{SCAM ALERT}! TotalAV a Total SCAM?

Several readers have brought to my attention a suspicious security suite named Total Av. One of them was fairly certain that it’s a scam, and shared evidence to back his opinion. My own research also leads me to believe Total Av should be avoided, along with a few of its sister products, AND a bogus antivirus review site that I discovered. Read on to understand why…

A Whole Lotta Scammin’ Goin’ On

Total AV is touted as number one by the “review” site Top10BestAntivirus.com, which I now believe is a bogus enterprise that exists only to steer traffic to sketchy sites in return for money. There are many such “best this” and “top 10 that” sites out there, and I don’t trust any of them.

One reader says he installed Total AV atop Windows 7 running in a virtual machine. That means he created a pristine copy of Win 7 and the “virtual computer” on which it ran, eliminating almost any chance of malware being slipped onto his physical machine at any point between OEM and consumer. He ran scans using the free versions of five brand-name anti-malware suites and found nothing amiss: no viruses, Trojans, rootkits, spyware, etc.

But Total AV found lots of malware, and threw up scary alerts urging him to pay $49 for “total protection.” Hmmm…

I installed Total AV on a test PC running Win 7, and created an account on TotalAV site. The first alarm bell that went off in my head was triggered by the password creation process. This security suite has no password rules! I chose a weak password – short, all alphabetic characters, all lower-case – and TotalAV.com accepted it without question.

Curious, I did a who-is search to see the domain registration record of TotalAV.com. I expected to be frustrated by one of those domain registration proxies that hide the true people behind a domain. This is a basic security measure implemented by nearly everyone who registers a domain, to prevent spamming of system administrators, tech support and billing staff. But TotalAV doesn’t use a registration proxy! Its contact for all functions is in plain sight, complete with a person’s name, street address, phone number, and email address. It’s possible those details are bogus as well.

In TotalAV’s end-user license agreement, I learned that it is a product of UK-based SS Protect, Ltd. Sister products mentioned include ScanGuard and PC Protect. That was enough to make up my mind about TotalAV.

as recently as January 1, 2018. Readers who paid $49.99 for “total protection” soon found ScanGuard asking for $149.99 for “enhanced protection.” ScanGuard is definitely a scam.

Guess what? So is PC Protect, and so is TotalAV. Even their user interfaces look much alike, and their “workflows” are identical. Make it easy (too easy) to install and run the program. Run a bogus busy-work “scan” for malware, viruses, system vulnerabilities, junk files, sub-optimal Windows settings, and so on. Tell the victim a scary story about threats that don’t exist. See if he’ll cough up a little money, then lean hard on him for more.

Also telling is the fact that Top10BestAntivirus.com lists TotalAV, PC Protect, and ScanGuard as #1, #2 and #4 on it’s page of The Top 10 Best Antivirus Software 2018. That tells me one of two things for sure. Either this site is run by SS Protect as a dishonest plug for their own products, or they are being paid by SS Protect to promote those three obviously scammy products.

PCMag’s reviewer, Neil J. Rubenking, did not concern himself with the legitimacy of TotalAV at all, giving it a 3-star rating. He just tested the program as if it came from Microsoft, Apple, or some other presumably impeccable source. He did much more exhaustive testing on TotalAV than I care to do on an obvious scam. His summary of TotalAV is telling:

“TotalAV came on the scene less than a year ago (in late 2016)… none of the independent antivirus labs have put it to the test, and in some of my own hands-on tests, it scored poorly. Without the inclusion of the VPN, I wouldn’t have been able to give it a three-star rating.”

So would he have given it two stars, or one? If TotalAV has not been tested by independent labs such as AV-TEST and AV-Comparatives, it’s because SS Protect Ltd. has not submitted its software to the labs for testing. Any competent software reviewer should know that.

I’m going to go with “no stars.” My advice is to stay away from Top10BestAntivirus.com, TotalAV, PC Protect, and ScanGuard. And if you should find the name “SS Protect, Limited” in any program’s policies, run for your digital life!

Thanks to Bob Rankin for this heads up!

Have a great week from the ZI staff

Are You in the 14 Percent Club?

Forty years after the first spam email was sent, it is still the favorite tool of crooks and criminals online. A new report from the Finnish security group, F-Secure, reports that spam is the most common method used to distribute malware, malicious URLs, scams, and other bad news. Read on to see if you’re in the ’14 percent club’ and some of the tell-tale indicators of malicious emails…

Spam: Still Number One With Crooks

You’ve got software to protect your computer from viruses, spyware, ransomware, and rogue websites. You’re careful to keep all your software up to date. Your identity theft spider sense tingles with every suspicious phone call. But then that innocent-looking email pops into your inbox. It appears to be from your friend, your bank, or your favorite online store.

You click, and you’ve been had. Spam is still the most effective attack vector for hackers and online criminals, according to new research from F-Secure and MWR Info Security finds.

“Of the spam samples we’ve seen over spring of 2018, 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites,” says Päivi Tynninen, Threat Intelligence Researcher at F-Secure. As usual, cyber-criminals are taking their cue from water — traveling along the path of least resistance.

As software vulnerabilities are closed and anti-malware suites grow more capable, spam becomes relatively more effective compared to hacking and exploitation of software vulnerabilities. Spam still is infinitely scalable, too; it costs nearly nothing to blast out millions of spam emails from a compromised machine, and spam-bot networks of thousands of slave machines are commonplace.

While success still depends on spewing out millions of spam emails to get a handful of “bites,” spammers are constantly refining their techniques and improving their batting averages.

Spam Click Rates are Increasing

“Spam is becoming an increasingly successful attack vector, with click rates rising from 13.4% in the second half of 2017 to 14.2% in 2018,” says Adam Sheehan, Behavioral Science Lead at MWR Info Security. His firm, which was acquired by F-secure in June, 2018, develops a site called phishd that helps businesses audit and improve their anti-phishing efforts.

Among the insights that MWR provides are clues to what makes phishing spam successful:

  • The probability of a recipient opening an email increases 12% if the email claims to come from a known individual
  • Having a subject line free from errors improves spam’s success rate by 4.5%
  • A phishing email that explicitly states in its call to action that it is very urgent gets less traction than when the urgency is implied

Most users have finally learned not to click on email attachments sent by strangers, or any attachment that comes unexpectedly. So more phishing emails include URLs instead; people are still conditioned to click on links to see where they go, especially if the link says “click on this link…”

The link often does not lead directly to a malicious site, but to an innocuous site that redirects traffic to a malicious site. That way, the bad guy avoids detection by automated analysis software that previews links and compares them to known malicious URLs.

F-secure includes these and other tips for security-conscious people in its latest podcast entitled, “Ransomware Out, Cryptojacking In?” Other trends the company notes include:

Ransomware is down substantially as an attack vector. The demise of Adobe Flash is echoed in declines of malicious drive-by downloads. And exploit kits, bundles of malicious programs that work together to test and penetrate a company or home network, are also on a decline.

The good news is that with education and software, we have eliminated or limited many malware attack options to spam. The bad news is that spam still works. My best advice: Think twice before you click.

Have a great week from all of us at Zoha Islands


UPDATED: More Details on the Upcoming Ability to Change Your User Name in Second Life


Patch Linden added a bit more information to the recent announcement that Linden Lab was going to allow Second Life users to change their last names. He said, in a thread on the official Second Life user forums, that you would be able to change both first and last names:

It will be complete and total name changes, both first and surname.  Just to set expectations on this, it is a later this year item.

When asked if the change would be available to everyone, or just those with the Resident last name, he added:

It will be available to everyone.  ;)

And, in answer to yet another question about whether or not you could hide your name:

No hiding of names.  First name and surname combos will have to be unique like they are today.  A couple of other questions that came up – no re-use of retired names, once a name has been used, it belongs to that account forever.  We keep a transnational name change history.  Only standard English characters will be permitted.

Just to make it clear, this is an upcoming ability to change to the actual avatar name, not the display name. When asked about how this change will affect the display names of avatars (which can be updated once a week):

This has no affect on display names and largely I do not anticipate we will change how display names work.  If anything, it somewhat sunsets the need for them.

So, that makes everything a little clearer! Thanks, Patch! I predict that there will be a land rush on names once this feature is turned on for users. Being able to change both your first AND your last name (as long as somebody else doesn’t already have that combination) is a very nice feature to have!

UPDATE March 23rd: Inara Pey has a very detailed blogpost on this announcement by Linden Lab, with even more details:

The plan is to allow people to change their first and last name whenever they wish.

  • As with the “old” system, users will be able to choose whatever first name they like, then select their last name from a pre-set list of available names.
  • Once a name combination has been created, it is forever tied to that avatar, it cannot be used by anyone else, even if the “owner” later changes their name, or their account is deactivated.
  • Previous names will be retained by the system, so if you can remember someone’s previous name, you can search on that and get their current name.
  • As with the “old” system, this list of last names will be routinely changed with different names appearing on it.
  • To help keep the available names relatively fresh, the Lab is considering accepting suggestions from users.
  • It has not been determined if someone will be able to switch back to using a name they’ve previously used.
  • Unicode will not be supported when entering a first name.

Thanks, Inara!

SECOND UPDATE April 2nd: Inara Pey has posted more details on the upcoming ability to change your avatar name in her report on the Second Life Web User Group meeting of March 28th:

  • “Original / legacy” last names will not be re-opened for use.
  • New users joining Second Life will still be given the automatic “last name” of “Resident”, but have the option of changing if they wish.
  • The fee for name changes has not been announced, however, at this point the indication is that the fee will be in fiat currency (i.e. US dollars) not Linden Dollars.
  • One of the reasons the return of last names will take time to be implemented is that all of the SL web properties – like the Marketplace – have to be updated to recognise users as they change their names (something which applies across almost all of the SL services when you think about it).

Kim K. Using Second Life Avatars In Her Social Media Postings

Could this be the beginning of a new wave of Second Life users? We shall see.

Kim Kardashian Second Life avatars

From Kardashian’s Instagram feed

Turns out that Kim Kardashian Second Life avatar from last week wasn’t just a one-off to promote her perfume brand — Ms. Kardashian-West just posted this pic above featuring three SL avatars on her social media channels. And so many, many years after any major pop brand has integrated Second Life content into their media, Kim Kardashian remains an outlier. I really can’t think of a precedent to this; I mean, Drew Carey used to talk about his favorite Second Life creators on Twitter, but even Carey would agree that this Kardashian campaign is many multitudes more massive. The mystery is how it came to be.

Kim Kardashian Second Life avatars Instagram KKW perfumeKardashian’s official @kkwfragance perfume brand on Instagram has even more SL pics

I have, of course, reached out to Kardashian’s social media people, and will let readers know when/if I get a reply. By the way, some have speculated that these SL avatars are from her Kimoji mobile app, but having just downloaded it, that doesn’t seem to be the case. The Kimoji avatars all appear to be from IMVU — look:


Kimoji IMVU avatarsAnd indeed, this was actually announced a couple years ago:

IMVU, the social network with 3D animated avatars, said that it has provided the technology behind a new version of the popular Kimoji paid app created by Kim Kardashian West… “Kanye and I found this amazing social experience company, IMVU, and worked with them on creating some of our latest Kimoji designs and GIFs. They’re such innovators who have helped me really set Kimoji apart,” Kardashian wrote on her site.

So it’s even stranger that she’d switch from IMVU to SL for this new campaign. (Stranger still that her SL avatar looks less like Kim Kardashian and more like Cher, but that’s a topic for another post.)

Update, 4:40pm: Added links and pics to KKW’s perfume brand on Instagram (hat tip: Kirsten Corleone).

Is Low Memory Slowing Down Your Computer?

Like your brain, a computer works better when there’s plenty of memory available to execute tasks and process information. So let’s see how we can address a low-memory situation before it becomes a real problem…

Where Has All My Memory Gone?

Let’s try another analogy. Running low on RAM memory in your computer feels a lot like running low on gas in your car. The machine slows down dramatically; moves in starts and stops, jerkily; and eventually just stalls. Just as it’s best to heed the early warning signs of low gas, it’s easier to recover from the early stages of “low RAM” than from a complete lock-up of your computer. Here’s a tool that will shed some light on how your computer is using the RAM memory available.

Windows has a built-in Resource Monitor app that can track RAM use, quantify the effect that low RAM is having on your system, and help you determine what is chewing up that valuable resource. To start the app, type “resmon” in the Start menu search box and double-click on the app in search results. Click on the “Memory” tab to display a busy screen full of information. (See image below)

In the right-hand sidebar are three real-time graphs of memory parameters. “Physical memory” refers to Random Access Memory (RAM), the solid-state memory on those little black chips you can replace to expand your system’s total RAM.

“Commit charge” is a cryptic term whose origin is lost in the misty dawn of the Windows era. Just think of it as the percentage of pagefile.sys that is being used at a given moment. (Pagefile.sys is a system file that reserves hard drive space to which data is temporarily moved from RAM to make room in RAM for other data that is needed immediately).

“Hard faults per second” is not as bad as it sounds, necessarily. It means the number of times per second that data is read from or written to the hard drive from RAM. A rate of 100 hard faults/second is no cause for alarm; a rate of 400 or more will probably be noticeable as a slowing of the system and the grinding sound of an overactive hard drive. Excessive hard faults per second lead to early drive failure at least; at worst, the system may lock up with its hard drive activity light on steadily.

In the grey “Physical Memory” bar in the middle of ResMon’s main window you can see how much RAM is in use and how much remains free. Above that bar is a table showing the many running processes that are using RAM. Here is where you can find out what, exactly, is chewing up a lot of RAM.

Click on the label “Working Set” to sort the running processes by the amount of RAM that each uses. Click on the “Image” label to sort on the process names.

If you use the Chrome browser, it’s almost certain that it will be your biggest memory-hog, with multiple instances of chrome.exe running. Closing tabs and windows will reduce Chrome’s total RAM consumption. Also, in Chrome’s Settings, you might disable “Continue running background apps when Google Chrome is closed”. Just be aware that offline apps for Google Docs, Sheets, etc., may crash when you exit Chrome if “background apps” are disabled.

In many cases, adding additional RAM memory is one of the most cost-effective upgrades for a performance boost. See my article Will More Memory Speed Up Your Computer? to find out if adding RAM is a good idea for your computing needs.

Chrome has its own Task Manager, which gives a lot more detail on each of the Chrome tasks. Press Shift-Esc from the Chrome window, and the Task Manager will show you the name of each website, app, or extension that’s active.

You could go down the list of processes in descending order of their RAM use, determining what each one does and whether it is safe to shut it down. (You can right-click an item, then select “End Process” to kill a running task.)

But few people have that much time, technical knowledge, or patience. Windows has a pretty good memory management system built right into it, so it’s unlikely that you are going to recover much more RAM by manual efforts. Just leave things be, except for the Chrome tweaks described above.

Oh, and for the sake of fairness, I used Internet Explorer and Firefox to replicate what I was doing this morning in the Chrome browser. After opening the same 9 tabs spread across two windows, I noted that the amount of RAM memory in use with Internet Explorer and Google Chrome, and Firefox was almost the same. So the bottom line might be that ALL browsers are memory hogs.

Well-written software frees the RAM that was reserved for it and its data when it shuts down. Sketchy freeware may not be so well behaved. Look especially hard at such software to see if the amount of physical memory available after it shuts down is about the same as it was just before the software started. If a program is “leaking” RAM, replace it with better-behaved software.

Have a great week from all of us at ZoHa Islands


SLB15 Meet the Lindens – Follow Up and Summary

Promotional poster for Meet the Lindens at SL15B. Credit: Linden Lab
It was most definitely interesting to sit in and listen to what each Linden who spoke had to say.  From learning about the future of Second Life, to the everyday workings behind the scenes,  I have found an article written by Inara Pey – that summed everything up beautifully- that I would like to take the time to pass on – she is a wonderful source of inspiration and news in second life – give her a follow!

Until next year!

Credits: Inara Pey

Meet the Lindens is now a regular part of the Second Life anniversary landscape. Over the course of the week of celebrations, it gives Second Life users the chance to find out more about the people working at Linden Lab, find out about projects and plans, and the work being carried out on Second Life and Sansar, ask questions about matters of interest / concern to them.

For Meet the Lindens 2018, Saffia Widdershins sat down with six members of the Second Life team, and also with Linden Lab CEO, Ebbe Altberg.

The six SL team members attending the sessions were:

  • Xiola Linden (Community team)
  • Brett Linden (Marketing)
  • Keira Linden (Land team) and Patch Linden (Snr Director of Product Operations)
  • Grumpity Linden (Director of Product for Second Life) and Oz Linden (Technical Director for Second Life).

Each of the sessions was recorded by SL4Live and made available through YouTube as a part of the SL15B sessions.

For those who prefer to read about what was said, I have produced this set of summary articles of the different sessions.

Please note that these are not intended as full transcripts; some topics came up more than once through the week, so I have tried to focus on subjects that were answered in the greatest detail within each session.

Audio extracts are included with each summary. These have been edited to remove pauses, repetitions, etc., with care taken to maintain the overall context of comments and answers.

The full video for each session is also embedded with each summary for completeness, and timestamps are included for each of the topics in a summary, and will open the relevant video in a separate browser tab, at the point at which the topic is discussed.

Table of Contents

Please use the links in the contents list to the right to jump to the topic summary that interests you, or to a specific topic within a summary.