Results 1 to 6 of 6

Thread: Big OOOPS with WinXP

  1. #1
    Senior Member
    Join Date
    Apr 2004
    Posts
    228

    Big OOOPS with WinXP

    OK, well not realy OK.

    I run an XP on my PC. It's all been going fine untill yesterday evening.

    As I think some one managed to dig their way into my PC, not sure how though. At the moment after updating my antivirus software (Avast) and runing AdAware in safe mode, I managed to get rid of the most of the crap on my PC.

    the problem is thogh, that something is still blocking autoupdates from switching back on, and I do get an odd window pop up offering me to download an antivirus software.

    Any ideas on what might it be and how to get rid of it?
    Don\'t post if you\'ve got nothing constructive to say. Flooding is annoying

  2. #2
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,187
    Try Malware Bytes:

    http://www.malwarebytes.org/

    Sounds like it might be antivirus 2009. I have been seeing that a lot lately. Then run Spybot Search and Destroy, to catch any stragglers.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  3. #3
    Banned
    Join Date
    Jan 2008
    Posts
    605
    antivirus 2009.
    Doesn't this thing use CreateProcess and the WriteProcessMemory API to force another process to keep itself running? Normal applications SHOULD NOT be able to call this stuff.

    When it's all said and done... you will want to have a good look at your policy editor.

  4. #4
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    I would suggest that maybe you grab your important doc's and just format and do a clean re-install.

    you might be able to get rid of most of the crap, but you will never know if there is still something hiding in the background.

  5. #5
    Senior Member
    Join Date
    Apr 2004
    Posts
    228
    Thank you all for your replyes.

    Real nice one by Westin, realy helped. I also ran it along side of AdAware in safe mode

    t34b4g5, your option would be fine if I only run a system for games, but it's also a dev system and I can't have it down for more then 12 hours at any one time. To fully restore all the right settings would take me a few days making my customers a bit pissed, and may be getting such a nice person as myself killed in the process
    I'm sure you wouldn't wish that to happen
    Don\'t post if you\'ve got nothing constructive to say. Flooding is annoying

  6. #6
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Smile

    Quote Originally Posted by nightcat View Post
    Thank you all for your replyes.

    Real nice one by Westin, realy helped. I also ran it along side of AdAware in safe mode

    t34b4g5, your option would be fine if I only run a system for games, but it's also a dev system and I can't have it down for more then 12 hours at any one time. To fully restore all the right settings would take me a few days making my customers a bit pissed, and may be getting such a nice person as myself killed in the process
    I'm sure you wouldn't wish that to happen
    If it is truly a Dev system then why on earth are you playing with it like it's a normal everyday system.

    You must of been download warez for something for it to get pwned/rooted ...

    i've never let a dev setup touch the interwebs and i sure as hell don't install any other software then the stuff that is required.

    You basically want a quick fix but at the end of the day how are you going to say that it's secure and there isn't some person stealing customer stuff straight off the system..

    just take an image of the dev system, throw that onto a spare machine, use the spare machine while you format and re-install the actual dev machine and you can always import settings over to and that way if it takes 12hours you still have the pwned machine to use..

    then once it's back up and running don't download anything un-needed onto the machine and make sure it's fully patched..

    cheers
    t34b4g5..

Similar Threads

  1. Dual Booting Winxp - Ubuntu 7.10 - Error 29
    By beee in forum Operating Systems
    Replies: 2
    Last Post: December 29th, 2007, 06:03 PM
  2. winXP Won't Network
    By Deaflamb in forum Newbie Security Questions
    Replies: 11
    Last Post: January 2nd, 2004, 07:11 AM
  3. My Installation Mess...WinXP & Redhat...pls help!
    By pctwister in forum *nix Security Discussions
    Replies: 5
    Last Post: May 21st, 2003, 11:02 AM
  4. bug in NORTON ANTIVIRUS FOR WINXP
    By hUNT3R in forum AntiVirus Discussions
    Replies: 1
    Last Post: May 2nd, 2003, 07:34 AM
  5. Bypass winxp screensaver...
    By hUNT3R in forum Microsoft Security Discussions
    Replies: 0
    Last Post: April 26th, 2003, 07:41 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •