How to remove the Alureon trojan

By Keane Ingram | Published: 8th March, 2011

I’ve recently had a struggle trying to remove some viruses from a laptop. It was initially presenting with a pop-up advising that the security software was out of date and that it was necessary to purchase the latest version – all designed to look like an official Windows warning. I was able to remove this with Malwarebytes’ Anti-Malware, but Avast was still alerting about something trying to access a malicious URL.

After unsuccessfully scanning with various programs, I next tried using Radix Anti-Rootkit.

Radix Anti-Rootkit in action

Radix Anti-Rootkit in action

This gave warnings about several processes that had been ‘hooked’, including Windows Live Messenger and ATI’s Catalyst Control Center. I uninstalled these (assuming that they had been infected) which cleared the warnings after scanning again, but there were still warnings which Radix couldn’t fix.

I tried scans with various other programs, but the one that finally did the trick was actually Microsoft’s Malicious Software Removal Tool, which after downloading and running gave the information that the laptop was infected with Alureon, and that it had been partially removed. Whilst not completely clearing the problem, knowing the cause of it was very helpful.

I finally removed Alureon using Kasperky’s TDSSKiller. This tool performed a scan then removed Alureon completely.

Kaspersky's TDSSKiller

Kaspersky's TDSSKiller

After rebooting, the laptop was finally clear of viruses. All that remained was to update everything to the latest version to try and prevent future exploits. I believe the cause was a dodgy PDF file – the laptop only had Adobe Reader 7 installed, but I’ve now updated this to version 10/X. I’ve also updated Flash and Java. Since then everything has been running smoothly!

Posted in Virus, Windows | Leave a comment

Keeping track of my Twitter followers

By Keane Ingram | Published: 1st March, 2011

I thought it’d be interesting to write a script to keep track of my Twitter followers, and notify me if someone stops following me. There are several existing sites which can do this for you, but I’m a bit wary about signing into random sites with my Twitter account (some of them will spam messages to your feed), and I also wanted to dust off my PHP coding skills so here was a decent opportunity.

The Twitter API provides a method to retrieve your follower list – the URL for my follower list is:

http://api.twitter.com/1/followers/ids/keanei.json

You can specify the format of the list by changing the extension – I went for JSON, but you can also choose XML, RSS or Atom.

To begin with, as a one-off, I retrieved my follower list and stored it in a MySQL database. Then, I coded a script to do the following:

  • Retrieve the follower list stored in the MySQL database, and store in an array called $oldFollowers.
  • Retrieve the most recent follower list and store in an array called $newFollowers.
  • If there are any new followers, retrieve their username and screen name using the Twitter API.
  • Compare $oldFollowers and $newFollowers – if there is a follower in $oldFollowers that doesn’t appear in $newFollowers then that person no longer follows me.
  • If there are any people who no longer follow me, send an email alert.

I’ve added a cron job to run this once a day. So far there haven’t been any problems and it’s running smoothly.

Update 5th August 2011: I’ve created a repository on github with the script and some SQL to define the required table. I mentioned above about the script sending an email alert, but in reality all it does is echo a message saying ‘xxx is no longer following you’, which is then emailed to me as the output of the cron job.

Posted in Development, Twitter | 8 Comments

Open tabs in background with middle click in Firefox

By Keane Ingram | Published: 17th February, 2011

I’ve recently switched back to using Firefox 4 beta from Chrome as the hardware accelerated rendering finally works on my laptop and it seems a lot less bloated and stable. However, I couldn’t find an option to force links that have been middle-clicked to open in a background tab – the default behaviour for a middle click is to open the link in a new tab which is immediately brought to the front.

The solution is to change one of the settings in the about:config page, which can be reached by entering ‘about:config’ in the address bar in Firefox. Then, enter ‘browser.tabs.loadDivertedInBackground’ into the Filter field which will display the setting. Double click and it will change to true:

about:config page
Now links that are middle clicked will open in a background tab. To change the setting back, repeat the above and double click the setting again to change it back to false.

Update 22/3/11: Since installing the final version of Firefox 4, I had to find the setting to change to open bookmarks in the background – this is ‘browser.tabs.loadBookmarksInBackground’.

Posted in Firefox | 3 Comments

My Link Order – reorder links in sidebar

By Keane Ingram | Published: 28th January, 2011

Surprisingly, I found that when adding links to the sidebar, I found that there was nothing built in to WordPress to change the order that they are displayed in. Luckily, a plugin is available that will do just that. It’s called My Link Order and allows you to drag and drop the links into the order that you desire.

I did have a problem originally, in that I was rearranging the links but not seeing any difference in the links displayed on my site. I was missing something completely obvious – My Link Order only arranges the order of the links if you use the My Link Order widget! So removing the Links widget and replacing it with the My Link Order widget fixed things for me.

Posted in WordPress | Leave a comment

Remove the page title from a specific page using Thematic and WordPress

By Keane Ingram | Published: 25th January, 2011

I’ve setup WordPress so that the front page is a static page rather than a blog. This is straightforward, but I had problems trying to remove the page title, because I didn’t want it to say ‘Home’ on the home page as it looked a bit out of place. I tried searching on Google for a solution, eventually I found a couple of things that in combination worked to do what I wanted – remove the page title and the white space so that the text wasn’t out of line with the top of the page.

The first step is to hide the heading for the title. With the Thematic theme, each page has it’s own unique identifier. My homepage has an id of 4, so to hide the h1 tag which contains the page title, I added the following to my child theme’s style.css:

#post-4 h1 {
display: none;
}

This removes the page title from that page, however there is still some whitespace which means the content of the page doesn’t line up with the sidebar. The whitespace belongs to the text inside a div which has a class of entry-content, so to remove the whitespace it’s necessary to change the padding-top value to 0. So I added the following to style.css:

#post-4 .entry-content {
padding-top: 0;
}

Now the text lines up correctly!

Posted in WordPress | Leave a comment