NT AUTHORITY is taking over the security settings etc.

Ben-hacked · Guest

anybody out there have any experience with packet sniffers, nt access, security settings being changed to lock out local logon. I think we were hacked by pros. This thing "nukes registry keys" like windows update does. It was running in our system invisibly for an unknown time. stumbled upon some odd things while configuring a raid controller. found hidden devices such as "virtual network controller"controlled by nt authority attempts at disabling these prompt the system to change access to nt authority,it disables admin account and eventually disables all local logons... one computer on this system is compromised to the point that it seems to beconstantly accessing the internet both downloading and uploading (undoubtably runnig either an ad server or spam) each computer has strange logs on notepad files in vey strange places I can give more specifics if anyone is interested or has any ideas thanks...

Dan · Guest

I have the same thing here

John · Guest

Here is more info that may help you find the features you want .

Security Ports

http://grc.com/su-fixit.htm

http://grc.com/su-bondage.htm

http://grc.com/lt/leaktest.htm

http://grc.com/xpdite/xpdite.htm

http://www.ultratech-llc.com/KB/ASP/Fil...Listen.TXT

http://www.hsc.fr/ressources/breves/min...in.en.html

What can you do to protect yourself?
There is no better defense than knowledge. Acquiring the knowledge you need to defend yourself
against the bad guys on the Internet will not be instantaneous, but, thanks to this web site
. . . at least it's free!

http://lists.gpick.com/portlist/portlist.htm

http://www.iana.org/assignments/port-numbers

PORT NUMBERS
The port numbers are divided into three ranges: the Well Known Ports, the Registered Ports, and the Dynamic and/or Private Ports.

======================================

Qwik-Fix
http://www.all4you.dk/FreewareWorld/lin...=8&cat=006
http://www.pivx.com/qwikfix/
Qwik-Fix provides another layer of essential security by closing off the pathways that worms and viruses use to penetrate your PC.. It does not affect any of your virus programs, firewall or other programs. Had users installed Qwik-Fix on their PCs, the recent LovSan/MS Blaster worm and the Sobig virus would have had no impact on them. And, it will close the doors that the next worm will try to enter thru to infect and spread its payload.
Qwik-Fix is a product of PivX LABS, and results from our work with some of the largest companies in the world. PivX is a premier security research company which has focused its security research efforts on Mocrosofts WindowsŽ and its ubiquitous Internet browser, Internet Explorer. PivX and its worldwide network of security researchers has located, tested and verified hundreds of security vulnerabilities in Internet Explorer alone. As a public service, PivX has also maintained a FREE public online listing of the vulnerabilities that were patched and those that remained Unpatched. Now we have developed Qwik-Fix, a tool which helps protect your PC from these risky vulnerabilities.
Qwik-Fix is designed to pro-actively prevent known software vulnerabilities in Windows and Internet Explorer from being exploited by malicious hackers, virus writers and worm writers. Qwik-Fix is simple to use, Qwik-Fix is easy to download and install. Qwik-Fix is dynamic in that it serves as a temporary fix to known vulnerabilities until Microsoft releases a periodic monthly cumulative patch or a new Service Pack. As we find new vulnerabilities our subscribers will be updated immediately, thus staying one step ahead of the bad guys.

==================================

Online - Audit My PC.com
http://www.all4you.dk/FreewareWorld/links.php?cat=024005
http://www.auditmypc.com/
Your free online security audit, firewall test and research center. Your security test and port scan starts here.
Audit your firewall with a free online Firewall Test, Port Scan and Privacy Test that provides immediate results designed to promote security awareness and help secure your firewall. Port Scan all 65,535 tcp ports or choose your port scan range!

==================================

DCOMbobulator
http://grc.com/dcom/
Effortlessly Tame Windows Dangerous DCOM Facility by Steve Gibson, Gibson Research Corporation.
Microsoft's DCOM security patch leaves DCOM running, open, and waiting for the next malicious exploit.
Our 29 kbyte "DCOMbobulator" allows any Windows user to quickly check their system's DCOM vulnerability, then simply shut down the unnecessary DCOM security risk.

========================================

Safe XP

http://free.hostdepartment.com/t/theorica/safexp.htm

http://free.hostdepartment.com/t/theorica/SafeXPHelp.htm

http://www.softcities.com/Safe-XP/download/10988.htm

http://freewebhosting.hostdepartment.co...wnload.htm


	Home ˇ Topics ˇ Submit News ˇ Top 10 This entire site, Cops Themes, and Computer Cops are Š 2002 - 2004 Computer Cops, LLC. All rights reserved. You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0. Acceptable Use Policy. Use signifies your agreement. Engine Copyright Š 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member. Paul Laudanski, Member of Computer Cops, LLC Server Load: 1141 pages served in previous 5 minutes. Page Rendered: 0.335 seconds.