Results 1 to 11 of 11

Thread: How did I get infected so quickly?

  1. #1
    Bronze Member
    Join Date
    Sep 2004
    Posts
    126

    How did I get infected so quickly?

    Just reformatted my system and re-installed XP. Once the install was complete, I thought it would be a good idea to update XP (windows update) before I installed any other programs.

    So before having any other program installed (no fire wall, no antivirus, nothing) I went online to the Windows Update site and I instantly got hit with adware, "PopUpBlocker6.exe" to be exact and other viruses. I also got several pop up dialogue boxes telling me that the registry was "damaged" and directing me to a website to have it "fixed for free".

    I went off line, installed Norton IS, NAV and Adaware. NAV found nothing after a scan, neither did Adware (which was updated). However, NIS was continuously capturing attempts of spyware and dialers trying to log on and send me to websites.

    I deleted all the offending programs, once off line.

    My question is, how did I get infected with so many so fast. I was online for less than an hour with a dial up connection.

    Halder

  2. #2
    Hardware guy Super Moderator FastGame's Avatar
    Join Date
    Apr 2002
    Location
    Blasters worm farm
    Posts
    3,416
    Thats the way it is now-a-days fun isn't it...

    Format, install OS then drivers, install Firewall & AV and anti-spyware then go get updates is usally the best idea in this crazy world.

  3. #3
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,546
    after initial install i enable xp firewall first

    then i do updates
    ------------------------------------------------------------



  4. #4
    Bronze Member
    Join Date
    Sep 2004
    Posts
    126
    It was quite unreal. I always thought you had to be on specific sites to be hijacked by spyware but it seems that just simply being online, does it.
    Crazy!

    Halder

  5. #5
    Banned
    Join Date
    Feb 2005
    Posts
    636
    thats pretty crazy it never hapened 2 me. Probably sumthing else if affected in ur pc besides ur hardrive.

  6. #6
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    If you look in your firewall log - if it has one - you will see many scans on ports 445,135,137,138,139,1026 and 1027 sometimes many times a minute. This is other peoples infected systems looking for a new victim to exploit. Some are virii some are hacktools which have the exploit and infection code programmed into them. They are mainly looking for unpatched Windows XP sp0 or sp1 systems which can be infected through either DCOM or RPC exploits but many other exploits for virii infected systems also exist. You don't even need to have IE open at all to become infected - so always enable the firewall before you go online.
    I'm using Windows 7 - you got a problem with that?

  7. #7
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    Yep, new installs of XP or SP1 will have blaster and Sasser vulnerabilities... average is less than 7 minutes to get infected... best deal these days are slipstreamed XP SP2 cd or I always have a USB flash disk with me, with DCOM / RPC patches

    --- 0wN3D by 3gG ---

  8. #8
    Bronze Member
    Join Date
    Sep 2004
    Posts
    126

    Curio, you hit it right on the head

    Curio,
    Your reply answered my question.

    I left my system on overnight, downloading drivers, with only NIS Firewall up, I still haven't got SP2 yet, and NIS blocked over 300!!! attempts to infiltrate my system. Over 300! Wow.

    NIS is stoping all this, so it's not a problem but the level of instrusion is insane.

    Thanks to Cash_site as well for the idea of getting SP 2 on CD, thats my next move.

    Thanks again, to all
    Halder

  9. #9
    Triple Platinum Member Curio's Avatar
    Join Date
    Nov 2004
    Location
    London
    Posts
    899
    Glad to help.
    I'm using Windows 7 - you got a problem with that?

  10. #10
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    No problems Halder, we can all lement your situation, as its a pain to spend hours rebuilding an OS then try to be good and get windows update, BAM! virus attacked Good luck in future.

    --- 0wN3D by 3gG ---

  11. #11
    British Stud Muffin TZ Veteran GimieGimieGimie's Avatar
    Join Date
    Apr 2002
    Location
    UK, London
    Posts
    611
    The internet is a far more dangerous place then it was 5 years ago, that's for sure, the industry got paranoid over security back then, now it's TRUELY justified.

    It appears now days that EVERYONES a wan*er!
    Last edited by GimieGimieGimie; March 22nd, 2005 at 08:37 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •