It would help us to help you if you could describe what you mean by "hacked badly". What were your symptoms? How was a diagnosis made and by whom? How was it resolved? Based on answers to those questions we can give you information that might be helpful.
Oh yes good point! My husband runs two computers and we are networked, so about 2 months ago we noticed that all computers were very slow and his were crashing a lot. He actually took some advanced computer courses (no degree but a much better idea of what is going on then myself!) and he noticed that there were suddenly DOZENS of users showing up on both of our systems, and it appeared that we had been made into regular users on our own systems! So any changes that were made to the system would APPEAR to go through, but in fact it was only being changed on the virtual account and not the main drive. This is all in layman's terms of course, so I hope it is making sense. :(
So then we had the drives low level formatted and everything seemed fine, but I am now very, very nervous! And want to make sure that we are very protected so this cannot happen again. I have System Mechanic and Windows Defender online currently, and am running XPS 700 with Vista.
What is your anti-virus? Are you running an anti-spyware other than Windows Defender?
The regulars on this forum such as ky331 and joe53 will probably stop by to give you some tips.
For now I can offer my standard prevention:
The following suggestions are general prevention and are not customized for your computer. You may have already taken some of these steps, and depending on your current security, you may not need to implement all of these:
1. Visit Microsoft Update: Make sure that you have all the Critical Updates recommended for your operating system, Office, and IE. The first defense against infection is a properly patched OS from Microsoft Update at update.microsoft.com. More info HERE.
2. Please use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to date. Run a complete system scan with your anti-virus at least once a week...preferably in Safe mode. If your anti-virus program is a paid/licensed version that is about to expire, you can consider removing it and using a free one such as: Microsoft Security Essentials Avast! Home Edition
If you prefer not to use the Windows Firewall, there are several of the freeware Firewalls available on the public domain.
3. Using an alternate browser can reduce your chance of certain infections installing themselves. You might consider installing Mozilla / Firefox. http://www.mozilla.com/en-US/
4. Do not use file sharing. Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.
5. Keep your software updated...make it easier on yourself and install the free security tool Secunia PSI .
6. If you have not already done so, you might want to install CCleaner and run it in each user's profile: http://www.ccleaner.com/ Please avoid using the "registry" cleaning feature of this utility unless you consider yourself expert enough to edit the registry manually. The Windows Registry has no need of any "cleaning". ** UNcheck the option to install the Yahoo toolbar that is checked by default for the Standard version, or download the toolbar-free versions (Slim or Basic) when given the option for those.
7. Web Of Trust , uses colored alerts to warn about risky websites warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
Red for Warning = STOP
Yellow for Use Caution
Green for Safe
Grey for Unknown
There is a Web Of Trust version for Firefox as well.
8. If you still wish to use Internet Explorer, please make sure you install SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html It will: Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software. Block spyware/tracking cookies in Internet Explorer and Mozilla Firefox. Restrict the actions of potentially unwanted sites in Internet Explorer. Tutorial here:http://www.bleepingcomputer.com/forums/tutorial49.html Periodically check for updates.
9. You might want to install Winpatrol. Winpatrol is heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features here. You can download a free copy of Winpatrol or use the Plus version for more features. You can read Winpatrol's FAQ if you run into problems.
10. Many of us in the online security community have tried and tested programs to determine their abilities. Please remember that there is no guarantee regarding computer security. However, the available software, combined with the rest of these recommendations will contribute to helping your system running safely.
Here are some helpful articles: How did I get infected? HERE
I'm not pulling your leg, honest? by Sandi Hardmeier HERE
12. Check to be sure that you are not one of those people who is using a dangerously easy-to-guess password at websites requiring passwords. There is a good how-to video HERE.
I have little to add to Bugbatter's advice. It must seem like an enormous prescription I'm sure, but if you tackle it one item at a time is very doable. And help is freely available here from folks who have been in your situation. We have all been there. Please feel free to ask at any time. There are no stupid questions, when it comes to computer security.
I'm a bit concerned that you use Registry Mechanic, and might think it has some defensive value. From my reading about it, it does not. It is a repair utility and a "registry cleaner". In my experience such registry cleaners confer no benefits, and messing with the registry entails certain risks. I would avoid using any module of this program that involves scanning or cleaning the registry.
You say you use "Windows Defender Online". I presume you mean that you have Windows Defender (a good anti-malware program) actually installed on your computer, loading at startup, and running in real-time. (To confirm this, check your notification tray in the lower right corner of your screen. The Windows Defender icon looks like a medieval brick wall).
You still have not stated what, if any, anti-virus you use. Be advised that changing your AV is not a trivial process, and you may need extra instructions on how to do this. Do not hesitatae to ask about this, if applicable.
Haha yeah, unfortunately while I was on the phone with Dell support reinstalling my OS they sold me the SM, and I have to admit it *sounded* a lot more than what it was. :P After doing my own reading I after the fact I now realize that it has 0 security :( Oh well, learned my lesson there. I will start work on these downloads and get them installed. I have no issue using a system other than IE so that's no trouble. I do have some questions though based on the responses so far.
My husband and I do share some files over our home network. If this endangers us I will certainly stop, but I had been of the assumption that since it was only between us it would be OK. Is this false?
Is it normal for a home built machine using Windows 7 to have a Drive X with all the associated programs? I know my dell Vista does, and it's been confirmed that it SHOULD, but would this be the case for a non manfactured machine as well?
Will these precautions protect against an actual intrusion of someone spoofing trusted installer, Windows updater and other Microsoft programs from gaining access to the network? This *appears* to be what happened last time. :(
Thank you all so much for your patience and help so far :) As soon as I get home today will start getting these stuffs downloaded!!
OK I have run my system now through Norton, Windows Defender and both say there is no issue, but I am still concerned. I seem to be missing 35 GBS of space on my hard drive, and I have found computer logs with references to impersonation of Admin, resetting of admin permissions and the creation of virtual drives. Is that normal? :(
Bugbatter
3 Apprentice
•
20.5K Posts
0
August 8th, 2011 12:00
Hi and welcome to Dell Community :)
It would help us to help you if you could describe what you mean by "hacked badly". What were your symptoms? How was a diagnosis made and by whom? How was it resolved? Based on answers to those questions we can give you information that might be helpful.
Mjones13
6 Posts
0
August 8th, 2011 12:00
Oh yes good point! My husband runs two computers and we are networked, so about 2 months ago we noticed that all computers were very slow and his were crashing a lot. He actually took some advanced computer courses (no degree but a much better idea of what is going on then myself!) and he noticed that there were suddenly DOZENS of users showing up on both of our systems, and it appeared that we had been made into regular users on our own systems! So any changes that were made to the system would APPEAR to go through, but in fact it was only being changed on the virtual account and not the main drive. This is all in layman's terms of course, so I hope it is making sense. :(
So then we had the drives low level formatted and everything seemed fine, but I am now very, very nervous! And want to make sure that we are very protected so this cannot happen again. I have System Mechanic and Windows Defender online currently, and am running XPS 700 with Vista.
Bugbatter
3 Apprentice
•
20.5K Posts
0
August 8th, 2011 18:00
What is your anti-virus? Are you running an anti-spyware other than Windows Defender?
The regulars on this forum such as ky331 and joe53 will probably stop by to give you some tips.
For now I can offer my standard prevention:
The following suggestions are general prevention and are not customized for your computer. You may have already taken some of these steps, and depending on your current security, you may not need to implement all of these:
1. Visit Microsoft Update: Make sure that you have all the Critical Updates recommended for your operating system, Office, and IE. The first defense against infection is a properly patched OS from Microsoft Update at update.microsoft.com. More info HERE.
2. Please use a firewall and realtime anti-virus. Keep the anti-virus software and firewall software up to date. Run a complete system scan with your anti-virus at least once a week...preferably in Safe mode.
If your anti-virus program is a paid/licensed version that is about to expire, you can consider removing it and using a free one such as:
Microsoft Security Essentials
Avast! Home Edition
If you prefer not to use the Windows Firewall, there are several of the freeware Firewalls available on the public domain.
Please see this list for anti-virus, firewalls, and other FREE SECURITY SOFTWARE.
3. Using an alternate browser can reduce your chance of certain infections installing themselves. You might consider installing Mozilla / Firefox.
http://www.mozilla.com/en-US/
4. Do not use file sharing. Even the safest P2P file sharing programs that do not contain bundled spyware, still expose you to risks because of the very nature of the P2P file sharing process. By default, most P2P file sharing programs are configured to automatically launch at startup. They are also configured to allow other P2P users on the same network open access to a shared directory on your computer. The reason for this is simple. File sharing relies on its members giving and gaining unfettered access to computers across the P2P network. However, this practice can make you vulnerable to data and identity theft. Even if you change those risky default settings to a safer configuration, the act of downloading files from an anonymous source greatly increases your exposure to infection. That is because the files you are downloading may actually contain a disguised threat. Many very malicious worms and trojans, such as the Storm Worm, target and spread across P2P files sharing networks because of their known vulnerabilities.
5. Keep your software updated...make it easier on yourself and install the free security tool Secunia PSI .
6. If you have not already done so, you might want to install CCleaner and run it in each user's profile: http://www.ccleaner.com/ Please avoid using the "registry" cleaning feature of this utility unless you consider yourself expert enough to edit the registry manually. The Windows Registry has no need of any "cleaning". ** UNcheck the option to install the Yahoo toolbar that is checked by default for the Standard version, or download the toolbar-free versions (Slim or Basic) when given the option for those.
7. Web Of Trust , uses colored alerts to warn about risky websites warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
There is a Web Of Trust version for Firefox as well.
8. If you still wish to use Internet Explorer, please make sure you install SpywareBlaster: http://www.javacoolsoftware.com/spywareblaster.html
It will:
Prevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, and other potentially unwanted software.
Block spyware/tracking cookies in Internet Explorer and Mozilla Firefox.
Restrict the actions of potentially unwanted sites in Internet Explorer.
Tutorial here:http://www.bleepingcomputer.com/forums/tutorial49.html
Periodically check for updates.
9. You might want to install Winpatrol. Winpatrol is heuristic protection program, meaning it looks for patterns in codes that work like malware. It also takes a snapshot of your system's critical resources and alerts you to any changes that may occur without you knowing. You can read more about Winpatrol's features here. You can download a free copy of Winpatrol or use the Plus version for more features.
You can read Winpatrol's FAQ if you run into problems.
10. Many of us in the online security community have tried and tested programs to determine their abilities. Please remember that there is no guarantee regarding computer security. However, the available software, combined with the rest of these recommendations will contribute to helping your system running safely.
Here are some helpful articles:
How did I get infected? HERE
I'm not pulling your leg, honest?
by Sandi Hardmeier HERE
11. If you use Social Media (Facebook, Twitter, etc.) you can stay informed at SpywareHammer's Forum for Social Media Security
12. Check to be sure that you are not one of those people who is using a dangerously easy-to-guess password at websites requiring passwords. There is a good how-to video HERE.
Please see these pages for
LISTS OF FREE SECURITY SOFTWARE
FREE SECURITY SOFTWARE
Let us know if you have any additional questions.
joe53
2 Intern
•
5.8K Posts
0
August 9th, 2011 02:00
Hi Mjones13;
I have little to add to Bugbatter's advice. It must seem like an enormous prescription I'm sure, but if you tackle it one item at a time is very doable. And help is freely available here from folks who have been in your situation. We have all been there. Please feel free to ask at any time. There are no stupid questions, when it comes to computer security.
I'm a bit concerned that you use Registry Mechanic, and might think it has some defensive value. From my reading about it, it does not. It is a repair utility and a "registry cleaner". In my experience such registry cleaners confer no benefits, and messing with the registry entails certain risks. I would avoid using any module of this program that involves scanning or cleaning the registry.
You say you use "Windows Defender Online". I presume you mean that you have Windows Defender (a good anti-malware program) actually installed on your computer, loading at startup, and running in real-time. (To confirm this, check your notification tray in the lower right corner of your screen. The Windows Defender icon looks like a medieval brick wall).
You still have not stated what, if any, anti-virus you use. Be advised that changing your AV is not a trivial process, and you may need extra instructions on how to do this. Do not hesitatae to ask about this, if applicable.
Best of luck!
Mjones13
6 Posts
0
August 9th, 2011 05:00
Haha yeah, unfortunately while I was on the phone with Dell support reinstalling my OS they sold me the SM, and I have to admit it *sounded* a lot more than what it was. :P After doing my own reading I after the fact I now realize that it has 0 security :( Oh well, learned my lesson there. I will start work on these downloads and get them installed. I have no issue using a system other than IE so that's no trouble. I do have some questions though based on the responses so far.
My husband and I do share some files over our home network. If this endangers us I will certainly stop, but I had been of the assumption that since it was only between us it would be OK. Is this false?
Is it normal for a home built machine using Windows 7 to have a Drive X with all the associated programs? I know my dell Vista does, and it's been confirmed that it SHOULD, but would this be the case for a non manfactured machine as well?
Will these precautions protect against an actual intrusion of someone spoofing trusted installer, Windows updater and other Microsoft programs from gaining access to the network? This *appears* to be what happened last time. :(
Thank you all so much for your patience and help so far :) As soon as I get home today will start getting these stuffs downloaded!!
Mjones13
6 Posts
0
August 15th, 2011 07:00
OK I have run my system now through Norton, Windows Defender and both say there is no issue, but I am still concerned. I seem to be missing 35 GBS of space on my hard drive, and I have found computer logs with references to impersonation of Admin, resetting of admin permissions and the creation of virtual drives. Is that normal? :(