1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Vulnerable XP - Can I plug the holes?

Discussion in 'Windows & Other Software' started by ozzy, 23 Jul 2006.

  1. ozzy

    Gangster

    Joined: 14 Apr 2003

    Posts: 170

    Location: Kent

    I was working away and the weirdest thing happend - the Run dialog box popped up and then disappeared, then another box popped up and it looked like it was installing something.

    At that point the alarm bells were ringing and I fired up every spyware app I had.. any, it turns out some evil little spyware was installed.

    My point is, I thought my machine was pretty secure - I use NOD32 and the XP Firewall, how the hell can someone be able to remotely fire up the Run dialog box and execute an exe file?

    Is there anything I can do to stop this happening again? If I hadn't of noticed it I would be none the wiser :eek:

    Thanks

    Edit: Oh, and I've read the sticky guide too :)
     
    Last edited: 23 Jul 2006
  2. chimaera

    Mobster

    Joined: 17 Aug 2004

    Posts: 3,511

    Location: Houston, TX

    You've got NOD32 and WinFirewall but do you have any dedicated sypware programs like spybot, spywareblaster or adaware? if not then i would get those straight away.

    I find that a nice and simple combination of those, a good AV program, a router and regular updating keeps my PC pretty tight, been a good 8 months since anything got through.
     
  3. lokkers

    Wise Guy

    Joined: 1 Mar 2004

    Posts: 1,930

    Location: Farnborough, Hants

    is XP service packed, and have you got all the updates? Have you got all the latest updates for any other apps too (like Office)?
     
  4. wannabedamned

    Capodecina

    Joined: 27 Mar 2004

    Posts: 14,087

    Location: Between Realities

    Not much to add.

    Service Pack 2 is a must these days, So hopefully you have that installed.

    Spyware Blaster doesn't run resident so download, update and run that. Will keep out known spyware.

    And then get both adaware and spybot and do fortnightly checks. Or as often as you please :p

    Also run Microsoft update and check you have the latest security updates.

    --

    Nice new program, Although its only beta, Is windows defender.

    The tools option with in windows defender is great. It lets you view running processes, and Startup Applications. Also tells you a little bit about each process and tells you what programs are part of windows operating system, And which bits arent.
     
  5. ozzy

    Gangster

    Joined: 14 Apr 2003

    Posts: 170

    Location: Kent

    Yea everything is up to date, SP2, windows updates - I've got both Spybot & Adware installed.

    The only I dont have at the moment is a router - which is something I've not got around to getting, but I guess nows the right time.

    Thanks for the comments.
     
  6. Dutch Guy

    Capodecina

    Joined: 18 Oct 2002

    Posts: 24,563

    Location: Amsterdam,The Netherlands

    What were you doing the time it happened?
     
  7. ozzy

    Gangster

    Joined: 14 Apr 2003

    Posts: 170

    Location: Kent

    Nothing, I was on the other machine at the time..

    I never run any dodgy apps on that machine, nor do I go to any dodgy sites - I dont use IE either.

    It's the first time I've ever seen that happen, which is why I was a bit :eek:
     
  8. lokkers

    Wise Guy

    Joined: 1 Mar 2004

    Posts: 1,930

    Location: Farnborough, Hants

    A router with NAT would be highly recommended too, as NAT offers an excellent hardware firewall between you and the internet. I have been running a router for years with no software firewall, and have, *touch wood*, never been infected by any nasties.
     
  9. ozzy

    Gangster

    Joined: 14 Apr 2003

    Posts: 170

    Location: Kent

    Yea I'm leaning towards getting a router... and a new gigabit switch while I'm at it.
     
  10. killer_uk

    OcUK Staff

    Joined: 12 Mar 2003

    Posts: 4,070

    Location: OcUK HQ

    I would format it as well, who knows what stuff they have done to your system.
     
  11. Una

    Wise Guy

    Joined: 26 Nov 2004

    Posts: 2,471

    Location: Reading / Lake District

    The thing is new exploits are getting released into the wild every day. Spyware/AntiVirus/M$ take time to patch the problems, often the problems are not known with 0day stuff because it is kept in private. There is not magic solution to protecting your PC, as recomended above getting a hardware router will add an extra layer of defence. If your computer has been hacked though and its not just some random spyware.. you really want to format it.
     
  12. markysparky

    Associate

    Joined: 10 Mar 2006

    Posts: 80

    Do away with XP's firewall and use something else, its like having no firewall at all. Anyhow take a look at this page to see how poorly sp2 firewall performs its shocking http://www.firewallleaktester.com/tests.php
     
  13. ozzy

    Gangster

    Joined: 14 Apr 2003

    Posts: 170

    Location: Kent

    Hmm, looking at that it doesn't even perform lol.

    Thanks for the link, I'll check some of them out.
     
  14. hp7909

    Soldato

    Joined: 8 Jun 2003

    Posts: 5,016

    Don't recommend XP Firewall if no router. You should consider getting something like ZoneAlarm Free ;)

    Also, another vote for Windows Defender (but not as your only spyware/malware program) :cool:
     
  15. Belly

    Wise Guy

    Joined: 25 Jun 2006

    Posts: 1,309

    Location: Somewhere East of Eden

    Can you recommend a router? (not sure what they are - hardware from reading the posts) do you know of any links?

    Thanx
     
  16. hp7909

    Soldato

    Joined: 8 Jun 2003

    Posts: 5,016

    Got a D-Link DI-624 I picked up for about £20 from that famous auction site :D Its a Cable/DSL router which I've used with NTL (cable) for about 4-months & now, for almost a year an ADSL connection :cool:

    This, this & that might be useful :D
     
    Last edited: 25 Jul 2006
  17. Fop

    Gangster

    Joined: 5 Sep 2005

    Posts: 345


    Firstly I'd get rid of XP Firewall and get a decent 3rd party one like Zonealarm Pro (it has other security features besides direct firewall ones - there are other good ones out there too though) Even if you get a hardware firewall it’s still worth having it.
    Make sure all your security patches are bang up to date.
    Run stuff like SpybotSD and Adaware reasonably regularly.
    Use Firefox rather than IE.
     
  18. tsinc80697

    Sgarrista

    Joined: 10 Apr 2006

    Posts: 7,791

    Location: North West

    might change my firewall by the looks of it keiro isn't too good :eek: