How to uninstall if installer is not there and checking for malware

There's a better way to uninstall programs that do not have an installer, and I recommend using Nirsoft's UninstallView. UninstallView is a tool for Windows that collects information about all programs installed on your system and displays the details of the installed programs in one table, so you can interogate the columns. 

Sorting my Publisher column to reveal empty publisher is a good way to check for malware.

Available Columns to sort by

Field	Description
Display Name	The official display name of the software (Stored in the Registry)
Registry Name	The name of the Registry key (under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall or HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall)
Display Version	The official display version of the software (Stored in the Registry)
Registry Time	The date/time that the Registry key of the software was modified
Install Date	The official install date of the software, stored in the Registry by the installer
Installed For	Indicates whether the software was installed for a specific user or all users
Install Location	The path of the folder where the software is installed
Install Folder Created Time	The creation date/time of the installation folder
Install Folder Modified Time	The modified date/time of the installation folder
Publisher	The creator of the software
Uninstall String	Full command to uninstall the software
Quiet Uninstall String	Full command to quietly uninstall the software
Change Install String	Full command to change the installation of the software
Comments	Comment about the software, stored in the uninstall Registry key
About URL	URL to the publisher's or application's home page
Update Info URL	URL used to update information on the application
Help Link	Internet address for technical support
Install Source	The folder that contained the installer files
Installer Name	Name of the installer used (e.g., Windows Installer, Inno Setup)
Release Type	Displays the release type of the software (e.g., Security Update)
Display Icon Path	Full path of the icon file
MSI Filename	Specifies the MSI filename (Windows Installer only)
Estimated Size	Estimated size of the software (from the Registry)
Attributes	Attributes stored in the uninstall Registry key (e.g., System Component)
Language	Language of the software (e.g., en-US)
Parent Key Name	Registry name of the parent uninstall item
Registry Key	Full path of the uninstall Registry key

Download UninstallView - View installed applications on Windows 11 / 10 / 8 / 7 / Vista and optionally uninstall them (nirsoft.net)

This will explore the below registry key for you.

For really technical removal you can explore the registry key path in the registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall

Improvement from my last post using free tool from Microsoft, but limited.

Metadata Consulting [dot] ca - Blog: How to remove problem, stuck or hidden software window using a free Microsoft tool

Cloud Storage Phishing email with subject Final Warning: Your Cloud Storage has reached its limit

For the record, this is general Cloud Storage  phishing email attempt that is recently going around, with subject "Final Warning: Your Cloud Storage has reached its limit" What to do?  Report them, goto bottom of page. 

From : CLoud_Notification<tyler.johnson232@prohibitionatl.com> Subject : Final Warning: Your Cloud Storage has reached its limit Outlook has identified this email as spam

PHISHING LINKs;

1. Hover over image
http://216.226.28.34.bc.googleusercontent.com/%dddddddddddd 

How to tell this is a Phishing email ?

1. Check email address in full, if it's not from originating company then it's phishing.
2. Hover over all links in email, if it's not from the company's website then forget it.
3. The best way is to view source message; end examine the source location and emails links are from the domain claimed.

How to examine Email Message Source ?

Now let's look at message source

1. Outlook.com->Actions->View Message Source. 
2. Gmail.com->More (down arrow to top right)->Show original.

Check for suspicious links, anything that does not originate from apple.com.

Report Phishing Email (not as Spam)

1. Outlook.com->Junk (at Top)->Phishing Scam
2. Gmail.com->More (down-arrow to top right)->Report Phishing 

Report Phishing

If you have received this email, take further 

1. https://www.google.com/safebrowsing/report_phish/

Report phishing at Microsoft and government agencies

1. http://www.microsoft.com/security/online-privacy/phishing-faq.aspx

MLab Internet Speed Test by Google - a more accurate internet speed test

Legacy Internet Speed Test Explained

Most internet speed tests base are based on traditional measurement of downloading a single stream (large file download). This is not a true representation of start/stop internet mixed traffic like your browser.

Most of us are most test internet speed while browsing sites.  A typical browser loads thousands of mini files (html, css, js, media files) when you visit a page. 

Now adays, even traditional single file videos streams are chunked into smaller pieces, so single file download test is outdated.  Below picture, are files loaded when watching a Youtube.com video. 

Enter, a modern traffic internet speed therefore was needed, enter M-Lab Tests - M-Lab (measurementlab.net)

Legacy Internet Speed Test

Speed test by Ookla (used by all internet providers) measures only continuous single stream (large file download) but is not a true representation of start/stop internet mixed traffic like your browser.

I am contracted with Rogers for 1.5Mbps Down, 50Mbps up, and this lines up conveniently, but my internet is slow. 

MLab internet speed test is block internally by Rogers support, when I recently called technician about my slow internet! 
 

Modern Internet Speed Test

The Measurement Lab test sponsored by Google, uses mixed traffic. MSAK measures multi-stream traffic focused on throughput and latency, while NDT focuses on single-stream upload/download speeds and network diagnostics. MSAK is a more realistic internet traffic measurement.

Do ⇨ MLab Internet Speed Test

The MSAK test is more accurate load test that more accurately represents browsing websites. 

		NDT	MSAK
	Test Server	Toronto, CA	Toronto, CA
	Download	409.85 Mb/s	711.61 Mb/s
	Upload	17.36 Mb/s	5.87 Mb/s
	Latency	38 ms	20 ms
	Retransmission	0.23%	0.00%

Modern Internet Speed Test Explained

MSAK (Measurement Swiss-Army Knife)

MSAK is a measurement service hosted by M-Lab that implements two different test protocols:

• throughput: A configurable Websocket-based throughput measurement protocol capable of multi-stream tests. Its design is partially based on M-Lab’s single-stream measurement protocol, NDT. Configurable parameters currently include:
  • Number of streams
  • Congestion control algorithm
  • Test duration
  • Per-stream byte limit
• latency: A UDP-based latency measurement protocol.

This is measurement is more reflective of website browsing traffic.

NDT (Network Diagnostic Tool)

NDT is a single stream performance measurement of a connection’s capacity for “bulk transport” (as defined in IETF’s RFC 3148). NDT reports upload and download speeds and latency metrics.

This is more like a traditional test; a more technical test used to for diagnosing issues with the network. 

Copilot Comparison

🔍 Key Differences

Feature	MSAK	NDT
Measurement Type	Throughput (multi-stream) + Latency	Throughput (single-stream) + Diagnostics
Protocols Used	WebSocket (TCP), UDP	TCP (BBR, Cubic, Reno)
Configurability	High (streams, duration, CCA)	Low (standardized test)
Diagnostic Depth	Basic latency + throughput	Detailed TCP-level diagnostics
Target Audience	Researchers, engineers'	General users, policymakers

MSAK (Measurement Swiss-Army Knife)

Purpose: A flexible tool for measuring throughput and latency using configurable protocols.

• Throughput Test:

  • Uses a WebSocket-based protocol.

  • Supports multi-stream testing.

  • Configurable parameters include:

    • Number of streams

    • Congestion control algorithm

    • Test duration

    • Per-stream byte limits

• Latency Test:

  • Uses a UDP-based protocol to measure network latency.

• Use Case: Ideal for researchers or engineers needing customizable network performance tests across multiple dimensions (e.g., congestion control behavior, stream concurrency).

NDT (Network Diagnostic Tool)

Purpose: Measures single-stream performance for bulk data transport, focusing on upload/download speeds and latency.

• Metrics Reported:

  • Upload speed

  • Download speed

  • Latency (RTT)

  • Congestion indicators

  • TCP-level diagnostics (e.g., loss rate, retransmissions)

• Protocols:

  • ndt7: Uses TCP BBR or Cubic, operates over HTTP(S) ports.

  • ndt5: Legacy support using Cubic.

  • web100: Deprecated, used Reno TCP.

• Use Case: Best for users wanting a quick, standardized snapshot of their internet connection’s performance, especially for consumer advocacy or policy analysis.

How to fix ASP.NET Core Vulnerability HTTP request smuggling bug scores 9.9

• ASP.NET Core HTTP request smuggling bug scores 9.9
  
  
• ‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability
  
  
• CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes.

Microsoft fixes highest-severity ASP.NET Core flaw ever (bleepingcomputer.com)

What is HTTP request smuggling

How to fix the issue 

Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability · Issue #371 · dotnet/announcements (github.com) 

from above link for those without GitHub account

Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability

Executive summary

Microsoft is releasing this security advisory to provide information about a vulnerability in ASP.NET Core 10.0 , ASP.NET Core 9.0 , ASP.NET Core 8.0, and ASP.NET Core 2.3. This advisory also provides guidance on what developers can do to update their applications to address this vulnerability.

Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.

Discussion

Discussion for this issue can be found at dotnet/aspnetcore#64033

Mitigation factors

Microsoft has not identified any mitigating factors for this vulnerability.

Affected software

• Any ASP.NET Core 10.0 application running on ASP.NET Core 10.0.0-rc.1.25451.107 or earlier.
• Any ASP.NET Core 9.0 application running on ASP.NET Core 9.0.9 or earlier.
• Any ASP.NET Core application running on ASP.NET Core 8.0.20 or earlier.
• Any ASP.NET Core 2.x application consuming the package Microsoft.AspNetCore.Server.Kestrel.Core version 2.3.0 or earlier.

Affected Packages

The vulnerability affects any Microsoft .NET Core project if it uses any of affected packages versions listed below

Package name	Affected version	Patched version
Microsoft.AspNetCore.Server.Kestrel.Core	<= 2.3.0	2.3.6

ASP.NET Core 10

Package name	Affected version	Patched version
Microsoft.AspNetCore.App.Runtime.linux-arm	10.0.0-rc.1.25451.107	10.0.0-rc.2.25476.107
Microsoft.AspNetCore.App.Runtime.linux-arm64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25476.107
Microsoft.AspNetCore.App.Runtime.linux-musl-arm	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.linux-musl-x64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.linux-x64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.osx-arm64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.osx-x64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.win-arm	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.win-arm64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.win-x64	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107
Microsoft.AspNetCore.App.Runtime.win-x86	10.0.0-rc.1.25451.107	10.0.0-rc.2.25502.107

ASP.NET Core 9

Package name	Affected version	Patched version
Microsoft.AspNetCore.App.Runtime.linux-arm	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.linux-arm64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.linux-musl-arm	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.linux-musl-x64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.linux-x64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.osx-arm64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.osx-x64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.win-arm	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.win-arm64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.win-x64	>= 9.0.0, <= 9.0.9	9.0.10
Microsoft.AspNetCore.App.Runtime.win-x86	>= 9.0.0, <= 9.0.9	9.0.10

ASP.NET Core 8

Package name	Affected version	Patched version
Microsoft.AspNetCore.App.Runtime.linux-arm	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.linux-arm64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.linux-musl-arm	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.linux-musl-arm64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.linux-musl-x64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.linux-x64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.osx-arm64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.osx-x64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.win-arm	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.win-arm64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.win-x64	>= 8.0.0, <= 8.0.20	8.0.21
Microsoft.AspNetCore.App.Runtime.win-x86	>= 8.0.0, <= 8.0.20	8.0.21

Advisory FAQ

How do I know if I am affected?

If you have a runtime or SDK with a version listed, or an affected package listed in affected software or affected packages, you're exposed to the vulnerability.

How do I fix the issue?

1. To fix the issue please install the latest version of .NET 9.0 and .NET 8.0. If you have installed one or more .NET SDKs through Visual Studio, Visual Studio will prompt you to update Visual Studio, which will also update your .NET SDKs.
2. If your application references the vulnerable package, update the package reference to the patched version.

• You can list the versions you have installed by running the < class="notranslate" style="background-color: var(--bgColor-neutral-muted, var(--color-neutral-muted)); border-radius: 6px; box-sizing: border-box; font-size: 11.9px; margin: 0px; padding: 0.2em 0.4em; tab-size: var(--tab-size-preference); white-space: break-spaces;">dotnet --info

 command. You will see output like the following;

.NET SDK:
 Version:           9.0.100
 Commit:            59db016f11
 Workload version:  9.0.100-manifests.3068a692
 MSBuild version:   17.12.7+5b8665660

Runtime Environment:
 OS Name:     Mac OS X
 OS Version:  15.2
 OS Platform: Darwin
 RID:         osx-arm64
 Base Path:   /usr/local/share/dotnet/sdk/9.0.100/

.NET workloads installed:
There are no installed workloads to display.
Configured to use loose manifests when installing new manifests.

Host:
  Version:      9.0.0
  Architecture: arm64
  Commit:       9d5a6a9aa4

.NET SDKs installed:
  9.0.100 [/usr/local/share/dotnet/sdk]

.NET runtimes installed:
  Microsoft.AspNetCore.App 9.0.0 [/usr/local/share/dotnet/shared/Microsoft.AspNetCore.App]
  Microsoft.NETCore.App 9.0.0 [/usr/local/share/dotnet/shared/Microsoft.NETCore.App]

Other architectures found:
  x64   [/usr/local/share/dotnet]
    registered at [/etc/dotnet/install_location_x64]

Environment variables:
  Not set

global.json file:
  Not found

Learn more:
  https://aka.ms/dotnet/info

Download .NET:
  https://aka.ms/dotnet/download

• If you're using .NET 8.0, you should download and install .NET 8.0.21 Runtime or .NET 8.0.318 SDK (for Visual Studio 2022 v17.10 latest update) from https://dotnet.microsoft.com/download/dotnet-core/8.0.

• If you're using .NET 9.0, you should download and install .NET 9.0.10 Runtime or .NET 9.0.111 SDK (for Visual Studio 2022 v17.12 latest update) from https://dotnet.microsoft.com/download/dotnet-core/9.0.

• If you're using .NET 10.0, you should download and install .NET 10.0.0-rc.2.25476.107 Runtime or .NET 10.0.100-rc.2.25476.107 SDK (for Visual Studio 2022 v17.12 latest update) from https://dotnet.microsoft.com/download/dotnet-core/10.0.

• If you're using Microsoft.AspNetCore.Server.Kestrel.Core nuget package, update to the latest version 2.3.6 using either of the following methods:

  • Using the NuGet Package Manager UI in Visual Studio:
    - Open your project in Visual Studio.
    - Right-click on your project in Solution Explorer and select "Manage NuGet Packages..." or navigate to "Project > Manage NuGet Packages".
    - In the NuGet Package Manager window, select the "Updates" tab. This tab lists packages with available updates from your configured package sources.
    - Select the package(s) you wish to update. You can choose a specific version from the dropdown or update to the latest available version.
    - Click the "Update" button.

  • Using the NuGet Package Manager Console in Visual Studio:
    - Open your project in Visual Studio.
    - Navigate to "Tools > NuGet Package Manager > Package Manager Console".
    - To update a specific package to its latest version, use the Update-Package command:
    Code:

          Update-Package -Id Microsoft.AspNetCore.Server.Kestrel.Core
    

  • Using the .NET CLI (Command Line Interface):
    Open a terminal or command prompt in your project's directory.
    To update a specific package to its latest version:
    Code:

          dotnet add package Microsoft.AspNetCore.Server.Kestrel.Core
    

Once you have installed the updated runtime or SDK, restart your apps for the update to take effect.

Additionally, if you've deployed self-contained applications targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed.

Other Information

Reporting Security Issues

If you have found a potential security issue in .NET 8.0, .NET 9.0 or .NET 10.0, please email details to secure@microsoft.com. Reports may qualify for the Microsoft .NET Core & .NET 5 Bounty. Details of the Microsoft .NET Bounty Program including terms and conditions are at https://aka.ms/corebounty.

Support

You can ask questions about this issue on GitHub in the .NET GitHub organization. The main repos are located at https://github.com/dotnet/aspnetcore. The Announcements repo (https://github.com/dotnet/Announcements) will contain this bulletin as an issue and will include a link to a discussion issue. You can ask questions in the linked discussion issue.

Disclaimer

The information provided in this advisory is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.