Security
Microsoft Windows security board.
4673 topics in this forum
-
Protecting the Automatic Logon Password
by Guest simple_user- 3 replies
- 608 views
Hi there, I was trying to change the way of automatic logon. I wrote simple executable using LSA to set password by LsaStorePrivateData (). Then I deleted reg.key value ‘DefaultPassword’ I restarted PC (WindowsXP installed) but it didn’t get through – it show log-on dialog and I have to enter password manually. I thought that Winlogon should be able to retrieve ‘secret’ password and not to look for ‘DefaultPassword’ value. Do I missing something here? Any additional steps needs? Regards,
-
0.6629967 Now Look Here ... 0.801854
by Guest iwantsex@0.9005771nowathome.com- 2 replies
- 506 views
0.3852821 Now Look Here ... 0.9005771 0.6629967 Now Visit http://www.clicklinknow.com/ss/ 0.801854
-
Re: Find very quick method in detecting once the usb key is plugged
by Guest zhengshareware- 2 replies
- 509 views
The software removable storage guard is able to solve your problem. It protects you against all the threats via USB memory disk that try to attack your computer. Download link: http://www.download.com/Removable-Storage-Guard/3000-2239_4-10708709.html?tag=lst-0-2 http://www.tucows.com/software_detail.html?id=513961
-
Family Computer Accountability
by Guest Marco- 6 replies
- 652 views
We have teenagers at home and until recently, they have demonstrated to be trustworthy in not logging onto inappropriate websites. A couple of days ago, our daughter informed us that her brother was using our computer to visit x-rated sites. We don't want to challenge him about this until we have proof. Is there a software our there that we can install that will allow us to monitor sites that our computer has accessed? Thanks. -- Marco
-
Problem Event Name: BlueScreen
by Guest Cyberiade.it Anonymous Remailer- 7 replies
- 717 views
I'm sure this has probably been discussed before, but can anyone tell me what would cause this error message in a brand new Windows Vista (Gateway) desktop computer, and how exactly to get rid of it? I can't tell if it's spyware, a virus, or just something I might've done wrong. We just got connected to the hi-speed Internet, and surfed the web for only about five minutes, before the blue screen error appeared. Thnx, Kenny
-
Can't install security update for .NET Framework 2.0 928365 Win200
by Guest Sandy Wood- 6 replies
- 633 views
I've tried and tried to install, from Microsoft Update, the .NET Framework 2.0 update 928365 on one of my Windows 2003 R2 servers and it dies each time. I manually downloaded it at it threw this error at the end Error 25015. Failed to install assembly C:\winnt\microsoft.NET\Framework\v2.0.50727\System.Design.dll' because of system error: Access is denied. I'm logged in as a Domain Admin and the security on the folder/file looks good. Anyone seen this before? -- Sandy Wood Orange County District Attorney
-
Trojan Horse - HELP!
by Guest Brettster- 5 replies
- 659 views
Got this during a scan of my computer: infected: object C:\hp\bin\python-2.2.3.exe:\comparisons.html result: trojan horse PHP/MPack.B status: infected embedded object inefected: object C:\hp\bin\python-2.2.3.exe What can/should I do about this? Thanks for your help. Brett
-
firewall disabled by a virus
by Guest maurizio.tappi@gmail.com- 2 replies
- 502 views
Hi you all, I've a problem with my windows XP SP2 Home edition installed on a Toshiba satellite S2450-401. The problem is that the windows firewall get disabled by itself and when I try to activate it by the control panel it remains deactivated! Moreover there is a lot of cpu work (I can hear the fan going very fast) with one of the prcesses svchost.exe that I can see in task manager. I attach a log by hijackthis where the file jhapri.dll seems to me very malicious... Can anybody help me? Thanks in advance, Maurizio Logfile of HijackThis v1.99.1 Scan saved at 15.44.08, on 20/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explore…
-
I've been hacked 1 2
by Guest f4gib- 36 replies
- 2.1k views
Got the following message: Hello, your files are encrypted with RSA-4096 algorithm (http://en.wikipedia.org/wiki/RSA). You will need at least few years to decrypt these files without our software. All your private information for last 3 months were collected and sent to us. To decrypt your files you need to buy our software. The price is $300. To buy our software please contact us at: tristanniglam@gmail.com and provide us your personal code -1481374230. After successful purchase we will send your decrypting tool, and your private information will be deleted from our system. If you will not contact us until 07/15/…
-
NTOS.exe
by Guest James Matthews- 1 reply
- 489 views
I have been seeing a lot of this malware lately how about you guys. -- http://www.goldwatches.com/watches.asp?Brand=14
-
Null Sessions
by Guest Dan Moesch- 5 replies
- 611 views
I am trying to determine what is causing all of my W2K servers to be allowing "Null Sessions". I have changed the "restrictanonymous" reg values to 2 and check the local policy settings on the servers per this ms doc: http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b246261 Evidently something is still causing these servers to respond to "Null Sessions". The Windows 2003 servers that have the same GPO settings do not respond to the Null Session requests? Anyone ever see this before? Thanks! Dan
-
help...spyware
by Guest Me- 4 replies
- 603 views
ok, i somehow have accidently downloaded some spyware, I have the windows defender loaded now and i have scanned my entire system several times and gotten rid of about 4 viruses. The tool bar that came onto my computer with the virus continues to pop up though telling me i have spyware on my computer. Is it gone or not?...Windows is telling me my computer is fine but all these other messages keep comming up...i want to get rid of this tool bar but i don't kno how and i'm confused about whether these popups are just a scam or if windows has missed something please HELP!!!!!!!!!!
-
POPUPS
by Guest Bstonmike1- 5 replies
- 732 views
HELP !!!!!!!! No matter how many times I do spyware scan, adware scan Norton complete system scan I cant get rid of'em. just about everytime a pop appears norton gives me an alert saying that VUNDO was blocked. Evertime I do scans I find VUNDO. It's removed and then comes roaring back to mess up my life. I have given up and decided I need help with this. I am very scurity minded and am very P'd off that this has happened. Now the latest thins is this "http://llehs.com/go//?cmp=vm_mg_r&nid=ba&uid=623e7b2821cb11dcabf6f67602ffffff&guid=cea96cd44e0b4320a9e20541cbd7f988&affid=67602&lid=http&url=http:%2F%2Fmaps.google.com%2Fmapfiles%2Fhome3.h…
-
AVG conflict with Kaspersky?
by Guest Alan T- 10 replies
- 726 views
I installed AVG then install Kaspersky, during the Kaspersky installation asked me to uninstall AVG, it seems Kaspersky does not like AVG? However, if the other way around, installed Kaspersky first, then AVG, AVG did not complaint Kaspersky.
-
Greeting Cards?
by Guest W. Watson- 7 replies
- 649 views
I've been getting a fair number of supposed greeting cards of late. I don't open them, since they don't say who sent them. Is this a new way to send viruses? -- Wayne Watson (Nevada City, CA) Web Page: <speckledwithStars.net>
-
lass.exe
by Guest Alan T- 3 replies
- 589 views
Is there a way to remove this trojan?
-
webserver hacked
by Guest PV- 2 replies
- 422 views
Hi, I run a server with windows 2000 server. Today, all the sites were "hacked". Probably someone run a script that on all "folders" on webserver copy/changed the default web page. default.asp .cfm .htm .html .php index.asp .cfm .htm .html .php I didnt have all security patchs installed, i just installed them. Due firewall thing it doesnt do the updates automatic, i must do it manually. I delete afected folders and repost the backups i had. Everything running ok now. I think the flaw used was kb928366 from .net framework 1.1 - 10/07/2007 - i didnt have this one and some others also. Could i be right about the flaw used? If it happens again, …
-
Log in and log off times from Windows XP
by Guest Helmy- 2 replies
- 536 views
I want to find out how to find the log in and log off times for the last couple of days for all of the users on a stand alone laptop. I have tried to find this under "Computer Management" which I have accessed from "Start / Control Panel / Administrative Tools" but under "Event Viewer / Security" from the "Computer Management" option I seem to see a load of "Success Audit" info. from one day only (today 19.07.07) and no log in information from yesterday (18.07.07) which is the actual info. I am looking for. Also, a lot of the "Success Audit" info. I can see appears to be the same information repeated over and over again. Please help, I have already spent a…
-
SYSKEY question
by Guest Oscar P.- 1 reply
- 447 views
Does the enabling of a SYSKEY startup password realistically provide any greater security for a 2K3 domain controller SAM database against on-line attacks? It seems to me that, with the tools available today, if an attacker is able to remotely gain access to the SAM and key and copy them off to the mother ship for processing, it wouldn't matter whether SYSKEY was using a startup-provided password, or locally-stored password. Thanks Oscar
-
File encryption problem
by Guest Tim- 1 reply
- 447 views
Hi all ~ have had this happen twice now and I am afraid to use file encryption any longer. I set "File Encryption" on a folder and was able to get in and out with no problem. However, after a re-boot and logging in as the SAME user, I get access denied when attempting to open the folder! What am I doing wrong? Thanks Tim
-
Restoring EFS and Passwords
by Guest jwgoerlich@gmail.com- 8 replies
- 607 views
I am working with a single Windows Server 2003 computer. It is not part of an Active Directory domain. EFS is enabled and a couple users are encrypting their files. Full backups with system state are performed regularly using the default Windows Backup utility. About a week ago, a user forgot their password. The administrator reset it and, thus, locked them out of their EFS encrypted files. All attempts by the user and the administrator to open the files results in the "Access is denied" dialog box. My job is to find a way for the user to open them. I did restore system state and the encrypted files from a backup made a couple weeks before. The user, whose m…
-
hi
by Guest CooL Rule- 2 replies
- 489 views
hello all, I have been hacked my e-mail was stolen I want to bring it back but I forget the answer of the privacy question please can you send me a message about my information at my e-mail CooL_Rule_10@hotmail.com and thanks alot
-
Question about failed root CA and EFS
by Guest Graham- 0 replies
- 457 views
Enterprise Root CA on Windows Server 2003 Std - hard drive was removed from the server and stored in a locked cabinet. Just over two years ago, a certificate was created, which apparently allowed EFS in our domain. Last week, the certificate expired, and we stopped being able to set the encrypted flag on folders. We now see the message, "Recovery policy configured for this system contains invalid recovery certificate." All the KB docs says to renew the certificate, or issue a new one. We plugged in the hard drive from above, only to discover that it has failed, so we cannot renew this particular cert or revive the Root CA. I suppose we could create a …
-
Malware from MP3 player
by Guest Lauren- 10 replies
- 908 views
My apologies if this is the wrong group. I recently bought a Lasonic MP-02GY MP3 player from Fry's and have found it loads a program called jjjha.exe which appears to be sending information whenever a google search is done to a website in China. The device has an autorun inf which changes the right click menu for the drive and runs an exe on the root of the device. It loads a fake svchost file into Windows/inf and sets an autorun key. The svchost then loads and reloads the jjjha.exe which monitors the browser. Once you stop the svchost process it is not to bad to remove everything. I don't know where something like this should be reported. Thanks …
-
- 2 replies
- 543 views
Hi everyone, I hope someone can help me. I was cleaning up my WSUS and this problem popped up. Does anyone have information on a replacement of MS04-045 (KB870763) or why it has become invalid for Windows 2000 Server. Many thanks for your help! Greetings pso