CBS/CNET recommended I use an Uninstaller to remove their malware

[jim54]

Hope this is the right thread ? After complaining to CBS/CNET about noted malware installed from a link on their site, asking for a procedure to completely remove a complex coctail of Chinese software, they recommended I use an Uninstaller. I followed the advice, but some unrequested software clearly remains, and it keeps growing and affecting my Chrome Browser in number of ways. I start from the beginning:

 

On 30/4/14 I googled for reviews of YouTube video downloaders. The CNET review of 'YTD Video Downloader' was near top of list. Of the CNET reviews of others, at the time it was the only one they gave a full 5 stars and marked 'outstanding'.

 

I prefer offline install for more confidence on what/when installed. YTD only offered online install, but as CNET gave it their highest recommendation over other Downloaders, and reviewer said it asks before installing anything but YTD, I took chance to install directly. I had misgivings during the install, as it was taking a surprisingly long time to install on a fast connection. There was no obvious prompt to install any other programs other than YTD.

 

To my horror, when it finished my desktop covered with a program I never heard of called 'Mobogenie/Mr Flap' which worse still was in a foreign language. I emailed the support@youtubefreedownloader.com address given by YTD website pointing out they had installed the above mentioned unwanted program without my permission, asking does your program intentionally install unwanted other software not needed for the primary function of downloading just a YouTube video, and how do I get rid of it.

 

I then noticed the 'install' had installed a Chinese 'anti-virus' (BAIDU) over my AVG and something called 'SUPTAB', which according to http://www.malwareexperts.com "SupTabs installation is usually done in the background, hidden from the eyes of users, and when excessive advertising starts to appear on their favourite websites surfers will have no idea what is going on". I then read on http://www.malwaretips.com "..it exhibits plenty of malicious traits, such as rootkit capabilities to hook deep into the operating system, browzer hijacking, and in general just interefering with the user experience". They go on to say "... is bundled within the custom installer on many download sites (examples: CNET, )" !!! I had always thought CNET recommendations and downloads can be trusted to be malware free ?

 

Looking on their site later, I do could not find any prominent assurance of that like Softpedia's : "Softpedia guarantees that [this app] is 100% FREE, which means it does not contain any form of malware, including spyware, viruses, trojans and backdoors". On looking further, I see a number of CNET readers also complained YTD is full of malware. A small consolation has been the Chinese 'anti-virus' appears not to have disabled my AVG which has reported 6 malware threats since the laptop was purchased last February - but that 5 of those 6 were all since I visited your site on 30 April !

 

As YTD had not repliedl I sent reminder pointing out further changes to my computer their installer had made, asking them for a list of changes beyond the YTD install, how to safely get rid of them, pointing out I am avoiding using that laptop while their unauthorised changes remain installed. As still no reply, I thought to try removing them myself using 'IO Uninstaller' (it was recommended elsewhere as far more thorough than Windows uninstall). I know IO Uninstall works, as I used it to uninstall some other things, but when it came to 'Movigenie' it hung forever, so having to force exit, I did not receive a 'success' message, and so am not sure if offending program completely removed.

 

I read malware 'SUPTAB, being a rootkit, is very difficult to remove and requires a special program.

 

IO Uninstaller was unable to remove the BAIDU AntiVirus

 

My last email to YTD pointed out Anti-Virus programs are notorious for being difficult to remove, yet no response.

 

It also installed 'Sweet Page' - a browswer hijacker and another called 'WPM18.8.0.212' from 'Cherished Technology Ltd' - from HongKong, "a company known for their malicious programs" according to http://www.malwaretips.com, and which is there to protect the other malware from being uninstalled.

 

Since read 'Movigenie' also comes from China and considered malware, hence the problem IO Uninstaller had trying to remove it.

 

It appears the program they gave the highest 5 star rating to has installed a complex cocktail of malware, that will require a very complicated and lengthy process to recover my computer from this hijack.

As no contact point on CNET, I emailed parent company Columbia Broadcasting to I ask a) revise the review to warn readers of the malware this software installs, and b) offer readers a 100% guaranteed painless as possible procedure to remove in the correct sequence, the complex cocktail of Chinese malware their link has installed.

 

I had assumed as part of CBS Broadcasting, CNET reviews and download links as trustworthy as other well-known sites like 'Softpedia', with a 100% malware free guarantee.

 

Their reply seemed quite unconcerned and not very helpfull only suggesting I visit CNET to download on of their recommended Uninstallers - but if they had read my email carefully, they would have seen I already used IObit Uninstaller on the 1st of the malwares.

 

That was before I researched the other items installed and was told they were rootkits and other malware, requiring a complex removal procedure. With no better advice, in an attempt to regain some control over my laptop, after their reply I did use IO Uninstallers on the above, and it appeared to remove all the above, except BAIDU AntiVirus.

 

However, my underlying (wanted) AVG is now far more frequently detecting threats than before, some with names related to the supposedly uninstalled software (I did use the 'deep' mode of removal) On 4/7/14 2 new Chinese programs quietly installed themselves : Baidu Spark Browser, and Baidu PC Faster (although my laptop ran a lot slower after install/removal of YTD) Result of that is 'Spark' became default browser, and Baidu PC Faster seens lots of annoying 'Notifications' suggesting I install something else ! I since made Chrome default, but once since, Baidu took over. I normally have around 15 open Tabs for current projects in Chrome - but since Spark arrived, each time I Close Chrome - it forgets my Tabbed Work

 

I travel a lot overseas and depend on online banking. My bank advised avoid using cybercafes, publicly accessible computers, or even my own if infected by spywhere. As a result, I have felt unable to use online banking when away while my laptop remains infected with unsolicited malware. If money is stolen from my account, I am worried my bank could accuse me of being complicit in the fraud, although CBS/CNET show no such concerns.

I am surprised CBS/CNET suggested an Uninstaller to remove malware. I had always thought that category of utility IObit Uninstaller, Revo (which I used years earlier on another pc) were designed purely to overcome Windows notoriously bad 'Uninstall', which is why they are not listed under Malware Tools - even in CNET's review site.

 

This has been my worst of just 2 malware infections in my over 20 years of PC use and has been a severe incovneience, not knowing what personal data may have been stolen this last 10 weeks, and not being able to use the laptop for financial transactions since then.

 

I would be grateful for IObit's view of CBC/CNET advice to use 'an Uninstaller' to remove the noted malware, and your recommendation on a hopefully not too complex procedure on how to remove the suite of (BAIDU: Antivirus, 'Spark', PC Faster) and what may now be only remnants of Moviegenie, SUPTAB, Sweet Page, 'WPM18.8.0.212' as they no longer show in IO Uninstaller.