Don't fall for bogus antivirus downloads

Home

Newsletter

Search

Reviews

Polls

Contact

This issue

Library

Upgrade

Preferences

Unsubscribe

Windows Secrets Newsletter • Issue 165 • 2008-09-04 • Circulation: over 400,000

Windows Secrets & Support Alert using a shorter name

The temporary logo (shown at left) that we've used for the past two months was created when the Support Alert Newsletter merged with the Windows Secrets Newsletter in July 2008. As was announced on July 9 by the editor of Support Alert, Ian "Gizmo" Richards, our long, transitional name is being shortened to simply Windows Secrets as of today.

We'll still keep bringing you columns by Gizmo, our senior editor, twice a month. His latest installment is in this week's paid content. (How you can get our paid content with no fixed fee.) Thanks for your support! —Brian Livingston, editorial director

Table of contents
TOP STORY: Don't fall for bogus antivirus downloads
KNOWN ISSUES: Problems with Windows XP SP3 persist
WACKY WEB WEEK: This guy couldn't spell "IQ" with a dictionary
BEST SOFTWARE: Low-cost online backup beats free alternatives
WOODY'S WINDOWS: Put Windows' built-in spyware catcher to use
PERIMETER SCAN: Free Windows security checker is flawed
PERMALINKS: Send these links to your friends and co-workers
YOUR SUBSCRIPTION: How to change your address or unsubscribe

ADS

Download a free PC-performance scan
RegCure repairs your Registry and automatically makes your PC's performance like new. Remove Windows errors instantly and clean up your Registry. RegCure is an award-winning product — download a free scan now!
ParetoLogic

Your PC is not slow...
... it just needs a tune-up. Run the all-new, free PC Pitstop PC Optimize 2.0 scan now, and in just minutes receive a free custom report showing you how to keep your PC running at peak performance.
PC Pitstop

See your ad here

TOP STORY

Don't fall for bogus antivirus downloads

By Scott Dunn

A new virus strain pretends to remove malware but actually does just the opposite: it infects your system.

Fortunately, you can use a few simple steps to tell the difference between these rogue antivirus programs and legitimate security software.

Antivirus apps may be malware in disguise

A dangerous new virus is making the rounds in the guise of a legitimate antivirus program. Going by such names as "Antivirus XP 2008" and "XP Antivirus 2009," this malware, as described in a recent Computer Associates advisory, succeeds by looking like a legitimate Windows program.

The Internet security blog Donna's SecurityFlash reports that rogue antivirus programs such as these are being promoted through spam messages that link to an automatic download of a virus installer.

With such aggressive methods afoot to fool security-minded users, how do you know when an antivirus product is legitimate? Use the following guidelines to ensure that the security products you download are legitimate.

Choose your security vendor deliberately

Be careful how you select a security vendor. Just because you see an ad for a vendor or product on a highly reputable site doesn't mean the advertiser is reliable.

Conversely, an ad for a reputable product or service on an unfamiliar site doesn't mean that you can trust the site. Advertisements are often distributed by third parties beyond the editorial control of the hosting site. That's why you may find ads for untrustworthy products on legitimate sites, and ads for legit products on bogus sites.

Services such as the free McAfee Site Advisor and the Web of Trust add-on for the Firefox browser evaluate beforehand the safety of the site you're about to visit. (Windows Secrets contributing editor Becky Waring reviewed Web of Trust in her July 17 column.)

Because the ratings generated by these tools may be based on out-of-date reports, they aren't perfect. But they serve as a useful line of defense.

Another way to evaluate sites before you visit them is with the free LinkScanner Lite application. Rather than rely on second-hand reports, LinkScanner analyzes the code of a given site to check for stealth downloads and other malicious behavior.

The free version of the program requires that you right-click a link manually to get a risk analysis before you surf to the site. If you want your Google and Yahoo search results to be scanned automatically (in addition to other added features), buy LinkScanner Pro for $20.

Published reviews praise LinkScanner for detecting hacked sites, although the program fares less well when rated for detecting phishing sites. CNET's review gave LinkScanner an overall rating of 7.5 out of 10. PC Magazine's evaluation was similar, awarding the program 3.5 out of 5 stars.

Finally, never visit a shopping site by clicking a link in a spam message. Even if the message claims to be pitching a reputable product, such as one from Symantec or ZoneAlarm, the link may actually take you to a counterfeit site.

Color-coding the good guys and bad guys

One site that has been tracking rogue anti-malware products since 2004 is Spyware Warrior. If you're considering a product whose validity is not certain, your first screening step should be to search Spyware Warrior's blacklist. Although Spyware Warrior focuses on identifying fake antispyware apps, the service's blacklist of suspicious sites and products also includes a lot of rogue antivirus applications.

Additionally, consult a whitelist of products that have been certified by a reliable independent organization. One such organization is ICSA Labs (formerly the International Computer Security Association), an independent research and certification division of Verizon Business. On its site, ICSA maintains a list of antivirus products it has certified according to its criteria.

Once you've validated a product to your satisfaction via these resources, you're probably safe downloading it directly from the vendor. But to be extra cautious, consider going to a reputable download source that scans every item before placing it in its library. Such sites include_once CNET's Download.com, the Downloads page of PCWorld.com, ZDNet's Downloads page, and Tucows.com's security section.

These days, every PC user needs security software to protect against online threats. But when the security software itself becomes a threat, the solution becomes a problem.

Fortunately, with a little care, you can dramatically reduce your risk when shopping for safe and effective security products.

Scott Dunn is associate editor of the Windows Secrets Newsletter. He has been a contributing editor of PC World since 1992 and currently writes for the Here's How section of that magazine.

Table of contents

ADS

Back up your data with ZipBackup
Finally, a backup program that's easy to use. ZipBackup's Wizard makes backups a snap for beginners. Filtering, scheduling, and disk spanning make it a powerful tool for experts. For a limited time, Windows Secrets readers receive 25% off.
ZipBackup

Make Windows Vista screaming fast
Vista users will love this comprehensive software that has many tweaks built in to make Windows Vista and Windows XP run as fast as possible. Drastically speed up your computer — download today!
Advanced Vista Optimizer

See your ad here

KNOWN ISSUES

Problems with Windows XP SP3 persist

By Dennis O'Reilly

If you're still on the fence about XP's Service Pack 3, best to stay there for a while.

We continue to hear from readers whose PCs choke on the update, and for very different reasons.

XP SP3 should ship with two aspirins

I'm sure Microsoft made every effort to ensure that the distribution of Windows XP Service Pack 3 would go smoothly. Unfortunately, the company's efforts didn't keep some Windows Secrets readers out of the update muck.

One of the many people who shared their SP3 pain with us was Almer Procyshyn, who was seeing the Internet Explorer customization screen every time he started IE 7:

"Recently, like many others I have noticed, I experienced problems with my laptop after SP3 was installed, one being the RunOnce setting for IE 7. Many forums suggest modifying the Registry, but the simple most effective solution is:

Tools, Internet Options, Advanced, Reset (under Reset Internet Explorer settings), OK.

"This allows you to [reset your] RunOnce settings. Simple, and it works."

If only all SP3 glitches were so easy to resolve. Note that this workaround changes all IE 7 settings back to their default values, which may not be what you want. To fix the problem with a specific change to the Registry or using local security policy, see an explanation at Online Tech Tips.

While most XP users who have installed SP3 experience no problems, the risk/reward balance suggests that there's no hurry to apply the patch, at least until Microsoft stops supporting SP2 — many months from now.

Renewal pop-ups tick off antispyware user

Reader Ted Cohen is mad as hell at SpySweeper, his antispyware vendor, and he's going to take his business elsewhere.

"I have used SpySweeper for years and agree it is among the best. However, 30 days prior to my subscription expiration, the software begins automatic renewal-notice pop-ups every time the machine reboots — for me, several times a day.

"SpySweeper support says the pop-ups cannot be removed. It is intrusive and annoying, as the pop-ups override my applications. I pay SpySweeper to stop hackers from installing trash on my machine, but it seems they are as guilty as the bad guys where their own revenue is involved.

"All it would take is the usual 'do not show this message again' checkbox to make me happy, but these guys are shameless. I like their software, but I am going elsewhere."

The computer industry may not own the patent on alienating customers (see Automobiles, American), but software vendors in particular have made an art form out of it.

How good does a program have to be for you to put up with such annoying renewal reminders, not to mention update pop-ups and other intrusions? How loathsome do a company's marketing practices have to be for you to toss a product you're otherwise happy with?

Readers Almer and Ted will each receive a gift certificate for a book, CD, or DVD of their choice for sending tips we printed. Send us your tips via the Windows Secrets contact page.

The Known Issues column brings you readers' comments on our recent articles. Dennis O'Reilly is technical editor of WindowsSecrets.com.

Contents Index

ADS

Save up to 76% on quality inkjet ink
We offer the sharpest prices on the Web for quality ink and laser toner. Back-to-school bonus: save an extra 10% by using coupon code SCH4545M. Free shipping to contiguous USA locations for all orders over $50. Offer expires 09/30/2008 and excludes OEM items.
4InkJets

Instantly fix driver problems
Driver Detective provides the most up-to-date drivers specific to your computer! With more than 1 million drivers, Driver Detective saves you endless hours of work and aggravation normally associated with updating drivers.
Drivers HeadQuarters

See your ad here

TELL A FRIEND

How you can share this information

We love it when you send your friends links to our articles. But please don't forward your copy of our e-mail newsletter to people, which subjects us to spam complaints. Instead, simply suggest that your friends visit this issue's permanent Web address, shown below. A complete index at the bottom of the Web page provides you with hyperlinks to any article you'd like to recommend.

The address of this issue is http://WindowsSecrets.com/comp/080904

EDITOR'S BOOKSHELF

Get the tips you need about Windows Vista
The all-new Windows Vista Secrets helps novices and experts alike understand Microsoft's latest operating system. "To really appreciate what is in Vista, you almost need to read through the leading book on the product, Windows Vista Secrets, by Brian Livingston and Paul Thurrott," writes Rob Enderle, principal analyst of the Enderle Group, in TechNewsWorld. "It's 595 pages of things you can do with this product — most of which you probably wouldn't have discovered for some time, let alone right at first." Check the book out now for tips you can use.
More information: United States / Canada / Elsewhere

Spam-Proof Your E-Mail Address, 2nd Ed.
This 32-page e-book by Brian Livingston gives you step-by-step instructions that can prevent 97% of the spam that would otherwise clog an e-mail account. You could call it "Livingston's Spam Secrets." The PDF e-book is the result of months of experiments and tests we conducted. We now receive little or no spam to the addresses we used as guinea pigs. These tests show that you can make your e-mail addresses invisible to spammers, not just battle an ever-growing flood. The methods we describe work with Windows, Apple, and Linux and don't require any filters or block lists — but you can use those in addition to the book's techniques, if you wish. More info

Table of contents

WACKY WEB WEEK

This guy couldn't spell 'IQ' with a dictionary

By Katy Chenoweth

For many of our readers, September is back-to-school time. Even though most of us haven't cracked a textbook in years, this season still conjures up images of academia and new beginnings.

In that spirit, we present this hilarious clip about an IQ test gone wrong. Sure, booksmarts aren't everything... but this guy is lucky if he earns a degree in recess! Play the video

Table of contents

PERMALINKS

Free content posted on Sept. 4, 2008:

TOP STORY
By Scott Dunn
Don't fall for bogus antivirus downloads
Antivirus apps may be malware in disguise
Choose your security vendor deliberately
Color-coding the good guys and bad guys

KNOWN ISSUES
By Dennis O'Reilly
Problems with Windows XP SP3 persist
XP SP3 should ship with two aspirins
Renewal pop-ups tick off antispyware user

WACKY WEB WEEK
By Katy Chenoweth
This guy couldn't spell "IQ" with a dictionary

You get all of the following in our paid content:

	BEST SOFTWARE By Ian "Gizmo" Richards Low-cost online backup beats free alternatives The pros and cons of storing backups on the Net A bargain for backing up multiple PCs An online-backup service with options Unlimited backup space, but limited accessibility For backing up multiple PCs, the choice is clear
	WOODY'S WINDOWS By Woody Leonhard Put Windows' built-in spyware catcher to use A "spyware catcher" in name only? Defender keeps unwanted apps from autostarting Make sure Defender is guarding your system Take control of your system's autostart apps The right way to tweak Defender's settings Other ways to block startup apps in Windows
	PERIMETER SCAN By Ryan Russell Free Windows security checker is flawed A new government standard for security Freebie gets only half the job done Flawed scoring leads to questionable results

Get our paid content by making any contribution

	There's no fixed fee! Contribute whatever it's worth to you Readers who make a financial contribution of any amount will immediately receive the latest issue of our full, paid newsletter and 12 months of new paid content. Pay as much or as little as you like — we want as many people as possible to have this information.
	A portion of your support helps children in developing countries Each month, we send a full year of sponsorship to a different child. Your contributions in September are helping us to sponsor Richard Daka (left), a 12-year-old in Zambia, a landlocked country in southern Africa. His family lives on U.S. $62 per month. Children International channels development aid from donors to Richard and his community. We also sponsor kids through Save the Children and other respected agencies. More info
	Upgrade to our paid content and get bonus downloads Several times a year, paid subscribers can download valuable content that we've licensed for them. Make a contribution by Sept. 10, 2008, and you'll be entitled to receive an exclusive excerpt from the new paperback edition of Options: The Secret Life of Steve Jobs (left). The new edition is just now showing up in bookstores, but paying subscribers to the Windows Secrets Newsletter can get the best chapters free in a downloadable PDF file. Info on the printed book: United States / Canada / Elsewhere

Use the link below to learn more about the benefits of becoming a paid subscriber!

More info on how to upgrade

Thanks in advance for your support!

Table of contents

YOUR SUBSCRIPTION

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets resulted from the merger of several publications: Brian's Buzz on Windows and Woody's Windows Watch (2004), the LangaList (2006), and the Support Alert Newsletter (2008).

Publisher: WindowsSecrets.com LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editorial Director: Brian Livingston. Senior Editor: Ian Richards. Associate Editor: Scott Dunn. Technical Editor: Dennis O'Reilly. Program Director: Tony Johnston. Web Developer: Damian Wadley. Editorial Assistant: Katy Chenoweth. Copyeditor: Roberta Scholz. Chief Marketing Officer: Jake Ludington. Contributing Editors: Susan Bradley, Mark Joseph Edwards, Woody Leonhard, Ryan Russell, Scott Spanbauer, Becky Waring.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, Support Alert, WindowsSecrets.com, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their respective owners.

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

WE GUARANTEE YOUR PRIVACY:

1. We will never sell, rent, or give away your address to any outside party, ever.
2. We will never send you any unrequested e-mail, besides newsletter updates.
3. All unsubscribe requests are honored immediately, period. Privacy policy

HOW TO UNSUBSCRIBE: To unsubscribe from the Windows Secrets Newsletter,

Visit our Unsubscribe page.

Table of contents