Uninstall Captchas?

Software follows a life cycle on a computer, which begins with installation and ends in uninstallation. Uninstallation may happen for various reasons, new version of the software, free disk space for other things. Removing software should be less painful than installation. Software that is difficult to remove is evil. Viruses and spyware/malware typically make the removal process as painful as possible. Oddly enough Symantec does the same thing with their consumer grade “Security Software”.
Are you human?
While working on a computer for a neighbor, I came across a few tool bars and other general junk installed on the computer. Even though tool bars usually are not spyware, there is no reason to have the Google, Yahoo, and ask tool bars installed plus a few others. The uninstallers were one or two click installers, pretty standard stuff. Then came the odd software. No one knew what it was, but it was sitting on the installed applications list. Before uninstalling, the user was prompted to fill out a captcha to prove that they were not a computer. After filling it out the uninstall process proceeded as usual. A second software package had the same sort of thing, but it was a tad more sophisticated. It had animated noise bars. Either way, why are these software writers afraid of automated removal of their software? It is pretty obvious, they wrote malware.

What did it do? Well, the obvious thing was auto spawning and eating up 50% of the CPU resources (the system has a Pentium D 820 processor). It disguised itself as Internet Explorer (Why anyone still uses IE is beyond comprehension). Additionally it would cause periodic pop ups and a odd message alert prompt stating “Windows Explorer” when entering Control Panel.

-John Havlik

[end of transmission, stay tuned]

Iframe-B-Gone 1.1

Announcing the immediate availability of Iframe-B-Gone 1.1.0. This new version’s interface matches better with WordPress 2.5’s new dashboard. A dashboard widget performs quick scans of the default terms (yes terms, delimited by comments) and counts how many infections have been cleaned. Note that even with multiple search terms possible, only automatic removal of iframe tags is fully supported. That said, the WordPress Exploit Scanner may be a more valuable tool even though it does not automatically protect against iframe injections.

The new version is available on the Iframe-B-Gone project page.

-John Havlik

[end of transmission, stay tuned]