Security: Removing Threats
The first two sections on security dealt primarily with avoidance and, to some extent, discovery. This third section covers the Now what? phase. If your computer is infected, the next step is to eliminate the infection. That might be as easy as running ComboFix or Malwarebytes' Anti-Malware, or you may find that you need to format the hard drive and reinstall everything. (Ugh!) That's why it's so important to avoid this stuff rather than recover from it.
Before you start attacking a problem, it's important to assess the situation. Firefighters, medical professionals, and police are trained repeatedly on the importance of understanding what the problem is.
One good first step, if you think there's a problem, is to disconnect your computer from the LAN, if you have one. That might stop the problem from spreading to other computers on the network. Even if you're not on a LAN, pull the plug on the Internet until you can examine the situation. If the malware is sending your personal or financial information to someone, you want that to stop. Now.
This, by the way, is a good time not to search the Internet looking for a cure. Any search for malware removal tools is likely to produce several hits for organizations that will actually install malware on your computer.
Bleeping Computer is a trusted location where you'll find tutorials for removing specific threats. A visit to Bleeping Computer is a good second step if the quick-and-easy solution I'll describe next doesn't work.
The Quick-and-Easy Solution
Two applications can be combined to remove many threats: ComboFix and Malwarebytes' Anti-Malware.
WARNING!
Use the link above to obtain ComboFix. Do NOT perform a search for it. The author of the application specifically indicates that ComboFix.org and ComboFixDownload.com are in no way associated with the application.
Before running ComboFix, you should be aware that it may render you computer non-functional. That said, it's also your best chance to return the computer to normal operation without having to format the drive.
ComboFix is such a powerful tool that I don't want to run it on a computer that's not infected. Because of that, you won't see any screen shots in this section.
Download ComboFix to your computer's desktop. Also download Malwarebytes Anti-Malware, but don't try to install it. Then disconnect the computer from the Internet and either turn off or uninstall any antivirus application.
Reboot the computer in Safe Mode (without networking). To do this, press F8 as the computer is starting and choose Safe Mode. The computer will operate very slowly and the display will be ugly.
Before trying to run ComboFix, rename the file. Some malware applications watch for attempts to run ComboFix and try to shut it down. Select the icon, press F2, and name it with a few random characters. It doesn't matter what you call it because you'll delete it after it does its job.
Close all open windows. Shut down any processes that are running (particularly protective applications). Then double-click the ComboFix icon to start the program.
The next step is difficult: Sit in front of the computer and do not touch the mouse or the keyboard. ComboFix must not be interrupted. It will attempt to create a restore point, search for malware, and delete any bad applications it finds. Along the way, it may ask you to perform a few actions. Read the instructions carefully and follow them precisely. At the end of the process, ComboFix will create a report. Be patient; creating the report takes many minutes. Do not interrupt the process.
ComboFix will then restart the computer. Don't rush the process and do it yourself.
If everything went well, the computer will restart normally. Assuming you removed your antivirus application, Windows will warn you that the computer is vulnerable. You're not currently connected to the Internet, so that's OK.
You can now run Malwarebytes' Anti-Malware. Choose the full scan. Because your computer isn't connected to the Internet, you won't have the latest definition files. That's OK.
Malwarebytes Anti-Malware will explain that that there are two versions of the program, one paid and one free. The free version omits real-time monitoring. This is OK; you won't need it now.
The program is quick, but any scan takes time. Depending on the speed of your computer, the size of the disk drives, and how many applications are on the computer, the scan may take just a few minutes or it might continue for several hours.
What you want to see, when the process ends, is a screen that shows no infections, but you may see one or more items in a list of problem files. The Anti-Malware application can remove these, but stop for a moment and read the list. Automated processes aren't always correct.
Once you've decided which files to remove, simply instruct the application to remove the ones you've selected. You'll probably be instructed to restart the computer at the end of the process. When the computer is running again, it's important to run the scan again to confirm that the problems have been resolved.
Is Everything OK Now?
If the computer is now clean, you should reinstall your antivirus program and then connect to the Internet to obtain the latest antivirus updates.
If not, you have several options: You could format the drive and reinstall everything, or you could visit Bleeping Computer and discuss the problem on one of the forums, or you could take your computer to a technician for repair.
If all of this sounds like a lot of work and a lot of bother, it is. That's why it's so very important to avoid infections in the first place.
Protecting Your Privacy on Facebook
If you post something on Facebook, you might think that only your friends would be able to see it. Or you might think that it's visible to just about anybody. It used to be private because Facebook started as a service for college students. Nobody else could get an account. Now anybody can and Facebook seems to think that everyone will want to share all their details with everybody. Among others, the Federal Trade Commission is investigating. But if you have a Facebook account and you accepted Facebook's "recommended" settings, you may be sharing more than you want to.
During the transition from the old Facebook to the new Facebook, you would have had an opportunity to keep your existing security settings. But Facebook also offered its "recommended" settings that open the doors wide. And if you've set up your account this year, you're probably sharing more than you want to.
Check the Control Panel
Status updates are now, by default, visible to everyone. If that doesn't appeal to you, here's what to do:
From the Account menu select Privacy Settings to open a new panel.
Now select Profile Information. This will open yet another long page of settings.
You want to control access to anything you post, so scroll down to Posts by Me. Click the drop-down box at the right and choose either Only Friends or (if you want to be a bit more expansive) Friends and Networks.
This page has a lot of other settings you may want to examine, too, but this sets the default for status updates, links, notes, photos, and videos you post.
Above Posts by Me are some other settings you may want to change: About me (the About Me description in your profile; Personal Info (interests, activities, & favorites); Birthday; Religious and Political Views; Family and Relationship; Education and Work; Schools, Colleges and Workplaces; and Photos and Videos of Me (photos and videos you've been tagged in).
Again, Only Friends is the safer selection. Friends and Networks open visibility up to more people, but anything else seems to be just asking for trouble.
Facebook has a search option that allows people to find you, but it reveals very little. But depending on how you set a Facebook control, you may be opening up a lot more information than you expected. Here's what to look for:
Return to the Privacy Settings page and select Search. If you want, de-select Allow, which makes all of your public information available to the Facebook search function.
And if you want to see what people will see when they search for you, click the "see preview" link.
If you've posted information on Facebook, now would be a good time to make sure that you're not sharing more of it than you intended to.
Short Circuits
Ipad Finally on Sale
It seems like a long time since Apple introduced the Ipad, but now you can finally buy one. Cnet is suggesting that sales may reach 7 million units this year and I have to wonder what Apple has planned in 3 or 6 months in terms of increased performance, decreased price, or both that will send Apple fans into orbit as happened the the Iphone.
Negative reaction about the silly name (it's still a silly name) and the device's significant limitations (it's still an overgrown Ipod) have given way to more mellow reviews, even from PC and Windows media outlets.
The Ipad doesn't support Flash and some people see that as a rebuke of Adobe by Apple, but that's probably not the case. Some of Flash's functionality is affected by a mouse cursor hovering over a Flash object. The "hover" concept is foreign to the Ipad and, until that's resolved, Flash won't bring anything to the Ipad party.
Whether the Ipad is a success or not, it's going to have a lot of company. Several PC manufacturers are working on similar devices and they'll probably be on store shelves well before the Ipad 2nd generation.
Computer Pioneer Henry Edward Roberts Has Died
Henry Edward Roberts had an interesting life. As a former military man, he developed the MITS Altair 8800 computer that was featured on the cover of Popular Electronics in 1975. I remember that cover. I remember thinking how neat it would be to own a computer. Then I forgot about it. Bill Gates and Paul Allen saw the cover, too, but they did something about it.
Thinking about owning a computer in the mid 1970s was revolutionary, but Roberts put together a kit computer that people could built. In truth, it had less power than today's average digital watch, and there was no keyboard (just switches) and no display (just lights) but it was the beginning of the personal computer era. "We didn't know we couldn't do it," he said on a PBS program, "Triumph of the Nerds", in 1996.
MITS was based in Albuquerque and that's where Gates and Allen set up shop for a time. They created a programming language, BASIC (Beginners All-purpose Symbolic Instruction Code), that could be used with the MITS Altair.
After selling the company in 1977, Roberts became a farmer in rural Georgia. He eventually went back to school and became a doctor in 1986. And regardless of anyone else's opinion of Apple's Ipad, Roberts wanted to see one. According to his son, Roberts was asking about the device from his hospital bed.
Henry Edward Roberts will be buried on Monday. He was 68. He is a pioneer who deserves to be rememebered.
Something New from TechByter Worldwide
TechByter Worldwide has maintained a weekly schedule that it inherited from its days on radio, but I've been thinking about how I might provide more timely, if occasional, updates. The result is TechByter:TODAY, a website that's powered by WordPress, one of many blogging and content management systems I looked at before selecting one.
I'm not expecting TechByter:TODAY to have frequent updates. So far, it's turning out to be one every few days.
The new service will be available by RSS for immediate updates, so I think it would be useful if something important comes up in the middle of the week. It'll take a few more weeks at least for me to determine how TechByter:TODAY should work, but I wanted to have it in place by April 12.
Why April 12? That's when the next version of the Adobe Creative Suite will be available and I don't want to wait all week to say something about it.
The author's image: It's that photo over at the right. This explains why TechByter Worldwide was never on television, doesn't it?
