Call Search
     

New to Ham Radio?
My Profile

Community
Articles
Forums
News
Reviews
Friends Remembered
Strays
Survey Question

Operating
Contesting
DX Cluster Spots
Propagation

Resources
Calendar
Classifieds
Ham Exams
Ham Links
List Archives
News Articles
Product Reviews
QSL Managers

Site Info
eHam Help (FAQ)
Support the site
The eHam Team
Advertising Info
Vision Statement
About eHam.net

   Home   Help Search  
Pages: [1] 2 3 Next   Go Down
  Print  
Author Topic: Hijackers  (Read 7274 times)
N8TNJ
Member

Posts: 62




Ignore
« on: February 10, 2012, 10:44:53 AM »

A home computer finally got a "redirect hijacker" What a nightmare to get rid of. Did some reading on it and found out most virus protection and malware programs cannot find it or cannot take care of it. (free programs) Ran combo fix on it numerous times, plus Malware, Spybot and Super anti spy ware. Finally got rid of it. I think at least Combo fix shows its ok. I know free programs don't give the protection and type of scans you get on a paid for program. But there is so many of them to choose from.  What type of Mal ware program works for you, or at least offers some type of protection from this garbage.
Logged
K6LCS
Member

Posts: 1499


WWW

Ignore
« Reply #1 on: February 10, 2012, 03:53:33 PM »

Change your passwords monthly - and use CAPS and lower case letters and a symbol or two - and use DIFFERENT passwords on EVERY thing you access on the Web.

Do not ever reply to an email's "Click Here!" solicitation.

Immediately delete without opening email from senders that you do not recognize.

THERE - That costs you nothing. And by following those rules for more than 20 years of online activity, I have only received ONE problem - and that was a Word for Windows macro nonsense file that was actually sent to me by a client ...

If you absolutely need to buy something, I suggest staying away from anything from Norton. Others swear that Norton is the finest suite of programs ever developed. But in NO system I have been involved with the past 20+ years has Norton ever made my life easier nor more efficient. Again, others will disagree. I can only speak from personal experience.

Clint Bradford, K6LCS
909-241-7666
Logged

Clint Bradford, K6LCS
http://www.k6lcs.com
KE4DRN
Member

Posts: 3714




Ignore
« Reply #2 on: February 10, 2012, 04:57:52 PM »

hi

I use the Trend Micro product, the university requires it for
all machines and if I access from  home it has to be on there too.
We get it under the license as long as it is no cost I use it.
I did like Norton but everything changes so fast these days,
malware, virus and the packages to detect them.

yes some of these things are real nasty to find and get rid of,
we had one laptop that was reduced to a snail after it had over
3,000 malwares, two rootkits and several search redirects that
made the situation worse each time you used it.

external 1TB usb hard disks are very reasonable, easy to backup
your machine(s) so you can recover if you need to.

73 james
« Last Edit: February 12, 2012, 07:33:13 PM by KE4DRN » Logged
N8TNJ
Member

Posts: 62




Ignore
« Reply #3 on: February 11, 2012, 09:12:02 AM »

Well if you have not been hit by a hijacker in 20 years consider yourself lucky. It was not from my email, it was from a truck tech site I use a lot. The hd light popped on and the hour glass icon on the came up on the pointer, and I just clicked onto the site! Changing passwords ain't gonna do it here, it d/l and installs by itself. It makes the reg keys look legit so mal-ware programs have a hard time to finding it.
Logged
N7VEA
Member

Posts: 48




Ignore
« Reply #4 on: February 13, 2012, 05:42:32 AM »

Got one in my work/radio laptop at the beginning of December.  After 4 trips to the repair guys (both company IT and an unaffiliated shop) I finally decided to do a complete reformat and reload.  Every time they thought they had it removed it came back.  What a complete PITA.  The IT guys all said it doesn't matter which protection software you use, none of them do a good job on hijackers.  This machine had MacAfee, which I can't stand but that's what Dell puts on them.  Second time I've had issues on a MacAfee "protected" computer.  The repair guys all gave the same advise about email though... don't open it if you don't know who it is and don't click any links.

Good luck with that. 
73, Bill N7VEA
Logged
W8JX
Member

Posts: 5489




Ignore
« Reply #5 on: February 13, 2012, 10:10:01 AM »

Got one in my work/radio laptop at the beginning of December.  After 4 trips to the repair guys (both company IT and an unaffiliated shop) I finally decided to do a complete reformat and reload.  Every time they thought they had it removed it came back.  What a complete PITA.  The IT guys all said it doesn't matter which protection software you use, none of them do a good job on hijackers.  This machine had MacAfee, which I can't stand but that's what Dell puts on them.  Second time I've had issues on a MacAfee "protected" computer.  The repair guys all gave the same advise about email though... don't open it if you don't know who it is and don't click any links.

Good luck with that. 
73, Bill N7VEA

You need better IT guys. To tell you to reformat and reload it is because they do not how to fix it otherwise. I have seen these reformat/reload experts before. Also the statement that you cannot stop a hijack is a lack of knowledge. With proper software and some common sense you can avoid it.
Logged

--------------------------------------
Entered using a  WiFi Win 8.1 RT tablet or a Android tablet using 4G/LTE or WiFi.
N7VEA
Member

Posts: 48




Ignore
« Reply #6 on: February 13, 2012, 05:48:43 PM »

You may be right John, the first IT guy is no longer there.  If you're an IT guy you might want to consider a move to Idaho, it looks like we need some good IT guys out here.  DX is kinda iffy out here sometimes though hihi.
Logged
W8JX
Member

Posts: 5489




Ignore
« Reply #7 on: February 13, 2012, 07:22:57 PM »

Recommending a reformat and reload to fix a problem is a classic "cover" for not really knowing what you are doing. Most not knowing any better accept it as SOP.
Logged

--------------------------------------
Entered using a  WiFi Win 8.1 RT tablet or a Android tablet using 4G/LTE or WiFi.
KF7CG
Member

Posts: 817




Ignore
« Reply #8 on: February 14, 2012, 10:11:15 AM »

N7VEA,

Spent a wonderful 11 years in Idaho as an IT person! Job ran out and wound up here in Tennessee, would have stayed in Ammon if there had been a good job nearby, same for the rest of Idaho.

David
KF7CG
Logged
N0MKC
Member

Posts: 68




Ignore
« Reply #9 on: February 14, 2012, 11:55:15 AM »

One essential CD in my computer toolkit at work (I'm a network / telecom admin for a small school district) is the AVG rescue disk...  Free download & use for private users, Linux-based.  Boot from the CD, it then loads a variant of Linux, and runs AVG anti-malware against the Windows disk.  Since Windows never loads, the malware can be more easily identified & found.  AVG updates their virus definition files twice daily, so it works quite well; I use it as my first line of defense to find / clean out malware.
Logged
KB1NXE
Member

Posts: 301




Ignore
« Reply #10 on: February 14, 2012, 12:06:04 PM »

You may be right John, the first IT guy is no longer there.  If you're an IT guy you might want to consider a move to Idaho, it looks like we need some good IT guys out here.  DX is kinda iffy out here sometimes though hihi.

Actually, speaking as one of those IT guys, most of us use the format/reload principle for two reason.  First it's sure to get rid of the problem.  Second it'll teach you a lesson and hopefully not allow your machine to be victimized again.  It's the burnt fingers approach to training users who cause their own headaches.

Sure, software may be able to do a great job getting rid of it, but if I need to invest more time into resolving the issue than it takes to format/reload, what's the value in it for me?

May also be why I left desktop support for the better world of network engineering Smiley.
Logged
W8JX
Member

Posts: 5489




Ignore
« Reply #11 on: February 14, 2012, 02:55:47 PM »

You may be right John, the first IT guy is no longer there.  If you're an IT guy you might want to consider a move to Idaho, it looks like we need some good IT guys out here.  DX is kinda iffy out here sometimes though hihi.

Actually, speaking as one of those IT guys, most of us use the format/reload principle for two reason.  First it's sure to get rid of the problem.  Second it'll teach you a lesson and hopefully not allow your machine to be victimized again.  It's the burnt fingers approach to training users who cause their own headaches.

Sure, software may be able to do a great job getting rid of it, but if I need to invest more time into resolving the issue than it takes to format/reload, what's the value in it for me?

May also be why I left desktop support for the better world of network engineering Smiley.

With proper software tools it is not that hard to mount and repair drive rather than reload it. The very first step is to remove HD and hot swap it into another test machine to first scan it for problems.  When you try to repair a badly infected system by booting from hard drive it will usually fail. When scan from another system the drive is not booted and you can scan and repair it far easier because the problem can become memory resident and reinfect repairs if virus is attached to boot loader.  This is not as hard as it sounds to do especially with serial drives which are easily mounted hot. Also while scanning it you can retrieve data for client from old drive if need be.

As far as format and reload, this is very counter productive. (unless you are charge by hour to fix it) because with today's operating systems there will be a LOT of updates to re-install and then there is user software and data too and this can take a LOT of time. Time better spent fixing problem. 
Logged

--------------------------------------
Entered using a  WiFi Win 8.1 RT tablet or a Android tablet using 4G/LTE or WiFi.
KE4DRN
Member

Posts: 3714




Ignore
« Reply #12 on: February 14, 2012, 05:55:58 PM »

Hi,

there are many websites out there that are no longer
updated for lack of time or money, these are the machines that
the nasty stuff attacks because the MS and antivirus patches
are old.  You find the site in a search and wham you're infected
and don't know about it until later on.

Few years ago our university had close to 1,000 machines
attempting to connect to other systems on our network,
these machines were in labs, closets, dorms, etc and were running
24/7 without updates, some owners left the university but their
machines did not!

I've used Blink Endpoint Protection with good results.

http://www.eeye.com/products/blink

73 james
Logged
STAYVERTICAL
Member

Posts: 854




Ignore
« Reply #13 on: February 15, 2012, 02:59:48 AM »

My sympathy for your problems, glad to know its sorted out finally.

I concur that a reload of software is a good idea, and since I don't trust anyone on the web or security, I have images of my PC (laptop) offline which I reload periodically.
There is lots of ghosting software out there for a reasonable price which all works pretty much the same.
It takes a snapshot of your entire hard disk and partitions (you choose what you want imaged), and allows you to reload it in the event of disaster.
I keep multiple images, factory delivered, and a "working" image which is the last known clean image.

This way you don't have to go to the trouble of reloading all your applications, and gives an easy fallback.
It takes about 15 minutes to burn my windows 7 image onto an external USB hard disk, and about 9 minutes to restore it completely with the MBR (boot), system, application and backup partitions.
I use Acronis 10 as my imaging software, but there are lots of choices out there.

All of my PC's (5) are imaged similarly and restoring them is a trivially simple business.
Most of the imaging software also allows resizing partitions and cloning disks if necessary.


This system has saved my bacon many times, and I re-image periodically to keep things clean.
I also use the checkpoint software for antivirus, data protection and browser protection - these days you can't have too much security.
Hope this helps ... 73s
« Last Edit: February 15, 2012, 03:02:17 AM by STAYVERTICAL » Logged
VA6SGI
Member

Posts: 6




Ignore
« Reply #14 on: February 15, 2012, 05:43:03 AM »

IT professionals wipe and reload an infected machine because in a work environment its the fastest, safest and easiest way to fix the problem.  Not because "we don't know how to fix it otherwise".

You can spend days removing a virus (while completely missing the rootkit it left behind) but in an enterprise environment there's no time for that.

With disc images and good user practices of not storing files on the local disc a good IT guy can have a user back to work in an hour.

If you've been backing up your files just wiping the system is no big deal.  Most computers need it anyways.
« Last Edit: February 15, 2012, 06:37:31 AM by VA6SGI » Logged
Pages: [1] 2 3 Next   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!