Corporate Citizenship

In 2004, IP addresses associated with WinFixer served a number of fraudware domains, the most notorious of which was Like WinFixer, WinAntivirus hijacked browsers and popped up dire warnings of nonexistent computer problems, defrauding consumers into charging their credit cards for the WinAntivirus “cure.”

Unlike WinFixer, back then WinAntivirus bore a remarkable resemblance to Norton—one of Symantec’s crown jewels—right down to the yellow packaging. WinAntivirus also took traffic from typo-squatting sites such as “” and “” With shady marketing like this, some unwelcome attention from the world’s largest computer protection company was perhaps inevitable.

On April 29, 2004, Symantec sued James Reno and his company ByteHosting, among others. Why these particular defendants? I’ve asked Symantec attorneys that question a number of times and have yet to get an answer.

Symantec deposed Reno on July 29, 2004. (A deposition is a process of questions and answers given under oath, just like in court.) Beginning in January, 2006, I repeatedly requested Symantec’s cooperation in this case, and last month Symantec’s attorneys finally responded with a copy of Reno’s depo transcript. Here’s his testimony about WinAntivirus:

Q: What is Innovative Marketing?
A: As far as I’m aware, it seems to be a company in the Ukraine that is producing the Vantage line of products, such as Win Antivirus, but that’s just by searching around.
Q: Have you ever had any connection with Innovative Marketing?
A: Directly, no.
Q: How about indirectly?
A: Yes, through a company called Billingnow.
Q: What is Billingnow?
A It’s a company I’m actually doing customer support for. They do Internet billing.
Q: What is the relationship between Innovative Marketing and Billingnow?
A: Innovative uses them for billing.

* * *

Q: When you say that you’re providing customer support, what exactly do you do – does your company do for Billingnow?
A: We’ve got a call center, answer the phones, handle billing issues for different customers that call in, look up their order, handle things like informing customers of policies and – like refund policies or technical support, help with forwarding them on to different – the different companies that Billingnow has contracts with.
If someone calls in about a non-billing question, well, we would forward them on to the proper companies.

* * *

Q: Now,, has your company ever hosted that site?
A: No, we have not.
Q: Do you have any connection with it?
A: Again, we host just the e-mail. I’ve never hosted the Web site.
Q: Do you have an account address for
A: It’s in the Ukraine, I don’t have a specific address. It goes through Billingnow.

These few lines constitute all of Reno’s testimony that day regarding WinAntivirus. (The dearth of follow-up questions here is frustrating to say the least.) Nevertheless, it’s enough to prove that—more than three years ago—Reno and ByteHosting were significantly involved in WinAntivirus. Moreover Symantec knew it.

What did Symantec do with this knowledge? My next post will explore the Symantec vs. Reno settlement.


14 Responses to Corporate Citizenship

  1. Tiberius says:

    I just picked up an infection from Error Safe and found this site as I was researching its removal. I’d just like to say thanks for trying to stick it to these bastards and keep up the good work!

  2. Steve says:

    Hey, I’m a PC Tech at a computer shop in Utah. I have seen tons of these infections in the little time that I’ve been working there. I knew from day one that these programs were bad news. Just the fact that these people advertise the way they do should be a good indication that something is amiss. It’s tragic though, that so many people are not educated about the problems associated with this Fraudware. But, the fact is, people shouldn’t have to deal with this crap in the first place. Which is why I often thought of the prospect of these jerks getting the pants sued off of em, so that in the future honest people won’t have to deal with these theives. I mean, we know who these guys are. And it’s not a mystery that they’re ripping people off, and generally causing problems. So, why shouldn’t the courts punish these people?

  3. fabien says:

    voila monsieur avec votre connerie de anti virus que vous avais envoyer sur mon pc vous me l’avais foutu en l’air de ce fait je vais porterais plainte aupres de la gendarmerie et declarer cella aupres de test acha donc je suis abonner si vous ne trouver pas un arangement en mon egard voici mes cordonnee 0472/205806

  4. Bonnie says:

    I too am suffering through the ErrorProtecor invasive sales tactics, and would be VERY interested in any class-action suit that I can join. It is time for action and I want to help drive this “company” out of business and help those that are working towards internet abuse enforcement. Please post a comment if there is any available information.

  5. nerd42 says:

    The company I work for got hit by WinAntiVirusPro a while back. They honestly thought they had a real antivirus program that didn’t work very well and asked me to fix it. I took one look at the way it tried to look like Norton and knew something was up – first of all because Norton Antivirus is a legitimate product that just sucks, so anything made up to look like it must suck worse. My opinion of it went downhill as I investigated and found this program was the cause – not the solution – of their problems.

  6. J Davis says:

    How can I join this lawsuti? I was infected with the winantivirus program and it cost me $250 to get my hard drive cleaned, I tries everything before I took drastic action. Add to that expense about $1,500 in lost income and the aggravation dealing with this malicious terroristic program. I hope you go after everything these “people” own! I would love to see everyone involved in this fraud serving time in the roughest prison dating a guy named Bubba. I have a programmer friend that said that in his 15 years in the business he has never seen anything so malicious.

  7. WinFixer

    WinFixer is an adware application which attempts to install itself and other malicious products every computer reboot. WinFixer also displays fake warming messages that your system has “severe system threats”. The objective of WinFixer, thr…

  8. qwerty says:

    use LINUX !!!! NO ADWARES no problems!!!!

  9. Thank you for your post

  10. Flow Meter says:

    :– I am really thankful to this topic because it really gives great information ;,,

  11. My spouse and i definitely must think much more in that course and find out a few things i can do regarding it.

  12. Nice post. I learn one thing more difficult on totally different blogs everyday. It will always be stimulating to learn content material from other writers and practice a bit of something from their store. I’d desire to make use of some with the content material on my blog whether you don’t mind. Natually I’ll offer you a hyperlink on your web blog. Thanks for sharing.

  13. Thank you for one more important write-up. In which else could anybody get that type of information in this kind of a full way of writing? I have a presentation incoming week, and I am on the lookout for these kinds of info.

  14. Howdy! I just want to offer you a big thumbs up for the excellent
    information you’ve got here on this post. I’ll be coming back to your site for more soon.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: