pultneytooner
21-Sep-06, 13:30
Another trojan? Who cares? They do -- take care of themselves first, then they're going to 'take care' of you! "Recently a trojan was seen to take advantage of Encrypting File System (EFS) to protect itself & execute with administrative privileges. The trojan creates an administrator login account with a random name and random password. Using this login key pair it then encrypts the downloader component that it drops. It then creates a service that points to the encrypted file:
Link......... (http://www.avertlabs.com/research/blog/?p=77)
One defence against auto-installation of malware is to make sure that your "everyday" user account does not have administrative privileges. Remember, only an adminsitrator can install certain types of software, modify the registry, modify the OS, create user accounts with administrator privileges, etc.
It's much better to just run as an ordinary user most of the time, and switch to an administrative account occasionally when required.
Oh, and make sure that all accounts on the machine, not just the administrators, have strong passwords.
Link......... (http://www.avertlabs.com/research/blog/?p=77)
One defence against auto-installation of malware is to make sure that your "everyday" user account does not have administrative privileges. Remember, only an adminsitrator can install certain types of software, modify the registry, modify the OS, create user accounts with administrator privileges, etc.
It's much better to just run as an ordinary user most of the time, and switch to an administrative account occasionally when required.
Oh, and make sure that all accounts on the machine, not just the administrators, have strong passwords.