A forum for reverse engineering, OS internals and malware analysis 

How to Prevent XP CreateProcess as SYSTEM?

Ask your beginner questions here.

Re: How to Prevent XP CreateProcess as SYSTEM?

 #22267  by juan81
 Fri Feb 21, 2014 1:06 pm
Dear ep_xoff

Thx for fast reply. Yes createprocess as system. For xp in win 7 windows environment already protect. But in xp some virus createprocess as system.
In taskmanager ctrl alt del prosess shown SYSTEM. Not user name.

Regard

Re: How to Prevent XP CreateProcess as SYSTEM?

 #22269  by EP_X0FF
 Fri Feb 21, 2014 4:17 pm
Keep OS patched and don't run anything with administrator rights? Don't know if it really needed as Windows XP EOL is in two months.

Re: How to Prevent XP CreateProcess as SYSTEM?

 #22272  by juan81
 Sat Feb 22, 2014 1:51 am
Vrtule wrote:Hello,

so your question is how to prevent (malicious) applications from creating a new process under SYSTEM account?
dear Vrtule

yes that right.

@EP_XOFF

i will try to uptodate my xp
 Return to “Newbie Questions”