Re: Bummer
- From: Optician Dragon <dragonlensman1@xxxxxxxxxxx>
- Date: Thu, 15 Sep 2005 23:36:12 GMT
On Thu, 15 Sep 2005 17:13:16 -0500, Polychromic <macecil@xxxxxxxxxxx>
wrote:
>On Thu, 15 Sep 2005 21:42:37 GMT, Optician Dragon
><dragonlensman1@xxxxxxxxxxx> wrote:
>
>>On Thu, 15 Sep 2005 07:47:14 -0500, Polychromic <macecil@xxxxxxxxxxx>
>>a more restricted account and I may have stupidly left it logged in as
>>Administrator during maintenance, but I don't know how Norton allowed
>>itself to be turned off. The trojans found were Trojan.ByteVerify and
>>Trojan.Adclicker.
>
>Well, they are trojans so they didn't load themselves - I guess your
>recently fired employee was trying to load cracks or porn viewers.
The latter I suspect.
"You must load this to view page content" or somesuch.
I did check the trojans out at Symantec's site.
The
>Adclicker one is pretty harmless - it just tries to drive up click counts
>for pay per click type revenue. The BV is a RAT (remote access trojan).
>Since you don't know how long it has been on there
4 weeks today at 4:30 pm - a half hour after I left work.At least it's
only the once in the last 8 weeks.
or if the computer has
>been remotely accessed,
Dunno - I had just updated Zone Alarm the week before and since it's
insstall it's blocked over 2700 inbound attempts, all but a dozen or
so "high-rated". Scans with every vendor's online virus scans in Safe
Mode show nothing.All the data seems to be there. We tried recalling
some random ones from the medicaid program ( recently updated in Y2K
being a DOS program), and the Payroll Software has it's own additional
encryprion, without my password it can't be accessed anyway. (Gee do
you think he'll guess my password? 123456? That'll fool him won't it?)
I would take no chances. Format and reinstall is
>the safest way to go especially since this computer currently does have
>sensitive information. If you do a sfc /scannow, it will only check the
>Windows files (and you'll have to reinstall any patches since your base
>install) and it won't check other program files for integrity. If you
>have an image file you can do a binary comparison of the machine's files
>against, that would be one way to avoid a complete format and reinstall.
>But it will probably be faster and more certain to just do that.
Kicking myself for not Ghosting new images after the last F&I.
I do back up the data weekly, but only to a second PW-protected drive.
Maybe not secure enough. Maybe I should get a couple of removable
backup drives? Would Flash drives be considered reliable enough? The
actual data, not counting program amounts to only 250 Mb or so for
both. Heck I should just use CD's.
My guess is the stored image would still be good from the other drive,
but it is too old.
>>I did notice that he used a Guest account on the company's AOL to sign
>>on with, We removed his screen name a couple years ago after he got
>>AOL trojaned and sent out about 1kilospams before they cut off our
>>account. I must say now that AOL does a better job of spam filtering
>>and they check every attachment for viruses.
>>I still like t-bird.
>
>Remember, if a person has physical access to the machine that even a good
>admin password will not be safe. Mounting your computers in an
>air-conditioned computer closet (or a rack perhaps) behind an unbumpable
>lock would help make them more secure.
But my Taser guarded keyboard works flawlesslyyyyyyyyyyyyyyyyikes!!
--
Optician Dragon
-=UDIC=-
"There is no cause so right that one cannot find a fool following it."
Larry Niven
.
- References:
- Bummer
- From: Optician Dragon
- Re: Bummer
- From: Optician Dragon
- Bummer
- Prev by Date: Re: Bah, I need to sneak and lean!
- Next by Date: Re: Bah, I need to sneak and lean!
- Previous by thread: Re: Bummer
- Next by thread: Re: Bummer
- Index(es):
Relevant Pages
|
