Spywarebomb,, a newcomer?? never heard of it myself.

(2 Pages)
1
2
→

You cannot start a new topic
You cannot reply to this topic

Spywarebomb,, a newcomer?? never heard of it myself. Rate Topic: 1 Votes

#1 Guest_AM2_*

Group: Non-Member - Guests

Posted 11 June 2007 - 06:18 AM

hxxp://www.spywarebomb.com/about.htm

anyone had any exposure to this application?

a one time poster just put this up at computercops.

http://www.castlecop...ood.html#951689

Back to top of the page up there ^
MultiQuote
Reply

#2 Donna

Solar

Group: Admin - Site
Posts: 16,263
Joined: 11-October 03

Awards Bar:

Users Awards

Posted 11 June 2007 - 06:42 AM

http://www.symantec....-050122-2434-99

SpywareBomb is a misleading application that may give exaggerated reports about potential risks on the computer.

http://www.symantec..../...-99&tabid=2
Infection Length: 3,469,312 bytes
Risk Impact: Low
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows Server 2003, Windows 2000

When the program is executed, it creates the following files:
%ProgramFiles%\Spyware Bomb [VERSION]\3eolmc.dll
%ProgramFiles%\Spyware Bomb [VERSION]\albmhe.dll
%ProgramFiles%\Spyware Bomb [VERSION]\dbmusth.dll
%ProgramFiles%\Spyware Bomb [VERSION]\fntiemrs.dll
%ProgramFiles%\Spyware Bomb [VERSION]\ipseagr.dll
%ProgramFiles%\Spyware Bomb [VERSION]\meutr3fv.ocx
%ProgramFiles%\Spyware Bomb [VERSION]\mrthrepf.dll
%ProgramFiles%\Spyware Bomb [VERSION]\scanning.gif
%ProgramFiles%\Spyware Bomb [VERSION]\sporpmse.dll
%ProgramFiles%\Spyware Bomb [VERSION]\SpywareBomb.url
%ProgramFiles%\Spyware Bomb [VERSION]\unins000.dat
%ProgramFiles%\Spyware Bomb [VERSION]\unins000.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Spyware Bomb.lnk
%UserProfile%\Desktop\Spyware Bomb.lnk
%ProgramFiles%\Spyware Bomb [VERSION]\Spyware Bomb on the Web.lnk
%ProgramFiles%\Spyware Bomb [VERSION]\Spyware Bomb.lnk
%ProgramFiles%\Spyware Bomb [VERSION]\Uninstall Spyware Bomb.lnk
%ProgramFiles%\Spyware Bomb [VERSION]\ipuhtens.dll

Next, it creates the following registry subkeys:
HKEY_ALL_USERS\Software\VB and VBA Program Settings\Spyware Bomb
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spyware Bomb_is1

The program also creates the following registry entry, so that it starts when Windows starts:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"SpywareBomb" = "C:\Program Files\Spyware Bomb [VERSION]\SpywareBomb.exe"

It then gives exaggerated reports about potential risks on the computer.

Back to top of the page up there ^
MultiQuote
Reply

#3 Guest_AM2_*

Group: Non-Member - Guests

Posted 11 June 2007 - 06:56 AM

Donna, on Jun 10 2007, 11:52 PM, said:

THIS NEEDS TO BE POSTED AT COMPUTERCOPS.

Back to top of the page up there ^
MultiQuote
Reply

#4 Donna

Solar

Group: Admin - Site
Posts: 16,263
Joined: 11-October 03

Awards Bar:

Users Awards

Posted 11 June 2007 - 06:58 AM

http://www.malwareby...base.php?id=338
SpywareBomb is a rogue antispyware utility that uses false positives to lure the user into buying the product.

The above was added in RogueRemover database last May 24th

Back to top of the page up there ^
MultiQuote
Reply

#5 Donna

Solar

Group: Admin - Site
Posts: 16,263
Joined: 11-October 03

Awards Bar:

Users Awards

Posted 11 June 2007 - 06:59 AM

Please post it in CC as I can't login there for months already. Thanks!

Back to top of the page up there ^
MultiQuote
Reply

#6 Guest_AM2_*

Group: Non-Member - Guests

Posted 11 June 2007 - 07:01 AM

Donna, on Jun 11 2007, 12:09 AM, said:

Please post it in CC as I can't login there for months already. Thanks!

Posted at CCSP.
I'll ask PAUL to fix your account.

Back to top of the page up there ^
MultiQuote
Reply

#7 Donna

Solar

Group: Admin - Site
Posts: 16,263
Joined: 11-October 03

Awards Bar:

Users Awards

Posted 11 June 2007 - 07:11 AM

Thanks for posting at CC. It should help by warning users who might fall by downloading SpywareBomb and installing it.

Paul already tried to fix the account many times. I can post there if I create a new account. If I go back, login will fail again. I can create another account again and post but problem will occur again and again.

It's not a problem with their board software but my connection

I had the same problem at Gladiator, Lavasoft, ASAP and other forums and was fixed after many months too.
I didn't do anything but my ISP.
It's tiring but I'm not losing hope to be able to access again other forums like CC.

Back to top of the page up there ^
MultiQuote
Reply

#8 Donna

Solar

Group: Admin - Site
Posts: 16,263
Joined: 11-October 03

Awards Bar:

Users Awards

Posted 11 June 2007 - 07:12 AM

I refresh the page but I didn't see your post yet at CC.

Back to top of the page up there ^
MultiQuote
Reply

#9 guest

Contributor

Group: Non-Member - Guests
Posts: 3,812
Joined: 26-November 03

Post icon Posted 11 June 2007 - 07:25 AM

Quote

Paul and I already tried to fix the account many times. I can post there if I create a new account. If I go back, login will fail again. I can create another account again and post but problem will occur again and again.

It's not a problem with their board software but my connection

I have the same problem posting over at ComputerCops but I don't worry about it as one of the reasons I wanted to post there was to give my input about WinPatrol but as WinPatrol has become so rock solid for me I don't worry :silly:

Spywarebomb's sites are in the hpHOSTS file :protect:

Back to top of the page up there ^
MultiQuote
Reply

#10 hewee

hewee

Group: Member - MVC
Posts: 4,857
Joined: 12-May 04

Posted 11 June 2007 - 08:35 AM

I posted a link to this thread over there at CC.

Back to top of the page up there ^
MultiQuote
Reply

#11 gdhopcroft

SeaEagle

Group: Member - Mod Emeritus
Posts: 2,719
Joined: 01-February 04

Posted 11 June 2007 - 12:39 PM

AM2, on Jun 11 2007, 04:28 PM, said:

http://www.spywarebomb.com/about.htm

anyone had any exposure to this application?

a one time poster just put this up at computercops.

http://www.castlecop...ood.html#951689

A few days ago, at SpywareInfo, they had a similar one-time spam post, like this one, trying to "recommend" something called Spyware-Sweeper (my bolding, to show the differentiation between the "software" they were trying to flog, and the more respectable Webroot SpySweeper).

Every week, a different one, it seems.