Malware Domain List

Malware Related => Malware Analysis => Topic started by: cleanmx on March 06, 2010, 11:50:27 am

Title: complain from jinzie.com
Post by: cleanmx on March 06, 2010, 11:50:27 am
Hi @all

following evidences are recorded so far:

http://support.clean-mx.de/clean-mx/viruses.php?domain=jinzie.com&sort=id%20desc

now they say

Quote
Von:    abuse@jinzie.com
An:    abuse@clean-mx.de
Betreff:    False Positive
Datum:    06.03.2010 01:40:43 (Fri, 5 Mar 2010 18:40:43 -0600)


Gerhard W. Recher,

We recently got word from our hosting provider that your scanning software
has detected "TR/Spy.Gen" on one of our servers.

I would like to submit to you that this is incorrect. Jinzie, located at:
http://jinzie.com/download/AllAccessSetup.exe is a compliant adware
plugin. Users are required to view the terms, EULA and privacy policy upon
install and a working uninstaller is provided.

Jinzie allows users to get access to otherwise premium content by
downloading the plugin. The plugin serves popup ads while they are
browsing. No personal information is saved about the user and only domains
(not full URIs) are sent to our ad server. These domains that are sent are
not associated to a specific user and instead of aggregated immediatly so
as to protect everyone's privacy.

Please feel free to contact me regarding the issue and we urge you to
update your scanners to only flag this as Adware and not a piece of
Spyware.

Full legal information is available for you here: http://jinzie.com/


Jinzie Abuse Dept


how shall we proceed?

I think this is malware anyway.

-- gerhard
Title: Re: complain from jinzie.com
Post by: SysAdMini on March 06, 2010, 12:10:32 pm
I had a similar discussion with the company behind Zango.

From my point of view this piece of software is unwanted software.
Nobody installs any kind of Adware intentionally on his computer.
So something has lured a person to do that.
BUT - as the company said - the user opted in before installation.
So I'm not sure if you are allowed to flag this software as malware. It might be a problem from a legal perspective.
Therefore I have removed all Zango related urls from MDL.

Perhaps you can flag this software as "Potentially unwanted software", but I'm not a lawyer.
Title: Re: complain from jinzie.com
Post by: cleanmx on March 06, 2010, 12:22:03 pm
I had a similar discussion with the company behind Zango.

From my point of view this piece of software is unwanted software.
Nobody installs any kind of Adware intentionally on his computer.
So something has lured a person to do that.
BUT - as the company said - the user opted in before installation.
So I'm not sure if you are allowed to flag this software as malware. It might be a problem from a legal perspective.
Therefore I have removed all Zango related urls from MDL.

Perhaps you can flag this software as "Potentially unwanted software", but I'm not a lawyer.

partial FullACK, except of.... if VT scores >0 virus scanners out in the wild will detect this piece of code as malicious... and so why remove them from the database ?
I do not block anything, I only display the evidences, i have no legal problem so far with this....

-- gerhard
Title: Re: complain from jinzie.com
Post by: SysAdMini on March 06, 2010, 12:33:33 pm
Quote

partial FullACK, except of.... if VT scores >0 virus scanners out in the wild will detect this piece of code as malicious... and so why remove them from the database ?
I do not block anything, I only display the evidences, i have no legal problem so far with this....

-- gerhard

I completely agree, I alleged same reasons for listing this stuff.

In your particular case the company complains about being listed as "Spyware".
Flag it as "Adware" and everyone will be happy.
 
Title: Re: complain from jinzie.com
Post by: MysteryFCM on March 06, 2010, 01:23:21 pm
The biggest problem with these, is their "affiliates" and marketing methods, and their complete lack of policing as to how the crapware is pushed to the user.

If this company (I'm not currently familiar with them) is properly policing their affiliates, then PUP is more appropriate than malware (personally I consider all adware the same as malware, but that's generally because I've seen very little that uses *only* legit methods to peddle to the user)
Title: Re: complain from jinzie.com
Post by: MysteryFCM on March 06, 2010, 01:59:03 pm
http://forums.malwarebytes.org/index.php?showtopic=42444