home
::Find ISP ::Forum ::Info 
Forum HomeMain  SearchSearch  please registerplease register  Log inLog in  FAQFAQ  RULESRULES  
Get Ready For A New Transponder Variant

 
Post new topic   Reply to topic    Forum Index -> PC Protection
View previous topic :: View next topic  
Author Message
webhelper

Malware Response Team
 Malware Response Team

Joined: 29 Feb 2004
Posts: 179
PostPosted: Sun Mar 14, 2004 22:00 pm    Post subject: Get Ready For A New Transponder Variant Reply with quote
Get Ready For A New Transponder Variant
From MyPcTuneup.com

See webhelper Alert - Transponder Gangs On the Move for details on the new site.
 http://www.freedomlist.com/forum/viewtopic.php?t=15525  

I paid a visit to abetterinternet.com to review some of the EULA agreements for My Panic Button, etc and found they had change from how to uninstall the Win32 Bi tranponder variant and now link to MyPcTuneup.com for removal instructions even though there is no such known page there yet. This is one of the ways they work. First they setup their files on the abetterinternet server, edit the EULA that will be used with the transponder installs, then start popup ads that will install the new variant with their Free trial software (14 days). After that they will then usually have a link to a page on how to remove the installed adware.

Here is the part of a copy of the older EULA I saved for Clean Getaway:

AFTER DOWNLOADING, INSTALLING OR USING THE SOFTWARE, YOU MAY TERMINATE THIS AGREEMENT AT ANY TIME FROM THE COMPUTER ON WHICH THE SOFTWARE RESIDES BY OPENING ADD OR REMOVE PROGRAMS IN CONTROL PANEL, CLICKING ON CHANGE OR REMOVE PROGRAMS, CLICKING ON THE PROGRAM CALLED "WIN32 BI Application", AND CLICKING THE REMOVE BUTTON TO REMOVE THE PROGRAM.


This is their newest: You will notice it directs the user to the MyPcTuneup.com site.

12. Termination - By entering into this Agreement, you represent to BetterInternet that you have intentionally chosen to install the Software and that you will personally uninstall the Software from your computer if you no longer wish the application to be present on your computer by going to  http://www.mypctuneup.com/  and following the removal procedures therein.


Since the Twain-Tech.com twaintech.dll variant uses a thin installer program, I believe they will do the same with their new one. The thin installer had its prototype installers belt.exe, susp.exe, and pro_bi.exe so they may even now how a new installer that is being tested.

If you have AAW entries for MSView.cc, VX2, and no host.dll, bi.dll, or twaintech.dll is detected, we may have a new dll that needs to be researchedd.


Webhelper
_________________
Wächter der Geschichten
http://www.webhelper4u.com/thewatcher.html
Back to top
View user's profile Send private message Visit poster's website
Post new topic  Reply to topic     Forum Index -> PC Protection   All times are GMT - 5 Hours
Powered by phpBB ©    
*freedomlist.com assumes no responsibility for any postings
spacer
Find ISP | Forum | Contact Us | Submit ISP | Info | Site Map |
 © Copyright Freedomlist.com (2000 - 2013)