• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Sytem uploads tons to the Net

T

TechieJoe

Junior Member
I recently found out that all systems on my Lan were uploading tons of crap to the Net and cornered the culprit. It affected all the systems on the lan which had Windows XP running on'em. Apparently the systems with SP2 weren't affected.

Could anyone enlighten me what msgame32 is all about?
 
Yeah I had tried the sunBelt software but it does't solve the problem. I guess I'll have to format each and every pc and install XP with SP2.
 
If you email me a copy at tmcfadden omnicast net I will try to analyze it using a couple of resources I've got. Probably want to change the .exe to .txt so it doesn't get auto-nuked by my ISP's Barracuda.
 
I went Googling and there's circumstantial evidence that

1) msgame32.exe is registered as a Service (so you may be able to put a kink in it by disabling its Service, go to Control Panel > Administrative Tools > Services)

2) an indication that your systems have Gaobot worms of some kind (there are lots of variants)


If it were me, I would start by arbitrarily locking down all unnecessary ports on my gateway router, so the systems can't connect outbound on just any old port they feel like using. Your plan of nuking the Windows installations is a good one IMHO, but keep them isolated from eachother and from the network. Do your setup and patching with the network cables unplugged, so they don't just immediately get 0wned again before you can get your security measures in place.

Here are some resources that might help:

full-file Service Pack 2 installer so you can put that on CD for offline work.

Microsoft Baseline Security Analyzer 1.2.1 and MBSA 2.0 both have their uses. MBSA 2.0 is better than 1.2.1 except for its inability to detect missing Office2000 patches.

...and I hope you have a current-generation antivirus product and really sweat the details on the configuration, enable Automatic Updates for Windows, and also try to get everyone onto Limited accounts if practical. Limited accounts are like wearing your seatbelt. The employees might freak, your software might even freak, but if you can get them to cooperate, it's a boost to your security strategy.
 
Sorry MechBgon but I've formated everything and don't have a copy to mail you :-(
It was alot of hard work but it has paid off. No more trojans, viruses or worms to worry abt. Got XP SP2, norton and some other stuff installed to take care of things.

Thanks Anyway.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top