Ways to Know You've Been Hacked
-
Article says: "No. 1 recommendation is to completely restore your system to a known good state before proceeding. In the early days, this meant formatting the computer and restoring all programs and data. Today, depending on your operating system, it might simply mean clicking on a Restore button."
I remember that in the XP & Vista era, system restore's would have instances of the malware or virus in them. So we stopped using system restore as a start point. Does anyone one else trust the system restore?
-
Except now, the virus writers know how to hide things in the recovery partitions
-
@JaredBusch said:
Except now, the virus writers know how to hide things in the recovery partitions
Yes, restores should be done from a clean, remote source.
-
Glad I wasn't the only one pointing this out. I have had local techs tell me my was was overkill.
-
My way = guaranteed fix was to reinstall OS, update, add security measures and try to get all users to run as standard users.
-
@technobabble said:
Glad I wasn't the only one pointing this out. I have had local techs tell me my was was overkill.
Remote source can mean just a read-only CD or DVD too. Doesn't have to mean big infrastructure for imaging. Depends on size.
-
@technobabble said:
Does anyone one else trust the system restore?
At the office we disable system restore via group policy because it never seemed to actually fix anything and tied up valuable storage space (we use SSDs on all our laptops, so sometimes space is a bit tight.) Also we have a couple users who know enough to be dangerous and would run system restore a dozen times to try and fix their own problems, and in a few cases it caused problems for some of our applications.
-
@jasonh said:
@technobabble said:
Does anyone one else trust the system restore?
At the office we disable system restore via group policy because it never seemed to actually fix anything and tied up valuable storage space (we use SSDs on all our laptops, so sometimes space is a bit tight.) Also we have a couple users who know enough to be dangerous and would run system restore a dozen times to try and fix their own problems, and in a few cases it caused problems for some of our applications.
Agreed, user-initiated system restores are almost always a disaster eventually. I've seen a lot of shops try this and never hear good results. It sounds good, but people get crazy. They treat it like rebooting.
-
I've used it once or twice with success, more often than no it solves nothing.
-
@scottalanmiller said:
@jasonh said:
@technobabble said:
Does anyone one else trust the system restore?
At the office we disable system restore via group policy because it never seemed to actually fix anything and tied up valuable storage space (we use SSDs on all our laptops, so sometimes space is a bit tight.) Also we have a couple users who know enough to be dangerous and would run system restore a dozen times to try and fix their own problems, and in a few cases it caused problems for some of our applications.
Agreed, user-initiated system restores are almost always a disaster eventually. I've seen a lot of shops try this and never hear good results. It sounds good, but people get crazy. They treat it like rebooting.
To me it also seems like the restores are getting longer and longer and sometimes once you start one you can't stop it.
-
Has anyone used the W8 built in Refresh or Reset yet? I had to do a Reset on a new PC that locked up during the upgrade from W8 home to W8 Pro and it worked fine. Haven't used Refresh or Reset for a system that has been hacked.
-
@technobabble said:
Has anyone used the W8 built in Refresh or Reset yet? I had to do a Reset on a new PC that locked up during the upgrade from W8 home to W8 Pro and it worked fine. Haven't used Refresh or Reset for a system that has been hacked.
No, have not even seen that yet.
-
I've read about it I've had no reason to use it yet
-
