Lawyer sleuths out mystery around 'Winfixer'
Case of the Shady Security Software unraveling
March 8, 2007 12:00 PM ETIDG News Service - A California attorney claims he has unraveled part of the mystery behind a questionable software program and is prepared to go to court.
Attorney Joseph M. Bochner filed a class-action civil suit last September in California Superior Court in Santa Clara County against two men the suit alleges are behind Winfixer, a purported security software package. The lawsuit names Marc J. Cohen of Florida, and was amended last week to add James Reno of Ohio as an additional defendant, Bochner said. It seeks compensation and a halt to the distribution of Winfixer, among other remedies.
The suit was filed on behalf of Beatrice Ochoa, a mother of two who paid $39.95 for Winfixer after it badgered her with repeated pop-up warnings that her computer had security threats. The program eventually rendered her computer's hard drive unusable, Bochner said. The suit counts another 100 anonymous victims.
"All of these people are being defrauded and they're just ordinary folks," Bochner said. "They buy a computer, they surf the Internet, they're not doing anything unreasonable and suddenly they're defrauded."
Indecision over whether Winfixer is a legitimate product may be the reason it still pervades the Internet. Winfixer has been a moving target for security experts, at times going by the names ErrorSafe, WinAntiSpyware, WinAntiVirus, SystemDoctor and DriveCleaner.
Security software from vendors such as Sophos PLC and Symantec Corp. will detect it, but give users the option of whether they want to remove it. Sophos calls it "adware" that hypes security threats and then implores users to buy the software.
Microsoft Corp., however, pulled no punches last month when Winfixer ads began show up on its instant-messaging program, calling it "malware," a shorter term for "malicious software." Experts have also seen it install itself on computers via security vulnerabilities in browsers or OSes.
However, the lawsuit could face hurdles in court. Web sites are frequently registered under false names or under stolen identifies and the real owners can be difficult to trace, said Sandi Hardmeier, a computer security authority who writes about Winfixer on her blog "Spyware Sucks."
Proving the link to the alleged perpetrators, their connections to Winfixer all the way through to the effects on Ochoa's computer will be very difficult, she said.
"Forensics is everything," she said.
Bochner acknowledges it's hard work to track down fraudsters who use the Internet's anonymity to commit crimes, but the criminals are real people who can be located. Bochner said he has compelling documentation to link the defendants named in the suit to Winfixer.
By researching IP (Internet Protocol) addresses that hosted the versions of Winfixer and their owners, Bochner alleges he has uncovered a fraud based in the U.S. that has escaped law enforcement scrutiny.
Reprinted with permission from
Story copyright 2009 International Data Group. All rights reserved.
Joseph M. Bochner
Additional Resources



White Papers & Webcasts
Death to PST Files
Download Now
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Tape Killed the IT Guy
Watch Now
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...

