Vulnerable XP - Can I plug the holes?

Associate
Joined
14 Apr 2003
Posts
170
Location
Kent
I was working away and the weirdest thing happend - the Run dialog box popped up and then disappeared, then another box popped up and it looked like it was installing something.

At that point the alarm bells were ringing and I fired up every spyware app I had.. any, it turns out some evil little spyware was installed.

My point is, I thought my machine was pretty secure - I use NOD32 and the XP Firewall, how the hell can someone be able to remotely fire up the Run dialog box and execute an exe file?

Is there anything I can do to stop this happening again? If I hadn't of noticed it I would be none the wiser :eek:

Thanks

Edit: Oh, and I've read the sticky guide too :)
 
Last edited:
Soldato
Joined
17 Aug 2004
Posts
3,511
Location
Houston, TX
You've got NOD32 and WinFirewall but do you have any dedicated sypware programs like spybot, spywareblaster or adaware? if not then i would get those straight away.

I find that a nice and simple combination of those, a good AV program, a router and regular updating keeps my PC pretty tight, been a good 8 months since anything got through.
 
Soldato
Joined
27 Mar 2004
Posts
14,081
Location
Between Realities
Not much to add.

Service Pack 2 is a must these days, So hopefully you have that installed.

Spyware Blaster doesn't run resident so download, update and run that. Will keep out known spyware.

And then get both adaware and spybot and do fortnightly checks. Or as often as you please :p

Also run Microsoft update and check you have the latest security updates.

--

Nice new program, Although its only beta, Is windows defender.

The tools option with in windows defender is great. It lets you view running processes, and Startup Applications. Also tells you a little bit about each process and tells you what programs are part of windows operating system, And which bits arent.
 
Associate
OP
Joined
14 Apr 2003
Posts
170
Location
Kent
Yea everything is up to date, SP2, windows updates - I've got both Spybot & Adware installed.

The only I dont have at the moment is a router - which is something I've not got around to getting, but I guess nows the right time.

Thanks for the comments.
 
Associate
OP
Joined
14 Apr 2003
Posts
170
Location
Kent
Nothing, I was on the other machine at the time..

I never run any dodgy apps on that machine, nor do I go to any dodgy sites - I dont use IE either.

It's the first time I've ever seen that happen, which is why I was a bit :eek:
 
Associate
Joined
1 Mar 2004
Posts
1,930
Location
Farnborough, Hants
A router with NAT would be highly recommended too, as NAT offers an excellent hardware firewall between you and the internet. I have been running a router for years with no software firewall, and have, *touch wood*, never been infected by any nasties.
 

Una

Una

Associate
Joined
26 Nov 2004
Posts
2,471
Location
Reading / Lake District
ozzy said:
At that point the alarm bells were ringing and I fired up every spyware app I had.. any, it turns out some evil little spyware was installed.

My point is, I thought my machine was pretty secure - I use NOD32 and the XP Firewall, how the hell can someone be able to remotely fire up the Run dialog box and execute an exe file?

The thing is new exploits are getting released into the wild every day. Spyware/AntiVirus/M$ take time to patch the problems, often the problems are not known with 0day stuff because it is kept in private. There is not magic solution to protecting your PC, as recomended above getting a hardware router will add an extra layer of defence. If your computer has been hacked though and its not just some random spyware.. you really want to format it.
 
Soldato
Joined
8 Jun 2003
Posts
4,961
Location
NBO
Belly said:
Can you recommend a router? (not sure what they are - hardware from reading the posts) do you know of any links?

Thanx
Got a D-Link DI-624 I picked up for about £20 from that famous auction site :D Its a Cable/DSL router which I've used with NTL (cable) for about 4-months & now, for almost a year an ADSL connection :cool:

This, this & that might be useful :D
 
Last edited:

Fop

Fop

Associate
Joined
5 Sep 2005
Posts
345
ozzy said:
My point is, I thought my machine was pretty secure - I use NOD32 and the XP Firewall, how the hell can someone be able to remotely fire up the Run dialog box and execute an exe file?

Is there anything I can do to stop this happening again? If I hadn't of noticed it I would be none the wiser :eek:


Firstly I'd get rid of XP Firewall and get a decent 3rd party one like Zonealarm Pro (it has other security features besides direct firewall ones - there are other good ones out there too though) Even if you get a hardware firewall it’s still worth having it.
Make sure all your security patches are bang up to date.
Run stuff like SpybotSD and Adaware reasonably regularly.
Use Firefox rather than IE.
 
Back
Top Bottom