- Jul 23, 2002
- 127
- 0
- 0
Hey all....
Discovered a particularly nasty little thing earlier on.
I went onto Kazaa to get myself a file - upon downloading and executing the file - nothing happened? I figured ok, well dummy file - moving on. It was a very small .exe file.
Not really....the file spit another .exe file into my windows directory which I suspect to then have injected something into my wininit.exe file. Thank goodness I have firewalls up, cuz' now everyone and their mom is trying to get something from my PC - I'm not sure what they are looking up but I'm getting hits from australia, new york etc. incoming UDP and TCP connections - I'm blocking them ofcourse, but it's beginning to annoy me because they all keep repeating every few minutes or so. The second I manage to block, say a set of 5 different IP addresses, within the next hour 5 or even more try to hit.
I'm sure it's the wininit because an alien file which now starts up with my PC points to the wininit.exe file in my windows directory.
I found this out by analysing my task menu....I generally only have 1 program running all the time. Thats some keyboard software I use. This program now starts up whenever I reboot my PC and when I click on 'Go to Process' it shows the wininit.exe file in under the processes section. I close the file but the inbound traffic still manages to flood in slowly but for sure.
I've so far blocked a total of over 123 IPS....PLEASE HELP....
I guess my question is how do I replace my wininit from a clean copy from my CD?
Win98 used to be able to extract files from the CD but I don't see the option in XP Home...
I'm desparate....I can't use any file sharing programs until I clean the file.
Norton isn't picking it up as a virus, and none of my trojan scanners are picking it up either.
Help?
Thanks in Advance...
I'm using Windows XP Home - OEM
Discovered a particularly nasty little thing earlier on.
I went onto Kazaa to get myself a file - upon downloading and executing the file - nothing happened? I figured ok, well dummy file - moving on. It was a very small .exe file.
Not really....the file spit another .exe file into my windows directory which I suspect to then have injected something into my wininit.exe file. Thank goodness I have firewalls up, cuz' now everyone and their mom is trying to get something from my PC - I'm not sure what they are looking up but I'm getting hits from australia, new york etc. incoming UDP and TCP connections - I'm blocking them ofcourse, but it's beginning to annoy me because they all keep repeating every few minutes or so. The second I manage to block, say a set of 5 different IP addresses, within the next hour 5 or even more try to hit.
I'm sure it's the wininit because an alien file which now starts up with my PC points to the wininit.exe file in my windows directory.
I found this out by analysing my task menu....I generally only have 1 program running all the time. Thats some keyboard software I use. This program now starts up whenever I reboot my PC and when I click on 'Go to Process' it shows the wininit.exe file in under the processes section. I close the file but the inbound traffic still manages to flood in slowly but for sure.
I've so far blocked a total of over 123 IPS....PLEASE HELP....
I guess my question is how do I replace my wininit from a clean copy from my CD?
Win98 used to be able to extract files from the CD but I don't see the option in XP Home...
I'm desparate....I can't use any file sharing programs until I clean the file.
Norton isn't picking it up as a virus, and none of my trojan scanners are picking it up either.
Help?
Thanks in Advance...
I'm using Windows XP Home - OEM