudware then misrepresents that
the victim may repair the purported problem
by paying money to Defendants. Victims who
comply are instructed to enter their credit card
information and to transmit it over the Internet,
whereupon Defendants charge the victims from
$29.95 to $59.95, depending on the particular
Fraudware title involved.”
Bochner has taken his suit one step beyond
what others have been able to achieve by actu-
ally naming two of the defendants, Marc J. Cohen
of Florida and James Reno, the president of
Ohio-based ByteHosting. During his investiga-
tion of WinFixer, Bochner said he ran across an
unsecured database that
contained information on
people who purchased the
program around the world.
Bochner estimates sales of
WinFixer to be in excess of2,300 a day. If the average cost were just $30 per
customer, the company’s yearly take would be
greater than $25 million.
Bochner, however, is dismayed by the lack
of interest shown by law enforcement and large
companies. Symantec, Bochner said, sued Reno
and ByteHosting, and the deposition in the case
made it clear that the antivirus company had
been pursuing WinAntivirus, which was appar-
ently using the familiar yellow colors of Norton.
Bochner said Symantec had ByteHosting in its
sights, but oddly, never followed up on it.
“Symantec clearly had a chance to shut
[these WinFixer] guys down,” Bochner said,
“but didn’t for some unfathomable reason.”
Bochner said he has also had very little luck
convincing any law enforcement agencies
to take a hard look at the folks, despite the
complaints. Regardless, he said the suit will
continue. More information about the suit is
available at http://fixwinfixer.wordpress.com.
For what it’s worth, the Dog was unable to get
a comment from Cohen’s attorney or any of
the other parties named in the suit. The Dog
will keep a close eye on this one and reportMAXIMUMPC july 2007Search the web for Virussw.com’s phone number and
you’ll find that many other questionable companies also
use it.Our consumer advocate investigates...
P
Launching