AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Software > Data Security

Data Security Viruses, Firewalls and Safe computing


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 9th February, 2010, 06:02 AM
PorPorMe's Avatar
Member
 
Join Date: January 2008
Location: Othello, Wa
Posts: 3,207

Trojan Found, User account turned off

While doing a search for internet tv, my internet security software-Norton-warned me it was a malicious site. My browser would not shut down so I did a hard shut down. On rebooting, I discovered Vista's User Account Control had been turned off.
Norton's virus scan did not find anything but Malwarebyes Anti-malware found a Trojan.
Damn *$#(*^@ S.O.B's!
__________________
AOA Team fah


1ST * Asus M5A99FX Pro r 2.0 *AMD FX 8350 Black Edition *Cooler Master MasterLiquid 240 CPU Cooler * Crucial 16g DDR3 * MSI Geforce GTX 1050 * Antec 650w* Thermaltake V9 Case
2nd Asus M5A99fx Pro R2.0 Mainboard *AMD FX 4300 Black edition * l6g Crutial DDR3 * Evga Geforce Gt 730 * Coolermaster Dual fan HSF * 500w Thermaltake PSU * 320g western digital HDD


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 9th February, 2010, 06:42 AM
Member
 
Join Date: April 2005
Location: AZ
Posts: 2,446

Sucks, you would think UAC would prevent malicious software from gaining the elevated privileges needed to turn it off. I actually thought that was the principle behind user access control..

I've been spending a lot of time in Windows these days. Every day it's something. Today it was having to log in under the admin account to check printer ink levels because someone at lexmark decided that was privileged information when they wrote the software...
__________________
Biostar TForce X58 - Core i7 920 - 12GB Corsair Dominator DDR3 - EVGA 560ti - PCP&C 750W - Dual boot, Arch Linux/WinXP
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 9th February, 2010, 07:48 AM
PorPorMe's Avatar
Member
 
Join Date: January 2008
Location: Othello, Wa
Posts: 3,207

That's what I thought too. It sure never crossed my mind that a malicious web site could do it and so quickly.
__________________
AOA Team fah


1ST * Asus M5A99FX Pro r 2.0 *AMD FX 8350 Black Edition *Cooler Master MasterLiquid 240 CPU Cooler * Crucial 16g DDR3 * MSI Geforce GTX 1050 * Antec 650w* Thermaltake V9 Case
2nd Asus M5A99fx Pro R2.0 Mainboard *AMD FX 4300 Black edition * l6g Crutial DDR3 * Evga Geforce Gt 730 * Coolermaster Dual fan HSF * 500w Thermaltake PSU * 320g western digital HDD


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 9th February, 2010, 08:35 AM
chrisbard's Avatar
Benchmarker
 
Join Date: March 2003
Location: Earth
Posts: 8,252
Send a message via Yahoo to chrisbard

Quote:
Originally Posted by PorPorMe View Post
While doing a search for internet tv, my internet security software-Norton-warned me it was a malicious site. My browser would not shut down so I did a hard shut down. On rebooting, I discovered Vista's User Account Control had been turned off.
Norton's virus scan did not find anything but Malwarebyes Anti-malware found a Trojan.
Damn *$#(*^@ S.O.B's!
I think you should read this
Trojan Horses - Why anti-virus software isn?t enough

BTW did u try to turn off your browser from taskmanager before killing your PC with a hard shut down? (which is never good tbh)
__________________
I've heard that linux community came up with better implemented security in it's latest Linux Mint Gold version, it's actually preventing the user to log in, thus posing 0 risk in contamining the computer with malware! Well done to the open source community!


Last edited by chrisbard; 9th February, 2010 at 08:40 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 9th February, 2010, 08:51 AM
chrisbard's Avatar
Benchmarker
 
Join Date: March 2003
Location: Earth
Posts: 8,252
Send a message via Yahoo to chrisbard

About UAC - I am not using it (too many questions / action for my taste) but I am using IE + AV + AT and I have no issues. Whenever I go to a site that is trying to install malware if the protection fails and the browser stops responding (hasnt happened in a long while now) I kill the browser from taskmanager and everything is fine!
__________________
I've heard that linux community came up with better implemented security in it's latest Linux Mint Gold version, it's actually preventing the user to log in, thus posing 0 risk in contamining the computer with malware! Well done to the open source community!

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 9th February, 2010, 08:54 AM
chrisbard's Avatar
Benchmarker
 
Join Date: March 2003
Location: Earth
Posts: 8,252
Send a message via Yahoo to chrisbard

Red face

Quote:
Originally Posted by ccperf721p View Post
Sucks, you would think UAC would prevent malicious software from gaining the elevated privileges needed to turn it off. I actually thought that was the principle behind user access control..

I've been spending a lot of time in Windows these days. Every day it's something. Today it was having to log in under the admin account to check printer ink levels because someone at lexmark decided that was privileged information when they wrote the software...
What if I want to limit certain PC's from accessing the printer?
__________________
I've heard that linux community came up with better implemented security in it's latest Linux Mint Gold version, it's actually preventing the user to log in, thus posing 0 risk in contamining the computer with malware! Well done to the open source community!

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 9th February, 2010, 08:59 AM
PorPorMe's Avatar
Member
 
Join Date: January 2008
Location: Othello, Wa
Posts: 3,207

Quote:
Originally Posted by chrisbard View Post
I think you should read this
Trojan Horses - Why anti-virus software isn?t enough

BTW did u try to turn off your browser from taskmanager before killing your PC with a hard shut down? (which is never good tbh)
This is why I also run Malwarebytes Anti-Malware.

I did a hard shut down the second the browser wouldn't close. While you are right that it's hard on windows, and can cause it's own problems, stopping an ongoing attack is the better part of valor.
__________________
AOA Team fah


1ST * Asus M5A99FX Pro r 2.0 *AMD FX 8350 Black Edition *Cooler Master MasterLiquid 240 CPU Cooler * Crucial 16g DDR3 * MSI Geforce GTX 1050 * Antec 650w* Thermaltake V9 Case
2nd Asus M5A99fx Pro R2.0 Mainboard *AMD FX 4300 Black edition * l6g Crutial DDR3 * Evga Geforce Gt 730 * Coolermaster Dual fan HSF * 500w Thermaltake PSU * 320g western digital HDD


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 9th February, 2010, 09:19 AM
chrisbard's Avatar
Benchmarker
 
Join Date: March 2003
Location: Earth
Posts: 8,252
Send a message via Yahoo to chrisbard

Well I think you have overreacted. Next time open task manager kill whatever browser youre using from there. With the latest IE I am protected v. well and I can always reset it to factory settings if I smell something fishy going on.
__________________
I've heard that linux community came up with better implemented security in it's latest Linux Mint Gold version, it's actually preventing the user to log in, thus posing 0 risk in contamining the computer with malware! Well done to the open source community!

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #9 (permalink)  
Old 9th February, 2010, 11:06 AM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Having seen payloads where IE loads various different exploits which are designed to disable AV and other security software, I'm skeptical about anti-malware software. It isn't the solution really.

One of the reasons I say this is that each additional bit of software running on a machine increases the surface area of attack. Any vulnerability in it, and the software you're using to protect the machine is being used as part of an attack against the machine. Adding complexity to a system usually means there's more loopholes to attack.

Running as a non-administrator user is a good start (and painful too at points), as there's a lot of things that are closed off as a non-administrative user.
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #10 (permalink)  
Old 9th February, 2010, 09:08 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

The world continues it's downward spiral day by day! Good luck to all of us!!
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #11 (permalink)  
Old 9th February, 2010, 10:18 PM
PorPorMe's Avatar
Member
 
Join Date: January 2008
Location: Othello, Wa
Posts: 3,207

Quote:
Originally Posted by chrisbard View Post
Well I think you have overreacted. Next time open task manager kill whatever browser youre using from there. With the latest IE I am protected v. well and I can always reset it to factory settings if I smell something fishy going on.
You are probly right. On rethinking the situation, I should have just unplugged the modum and then gone through the scanners, just as quick and decisive. That would have done the same job.
__________________
AOA Team fah


1ST * Asus M5A99FX Pro r 2.0 *AMD FX 8350 Black Edition *Cooler Master MasterLiquid 240 CPU Cooler * Crucial 16g DDR3 * MSI Geforce GTX 1050 * Antec 650w* Thermaltake V9 Case
2nd Asus M5A99fx Pro R2.0 Mainboard *AMD FX 4300 Black edition * l6g Crutial DDR3 * Evga Geforce Gt 730 * Coolermaster Dual fan HSF * 500w Thermaltake PSU * 320g western digital HDD


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #12 (permalink)  
Old 10th February, 2010, 08:53 AM
ThunderRd's Avatar
Irreverent Query Chairman
 
Join Date: June 2007
Location: NYC native in northern Thailand
Posts: 2,241

The solution for me. I swear by this software for several years now, and have recommended it here before.

Adware ,Spyware,Virus and Firewall Info
__________________
#1: Tt Armor, ASUS Maximus Extreme, QX9650@4.1G, 8G Corsair Dominator GT DDR3-2000, Corsair HX1050, H2O-Swiftech, Gigabyte GTX470/Arctic Accelero Xtreme Plus II, Intel 520 SSD, Kingston SSD, 2xRaptor 150G RAID0, Win 7 Pro 64
#2: Tt Shark, ASUS P5Q Pro Turbo, Q6600@3.8G, 4G HyperX-1600, Corsair HX850, CoolerMaster V10, 2xASUS 9600GT, 2xRaptor 74G RAID0, OCZ Vertex 4 SSD, Gentoo/siduction Linux [64-bit]
#3, #4: Opteron 170@2.75G nude, A8N-SLI Deluxe, Gentoo

AOA Folding @HomeOur sister site: www.gamersonlinux.com
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
User account slowdowns Samuknow AMD Motherboards & CPUs 5 21st January, 2008 09:47 AM
Turned out nice danrok Digital Image, Photo, Video and Audio Editing. 30 12th March, 2007 06:31 PM
New phishing Trojan found Daniel ~ Data Security 0 9th August, 2006 04:02 PM
I Turned Green!! RussianMissile1 ThunderRd's AOA FOLDING@HOME Team 13 8th August, 2004 05:41 AM
img code turned off? Phiber Random Nonsense! 4 17th December, 2001 02:59 AM


All times are GMT +1. The time now is 08:22 PM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0