David L. Farquhar, computer security professional, train hobbyist, and landlord
If you’re like me and do some computer maintenance for families during holiday weekends, the time to plan Easter computer maintenance is now.
Here’s some stuff I recommend doing to keep your non-computer-enthusiast relatives’ systems running smoothly. Be sure to bring your own laptop along, just in case. If a computer is too broken to get online or to get online safely, nothing beats a working system for downloading the stuff you need to fix it.
Ars Technica made a bit of a splash this week with this provocative headline. This is real.
The article gives the usual advice, like not opening e-mail from strangers, not clicking attachments from strangers, and not visiting dodgy websites. That’s all good advice, as is staying off torrent and other file sharing sites, but even all that is not enough.
It’s not Facebook, it’s you. You’ve got malware. The malware is called Page Rage and Drop Down Deals. Head to this page to disable Page Rage, and this page to uncheck everything related to Drop Down Deals. And if you’re not infected, then no, I don’t suggest visiting either of those pages. Only go there … Read more
According to trusted antivirus vendor Sophos, there’s a rogue Facebook application, posing as an app that claims to reveal a way to see who’s been secretly viewing your profile.
It’s a scam. And it’s spreading rapidly. It posts messages on your wall and tries to get you to visit a spam site. Don’t fall for it, but if you already have, delete the fake messages it posts.
Here’s a real app I want you to install instead: Safego.
Sometimes it’s necessary to recover drive partitions because you accidentally repartitioned a drive you didn’t mean to, or because your MBR got infected or otherwise trashed. Here’s how to recover them, for free.
Infecting MBRs with malware is popular with virus writers again. And I fully expect chaos to ensue, because that’s what happened the last time there was more than one virus floating around that infected MBRs. They quit doing it for a good reason.
So here’s how to clean up the mess when an MBR gets infected, or when multiple infections blitzes the MBR and the hard drive loses the ability to boot, just displaying a message like Missing Operating System or Operating System Not Found.
We’ll be using the Gparted Live CD. Many Linux live CDs have the proper tools, but GParted works well and it’s a small download. You can try to use another Linux live CD, and it will work fine, but the icons might not all be where I say they are.
There’s a nasty rumor going around that if your computer gets infected with the Popureb rootkit, your only recourse is to wipe your MBR, reformat your hard drive, and reinstall (or run your factory recovery disk, which is essentially the same thing).
Not so fast.
Microsoft has released an antivirus/antispyware live CD that runs in the Windows PE environment called Microsoft Standalone System Sweeper. I wouldn’t use it as a full replacement for a Linux-based live CD from an antivirus vendor such as Bit Defender, which I’ve written about before. It is, however, a good supplement–a second opinion. Nothing catches everything, after all.
The idea behind all of these is to boot into a sterile environment to scan a dormant hard drive for things that evade or disable your normal antivirus software. The need for this grows just about every day, as there’s a lot of really nasty stuff out there these days. It’s not a substitute for normal antivirus software–it’s what you call on if and when normal antivirus software fails and a malware infestation prevents normal use of the computer.
Windows XP Repair is a fake system optimization and repair tool. It takes over the computer almost completely, and it’s a pain to remove. Worse yet, there’s at least one version floating around right now that standard no antivirus/antimalware tool I threw at it recognized.
Here’s how I removed it for someone.