New Acer desktop in shop for virus removal

[Newbeak]

I have a new 64bit desktop running Win7,and last Saturday I couldn't access the internet when I booted it.I was on the phone with my ISP for 45 minutes,and all they could tell me was that they could ping my system,but my system couldn't ping back.It is now in the shop,and they told me today they have found 31 malware items and counting-they are in fact going to reinstall windows for me. I always surf the net sandboxed,and I am stunned at the number of viruses found.I am writing this on my laptop,which is 32bit running Vista Home (which is virus free thanks to SB). I never had infections with my old system running 32bit XP Home. Can anyone give me some general pointers to avoid getting into this situation again when I get my desktop back home? Thanks!

[Buster]

You can not be sure what was the source of the infection, if that´s really the problem. Maybe you connected an infected USB device.

[CPB]

How often did you empty the sandbox on that PC? Does the shop know what SandBoxie is? Is it possible that the malware items they found are inside a sandbox and aren't actually doing anything to harm your system?

[Cynical]

I have a new 64bit desktop running Win7 ... they have found 31 malware items and counting-they are in fact going to reinstall windows for me. I always surf the net sandboxed,and I am stunned at the number of viruses found.I am writing this on my laptop,which is 32bit running Vista Home (which is virus free thanks to SB). I never had infections with my old system running 32bit XP Home.

Seems to me that accusing Sandboxie 64 of not protecting you, based on no material proof other than what some pc fixing shop said. I am also inferring that since you don't have the technological know-how to disinfect and reinstall windows yourself, that your judgements are not reliable at all.

Here's the problem with what you're saying:
Since no one here knows exactly how security conscience you are or your user practices, it wouldn't be far fetched that you used sandboxie incorrectly. You may have downloaded warez and recovered it to your real desktop. Haing warez outside of Sandboxie's protection and then assuming that whatever crap got installed was due to browsing containment bypasses, is probably the case that you have experienced. No one here using the 64 version has reported any malware sites that can bypass it as of yet.

My tone may seem confrontational, but I am tired of basless claims that Sandboxie has been bypassed. So unless you provide malware names to test, nothing that you write here has any credibility I'm afraid.

Cheers

[Hank52]

Seems to me that accusing Sandboxie 64 of not protecting you, based on no material proof other than what some pc fixing shop said. I am also inferring that since you don't have the technological know-how to disinfect and reinstall windows yourself, that your judgements are not reliable at all.

Hey Cynical!! Maybe you should get off your high horse. He didn't sound like he was accusing Sandboxie of letting him down. He was only stating that there was Viruses found on his Computer. It is entirely possible that the Sandbox was not Deleted when he took his Computer to be serviced.

It is possible that the servicemen didn't know that Sandboxie was ever installed. Not everybody knows what Sandboxie even is, Including the so called Technicians.

Lets hear what the OP has to say before you put him on trial.

Ken:

[bs1]

@Newbeak,

I read your post and don't consider it "accusatory" as a previous poster alleges. Seems to me you are simply stating the facts as you understand them, namely, you have two computers, one with Windows 7 and the other with XP, and the Windows 7 system got infected. Now, you're asking for advice how to avoid this from happening again. Seems a reasonable question.

Buster raises a good point about potentially getting compromised by inserting infected USB devices. If you have the paid version of Sandboxie, you can use the Forced Folders feature to force such devices (e.g. flash drives) to open in a sandbox.

And as CPB points out, it's even possible that the malware was contained in an unemptied sandbox. Although, that would still leave the mystery as to why you couldn't access the internet.

Some additional general suggestions:
> Harden your sandbox by using Start/Run restrictions and Drop Rights (you can read more about that here http://www.sandboxie.com/index.php?RestrictionsSettings)
> Use Virustotal http://www.virustotal.com/ to scan any sandboxed file before recovering it to your real system.
> Take some time to read this post at ssj's forum (in particular, scroll down to the Sandboxie section): http://ssj100.fullsubject.com/t4-ssj100 ... rity-setup

I hope you feel comfortable posting back with any other questions.

EDIT: Posted the above response, then saw Hank beat me to it.

[Newbeak]

@Newbeak,

I read your post and don't consider it "accusatory" as a previous poster alleges. Seems to me you are simply stating the facts as you understand them, namely, you have two computers, one with Windows 7 and the other with XP, and the Windows 7 system got infected. Now, you're asking for advice how to avoid this from happening again. Seems a reasonable question.

Buster raises a good point about potentially getting compromised by inserting infected USB devices. If you have the paid version of Sandboxie, you can use the Forced Folders feature to force such devices (e.g. flash drives) to open in a sandbox.

And as CPB points out, it's even possible that the malware was contained in an unemptied sandbox. Although, that would still leave the mystery as to why you couldn't access the internet.

Some additional general suggestions:
> Harden your sandbox by using Start/Run restrictions and Drop Rights (you can read more about that here http://www.sandboxie.com/index.php?RestrictionsSettings)
> Use Virustotal http://www.virustotal.com/ to scan any sandboxed file before recovering it to your real system.
> Take some time to read this post at ssj's forum (in particular, scroll down to the Sandboxie section): http://ssj100.fullsubject.com/t4-ssj100 ... rity-setup

I hope you feel comfortable posting back with any other questions.

EDIT: Posted the above response, then saw Hank beat me to it.

Thanks for the kind words,bs1. I picked up my desktop today,and here are the technician's comments:http://img689.imageshack.us/img689/9716/img008k.jpg
My ISP supplies my anti-virus software free with my subscription.It is branded Shaw Secure,but is actually F-Secure.
As is said in my original post,I feel naked surfing without SB,and I love it.I will implement your suggestions,thanks again!

[Sunny]

depending on what scan the shop used, they may have found sandboxie itself to be the problem. I recently ran a scan on pcpitstop. the online scanner "didn't recognize" MSE - in fact recommended removing the dll that further research infoms me "alerts the user" when MSE finds/quarantines/removes something. Nice catch, right? it also doesn't recognize some of my other security software: online armor or sandboxie. hard to believe, but true.