Re: Virus? Or Spyware?
From: Chuck (none_at_example.net)
Date: 04/01/04
- Next message: Beoweolf: "Re: anyone having trouble down loading updates from AVG Anti-virus site.?!"
- Previous message: Walter Roberson: "Re: back-up power supply"
- In reply to: kogz: "Virus? Or Spyware?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 31 Mar 2004 20:16:10 -0600
On 31 Mar 2004 17:19:38 -0800, *email_address_deleted* (kogz) wrote:
>Hi, All.
>
>I recently got a virus on my home computer while I was browsing on the
>internet.
>I am using a dial up connection and the virus changed the connection
>username and password, and phone number I connect through. I noticed
>it because when I hang up the connection and tried to connect to the
>net again, it poped up with a different user name and pass etc. I
>deleted the connection and restored my original connection, but once I
>connect to the net and browsed to the next page, it created the new
>connection again.
>
>The user name it created was "ConnInts1", while my correct username
>was just a series of numbers like "900615145@xxx.net" I got thru my
>Internet provider and the phone number I saw in the phone number box
>in the property dialog box was very long like 20 digits or so, while
>my original phone number was just 7 digit local phone number.
>
>Anybody know exactly what it does? My worry is if it changed the
>connection "WHILE" I was hooked up and making a long distance call or
>something, that's bad. But I never "dial" thru that new connection
>created by the virus, 'cause I immediately noticed it.
>
>I appreciate your attention !
>
>Thanks!
This is a modem hijack. I've heard of this before.
How current is your virus protection? Try these free online virus scans:
<http://security.symantec.com/ssc/home.asp>
<http://housecall.trendmicro.com/housecall/start_corp.asp>
First, download LSP-Fix from <http://www.cexx.org/lspfix.htm>, and CWShredder
from <http://www.majorgeeks.com/download4086.html>. Both free.
Next, run CWShredder. Have it fix all variants.
Now check for, and remove, spyware. Get HijackThis
<http://www.majorgeeks.com/download.php?det=3155> and Spybot S&D
<http://security.kolla.de/index.php?lang=en&page=download>. Both free.
1) Install and run Spybot. First update it ("Search for updates"), then run a
scan ("Check for problems"). Trust Spybot, and make all recommended deletions.
2) Install and run HijackThis. Do NOT make any changes immediately. Save the
HJT Log.
3) Have your HJT log interpreted by experts at one or more of the following
forums (and post it here):
<http://forums.net-integration.net/>
<http://www.spywareinfo.com/forums/>
<http://forums.tomcoyote.org/>
<http://www.wilderssecurity.com/>
If removal of any spyware affects your ability to access the internet (some
spyware builds itself into the network software, and its removal may damage your
network), run LSP-Fix.
Please learn to munge your email address properly, to keep yourself a bit safer
when posting to open forums. Protect yourself and the rest of the internet -
never post your address unmunged.
http://www.mailmsg.com/SPAM_munging.htm
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
- Next message: Beoweolf: "Re: anyone having trouble down loading updates from AVG Anti-virus site.?!"
- Previous message: Walter Roberson: "Re: back-up power supply"
- In reply to: kogz: "Virus? Or Spyware?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
