|
PureBytes Links
Trading Reference Links
|
Hi Ara,
You may be in bad shape, sadly. See below.
Wednesday, October 25, 2006, 5:13:40 PM, you wrote:
AK> Yuki
AK> My problems are "weird". ..
AK> For example,
AK> 1. Some web sites I can not log in. (I can log in with backup computer).
AK> 2. Running Interactive Brokers TWS, when I activate Book Trader, data does
AK> not come into Book Trader. I have to shut it off and re-activate. This
AK> actually happens with other programs also. Have not established patern.
AK> 3. On my Firewall / Antivirus / Spam Blocker / Pest Controller, Spam Blocker
AK> and Pest Controller were not running. They were also missing from the start
AK> menu.
AK> 4. Have problems running SecondCopy (my backup program). Beleive this is
AK> related the "read only" issue.
AK> I was hacked last week through Skype!. An "Unknown" user was registered in
AK> my PC, which I removed.
Now it's time to reformat, or even buy a new drive, and do a fresh
install.
Your machine has been compromised, I would bet.
This is not normal, not "part of computing", or anything else that
you can just brush aside. You have a potentially severe problem, and
the only *known* way of getting rid of it is to either reformat the
drive, or replace it. Until you do this, you should assume that every
bit of information on your computer -- passwords, login IDs, account
numbers, the whole lot of it -- are accessible to someone else. You
should assume, should you have an online brokerage account, that
someone else has your login and password, and may make unauthorized
trades in your name. In short, you should immediately assume the
very worst that you can possibly imagine. Assume a malevolent
stranger was sitting in front of your computer all night while you
slept -- logged on as an administrator.
AK> Virus scans show no virus.
You didn't say what scanner ... or what firewall.
AK> The computer is new, so I do not do much HD maintenance. Occasional
AK> Defragment.
Make new habits. ^_^
AK> Unfortunatly have not got around to do a system backup!!!
I don't know what I can say. But Ara, every hard drive fails. Every
single one of them. There are NO exceptions. And the fun part is
that NO ONE can *guarantee* WHEN this will happen. It could happen
on day 1 after you buy your computer or drive. It could happen on
day 3,000. But it WILL happen, and unless you are prepared to lose
data, forever -- gone, *poof* -- you have to expect that it will
happen in the next 300 seconds or less, and have a plan for that.
Backing up is not something we "get around to".
AK> Where is the system log. Never looked at one.
Oh dear, Ara. Make a new shortcut:
%SystemRoot%\system32\eventvwr.msc /s
Where it says "Start In" on the 'Properties' menu, paste this in:
%HOMEDRIVE%%HOMEPATH%
When you wake up in the morning, look here first. Look at all the
logs there. Yellow or Red means understand that your computer is
telling you something. Then check to see that your overnight backup
was done, and any other scheduled tasks were completed normally. Make
sure nothing "weird" or unauthorized happened.
Then, and only then, you can go to the bathroom. ^_^
Seriously, Ara, once you have been compromised, you may be out of my
depth. I never have been, and I know if I ever am, the drive will
end up at the bottom of Tokyo Bay, maybe even the Mariana Trench, and
I'll pray that my data on my backup drives is not infected with
something.
Your problem is probably much worse than I expected, and certainly
nothing that any "registry fixer" program is going to solve. Until
you replace and/or reinstall, you must assume that you have an
unauthorized partner looking over your shoulder.
The steps I would take at this point, ASAP:
1. Buy a router if you don't already have one.
2. Buy a new hard drive (or at the very least, reformat), and
reinstall Windows.
3. Do NOT connect to the Internet until you are behind the router,
with a firewall operating. (For most people, the router itself is
going to be a fairly effective inbound firewall, but since you've
been had already, I would want some outbound control, which means NOT
Windows firewall, but something like ZoneAlarm or Kerio.) I'm sorry,
but in today's computing world, you simply must learn how to do this
stuff. The alternatives are all bad.
4. Assume that the Internet is a very evil place filled with lots of
malicious people intent on stealing your money. Compute accordingly
in the future.
5. Get a good drive-imaging program, learn how to use it, and use it
regularly. Backing up individual files or folders is better than not
backing up at all, but people who are serious about data retention
image the entire drive or drives, so that they can "reinstall"
without actually reinstalling, since you have to redo *every* special
setting you've ever set when you actually do an actual reinstall.
Most people, including me, could never remember them all. (People
smarter than me keep track of most of them in journals, but a lot of
stuff gets done that doesn't get journaled, I suspect.)
I'm very serious about all of this, by the way. If you have been
compromised, you are probably in big trouble. At the very *least*,
someone is probably using your box to relay tons of SPAM. At the
worst, they are in your pocketbook, or soon may be. One of the first
things intruders who have gained access do is disable your computer's
own defenses. It sounds like that has already happened. They *own*
your computer now, just as if they were sitting at your keyboard.
Only they can do things that don't show up on your monitor, so you
aren't aware of what they are doing. Does this sound like a serious
problem to you???
Do you have a credit card number stored somewhere on the drive?
Contact the issuer immediately ...
Your date of birth? (Change it!) ^^_^^ (Okay, that was the only
humorous part of this message.) The rest of it, sadly, is not funny.
Best,
Yuki
Content-Description: "AVG certification"
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.13.27/517 - Release Date: 11/3/2006
|