Dialup Security: Is this a known problem?

From: sponge (yosponge_at_yahoo.com)
Date: 12/27/03 

Date: 27 Dec 2003 13:56:38 -0800

On 27 Dec 2003 20:20:49 GMT, jbwtsn03@aol.com (Jbwtsn03) wrote:

>Hiya friends! First off, I'm sorry I didn't ammend my previous
thread with
>this entry, but I don't know how to work the AOL newgroups stuff just
yet. It
>doesn't show messages I've read already, so I don't even get the
chance to
>ammend the previous string. Isn't automation wonderful??? So here
it goes:
>
>Sorry about the no history. I've told my problem to several boards
with
>several names, so it's tough to keep track of who has been told what!
 I've
>been dealing with a single cracker since March. I first went with
McAfee
>Internet Security 5, but have been unable to keep the person out of
my
>computer. I gave that program suite 8 months, but apparently was
unable to
>configure it properly. Whatever. Next, I moved on to NIS 2004.
I've been

Bad news. NIS is crap. McAfee's is better in many respects but you
might be better served by using discreet tools: A firewall (use
McAfee's, ZoneAlarm, or Kerio 2.1.5. Use a HOSTS file
(http://mvps.org/winhelp2002/hosts.txt, and unZIP it into your
\Windows folder for Windows 95, 98, Me, or to your
\Windows\System32\Driver\etc folder for Windows NT, 2000, and XP). The
third thing to do is use ANY browser and email program other than
Internet Explorer and Outlook. If you want more details visit my site
in my sig, below, which covers all this. A fourth to do is download
and run Ad-Aware and SpyBot (both, make sure to run their built-in
Update features after downloading, and scan your system. Make sure
you've allowed them to remove any flagged parasites.)

>struggling with this one for a month now. I have tried so many
things over so
>much time that I'm starting to lose hope that I'll ever have success
in
>securing my privacy. The most annoying thing is that the guy goes
into all of
>my email accounts and deletes everything but spam!
>
>I have done ground up installations so often now that I have it down
to a
>science. During the last month I started trying any program I could
find. I
>figured it didn't matter if something screwed up the OS, since I'm
going to
>reformat again soon anyway!
>
>Well, before this problem started, the AOL software showed a
different
>connection speed every time. Now all it shows is 32000 bps -- even
on the
>intitial connection. Suspicious? Yes. Furthermore, there's a
longer than
>normal delay during the sign on process between the number dialing
and
>connection speed displays. Suspicious? Yes. What am I supposed to
make of
>that?

Nothing. Thst's common with AOL. You local AOL node is probably
throttling connections to a certain speed so divide bandwidth equally
among customers. Consider, also, that at this time of year, you have a
lot of people shopping online, a lot of kids home from college who
have to use mom or dad's AOL instead of their campus network
connection, etc.

>After the very first time on the net with a new installation, the
firewall
>software icons disappear and the AOL software is all screwed up. If
I shut it
>down, it starts right up again! What I've found was that if I go
into the
>registry and "rem" out everything that refers to AOL, it will open
and close
>normally!

Ok, so stick with that. AOL software is, well, pretty crappy. Frankly,
I think you'd be vastly better off with another ISP (besides
Earthlink). Just make sure if you do use another ISP, not to install
any software they provide. If you go with a dial-up ISP, you can use
your operating systems "New Connection Wizard" to set everything up,
and you then start your browser or email program and do what you want.
If you get cable or DSL, you normally do not have to do anything to
connect - just make sure your firewall always runs at startup.

>I'm sure that there's a program on my drive that allows him to see
the desktop
>and do whatever he wants, and nothing I've used so far can find
anything wrong!
> When I discovered that the registry has new entries, ie in the "Run Services"
>key, he started hiding them elsewhere. Now I can't find a thing on
my own, and
>I certainly can't afford an expert to look at it. I think the
install will
>just get ruined again and I'll have wasted the money.

Don't jump the gun here. A lot of weirdness is actually normal stuff
(unfortunately). Look, download and run HiJackThis!
(http://tomcoyote.org/hjt) and post the results here or email them to
me and I'll analyze them, if you want. Although it's possible you've
been owned, what I'm seeing here actually seems pretty normal for AOL.
HiJackThis may find other potential threats as well.

Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com