Posted on: July 30th, 2010 by Famous Phil

Today’s blog kind of got pushed to the top of my to do list after I finally obtained a virus that I have been trying to get now for the past year and a half!  This basically deals with a type of malware which comes from advertisements on websites you visit. For many years now, I have always wondered, how can someone walk into my room, get on my computer, and have a virus on it within 5 minutes.  After all, I haven’t gotten a virus now in at least 5 years!!!  Is it the surfing habits of people, or is it just that I don’t visit “those” types of sites.  I’m going to go into a little detail today about what I’ve found out.

At one point or another, I’d say that at least half the population that uses a computer has seen some sort of a virus.  The most popular virus as of late (I’m talking the past 2 years) is the Antivirus 20xx Virus.  Its usually labeled Antivirus 2008, 2009, or 2010 and looks like an antivirus program.  The only trick is that it isn’t.  I’ve always wanted to figure out how this virus enters the computer because I’ve seen it so much now that I’ve become an expert at removing it without tools.  I’ve also given a few lectures (as a Teaching Assistant) on viruses, but without the virus as an example, it is really hard to show how infections occur and how to prevent them.  So instead, I just gave the usual lecture about run Windows Updates, Antivirus protection, and use Firefox or Google Chrome instead of Internet Explorer.

So now, lets get into how I actually found the virus.  Yesterday, I was talking with my friend, John, about the normal crap we talk about and John brought up that he was fixing a Windows XP machine that was infected by Antivirus 2010.  He mentioned that it was a popular virus (which I already know).  Up until that point I have fixed at least 10 computers with the same infection.  The only common thing I could come up with between them (in most cases) was that the user had Yahoo! set as their homepage, Windows update was seldomly ran, and Internet Explorer was the main browser.  John also came up with very similar characteristics.

Normally I give a walk through to everyone who I repair computers for that includes click ok to any updates to symantec antivirus and windows updates, this is what that screen will look like, etc.  Contrary to popular believe, some of the biggest updates DO NOT get installed automatically for Windows.  For example, internet explorer 8 right now is considered a non vital update, so is Windows Vista Service Pack 2.  Both of these updates take a long time to install and require the user to initiate them.  To do so, the user should get in a habit of running Windows Updates monthly at the very least to manually check for these updates that don’t automatically install.

Yesterday, as a test, John left Yahoo open in Internet Explorer on his fully updated computer and he noticed that a risk was found.  After hearing that, I too ran a similar test.  I follow all of my instructions and I verified that my computer had the latest version of everything.  I managed to find a risk within 5 minutes of simply reloading the yahoo page.  This completely shocked me and confirmed what 2 of my last customers said they were doing when they got the virus (working on Yahoo Mail).  The risks that I found could easily give me the virus that I’ve looked for.  Of course, I’m a bit smarter than most and I killed the Internet Explorer window through the task manager when the risk showed up.  I will still probably restore my computer though a hard drive clone I made a month ago to verify that nothing bad did happen.

I always thought that the culprit was free porn and file sharing (emule, limewire, torrent, etc).  I have always known that free videos and music can contain malicious software on the inside encoding that can cause your computer to execute a virus installer.  I never thought that this could happen from viewing a simple advertisement.   So now that I know the culprit, is there anything you can do to protect yourself?  Of course there is.  First, I strongly encourage you to dump Internet Explorer.  I have never seen “Internet Explorer” and “Secure” used in the same sentence with correct grammar (there is no correct way to put those 2 into the same sentence truthfully).  The first step to protect yourself is to Goto http://www.getfirefox.com or http://chrome.google.com and download Firefox or Chrome, then install it.  I personally like Firefox more, but others push Chrome too.

Now comes the controversial part of the solution.  The internet is mostly ran on Advertising (sadly) meaning that there is a lot of controversy with blocking advertising.  FamousPhil is a more a hobby site so I never intend on having advertisements on this site that I don’t have full control over.  Sadly, some of the biggest sites, including Yahoo, Fox, Google, and others have malware placed within their dynamic ads (as per my testing).  It may or may not be any fault of their own (there are hackers out there), but malvertising is a major security risk.  I have always run an ad blocker (which is probably why I have never gotten anything).  My reason has always been that I’m on a slow connection and without ads, my internet is so much faster.  Therefore, I have never strongly recommended ad blockers until today, but I always put them onto comptuers that I fix for clients.  Now I feel that without ad blockers, this malware will get into the computers of innocent people.  Being a computer technician, I really hate seeing the same problem / computer over and over.

So with that said lets apply an adblocker to your browser of choice above.  To install an adblocker for firefox, simply open up firefox and goto tools -> addons.  Search for the addon “adblock plus”.  Install that addon and restart the browser.  Upon restart, you should see a screen asking what filter you want.  I am an avid fan of “easylist usa” which blocks just about everything that is advertising related.  For chrome, you want to click on the wrench (tools) and goto extensions.  Then you want to browse the gallery.  The first adblock by gundlach is the one you want to click on.  Then click the install button.  The extension will pop up a window that says install, so install it.  After that window goes away, simply exit google chrome and go back into it.  Ads should now be gone.

I really hate having to recommend blocking ads, but hopefully after enough people block ads, the advertisers will realize that their ads are doing more damage than good and will fix that.  Until then, If you want to avoid viruses and crap, I’d strongly recommend using one.

Tags: ads, advertising, antivirus 2010, malvertising, malware, virus, yahoo
Posted in Technology
|| 11 Comments »

Posted on: June 8th, 2009 by Famous Phil

In this post I’m going to detail my first week with the MagicJack. This device converts a USB port into a Phone Jack that is compatible with any landline phone that you might have around the house.  I will touch on clarity and ease of use.

Read the rest of this entry »

Tags: call, clearity, evdo, landline, magicjack, skype, university at buffalo, voip, yahoo
Posted in Mobile Technology, Technology
|| 3 Comments »