How I Got Hacked... And Why You MUST Have a Backup! - Comments Page 1
Posted by:
|
Hi Bob I would like very much to run a sandbox, but I have a 64bit Win7 installation. I cannot find any sandbox programs that run in 64bit; the 32bit ones handle memory differently, and each warns against use in a 64bit environment. I cannot afford big-company software, and would buy shareware (which I have always done historically) if I were *sure it would work and be reliable on this system. Do you have any ideas? |
Posted by:
|
yea sounds scare, it maybe that my ultimate weapon which is comodo time machine would work, not 100% sure but it might |
Posted by:
|
Bob, Thanks for the heads up. Lesson learned. |
Posted by:
|
My concern -- regarding the backups -- is the distinct possibility that the malware that caused the original problem would be duplicated in the I386 and, even though it's eradicated from the primary hard drive, it would still loom in the I386 file. When the backup is installed, the malware is there, ready to spring back into action. I lost one hard drive to a hacker six months ago (same way Bob did -- trying to help a friend) and I may be in the process of losing another one as we speak. I think I have the culprit under control, at the moment, but I can't keep any of my Windows settings in place, nor can I run certain software that claims to be ahead of the malware curve. At this point, I have doubts about the malware being included in the backup files. |
Posted by:
|
What is that web site, I'd like to view it on my test machine |
Posted by:
|
The only way to investigate a potentially dangerous connection is to virtualize the system first. Returnil free is a straightforward solution that allows only RAM-loaded activity. Nothing can be written to the system partition. A reboot puts the system into exactly the state in which it was when Returnil virtual mode was activated. |
Posted by:
|
BOB! WOW! You just proved that you are just a human being as the rest of us and that you are prone to the quirks of life. I feel better knowing that you can get "anxious" when something goes terribly wrong with your computer. I love it that you are refreshingly Genuine and HONEST . . . YOU always tell it like it is - - you have never pretended to KNOW Everything about Everything! TheRube |
Posted by:
|
Hi Bob, I had a similar redirect problem on a laptop computer. I resolved it by rebooting in safe mode, deleting internet explorer, and then reloading it from a stick that I had downloaded using another computer. Finally I ran windows defender which cleaned up the rest. It's been awhile so I can not give specific's on what it caught. It's worth a try before you have to do a complete system reload. Good Luck |
Posted by:
|
I am curious why, once you had decided to do a disk restore, you didn't just boot up the Acronis TrueImage stand-alone software (on the CD) and do the restore from there. Avoid the bother of installing anything at all. One of the many beauties of TrueImage. EDITOR'S NOTE: I did try that, but TrueImage could not detect the C: drive, due to the MBR or partition damage. And for reasons unknown, it did not give me the option to fix the MBR, partition or format. |
Posted by:
|
I hope you were able to fix her web site, too! And if not, is it one I might visit? :-0 EDITOR'S NOTE: The website has since been fixed. I'd rather not give the URL, but the subject matter wasn't anything racy or exotic. It could happen on any site that uses WordPress, and there are tens of millions of those. |
Posted by:
|
I have ALL my important documentation on an external hard drive which is updated on a regular basis, AND IS TURNED OFF WHEN NOT IN USE. So if the worse comes to worse all I have to do is reformat drive 'c', and reinstall my OS. I've had to do it before for various reasons, and I know I'll have to do it again in the future. But in any case its NOT the end of the world, as I know it! |
Posted by:
|
Just curious. What browser where you using? I know Chrome has sandboxing built into it but I thought that IE and Firefox did now too. I do remember that Chrome doesn't sandbox (or didn't) Flash applications so that might be a serious attack vector. I've taught an Internet course a few times and two questions that pop up regularly is how do I know a site is safe and how do I know a download is safe. Some of the students get quite worried when I tell them that no antivirus software catches 100% of the stuff out there. I think about how many links I share to friends on Facebook and then wonder how many of them are too scared to click on links especially when they've gotten malware on their computer once and was told (whether it was true or not) that they got infected by visiting a website. This is very scary stuff especially for neophyte computer users but even for us smart guys. EDITOR'S NOTE: I was using Firefox, but I don't think it would have been any different with IE based on what I've read since. Both have a "privacy mode" but I don't think that does a true sandbox environment. |
Posted by:
|
We all can get caught out there and seriously compromise our computer's security due to malware infestation. This may be overkill but I think the finest defense against malware attack is to have these fine layers of protection: 1. Microsoft Security Essentials (MSE) 2. Panda Cloud Anti-virus 3. Malwarebytes 4. SuperAntiSpyware 4 (a)SuperAntiSpyware (Portable) it sits pretty in your system ready to pounce - - No installation needed 5. Spybot Search & Destroy [Remember do NOT use two anti-virus programs at the same time because it will probably cause your computer to become unstable or crash. However, in my experience Panda Cloud and MSE work nicely together without conflict] The combination described above have helped my computer to withstand attack along with the use of Sandboxie which you can download for free at www.sandboxie.com TheRube
|
Posted by:
|
I was wondering why you did not use combofix before you got locke dout of windows. EDITOR'S NOTE: As I mentioned in the article, the virus was able to detect and shutdown almost any anti-malware software. I even tried renaming the EXE files. |
Posted by:
|
You lost me on point No. 3. "Wear gloves" ... "don't touch the wires"... I don't understand that whole point. EDITOR'S NOTE: The idea was to use a test environment, insulated from your everyday machine and files. |
Posted by:
|
Holy Cow! Thank you, Bob, for this eye-opening first-person true-life drama. I've not done an image backup (I don't have an external drive with enough capacity), but I see it's time to spend the money for a 1 terabyte external drive and start taking care of myself. |
Posted by:
|
Hard drives are inexpensive. With an old fashioned desk top job put in a new hard drive and use it to wipe and format the old drive? Might be faster for a person with less system knowledge than you have. It is not so easy with lap tops. I think drive cases are available lap top sized drives. In either case, one should have backed up important addresses and whatever. |
Posted by:
|
TheRube |
Posted by:
|
I do not want to do a commercial here, but my Husband found "carbonite" and we use it, since we had a blue screen of death a few years ago. We got rid of the external hard drive and we pay an annual fee for carbonite, peace of mind! |
Posted by:
|
Would using an antivirus/antispyware boot CD have helped? I use those a lot and clean up most machines enough to be able to boot and finish up. Rootkits are a pain, but after being able to bootup, Combofix works. Have ti uninstall anti-malware software first, then reinstall after running Combofix. Kind of nuisance, but gets things back to normal. EDITOR'S NOTE: It would have, if my hard drive was recognized. Every boot CD i tried told me there was no C: drive present. |
Read the article that everyone's commenting on.
To post a comment on "How I Got Hacked... And Why You MUST Have a Backup!"
please return to that article.
Need More Help? Try the AskBobRankin Updates Newsletter. It's Free! |
Prev Article: Do I Really Need a Firewall? |
|
Next Article: Are You Addicted To Social Media? |
Link to this article from your site or blog. Just copy and paste from this box: |
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter About Us Privacy Policy RSS/XML |
(Read the article: How I Got Hacked... And Why You MUST Have a Backup!)