Orbasoft – Dangerous Application

This post was written by admin on June 19, 2009
Posted Under: Free PC Security,Scareware,rogue software

Orbasoft has been spamming several forums in a bid to lure users into downloading and purchasing their program. Previously known as Webmedia, they have changed their name to Orbasoft.

Described as a program to remove Spyware, Trojans, Dialers and Keyloggers this application found no badware whatsoever but went through the Registry instead.

One thing to remember is that the average user who sees this and purchases it because it appears to be good, has little technical knowledge and will allow the program to scan and remove whatever it finds.

This presents a greater danger as has been proved in the past with various 'antivirus' programs that infected users computers.

I downloaded this program and let it scan. The first thing that struck me was the user interface, very much like PC Tools Spyware Doctor. There are no definitions downloaded with the program, users have to allow it to connect to the internet and download them first prior to scanning, so I did this.

I selected a 'Deep Scan' which took all of 26 minutes, and the results were quite horrifying. Okay, so it found 2 tracking cookies, no big deal there, but I wouldn't consider them to be 'Threats, Corruptions or Infections'. A minor annoyance which is easily gotten rid of.

What did concern me was what the program proposed to remove from the Registry.

The following is a list of the proposed removals:
aa - audio/audible, audio/x-pn-audibleaudio
aax - Audible Enhanced Audio File
ai - Illustrator Vector Graphic
aps - Advanced Patching Systems with Error Checking
acx - Web User Control (Microsoft)
asm - Assembler Source Language
asmx - ASP.NET Webservices Source
aspx - ASP.NET Source File
AudioCD - Windows Media Player/Winamp/RealPlayer/iTunes
BAS - BASIC Source Code (Microsoft Visual Basic Class Module)
bin - Binary File
bsc - BinSCII Apple II Compressed Archive
bwf - WAV Audio
c - ADS Source Code
cdda - AIFF Audio
cel - Animator Graphic
cgm - Computer Graphics Metafile
cpp - Visual C++ Source Code File
cxx - Visual C++ Source Code File
dat - Internet Explorer Cache File/Windows Registry Hive
dbg - C++ Symbolic Debugging Info
DBX - Outlook Express E-mail Folder/Database Index
dcx - Graphics Multipage PCX Bitmap
def - C++ Definition
diz - Description In Zip File
dl_ - Compressed DLL File
dos - 1st Reader External Command File/General Network Driver File
dvd - Animation/DOS Device Driver File
eps - Encapsulated PostScript
exp - Export File (Microsoft Visual C++)
ex_ - Read Me text file
fif - Font Information File/Fractal Image Format file
flc - FLIC Animated Picture
fli - FLIC Animated Picture
fnt - Windows Font FileFolder - Explorer Folder
ghi - Mosaic Configuration File
gz - Gzip Compressed Archive
h -  C++ or Java Header File
hhc - HTML Help Table of Contents
hpp - C++Builder Header File
hqx - BinHex 4.0 Encoded File (WinZip/Stuffit)
htc - HTML Component (Firefox 3)
htw - htmlfile (iexplore.exe)
htx - Extended Hypertext Template
hxx - C++ Headeridb - Visual Studio Intermediate Debug File
idl - Visual C++ interface definition library (language) file
idq - Internet Data Query File
ilk - Microsoft Visual Studio
inc - Include File (Editable with a text editor)
inx - InstallShield compiled rules file
in_ - Setup Informationjava - Java Source Code
jp2 - JPEG-2000 JP2 File
latex - LaTeX Source Document
lib - Generic Data Library
m12 - Microsoft Money
m15 - Microsoft Money
m1a - MPEG-1 Audiostream
m1s - MPEG Media File
m3u8 - The unicode version of m3u playlist file
m3url - MP3 Playlist File
m4b - MPEG-4 Audio Layer bookmarkable file
m4p - Protected AAC File
m4v - MPEG-4 Video File
man - Manual (Often an ASCII text file)
manifest - Windows Visual Stylesheet XML File
mmf - Synthetic Music Mobile Application File
movie - QuickTime Movie File
MST - Windows SDK Setup Transform Script
ncb - Developer Studio File
NCH - Outlook Express Folder File
nls - Code Page National Language Support
nsc - Windows Media Station File
obj - 3D Image Files
odc - OpenOffice
PCD - Photo-CD Image
pch - Patch File/Visual C PreCompiled Header
pcx - PC Paintbrush Bitmap Graphic
pdb - Photo Deluxe Image/Adobe
php3 - PHP Script
pl - BRL-CAD 2D and 3D Plot File/Linux Shell Executable Binary
plg - Developer Studio Build Log
ps - PostScript
psd - Photoshop Format
Psp - Paint Shop Pro Image
RAR - WinRAR Compressed Archive
rc - Visual C++ Resource Scriptres - C and C++ Compiled Resource
rgb - Raster Image Files
rle - Run Length Encoded Bitmap (Raster Image Files)
rpc - Crystal Reports (3rd party package included with Visual Basic)
rpm - RealAudio plugin
rsp - ODBC Driver Configuration File
rts - QuickTime Real-Time Streaming Format
sam - Office 97 File Converter
sbr - Source Browser Support File
sed - Self Extracting Directive File
sgi - Silicon Graphics RGB bitmap image (IrfanView)
shw - Corel Presentation (Slide Show)
sit - Stuffit Archive
smf - Standard MIDI File
sml - Simple Markup Language
sol - Adobe Flash shared object
sor - Adobe Flash Media Server File System Object
sql - Structured Query Language Data SQL
stm - Exchange Server Streaming Store
swa - Macromedia Shockwave compressed audio format
sym - C++ precompiled headers
sy_ - Compressed SYS File
tar - Tape Archive File
targa - Targa Bitmap
text - ASCII Text
tga - Targa Graphic
tgz - Gzipped Tar File
tlb - OLE type library
tsp - TrueSpeech Audio File
tsv - Tab-Separated Values Data Files
Tub - Paint Shop Pro Tube File
ulw - Mono sound format
VB - VBScript File or Any VisualBasic Source
vbx - Visual Basic Extension
vfw - Video for Windows
wave - WAVE Sound File
wll - Word Add-in
wmp - Windows Media Photo File
wpd - WordPerfect Document (MS Word)
wsz -     Winamp Classic Skin
x - Direct3D Object
xbm - X11 Bitmap Graphic
xix - IIS NNTP Subject Lists
z - Unix Compressed File
z96 - WinRAR

It is frightening to think how much damage an unwary user could do to their machine by using this program.

Incidentally, their maths doesn't add up either.

The program costs $29.95 plus $9.95 for Lifetime Upgrades and a further $9.95 for 'Build-in' Windows Registry Cleaner.

Now, to me that totals $49.85 yet the price at Checkout is $40.00!

If this application removes so much from the Registry, why are they also throwing in a Windows Registry Cleaner for $9.95?

As an aside, it should be 'Built-in' not 'Build-in'. Minor point but small errors make all the difference.

The vendors site is also listed on hpHosts and Calendar of Updates as well as being listed on Web of Trust and an ongoing saga with the apparent CEO of Orbasoft on Site Advisor.

AddThis Social Bookmark Button

Surf Safer, Surf with WOT - Click Here or the links below

Internet ExplorerWeb of Trust for Internet Explorer

FirefoxWeb of Trust for Firefox

Google ChromeWeb of Trust for Google Chrome

OperaWeb of Trust for Opera

, , , ,

  This content has been Digiproved © 2010

Add a Comment

required, use real name
required, will not be published
optional, your blog address

IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)

What is 4 + 7 ?
Please leave these two fields as-is:
CommentLuv Enabled
Please leave these two fields as-is:

Protected by Invisible Defender. Showed 403 to 3,739 bad guys.

Next Post:
Previous Post:
Get Adobe Flash playerPlugin by wpburn.com wordpress themes