Results 1 to 8 of 8

Thread: Olly is freezing my system

  1. #1
    znow
    Guest

    Olly is freezing my system

    Hi,

    I want to analyse a trojan with OllyDbg. So I start the trojan and want to attach olly to it. But right after I attached to the trojan I don't have any controll over my system. It seems that the hooks of the trojan (keyboard and Mouse) are blocking all of my input.

    Is there a way to debugg a running process which is hooking all of my input events ?

    thanx

    znow
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Did you try the plugins on isdebuggerpresent?

    Its safer to "play" it in vplayer(vmware)
    esther


    Reverse the code,Reverse Your Minds First

  3. #3
    Why don't you post the trojan here for others to analyze it too?

  4. #4
    King of Redonda
    Join Date
    Jul 2006
    Posts
    109
    Blog Entries
    4
    Did you break on the entry point of DLL's and the TLS callbacks of both the exe and the DLL's?

    All those are executed before you get to the entry point of the exe.
    <[TN]FBMachine> i got kicked out of barnes and noble once for moving all the bibles into the fiction section

  5. #5
    znow
    Guest
    Esther, im already running it in a vmware ;-)
    But I havn't tried the isdebuggerpresent plugin yet - good tip.

    Cthulhu: sorry, but I promised not to give it away.

    fr33ke: I'm not sure what you mean, because I'm attaching to a running process. So all the dll should be loaded already, or ? I will work on that.

    thanks for the tips

    andy
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    znow
    Guest
    I meant znow ;-)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    King of Redonda
    Join Date
    Jul 2006
    Posts
    109
    Blog Entries
    4
    Quote Originally Posted by znow View Post
    fr33ke: I'm not sure what you mean, because I'm attaching to a running process. So all the dll should be loaded already, or ? I will work on that.
    My bad. I read over it.
    <[TN]FBMachine> i got kicked out of barnes and noble once for moving all the bibles into the fiction section

  8. #8
    Quote Originally Posted by znow View Post
    I'm attaching to a running process.
    Are you sure it's freezing, or just being extremely slow?

    For some reason OllyDbg on my system works perfectly normal when I open a program in it, but lags quite a bit (and using 100% CPU usage meanwhile), which is why I gave up on doing that.

Similar Threads

  1. [!] Windows freezing olly always... Experts need
    By SnZ in forum OllyDbg Support Forums
    Replies: 5
    Last Post: July 10th, 2010, 19:53
  2. Replies: 2
    Last Post: February 15th, 2009, 21:52
  3. freezing minifilter
    By Hitchhiker in forum Advanced Reversing and Programming
    Replies: 6
    Last Post: October 30th, 2008, 05:45
  4. Olly is freezing my system
    By znow in forum The Newbie Forum
    Replies: 7
    Last Post: January 24th, 2007, 03:06

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •