Comments on websites

whois

Created: 2009-07-07
Expires: 2010-07-07
Updated: 2009-07-09
Domain regtidy.com

Date Registered: 2009-7-7
Date Modified: 2009-7-9
Expiry Date: 2010-7-7

DNS1: ns-canada.topdns.com
DNS2: ns-usa.topdns.com
DNS3: ns-uk.topdns.com

Registrant
Private Whois Service
*******PLEASE DO NOT SEND LETTERS******
****Contact the owner by email only****
c/o regtidy.com
N4892 Nassau
Bahamas

Shared IP

-------
Against Intuition - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
G7W

If we've made a mistake, it will get resolved; much quicker than it would at SA, but now SA will be reviewing a different archive with different files... >> SA

The Prevx link doesn't state "safe" merely Currently being reviewed
there is a difference; and whether or not the file name is all CAPS or HungarianProper is mute - they are the same file.

As for "playing fair'
I see you've quickly removed the .DLL from the archive and packed it into the new installer.

regtidy2009.zip - 19 July 2009
MD5: 685a7f81d107270e544e8d75aba78307 - ThreatExpert

regtidy2009.zip - 21 July 2009
MD5: 7fe660be6bfefc16514fd96846b12db6 - ThreatExpert

Now this looks suspicious to me; comparing apples to oranges.

Sophos still has it as listed as Sus/Behav-113

Sus/Behav-113 exhibits characteristics commonly, but not exclusively, found in malware.

I need to see if anyone has a test machine they can install this on, sandboxed and see the results... I have both files available if anyone has the time, PM me.

-------
Against Intuition - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
G7W

Hi, sorry. I was a bit wound up when I woke up to this mess. It would seem that the sophos link has nothing to do with the dll in question. It has been protecting against it since 07 yet this app has been in the wild for like a week now.

They may very well have repacked it. I have provided them with a range of suggestions but they are all usability and business model related.

I run a marketing firm. I am not a programmer. That said, I would not have taken the job if it was a dodgy app or I did not believe in the developers.

We do also run a full blown IT firm. I am not making this stuff up ;)
cept for days like this I prefer brand management and marketing lol....

At any rate, I have scanned this stuff repeatedly with a wide range of things. It is fine.

I did not invent the prevx response either. I sent that off to them first thing this morning.

thanks,
Nigel

Care to explain why you've got awards on your site, for sites that don't have your software listed? (e.g. Softpedia). This is dishonest at best, and downright fraudulent at worst.

Secondly, you claim you believe in the application, suggesting you've actually tested it - yet you claimed regtidy.dll was not present?? Both the installer itself, and the following, show otherwise;

http://www.threatexpert.com/report.aspx?md5=7fe660...

Third, care to explain why the application has references to RegConvoy (registryconvoy.com - 97.74.144.68) - another rogue application? And interestingly, another application that claims to be the recipient of a Softpedia award when in actuality, the application is not listed at Softpedia - making the award claim absolute rubbish.

*******************************************************
Registrant:
Lin Fan
China ShangHai MingHangQu
ShangHai, ShangHai 200000
China

Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
Domain Name: REGISTRYCONVOY.COM
Created on: 11-Jun-09
Expires on: 11-Jun-10
Last Updated on: 11-Jun-09

Administrative Contact:
Fan, Lin regconvoy@gmail.com
China ShangHai MingHangQu
ShangHai, ShangHai 200000
China
+86.021364656 Fax --

Technical Contact:
Fan, Lin regconvoy@gmail.com
China ShangHai MingHangQu
ShangHai, ShangHai 200000
China
+86.021364656 Fax --

Domain servers in listed order:
NS03.DOMAINCONTROL.COM
NS04.DOMAINCONTROL.COM
*******************************************************

I'll let you explain this before I go into the rest .....

I should note, we do actually know what we're doing ;o)

Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net

Well, like I have tried to intimate before, this app has been rectified of suspect behavior based on my marketing assertions(not it being malware). It is also being re-branded due to some other nitwit marketing firm from a while ago.

"Care to explain why you've got awards on your site:"

Well aside from the fact that they can only push my change orders so quickly and its NOT MY SITE no, I don't care to respond to that. It does not make the app malware, it simply indicates they need to continue implementing my changes so I can do it right.

This is what I do for a living, you folks can feel free to proceed with the witch hunt. I can use the cash ;)

Nigel

I can use the cash ;)

And you will lie and cheat people to get it.

If you are a respectable PR firm you wouldn't take anybody like these scammers on as a client. You and they are one in the same, which I have a feeling is closer to the truth then what you lead on. A company like Regtidy isn't going to pay a PR firm to do their dirty work when they can (and do) do it themselves.

How do you think we run these untrusted applications?

Your just digging a deeper hole every time you post. You don't know software development but you can read source code? Give me a break!

I run a marketing firm. I am not a programmer.

I just ran this software. 397 "critical errors" in my registry?

Run it on your computer then get back to us. Well, scratch that. You wouldn't tell the truth anyway.

"And you will lie and cheat people to get it."

Can't respond to that without getting banned from wot but you are welcome to give me ring. I take that stuff seriously, you may want to find someone else to slander Kevin.

866.826.6537

Nigel

If you are not responsible for how RegTidy is built then I will apologize. BUT, you have said in so many words that we are un-intelligent liars (that's how your words strike me) so I didn't really start in with the personal attacks. You did.

We aren't here to show favoritism or any other bias to anybody. We go by facts and they aren't adding up to a legitimate product. When an empty registry key is described as a "critical error" that needs $$$ to fix it is deceit. So we call it that.

Futhermore, showing 397 registry errors is not uncommon for any app.

It's very uncommon on my computer.

We do change ratings when it is obvious we are either wrong or the software/website shows they are willing to clean up their act. So far you haven't done so.

And with that. I'm done here. Good day...

Since you've not brought it up, allow me (aww, and you thought we'd not tested it ourselves) to;

1. It claims errors exist even BEFORE it has actually scanned anything;

http://temerc.com/imgRegTidy_com_-_main_UI.gif

2. It listed over 400 "problems" that either didn't exist and/or, were NOT problems (infact, removal of some of the keys, including some of the EMPTY keys, would have crippled the system).

http://temerc.com/imgRegTidy_com_-_scan_results.gi...

3. It provides no means of saving the results to a log for manual analysis

.... enough said - it IS A ROGUE!

Regards
Steven Burn
Ur I.T. Mate Group / hpHosts
it-mate.co.uk / hosts-file.net

A bit off topic, but since Nigel offered a phone number, I thought I'd toss in a little more information...

jnlew.com - whois

Interesting security page you have Nigel
hxxp://www.jnlew.com/services/computer/online-security

Contact page:
hxxp://www.jnlew.com/company/about

Unfortunately at the domain level all you see is: "New site is coming soon!"

-------
Against Intuition - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W