Hello all,
I do full scan using latest updated Malwarebytes this weekend about few days ago.. Found NOTHING wrong with it at all.. Malwarebytes claims to be able to detect the "SecurityTool" vrius, thus this rules out the theory that my virus was lying dormant for months on end, etc..
So therefore this had to be a recent infection..
My computer is Windows XP Pro and I have it LOCKED DOWN (meaning I don't use admin profile, admin profile has long password, and I'm using only the "User" level with no admin privileges..) Two other people share this home computer, they are mostly computer illiterate and do NOT know my admin password..
Suffice it to say, this morning everything was working as normal, and tonight I come home to find this extremely nasty "SecurityTool" virus, could not get rid of it.. (can't even open regedit or notepad, the whole thing just takes control and comes to the forfront again..) so I had to do a complete reformat..
My question is, if just two days ago I did complete full scan with Malwarebytes (and I'm thinking Malwarebytes can find "securitytool" virus..) and I have my computer LOCKED DOWN with no admin or even power user privileges how did this virus find its way on my computer? How does it have rights to install itself and hijack my XP system?
Anyone?
The really funny/strange thing is, I set my AT&T 2wire network to as secure as possible, I have also set the freaking Windows XP firewall to block all unknown and DO not allow exceptions..
I am 100% sure my Windows user account is locked down with only bare minimum user privileges (no admin) and the default admin account is chained with a STRONG password.. No one else knows this password.
How can this happened?!?!?!
When I set my account to "user" mode with no poweruser or admin access privileges I can't even change the system time, I can't even install any programs or access the program files/ windows/ system32 directories to make any changes to any files..
So how is it possible that virus install itself? Does virus have root access somehow?!?! So if a virus can gain admin access even on a locked account then does that mean it is possible to make a program that can do things on locked account that has equal power of admin account?!
What happened to rings of execution privileges? What is the point of admin/user account differentiation if the security can be bypassed so easily?
I'm saying I had my system on locked down.. user access .. no admin no privileges.. How would the XP kernel even allow virus to do such a thing?
I do full scan using latest updated Malwarebytes this weekend about few days ago.. Found NOTHING wrong with it at all.. Malwarebytes claims to be able to detect the "SecurityTool" vrius, thus this rules out the theory that my virus was lying dormant for months on end, etc..
So therefore this had to be a recent infection..
My computer is Windows XP Pro and I have it LOCKED DOWN (meaning I don't use admin profile, admin profile has long password, and I'm using only the "User" level with no admin privileges..) Two other people share this home computer, they are mostly computer illiterate and do NOT know my admin password..
Suffice it to say, this morning everything was working as normal, and tonight I come home to find this extremely nasty "SecurityTool" virus, could not get rid of it.. (can't even open regedit or notepad, the whole thing just takes control and comes to the forfront again..) so I had to do a complete reformat..
My question is, if just two days ago I did complete full scan with Malwarebytes (and I'm thinking Malwarebytes can find "securitytool" virus..) and I have my computer LOCKED DOWN with no admin or even power user privileges how did this virus find its way on my computer? How does it have rights to install itself and hijack my XP system?
Anyone?
The really funny/strange thing is, I set my AT&T 2wire network to as secure as possible, I have also set the freaking Windows XP firewall to block all unknown and DO not allow exceptions..
I am 100% sure my Windows user account is locked down with only bare minimum user privileges (no admin) and the default admin account is chained with a STRONG password.. No one else knows this password.
How can this happened?!?!?!
When I set my account to "user" mode with no poweruser or admin access privileges I can't even change the system time, I can't even install any programs or access the program files/ windows/ system32 directories to make any changes to any files..
So how is it possible that virus install itself? Does virus have root access somehow?!?! So if a virus can gain admin access even on a locked account then does that mean it is possible to make a program that can do things on locked account that has equal power of admin account?!
What happened to rings of execution privileges? What is the point of admin/user account differentiation if the security can be bypassed so easily?
I'm saying I had my system on locked down.. user access .. no admin no privileges.. How would the XP kernel even allow virus to do such a thing?
Last edited: