Re: network routing without my permission
From: Kerry Brown (kerry_at_kdbNOSPAMsys-tems.c*a*m)
Date: 08/24/05
- Next message: JamesB: ""tibprxy" Process?"
- Previous message: Dennis77: "Is it possible to delegate unlock computer rights?"
- In reply to: Cindy: "Re: network routing without my permission"
- Next in thread: David H. Lipman: "Re: network routing without my permission"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Aug 2005 11:42:00 -0700
"Cindy" <Cindy@discussions.microsoft.com> wrote in message
news:DB07F07A-4C79-49EB-8083-FA4D96181324@microsoft.com...
> Kerry,
>
> I did do most of the things you have suggested except flash routher
> bios...didnt know about that. Matter of fact I gave up and am only
> working
> with one computer at a time...one is horriably taken over and not being
> used
> for ANYTHING important.
>
> The one computer I am working with is not and has not been connected to
> the
> router for quite a while. The router firewall log is how I found the
> problem
> in June that caused me to disconnect and start again.
>
> The software I install BEFORE connecting to internet is WinXP sp2and
> McAfee
> Security Suite 7. I then have to used the motherboard software CD to
> update
> the network card. I have the Microsoft book: Windows SP Inside Out and
> use
> it to disable services not needed. Then I turn off automatic updates and
> connect the the internet and update McAfee. Then I update WinXP.
>
> I have a list of some of the IPs needed to be blocked and block them
> before
> going online. Still I notice activity happening shortly after going
> online.
> This is why I am wondering if somehow MY internet IP has somehow connected
> somewhere "out there" that automaticaly connects the computer and writes
> something to the registery. I don't have much registery knowledge. I
> have
> been reading through the registery and searching for help on the internet
> as
> I go along.
>
> I do believe something actually installs itself and rewrites .dll's
> because
> the dll's used are WinXP.
>
> Thank you for your help...keep sending suggestions...I will update!
>
It is very unlikely the router was compromised. I was trying to cover all
the possibilities. The only explanation I can come up with is something you
are installing has a trojan in it. Are there any other users than you? Are
you using any P2P software to download software or music? Do you use MSN
Messenger, ICQ, AOL Messenger, etc.? Download and run Hijack This. Post the
log to an appropriate forum.
http://www.spywareinfo.com/~merijn/htlogtutorial.html
http://forums.majorgeeks.com/showthread.php?t=38752
http://castlecops.com/HijackThis.html
There are many more. Google for more if needed.
Kerry
Kerry
- Next message: JamesB: ""tibprxy" Process?"
- Previous message: Dennis77: "Is it possible to delegate unlock computer rights?"
- In reply to: Cindy: "Re: network routing without my permission"
- Next in thread: David H. Lipman: "Re: network routing without my permission"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
