Soldato
- Joined
- 16 Jan 2003
- Posts
- 10,882
- Location
- Nottingham
Just out of interest, was UAC enabled or disabled?
Just got hit by nasty virus!
- Thread starter opethdisciple
- Start date
Soldato
- Joined
- 5 Jul 2005
- Posts
- 2,985
What browser were you using out of interest?
- Joined
- 18 May 2010
- Posts
- 23,677
- Location
- London
I tried all the different version of rkill, it blocked all of them!
I'm reformatting now....
Soldato
- Joined
- 23 Dec 2009
- Posts
- 18,265
- Location
- RG8 9
Jeez. That sucks.
Soldato
- Joined
- 31 May 2009
- Posts
- 21,468
What browser were you using?
Is it patched and up to date?
What programs require java, any updated versions of them that can run within a secure environment?
It is possible you have been hit by something close to zero day which is exploiting
http://arstechnica.com/security/2012/08/critical-java-exploit-spreads/
a mess within java even while up to date.
Unsure if Java has been patched in last couple of days, but exploits for this flaw are out there.
There are also some issues with disabling java
http://www.informationweek.com/secu...va-zero-day-attack-second-bug-found/240006431
have a good read at that for some tips.
Is it patched and up to date?
What programs require java, any updated versions of them that can run within a secure environment?
It is possible you have been hit by something close to zero day which is exploiting
http://arstechnica.com/security/2012/08/critical-java-exploit-spreads/
a mess within java even while up to date.
Unsure if Java has been patched in last couple of days, but exploits for this flaw are out there.
There are also some issues with disabling java
http://www.informationweek.com/secu...va-zero-day-attack-second-bug-found/240006431
have a good read at that for some tips.
- Joined
- 18 May 2010
- Posts
- 23,677
- Location
- London
Everything was patched and fully uptodate. I was and still am running Firefox.
I have ditched AVG and gone with MSE and comodo personal firewall.
Oracle have released a patch for the latest java. I have since disable java in the broswer and left UAC on default, where before I used to turn it off!!
- Joined
- 18 May 2010
- Posts
- 23,677
- Location
- London
disabled
Personal opinion, but AVG sucks! AFAIK the definition updates are delayed for the free version. It's got (or had last time I looked at it) very little in the way of options to change, not that you should need to from an AV program.
I personally use Nod32, but I do keep hearing good things about MSE and have it installed on one of my machines (that doesn't get switched on very often
)
Don't know why you'd disable UAC either! There's no good reasons to, and many reasons not to!
I personally use Nod32, but I do keep hearing good things about MSE and have it installed on one of my machines (that doesn't get switched on very often
)Don't know why you'd disable UAC either! There's no good reasons to, and many reasons not to!
- Joined
- 18 May 2010
- Posts
- 23,677
- Location
- London
Would UAC have stopped the trojan horse from installing tho?
It managed to escape AVG, even tho AVG detected it, and said it quarantined the file.
Last edited:
Ouch. You 0wned your system. A virus with user privileges is much easier to contain.
Soldato
- Joined
- 31 May 2009
- Posts
- 21,468
Had you UAC off?
Where did it install to?
If it was a main folder then one would suspect it would have been stopped.
Main issues arise now on now 7 machines and those without UAC.
Where did it install to?
If it was a main folder then one would suspect it would have been stopped.
Main issues arise now on now 7 machines and those without UAC.
I run firefox with noscripts and MSE. Have spybot S&D with updated blacklists of sites and the usual array of stuff on standby (Malware bytes, hijack this etc), UAC enabled. Yet to have an issue. I'm sure it will happen but things seem pretty tight at the moment.
I think the next major issue I get I'll bite the bullet and run web browser etc from a virtual machine
I think the next major issue I get I'll bite the bullet and run web browser etc from a virtual machine
Soldato
- Joined
- 23 Dec 2009
- Posts
- 18,265
- Location
- RG8 9
Whilst we are on the subject, Comodo Dragon looks interesting.
http://www.comodo.com/home/browsers-toolbars/browser.php
http://www.comodo.com/home/browsers-toolbars/browser.php
I got this the other day, no idea where from using Firefox. I don't have UAC enabled because I just find it a pain in the ass most of the time.
Safe mode w/networking and malwarebytes sorted it out though. First time I've ever had a virus but it was easy to sort out.
Safe mode w/networking and malwarebytes sorted it out though. First time I've ever had a virus but it was easy to sort out.
Really? I only ever really see it if I'm installing something? Doesn't bother me in the slightest. It's not like it's there in my face the whole time I'm on the PC.
It might have done, it might not. It depends on how how your system was exploited. It's worth pointing out though that there are two people in this thread who got infected by this and both had UAC disabled.
Security isn't just one thing, it's a system of best practices and not running as full administrator all the time is just bread & butter policy and it's as old as the hills.
Standard Chrome is fine.
Yeah. It's a little amusing. I'll link people to this thread the next time the UAC debate comes up.