Beware over ambitious clean up programs
Last month I wrote about problems caused by the security company McAfee. An update from McAfee falsely accused my WinPatrol program of being a dangerous Trojan. A slow response from McAfee cost some business but mostly hurt our reputation for over a week. I’ve had a number of people ask me how things were going since this annoying experience.
Unfortunately, my story isn’t unusual. What we call “False-Positives” happen all the time and reputable companies take them serious. Most companies certainly don’t want to cause more harm than they help.
There’s another potential danger from programs promoted as Registry Cleaners and/or system optimizers. They can also delete program files or registry values that they decide may be harmful. How they decide what needs to be cleaned appears to be arbitrary. Currently, the only program of this type I recommend is Optimize 3 from PC Pitstop.
My most recent efforts have been to contact folks with Piriform a company who distributes a program called CCleaner. This program is well respected as a utility which will help clean up your computer claiming to make it run faster and more secure. One of our friends found out if you’re a WinPatrol user CCleaner will remove one file you’ll want to keep. CCleaner does provide an option to exclude WinPatrol which for now I recommend unchecking.
While I’m honored to be included, WinPatrol users will want to uncheck this box. The history.txt file is an important file you won’t want deleted. The history.txt file stores a lists of actions you took using WinPatrol. If for some reason you want to recover a change you’ve made it won’t be possible without the history file. If at sometime you want to clean up this file WinPatrol already provides a button to initialize it.
My experience with McAfee wasn’t the best but they’re not alone. There’s an company in Norway called Norman which continues to classify WinPatrol as a Trojan even though I’ve contacted them multiple times. Since they’re not very popular in English speaking countries I haven’t had many complaints but I’m sure it has hurt our reputation in Europe.
I have however had some good experiences. In the past month I’ve had two reports of false positives caused by new software from Panda Security. After my first report last month they updated all their users and resolved the problem within 24 hours. This weekend I started to get new reports but they had it fixed before I found the time to report it.
Another security company ESET tells me their test procedures are so extensive that WinPatrol is included when they test any new signature files.
I’m also a big fan of the site VirusTotal.com. If you ever find a suspicious file you can uploaded it to VirusTotal and have it evaluated by up to 43 different anti-virus signature files. VirusTotal also allows you to join their community and comment on files you test.
Update 11/11: I heard early this morning from a rep from Piriform and they have agreed to leave the history.txt alone but will continue to include WinPatrol logs in their clean up. Thanks!