Updated 2:45 p.m. PDT with Barracuda Networks warning of Web site promoting rogue program using the Barracuda brand.
Microsoft's Malicious Software Removal Tool was updated this week to detect a generic type of fake antivirus program known as "Win32/InternetAntivirus."
The Microsoft Malware Protection Center gives Win32/InternetAntivirus an alert level of "severe." The software is "a rogue program that displays false and misleading alerts regarding malware, in order to convince users to purchase rogue security software," according to a Microsoft Malware Protection Center blog post. The program also displays a fake "Windows Security Center" message.
This screenshot shows the fake alert the Win32/InternetAntivirus malware displays to try to scare people into paying money.
(Credit: Microsoft)In addition, the rogue program runs a password stealer called "TrojanSpy:Win32/Chadem," which tries to steal FTP usernames and passwords that can be used to compromise servers for hosting malware.
"They use new domain names every day, often registering multiple names at a time, like scanfan4.info, star4scan.info and scanstar4.info," the Microsoft post says. "This is all pretty normal rogue behaviour these days. As always, only use security software that has been tested by a trusted third party."
Fake antivirus programs are very common and provide a way for scammers to make easy money. The scammers prey on the fears of Web surfers who are misled into believing their systems are infected and then pay, typically, $50 for a program that not only doesn't protect their computers, but often turns out to be malicious.
Microsoft and the attorney general's office in Washington state filed a handful of lawsuits last year over so-called "Scareware" pop-up ads that entice consumers into paying for software that supposedly fixes critical errors on a PC.
The Malicious Software Removal Tool is updated every second Tuesday of the month as part of Patch Tuesday.
Separately on Wednesday, Barracuda Networks, a provider of e-mail and Web security products, warned of a Web site using the Barracuda brand to sell a rogue antivirus program. If downloaded, the program performs a fake scan of the computer and installs spyware, the company said.
Let's assume you're on the receiving end of the worst April Fool's Day joke of 2009: your computer's been infected with the Conficker virus. It's a frustrating but not insurmountable problem. This guide will walk you through how to cleanse your computer and inoculate against other Conficker variants.
First off, make sure that you are actually infected. There aren't many warning signs, but a few will stand out if you know what to look for. One fast way to check is to try to visit any major security software publisher's Web site. If you've cleared your browser cache beforehand, and you can load the sites of Symantec, Eset, Avira, or AVG, you're clean because Conficker blocks access to them.
Another good litmus test is to check on the status and functionality of Windows services such as Automatic Updates, the Background Intelligent Transfer Service, Windows Defender, and Error Reporting Services. If any of those have been disabled without your consent, or if your account lockout policies have changed without approval, you might be infected. Other warning signs include unusually high traffic on your local area network, and domain controllers responding slowly to client requests.
If you're running an up-to-date virus scanner, it's unlikely you'll get infected unless you've configured your computer to not receive automatic Windows updates. Checking your list of installed updates for security update MS08-067 (KB 958644) is not recommended because the worm, alternatively known as Kido, Downup, or Downadup, fakes the patch job.
... Read more
Correcting a long-standing oversight by Apple, AppCleaner completely removes unwanted programs from your Mac OS. Dragging applications to the Trash just isn't enough because almost every app installs various support files in several different places all over your computer.
AppCleaner is one of the best utilities around to help you track down and delete these files. It provides a slick, 3D interface and two options for deletion: you can either drag and drop applications onto AppCleaner's main window, or you can have AppCleaner list potential applications--and even widgets, plugins, and screensavers--to uninstall. The program will then show you all the related files for any app you're uninstalling and ask which you want to delete.
You can set AppCleaner to "protect" certain applications from accidentally getting trashed, too, by manually specifying them or just by auto-protecting all default and currently running apps. AppCleaner also comes with a SmartDelete option that detects when apps are trashed and offers to remove the related files, making it great for cleaning up past messes as well as preventing future ones.
Although we love freeware Revo Uninstaller here at CNET Download.com, ZSoft Uninstaller should appeal to users who want something better than the native Windows installer, but don't need all the extraneous features. As the developer promises, ZSoft Uninstaller is indeed far superior to the native Windows program uninstaller. The freeware first runs the unwanted program's original uninstall option before cleaning up with its own technology. But for a more thorough uninstall, ZSoft Uninstaller offers an analyze function that you can use during the initial installation of programs to track exactly which files are being added to your system.
Later, when you want to uninstall a program, you can click the Analyzed Programs tab and rest assured that when you uninstall the program every associated file will be included. The search box for finding specific programs and the capability to get rid of temporary files are useful additions.
ZSoft Uninstaller works well, although it's not as robust as Revo. Even though it may not have all the chrome of the competition, when it comes to getting its core task done--uninstalling unwanted applications--ZSoft Uninstaller is a good choice.
One of the best programs out there for giving more control over Windows functions to users, Revo Uninstaller does far more than fast uninstallations. It has several levels of programs removal, from basic to giving your Registry a thorough scrubbing. Revo also provides in-depth resources for researching just what a program is and does, so you know what you're removing, as well as offering a suite of strong system tools. Check out what it can do for you in this First Look video.
One of Power Downloader's pet personal computer peeves is the Safely Remove Hardware icon that pops up and nags him anytime he removes a device. External hard drive, thumb drive, a USB-powered fan--there's no escaping that pesky pop-up.
Except, of course, there is a solution. In fact, there are two easy solutions, says Power Downloader: One uses a small program, while the other involves tweaking the QuickLaunch bar's properties.
The tiny and free program called Icon Remover comes with two functions: a button to remove the Safely Remove Hardware icon, and a second button to restore it. That's all the app does, but it's certainly the simplest way to tame that unruly icon. Simple and effective, it's a reasonable way to solve the problem without having to remember various twists and turns in the QuickLaunch properties box.
The QuickLaunch bar properties give users control over pop-up icon behavior.
(Credit: CNET Networks)If that labyrinthine pathway to icon removal appeals to you, or if you prefer to not download a 500KB program for such a tiny issue, there is a way to access that icon's behavior from within Windows that doesn't involve hacking the Registry. Right-click on the QuickLaunch bar in the tiny space below the clock, and select Properties from the context menu that appears.
Under the Notification area, hit Customize and then scroll through the choices until you see Safely Remove Hardware. Change the default setting of Hide When Inactive to Always Hide--you've now taught that annoying pop-up to stay down, and you've prevented one of Power Downloader's pet peeves from becoming your own.
(Credit:
CNET Networks)
Every Windows user knows that removing a program is more complicated than just deleting it. During the installation process, several files are dropped into different areas of your system to make a program work. The Windows Add/Remove programs utility was meant to be the tool to use for getting the various parts of programs off your hard drive, but it doesn't always do a great job.
Fortunately, some savvy developers designed uninstall programs to do all the guesswork for you. These applications attempt to gather all the files associated with unwanted programs, so that you can get every component of the software off your hard drive for good.
It's important to note that, while these programs do a great job of rooting out rogue files, my experience is that you still want to check all files thoroughly before deleting them--the best defense against getting rid of something you might need is checking it over carefully. With that, here are my three favorite uninstallers.
Simply pick the unwanted program from the list and hit Uninstall.
(Credit: CNET Networks)Your Uninstaller 2008 lists all your installed programs in a window letting you quickly choose which applications you want to uninstall. Double-clicking on a program begins the uninstall process. Your Uninstaller 2008 runs the available uninstaller which comes with the program you want to uninstall, then it rechecks your hard drive for files the program's uninstaller may have left behind. In my tests, this program worked pretty well to get all the associated files out of my system, but the steep demo limitations are pretty frustrating. You only get two uninstalls per launch of the program before you register ($39.99) and you can only use the program for 21 days.
The sparse interface hides powerful tools to get rid of applications for good.
(Credit: CNET Networks)ZSoft Uninstaller is a free program which uses a similar technique to Your Uninstaller 2008. It first runs the unwanted program's original uninstall option before cleaning up with its own technology. But for a more thorough uninstall, ZSoft Uninstaller offers an analyze function that you can use during the initial installation of programs to track exactly which files are being added to your system. Later, when you want to uninstall a program, you can then click the Analyzed Programs tab and rest assured when you uninstall the program, every associated file will be included. The search box for finding specific programs and the capability to get rid of temporary files are nice additions to this free program.
Use this dialog to choose how thoroughly you want Revo to look for associated files.
(Credit: CNET Networks)Revo Uninstaller, which has been featured recently here at Download.com is another solid free uninstaller. With Revo, you can choose the level of uninstall you want it to perform, from simply using the programs included uninstaller to performing a deep scan of associated files in the registry for a thorough cleaning. Revo Uninstaller takes you through each step of the process giving you the power to save certain files from deletion. Revo also offers a "Hunter Mode" which places a cross hairs icon on your desktop. To get rid of a program, simply drag the cross hairs over a programs unwanted shortcut icon and Revo will find all associated files and take you through the steps for deletion. Even as a free program, Revo uninstaller is definitely tough to beat in this category of software.
Getting rid of old and unused programs is a great way to make room on your hard drive, but sometimes the Add/Remove programs utility is not enough. If you really want to clean up your computer, these uninstaller options will almost always do the trick. As always, if you have a better uninstall program than the ones listed, please let us know in the comments so we can check them out!
True story, happening now. It's 1:48 a.m. on a Saturday morning and I'm hand-picking through a mountain of spyware and adware on a friend's laptop. I've borrowed the laptop and Internet connection to "quickly" finish some work, then quickly realized this was actually going to take all night. After a 20 minute start-up churn, I had only just gotten VPN running and Firefox loaded. It wasn't the interminable start-up that had me worried so much as the two casino icons squatting on the desktop. There's no way they were legitimate on this straight-laced pal's rig.
As soon as Revo Uninstaller finally loaded, it was immediately clear that despite updated McAfee protection, the laptop, ancient by the modern standards of a disposable economy, was riddled with adware and spyware. We're talking 180Solutions, WhenU, TopText, CommonName, and a slew of mysterious-sounding toolbars that never showed up on any browser. Not that I'm blaming McAfee--there are years of security unawareness, lapsed protection, and misclicks that I'm sure are bound to this six-year-old Hewlett-Packard. Assignations of blame don't matter, anyhow. What matters is thoroughly junking the refuse that I angrily know is collecting data and bogging down the computer performance.
These 32 registry items won't be sneaking around on my watch.
(Credit: CNET Networks)I've chosen Revo Uninstaller as my weapon of choice for a few reasons. First, ever since we editors discovered it, it's become a personal favorite. I appreciate the four levels of in-depth removal, and the way the app scours registry and hard-drive files well after completing the unwanted app's built-in uninstaller. It's amazing how many registry entries, program files, and auto-starting dlls remain.
Second, I'm curious. Running a spyware removal program--and there are very good ones--would likely take out most of the adware trash, but would I be any wiser? Late as it is, I'd rather see where the files are hiding out and under which names and pseudonyms. I'd like to eyewitness what the 500 registry entries left behind after the uninstall are called, and get a feel for their cunning. I'm keeping the enemy close. You know, before disposing of it.
By now I've gone through a few demolition rounds, hitting the "brand-named" adware first, and already the desktop looks trimmer. Those garish casino icons have disappeared, their flames deprived of fuel. Adware and spyware beget more adware and spyware, so in some cases, slashing the main app can weaken its spin-offs. Manually deleting those offending icons from the screen, however, wouldn't have done a darn thing to the files in the driver's seat, least of all facilitated the kinds of connections I'm seeing now.
Some of these leftover apps I see in Revo are in obvious need of burning out, like the MBKWbar Toolbar; for everything else, a little Web search helps determine my allegiance while Revo Uninstaller does its worst with the parasite at hand.
It's 2:19 a.m. and the coast is looking much clearer. Of course, caution is necessary any time you get in the vicinity of essential computer processes, but a good uninstaller should help you along. That and my great-grandmother's mantra, "When in doubt, don't," have rung true this far. I'll soon be able to restart the computer to complete some of the leftover file deletion (that's normal,) then set the trusty laptop to defrag overnight. Then I'll come back tomorrow, refreshed, to finish the job with a CCleaner bath and one more antispyware scan just to make sure.
It's true. Some security apps get more fame and recognition than others. Why is Spybot Search & Destroy cited more often than BitDefender Free Edition, or McAfee's online virus scan better known than Trend Micro HouseCall, a tool that also removes what it detects?
In a stab at fairness, we've picked out five of the more overshadowed, but still reliable, antivirus software titles and highlighted their main points. Give them a whirl and let us know in the comments why you can't live without your favorite undersung security app.
For many of us, empty directory folders are a cause for little concern. Sure it's annoying when you open a folder, not able to remember its contents, and discover it emptier than your fridge on a midnight munchies run. That annoyance--the empty folders, not the empty fridge--has spurned one programmer to action. Remove Empty Directories is the result, and it's not hard to guess what it does.
... Read more
