JAVA update? Not from THIS source!

First things first: Only download your software from proper, official websites. For example:

Software Proper download address
Java www.java.com or java.com
Adobe Reader www.adobe.com or adobe.com
Adobe Flash Player www.adobe.com or adobe.com

These are just three off the top of my head, for starters.

Never let yourself be tricked into downloading software, or updates for your existing software, from other sources than the original ones. It’s easier than you’d like to think to suddenly have a virus or other malware on your hands, instead of a new version of a program which you thought you were downloading.

Now to the chase:

Lately, as in the last couple of days, I’ve seen a warning pop up in my web browser now and then, saying my copy of Java is out of date and must be updated. Whether I accept or decline, it takes me to a webpage where allegedly I can download the latest version of Java. The website looks like this:

If you look at the address bar at the top you will notice that this is not www.java.com, which is the official site, but a different page called www.javainstall.org (link deliberately not working). This should set off warning bells (or preferably warning claxons). The page certainly looks legit, but the address is a clue that something is wrong. Do not download from there!

As far as I can tell, this fake update alert is triggered by ads on various websites. Truth to be told, I have not actually checked the offered download to see whether it contains malware, but I see no reason why it should be trusted.

This is the legitimate download site for Java:

Notice that the address bar says http://java.com which is the proper address (with or without the traditional “www.” at the beginning).

Even so, Java itself tends to tell you if it needs to be updated. Every time you start your computer, if Java is installed, it will check with java.com whether there is a newer version available, and if there is, you will get a message in the shape of a speak bubble above the system tray in the bottom right hand corner of the screen. Like this:

If you’re still in doubt, you can easily check with java.com whether the update alert is real. Go to java.com and click the “Do I have Java?” link below the big red Download button, which’ll take you to this page:

Complete the “Verify Java Version” test and follow the recommendations. Either you already have the latest version, in which case you need to do absolutely nothing, or you need to update it, and there’ll be a link to do that, too.

Safe surfing, folks! 🙂

Norton doesn’t like ATI Tray Tools anymore

Norton Internet Security has taken to blocking ATI Tray Tools after last time I installed Windows 7 on my computer. It does so not on the grounds that it seems dangerous (Norton itself states that it considers the security risk level to be “low”), but rather that fewer than 50 users in the Norton community uses this program. I find myself questioning this approach to determining how dangerous a piece of software is.

I use ATI Tray Tools mainly to monitor the CPU and GPU temperatures to avoid shutdowns due to overheating when playing Modern Warfare 2 and other games on my laptop which occasionally has problems keeping itself cool when the going gets tough and the polygon rendering too heavy.

Under “File Actions” Norton states that it has blocked access to “c:\windows\system32\drivers\driver_bin64”, which is a folder that doesn’t really exist (as far as I can see), but I assume that ATI Tray Tools checks to see whether it is there, and that this query triggers Norton’s nanny-reflexes.

The quick and simple (did I mention dirty?) solution is of course to disable Norton Antivirus Auto Protect, which stops Norton from making a fuss when ATI Tray Tools is running, but also removes most of the protection that you have Norton for in the first place. Not a good plan.

The more thorough and, I hope, correct way to do it is as follows:

Note: This worked on my computer running Windows 7/64 bit on a Toshiba Satellite A300-1iE, using the Norwegian version of Norton Internet Security 2011, and it is the only system I have tested it on. I cannot guarantee that it will work on your setup, and although I’m fairly certain that there is little or no risk I cannot guarantee that following these directions will not harm your system. Proceed at your own risk!

  • Open Norton Internet Security.
  • Click on ‘Settings’ at the top.
  • Scroll down to ‘AntiVirus and SONAR Exclusions’, next to ‘Items to exclude from Auto-Protect and SONAR Detection’ click on ‘Configure [+]’.
  • Click on ‘Add’, enter ‘c:\windows\system32\drivers\driver_bin64, and leave ‘Include subfolders’ checked, then press ‘OK’.
  • Click ‘OK’, then ‘OK’ again to exit Settings.
Start ATI Tray Tools and see if it will run. If not, uninstall ATI Tray Tools, restart your computer, then install ATI Tray Tools again with administrator privileges.

Norton doesn’t like NotepadCrypt anymore

It seems that I can no longer use Norton Internet Security’s SONAR feature. Why? It keeps deleting my favourite text editor, NotepadCrypt, on the grounds that “fewer than 100 users in the Norton community have used this file”. It offers no other explanation.

I couldn’t care less if I’m the only NotepadCrypt user in the Norton community. The least I would expect is more detailed information as to what it has done that warrants its removal. I’ve used Norton Internet Security and NotepadCrypt together for years, and this has never been a problem before.

I can tell Norton to restore the file, and ask that it shall NOT be included in future searches, but it still gets deleted the next time I try to open it. And since it’s my favourite text editor, it tends to get opened a lot.

There appears to be no other way to exclude NotepadCrypt from searches, nor a way to tell Norton that the file is in fact safe. Indeed, when I use Norton to search the NotepadCrypt for viruses, it discovers no threats whatsoever.

I’m a bit puzzled.

UPDATE: Finally it seems that Norton has agreed to leave NotepadCrypt.exe alone. An automatic search-while-inactive trapped it again, but this time when I asked for that file to be excluded from future searches it surprised me by doing as I told it. Sonar no longer kicks in when I open it. Apparently persistence pays off. (13. Dec. 2010)

%d bloggers like this: