Earlier today, I wrote about the efforts of a company called iDownload to suppress apparently accurate descriptions of their product by several anti-spyware activists.
Since that time, I have done more research on the company, and I can report exclusively that they have used the trademark of a widely respected security certification firm without authorization to sell a questionable product. Here are the details.
iDownload sells an assortment of what purport to be security products. If you visit their products page, you can see this logo and descriptive text for Virus Hunter:
The company claims the product is certified by ICSA Labs. This is a prestigious honor and not lightly awarded. ICSA Labs is a division of CyberTrust, which was formed recently by a merger of TruSecure Corporation and BeTrusted. Its staff and management number some of the world’s foremost authorities on computer security and information technology. To earn ICSA Labs certification, a product must pass a series of stringent tests, and it can be removed if it fails the testing at any time.
When I reviewed the list of certified products at ICSA Labs’ Web site, I did not see any mention of Virus Hunter. So I fired off an e-mail to Larry Bridwell, Content Security Programs Manager for ICSA Labs. I received the following response within three minutes:
VirusHunter is NOT certified by ICSA Labs nor has it ever been submitted for testing.
We have sent a letter by post requesting that the certification claim be removed.
When I looked more closely at the Virus Hunter information pages, I found all the warning signs of an operation that should not be trusted:
-
No contact information for the company.
-
No details of the company’s management or ownership.
-
No privacy policy.
-
Exaggerated claims of security, including references to a nonexistent virus lab.
-
Appeals to fear: “DOWNLOAD NOW Hurry before you lose your system! If you have contracted a nasty virus, your system could be rotting away as you read this.”
-
Phony testimonials, including one claim that “Virus Hunter’s engine was awarded a perfect score…” with no link or even name of the source, only a date.
The citation doesn’t mention the publication’s name, and a review of the leading publication that does tests of this sort, Virus Bulletin, does not turn up any tests of Virus Hunter – in its February 2004 issue or any other time. Interestingly, a legitimate product called BitDefender makes a remarkably similar claim in a press release on its site, dated in February 2004:
Bitdefender Standard was awarded the VB100, the Virus Bulletin certification that the product is able to detect all the viruses which are currently extant in the wild. Once again, BitDefender passed with flying colours, and the test team noticed an improvement in the overall detection rates from previous tests.
Is there a relationship between BitDefender and Virus Hunter? Yes, according to the Technology Integration section of the BitDefender Web site, which lists Virus Hunter as a “reference” on a list that includes legitimate companies like GFI, Laplink Software, and Sunbelt Software. In fact, Virus Hunter is identical to BitDefender Standard except for a few logos. See for yourself:
Virus Hunter Professional (click for larger image)
Bit Defender Standard (click for larger image)
As you can see, they’re identical except for the logo, and the text in the linked “virus warnings” on the Virus Hunter Web site is absolutely identical to listings from the BitDefender encyclopedia, which is why I stated with confidence earlier that there is no “Virus Hunter labs.”
In fact, anyone who buys this version instead of the official BitDefender product is getting ripped off.
- BitDefender Standard has a free 30–day trial. Virus Hunter doesn’t.
- BitDefender Standard costs $29.95. Virus Hunter costs $34.95 for the download, and the company charges a mandatory shipping and handling fee of $4.95 for physical delivery of a CD to customers in the Continental United States. That’s a total of $10 more than the original BitDefender product.
- BitDefender will accept a request for a refund. At the Virus Hunter site, the terms read: “iDownload maintains a strict no-refund policy.”
Now, why would anyone want to do business with this company?
Oh, one more thing. IDownload sells its software through a secure Web site. I inspected their SSL certificate and was knocked over when I saw who had issued it:
Yes, ChoicePoint, Inc., the same company that is currently “under fire for being duped into allowing criminals to access its massive database of personal information…” According to an Associated Press story, ChoicePoint has hired a retired Secret Service agent to help revamp its screening process and has “announced plans to rescreen 17,000 business customers to make sure they are legitimate.” I hope they look very closely at iDownload.
Ed Bott 
Isn’t any of this illegal? How can this company use viruses to install their garbage then try to sell a cure for it with deceptive advertising?
What has the world come to?
Good job of ferreting this out Ed. We need more more people like you to watch for the rest of us.
IMO this is another example of the internet, weak security and poor business oversight increasingly used as a conduit for scams and a breeding ground for fraud. Users are just as bad, expecting more and more for nothing. The current climate for this type of behavior fosters this type of activity. Granted that technology changes quickly and institutions slowly, but I feel the government has been way too slow to coordinate.
What we have is a Congress that rolls over for the music and software industry. Knee jerk reactions like ruining people’s computers if they swap music files do not help. We have spent millions prosecuting Microsoft and nothing to show for it. We allow business to act in a predatory and irrational fashion. We need a comprehensive and educated approach to privacy, security, copyright and technology. We don’t have the NSF running the internet anymore, we have shady businesses who promise to clean up thier act real soon now. I don’t think government is equal to the task, but who’s job is it?
I hope I am wrong about this, but that is the direction I see things have been headed for quite awhile.
The bad guys are causing havoc around the world.
The bad guys even disguise themselves as good guys fighting the bad …..’idownload’ software is a good example, as shown by the article above
It is getting hard to know who to trust.
There is a fairly cheap and easy solution……
A second hard drive for internet/email activity.
All your trusted programs go on one hard drive and the rest on the suspect hard drive.
As soon as you become infected, do not worry about all the anti virus anti spy checkers that are in the main unreliable.
Just atom bomb the lot with the a hard drive format ….the only thing the perveyors of badware fear!
This proceedure can be streamlined and automated and can even be performed overnight at times when the pc is not in use.
Hard drives these days are dirt cheap …far cheaper than all the unreliable software required to protect in the proven unreliable old way.
Ah, if only it were that easy to keep the trusted programs on one drive and all the rest somewhere else!
idownload owns isearch …the bane of thousands of victims of bad-ware to the una-ware.
isearch installs search bars on your browser with meuues to porn, gambling and a variety of other sites the average kid should not visit.
This search bar is almost impossible to uninstall.
The address of isearch is Austin Texas {USA} ref:whoisit}
The address of the Law firm used to send “cease and desit” notices to many anti-spy internet sites is also in Austin Texas {USA}, less than 19 minutes by road away from each other.
idownload touts 14th floor 1180 The avenue of the Americas{aka 6th Avenue} New York as their address.
A check of this address{google} revealed that it was a virtual office which could be rented by the hour, or clients could use their mail sevice only if required.
I suspect that idownload is trying to hide their real address of operation.
As you said Ed, all the signs of an unethical company.
Ed….
How do I post pics here ……?
Sorry, John. Can’t post pics here. Get yourself some Web space (free or cheap) and you can post a link here.
No pics !…well I will just post the relevant links.
http://idownload.com/ proudly displays the ‘truste’ https://www.truste.org/ certification for software and service that can be trusted !!!!.
Truste makes the following grand claims ….yet certifies companies such as ‘idownload’ and ‘lycos’ {insidious software perveyor using isearch type products and stealth install methods.}
Check out Truste’s claims:
Your Privacy Is Our Concern
The TRUSTe seal means that the company whose Web site you are visiting takes your privacy seriously.
We monitor the compliance of member businesses, provide an arena for you to file privacy violation complaints, and make sure these complaints are heard.
Look for the TRUSTe Seal
Choose to Hold TRUSTe Members to Higher Standards
TRUSTe® does everything we can to ensure that the privacy of your personal information is protected by our member Web sites, but we also rely on your vigilance to keep members accountable.
Now that I formatted my hard drive should I Bother to re download virus hunter?
If one goes to
http://www.symantec.com/avcenter/venc/data/spyware.isearch.html
(a Symantec security risk information page for a particularly annoying spyware program which has been plagueing me), one sees that the publisher of this spyware is none other than our friends iDownload.com…
What a wonderful little scheme, masquerading as a ‘web security’ company, meanwhile not only selling plagiarised products, but even infecting computers who have never visited their page (knowingly) with spyware!