amelierosalyn

Skip navigation

All posts tagged with "Internet"

XP Anti-Virus 2011 is a very clever virus

Have you ever had one of those fake antivirus things pop up on your computer? You know the type, "50,000 infections found! Click here to remove! *click* Pay $$$ to remove or you have viruses!!1". They're very convincing; usually they look like legitimate programs and/or parts of Windows. They prey on novice PC users who jump at the word 'virus' and think they have done something wrong.

I recently had the misfortune to meet one called XP Anti-Virus 2011 (not my computer that was infected, I was just tasked with fixing this particular one). This virus - and yes, I am calling it a virus even though it technically isn't one - is the nastiest rogue software I have seen yet, though I'm sure it's not the only one to run as it does. It's not new, despite the name - it's been around for years under various different names, mainly comprising of your version of Windows and the current year. So under Windows XP, you'd get XP Anti-Virus 2011 and under Vista you'd get Vista Anti-Virus 2011...etc.

Why is this particular one clever? Well, as I said, it's probably not just this one, but what this program does is to change how .exe files are run on your computer. On Windows, .exe files are normally programs; nearly all executable files will have that extension. Mr Nasty Virus here reroutes all .exe files to run through itself - and it'll block any it doesn't like. Those it doesn't like include almost all legitimate antivirus/antispyware scanners and certain web browsers as well - it didn't seem to stop Chrome but it put a stop to Internet Explorer in any case and kept reopening itself informing me that the computer had too many viruses and I must click here to register and remove threats. That of course makes removing this piece of rubbish a right pain since, well, it doesn't let you. :P Of course, it did everything else these fake programs do - nice threatening messages, cloned the Windows Security Center but plonked itself there instead, typical antivirus program look... All very lovely.

I removed it by following a mixture of guides online - this guide is one of many that explains the basic steps (note the insertion of the license key in those steps - once you do this the program will act as if it removes the viruses and/or itself. Ha - I restarted and it came back up an hour later saying my registration needed confirming and I still had threats). Once you've got rid of it, make sure to update your real antivirus/antispyware protection and run a full scan to make sure it really has gone. A lot of those guides keep trying to push a download of SpywareDoctor (normally labelled as the "remover" for the viruses)... I've never found that program anything more than bloat, personally - I removed the items manually then ran MalwareBytes' Anti-Malware on a full scan to make sure all traces had gone.

How do you protect yourself from getting fake antivirus software on your computer? Here are a few tips:

  1. Know what your real antivirus software is (and firewall, if you have one), what it looks like and how to run it. If a window pops up saying you have viruses but it doesn't look like your normal AV software, it is more than likely fake.
  2. Use a browser other than Internet Explorer, or if you like IE, keep it up to date. XP Anti-Virus and its variants creep in through unpatched vulnerabilities in browsers - mostly IE.
  3. Keep Windows up to date. I know, Windows Update is a right pain and sometimes its updates take ages to download/install and sometimes break things. However, some of the updates do fix holes in the operating system so that fake AV stuff can't get in as easily.
  4. Don't click on dodgy links. Got some weird email from your friend with a link in it? Might be worth checking they really sent it and didn't get their email account hacked with virus-infested site links now being distributed through it (it happened to me last year - my email account got hacked and my contacts all received some virusy links :( )
  5. If a message does pop up about viruses on your computer, read what it says carefully. In most cases, fake AV software is in broken English with poor grammar and spelling (e.g. "threat is been discovered on your computer"). If your computer's primary language isn't English and this rubbish shows up in English, that's also a giveaway right there.
  6. If you do happen to get one of these fake programs on your computer, don't click on any notice it gives you. Click the X button at all times, don't click any buttons it gives you on screen - in getting rid of the millions of popups it was giving me, I inadvertently clicked on what I thought was a cancel button - it tried to send me to some dodgy website. Ick.

Facebook knows all about you... Even if you don't know about it.

I might be late to this but it's something I discovered recently.

Let's take a fictional character and call them Joe Bloggs. Joe doesn't subscribe to all that fancy schmancy internet nonsense and has no clue what a 'Facespace' or a 'MyBook' is. He checks his email every now and then and might browse the web from time to time, but that's all he really does on the internet.

So imagine his surprise when he gets an email from some Facebook thing telling him he should sign up, because all his friends are on it. He'd dismiss it, only - it really is listing all his friends. How can Facebook know who his friends are? How does it know that Jane Bloggs is his sister and John Bloggs is his father? How does it know so much about him when he knows nothing about it?

The answer is that Facebook collects emails and search habits. You know that 'enter your email details to search your contact list for friends on Facebook' feature? Be careful with it. Facebook keeps all the addresses it finds and associates them with you. If you've got those email addresses in your contact list, they must be your friend, right? Repeat this for all the other members on Facebook who are doing the same thing and Facebook can build up a pretty good picture of who you are.

Facebook also allows you to list various family members on your profile, and if said member doesn't have a Facebook profile, it asks for their email address. Facebook then knows when someone invites you to Facebook that you're the brother of X and the father of Y and whatever else.

Facebook's privacy has come under fire recently and I'm not surprised - I admit to using the email search feature when I first joined Facebook and nowhere do I remember it saying it would collect all my contacts' email addresses and retain them in order to guilt-trip other people into joining. I had another look at it recently (without actually entering my details, of course) and I still didn't see it. Admittedly, I have not read their very long and very complicated privacy policy in some time so it is likely to be mentioned there.

Am I going to delete my Facebook profile after this? I'm not sure. It is a great way to keep in contact with people I haven't spoken to in years but if it's profiling me behind my back, I'm not sure I agree with that. Facebook are by far not the first or only company to do this, of course, but they are so far the most high-profile and media attention-worthy. With millions and millions of members, they can make some hefty $$$ from all this if they really wanted to (and there are rumours that they do want to. Imagine what advertisers could do with that data!). Then again, if I did delete my profile, Facebook never really deletes a profile in case you want to reactivate it. So they've got my info anyway, whether I gave it to them or not, and whether I want it there or not. Fun.

Scary stuff, if you ask me.

Why I hate your tutorial: Useless Tutorials part 2

Tutorials. Everyone has them (ok, so not everyone. But a lot of people - even I had some... and for far too long, I might add). They bulk out the content of the average site and which makes the site look more important and useful and the site owner feels better about themselves, knowing they're helping people out.

The point of a tutorial is that it should help people out. It should take them through, step by step, instructions on how to perform a particular task which would otherwise be demanding and/or difficult. It should be clear, to the point, and easy to follow.

Let's take Jane Jones, a fictional website owner who loves writing tutorials. She writes them about anything and everything; Photoshop, HTML, CSS, JavaScript, PHP, you name it. She copied wrote all the iframe and blur effect tutorials first, dontchaknow. Anyway. Jane Jones comes across a script she likes - it takes text entered in a form and stores it in a database. She hasn't written a tutorial for at least a day now and she really loves this new script she's found, so she decides she'll write a tutorial for it.

She could start by writing about how the form could be extended - adding an extra field, for example. She could also write about how you can jazz up the layout a bit, for those who don't know how to do it. But this is all far too advanced for Jane... She starts with the traditional installation tutorial. "Create a database, see my other tutorial for details," writes Jane. "Then upload all the files. That's it!". Yay, one tutorial done. Second tutorial: "How to add text. To add text, write in the box and then press ok. That's it!". Next one: "How to delete text. To delete text, click the delete button. You're done!"

Let's say I'm using the script Jane has written the tutorial about. What have I learned here? I already know how to add text - it's fairly obvious, and anyone with half a brain would have guessed that you enter text in the box and then click the button. Even the most dim-witted person in the world would be able to guess that clicking 'delete' would, oh, I don't know, delete text?

So I ask you this: as a site owner, why are you writing that tutorial? Because you feel like sharing knowledge? Because you think that explaining the way you did something would help others? Or is it because you want more content? Or even because your hits are low and you want more on your site to keep them entertained?

Does your tutorial point out the obvious? Is it actually teaching anything? Writing a tutorial of the type Jane wrote above will insult the intelligence of your visitors. People will read it and wonder why you bothered writing it.

(And no, before anybody asks, this is not directed at anyone or any tutorial in particular. I see these sorts of tutorials all over the place and they do my head in.)

Older Entries