Download TrojanHunter Now
Free 30-day trial!
Latest TrojanHunter Version:
TrojanHunter 5.0
Order Now
License file delivered within minutes.
Welcome, Guest. Please Login or Register.
Jul 4th, 2008, 2:56pm
   Mischel Internet Security Forum
   TrojanHunter
   TrojanHunter Scanner (Moderators: Helena, Gavin_Coe, Magnus)
   TH-n-Limited User		 « Previous topic | Next topic »
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print
   Author  Topic: TH-n-Limited User  (Read 155 times)
redwolfe_98
Veteran
*****





   
Email

Gender: male
 Posts: 560
TH-n-Limited User
« on: Mar 2nd, 2008, 5:33pm »		 Quote Quote  Modify Modify
hello.. is there a problem when trying to update TH from within a limited-user account?  
 
i ran the updater from within a limited-user account and it seemed to work, but i am not sure if it did or didn't..  
 
TH says that it has the latest updates, but i am not sure that i actually have the latest malware-definitions, despite what TH is saying since i was running as a limited-user when i ran the updater..i am not sure that, when running in a limited-user account, windows would allow the latest malware-databases to be "written" into the TH ruleset-folder in c/program files..  
 
incidentally, i am running TH build 4.7..  
 
update: i tried testing TH with the "trojansimulator"-while in a limited-user account.. one minor problem there was that the trojansimulator couldn't "install" while in the limited-user account.. still, TH flagged "simulator.100", whatever it was called.. i guess that was the "tsserv.exe" process that was being flagged.. i had THGuard set to not automatically remove trojans so i manually selected for THGuard to remove the trojan.. there was a problem there.. since i was using a limited-user account at the time, windows would not allow THGuard to "quarantine" the file.. consequently, the file was not removed or quarantined, though apparently the tsserve.exe process was killed, at least, it wasn't running when i checked..
 
so, this demonstrates my concern about whether or not the updater would be able to "write" to the "ruleset folder", in "c/program files/trojanhunter"..  
 
i rebooted into safe mode so that i could adjust the "permissions" for TH's "quarantine" folder, so that THGuard, hopefully, will now be able to "quarantine" any "trojans" that it flags..  
 
while i was at it, i checked the permissions for the "ruleset" folder.. interestingly, it already had full permissions for the limited-user account.. Smiley apparently, that allowed the updates to work from within a limited-user account.. still, it is curious that the ruleset-folder already had full permissions for the limited-user account.. you wouldn't expect the folder to have those settings, not without the "administrator's" adjusting them and making them that way..  
« Last Edit: Mar 2nd, 2008, 9:11pm by redwolfe_98 » IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5462
Re: TH-n-Limited User
« Reply #1 on: Mar 3rd, 2008, 1:14am »		 Quote Quote  Modify Modify
When you update using a limited user account, does your info under "details" after clicking on the Trojan icon on the left menu bar with TH scanner show the info below?  This is the latest rulesets as of this posting.  
 
Quote:
+-- General ---------------------------------
Ruleset datestamp    : 2008-03-02
Scan kernel     : 5.0 (Aurelius)
Ruleset entries      : 160217
Trojan definitions   : 62186
Detection rules      : 160217
 
+-- Loaded rule files -----------------------
 
     0: Cumulative20060322.trf
     1: G20060322_0800.trf
     2: G20060331_0444.trf
     3: G20060409_1917.trf
     4: G20060417_1740.trf
     5: G20060422_1609.trf
     6: G20060429_0134.trf
     7: G20060504_0530.trf
     8: G20060510_1522.trf
     9: G20060520_0846.trf
    10: G20060528_2029.trf
    11: G20060606_0904.trf
    12: G20060612_2002.trf
    13: G20060619_2213.trf
    14: G20060627_1340.trf
    15: G20060707_1649.trf
    16: G20060717_2356.trf
    17: G20060728_1243.trf
    18: G20060807_1400.trf
    19: G20060817_1509.trf
    20: G20060825_1530.trf
    21: G20060902_1407.trf
    22: G20060911_1127.trf
    23: G20060919_1438.trf
    24: G20060928_1013.trf
    25: G20061005_1432.trf
    26: G20061012_2234.trf
    27: G20061023_1121.trf
    28: G20061030_1702.trf
    29: G20061107_1033.trf
    30: G20061116_0952.trf
    31: G20061125_1021.trf
    32: G20061203_0254.trf
    33: G20061212_2302.trf
    34: G20061220_1027.trf
    35: G20061228_1031.trf
    36: G20070104_1030.trf
    37: G20070111_1513.trf
    38: G20070119_1149.trf
    39: G20070125_1420.trf
    40: G20070203_1141.trf
    41: G20070210_1039.trf
    42: G20070218_1105.trf
    43: G20070226_2039.trf
    44: G20070306_1255.trf
    45: G20070314_0833.trf
    46: G20070322_1154.trf
    47: G20070402_1157.trf
    48: G20070411_1534.trf
    49: G20070420_1145.trf
    50: G20070428_1233.trf
    51: G20070506_1124.trf
    52: G20070513_1209.trf
    53: G20070524_1054.trf
    54: G20070529_2214.trf
    55: G20070604_1137.trf
    56: G20070613_1102.trf
    57: G20070621_2034.trf
    58: G20070629_1051.trf
    59: G20070708_2040.trf
    60: G20070717_1120.trf
    61: G20070727_1137.trf
    62: G20070805_1157.trf
    63: G20070813_1018.trf
    64: G20070821_0541.trf
    65: G20070902_1137.trf
    66: G20070914_0811.trf
    67: G20070925_1425.trf
    68: G20071005_1617.trf
    69: G20071015_1518.trf
    70: G20071029_1142.trf
    71: G20071114_1753.trf
    72: G20071126_1231.trf
    73: G20071209_1219.trf
    74: G20071220_1307.trf
    75: G20080104_1125.trf
    76: G20080116_1312.trf
    77: G20080131_1229.trf
    78: G20080213_1424.trf
    79: G20080224_1244.trf
    80: M20060322_0800.trf

 
To the best of my knowledge, LiveUpdate should work under a limited user account on your V4.7.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
redwolfe_98
Veteran
*****





   
Email

Gender: male
 Posts: 560
Re: TH-n-Limited User
« Reply #2 on: Mar 3rd, 2008, 12:54pm »		 Quote Quote  Modify Modify
hey siliconman.. it looks like the updates are working from within my limited-user account..  
 
i am curious how the ruleset-folder that contains the rulesets had full permissions without my having adjusted them..
 
thanks
« Last Edit: Mar 3rd, 2008, 12:54pm by redwolfe_98 » IP Logged
siliconman01
Global Moderator
*****



Trojans! Chew 'em Up, Spit 'em Out...

   


Gender: male
 Posts: 5462
Re: TH-n-Limited User
« Reply #3 on: Mar 3rd, 2008, 1:12pm »		 Quote Quote  Modify Modify
I suspect that Magnus had the TH installer change the permissions when you installed TH in order to make LiveUpdate run on limited user accounts.  Either that or LiveUpdate silently does it on each execution when updates are available.
IP Logged
______
TrojanHunter V5.0.962...No. 1 AT in my Book and on my Box!
Pages: 1  Reply Reply  Notify of replies Notify of replies   Send Topic Send Topic   Print Print

« Previous topic | Next topic »
Search
Members
Login
Register