How Did This Happen??

Discussion in 'Computer Support' started by Kimball K Kinnison, May 30, 2004.

  1. My brother came to stay with us for the week end bringing his computer with
    him. I have a small network connected to broadband sitting behind a D-Link
    604+ modem router. All computers , including his are running XP Pro with
    Service Pack 1 and all the latest updates. I run Norton AV 2004 and he has
    2003. I do regular sweeps with this and also Ad-aware 6 (fully updated) and
    use SpywareBlaster (again fully updated). He does not use these, but scans
    with NAV on a regular basis. At home he is on dialup but uses a computer
    running Linux to which the modem is attached as a firewall.

    He plugged his computer into my network and turned it on, but then left it
    without logging in for a few hours. No one had access to it in that time as
    we were all out.

    When he came back the 'new programmes have been installed' notification was
    flashing. After some searching and probing we found he now had 34 different
    virus on his system, large amounts of malware and several porn diallers! We
    did a full sweep of the other computers on the network and none of them had
    any problems (one was on at the same time as his)

    After some use of Ad-aware in safe mode and several Norton passes we cleared
    his system.

    I have run the shields up util and this reports no problem with the ports on
    my router.

    Now the question!

    He is adamant that he was not infected before he came down. He tells me he
    only uses his computer for email, games and writing letters. I told him
    things like porn diallers are only got by visiting dubious sites and
    clicking Ok where you shouldn't!

    Could something have come through my router and deposited all that stuff on
    his system. I could believe maybe one attack but not this volume?
    Kimball K Kinnison, May 30, 2004
    #1
    1. Advertising

  2. Kimball K Kinnison spilled my beer when they jumped on the table and
    proclaimed in <gBfuc.8141$9.net>
    <snip>
    > Could something have come through my router and deposited all that stuff
    > on his system. I could believe maybe one attack but not this volume?


    I suspect it was on there before he brought it over...but that's a guess on
    my part. :)

    NOI
    Thund3rstruck_n0i, May 30, 2004
    #2
    1. Advertising

  3. Kimball K Kinnison

    Valverdez Guest

    NO WAY IN HELL, how is that for a definitive answer ?



    "Kimball K Kinnison" <> wrote in message
    news:gBfuc.8141$9.net...
    > My brother came to stay with us for the week end bringing his computer

    with
    > him. I have a small network connected to broadband sitting behind a D-Link
    > 604+ modem router. All computers , including his are running XP Pro with
    > Service Pack 1 and all the latest updates. I run Norton AV 2004 and he has
    > 2003. I do regular sweeps with this and also Ad-aware 6 (fully updated)

    and
    > use SpywareBlaster (again fully updated). He does not use these, but scans
    > with NAV on a regular basis. At home he is on dialup but uses a computer
    > running Linux to which the modem is attached as a firewall.
    >
    > He plugged his computer into my network and turned it on, but then left it
    > without logging in for a few hours. No one had access to it in that time

    as
    > we were all out.
    >
    > When he came back the 'new programmes have been installed' notification

    was
    > flashing. After some searching and probing we found he now had 34

    different
    > virus on his system, large amounts of malware and several porn diallers!

    We
    > did a full sweep of the other computers on the network and none of them

    had
    > any problems (one was on at the same time as his)
    >
    > After some use of Ad-aware in safe mode and several Norton passes we

    cleared
    > his system.
    >
    > I have run the shields up util and this reports no problem with the ports

    on
    > my router.
    >
    > Now the question!
    >
    > He is adamant that he was not infected before he came down. He tells me he
    > only uses his computer for email, games and writing letters. I told him
    > things like porn diallers are only got by visiting dubious sites and
    > clicking Ok where you shouldn't!
    >
    > Could something have come through my router and deposited all that stuff

    on
    > his system. I could believe maybe one attack but not this volume?
    >
    >
    Valverdez, May 30, 2004
    #3
  4. Kimball K Kinnison

    °Mike° Guest

    He is mistaken.


    On Sun, 30 May 2004 07:56:59 +0100, in
    <gBfuc.8141$9.net>
    Kimball K Kinnison scrawled:

    <snip>

    >He is adamant that he was not infected before he came down.


    <snip>

    --
    Basic computer maintenance
    http://uk.geocities.com/personel44/maintenance.html
    °Mike°, May 30, 2004
    #4
  5. "°Mike°" <> wrote in message
    news:...
    > He is mistaken.
    >
    >
    > On Sun, 30 May 2004 07:56:59 +0100, in
    > <gBfuc.8141$9.net>
    > Kimball K Kinnison scrawled:
    >
    > <snip>
    >
    > >He is adamant that he was not infected before he came down.

    >
    > <snip>
    >
    > --
    > Basic computer maintenance
    > http://uk.geocities.com/personel44/maintenance.html


    Thanks Mike.
    Kimball K Kinnison, May 30, 2004
    #5
  6. Kimball K Kinnison

    °Mike° Guest

    On Sun, 30 May 2004 15:00:32 +0100, in
    <kOluc.8196$9.net>
    Kimball K Kinnison scrawled:

    >"°Mike°" <> wrote in message
    >news:...
    >> He is mistaken.


    <snip>

    >Thanks Mike.


    You're welcome.

    --
    Basic computer maintenance
    http://uk.geocities.com/personel44/maintenance.html
    °Mike°, May 30, 2004
    #6
  7. Howdy!

    "Kimball K Kinnison" <> wrote in message
    news:gBfuc.8141$9.net...
    > My brother came to stay with us for the week end bringing his computer

    with
    > him. I have a small network connected to broadband sitting behind a D-Link
    > 604+ modem router. All computers , including his are running XP Pro with
    > Service Pack 1 and all the latest updates. I run Norton AV 2004 and he has
    > 2003. I do regular sweeps with this and also Ad-aware 6 (fully updated)

    and
    > use SpywareBlaster (again fully updated). He does not use these, but scans
    > with NAV on a regular basis. At home he is on dialup but uses a computer
    > running Linux to which the modem is attached as a firewall.
    >
    > He plugged his computer into my network and turned it on, but then left it
    > without logging in for a few hours. No one had access to it in that time

    as
    > we were all out.


    Well, this was mistake one. Are you 100% positive nobody had
    access?

    >
    > When he came back the 'new programmes have been installed' notification

    was
    > flashing. After some searching and probing we found he now had 34

    different
    > virus on his system, large amounts of malware and several porn diallers!

    We
    > did a full sweep of the other computers on the network and none of them

    had
    > any problems (one was on at the same time as his)
    >
    > After some use of Ad-aware in safe mode and several Norton passes we

    cleared
    > his system.
    >
    > I have run the shields up util and this reports no problem with the ports

    on
    > my router.
    >
    > Now the question!
    >
    > He is adamant that he was not infected before he came down. He tells me he
    > only uses his computer for email, games and writing letters. I told him
    > things like porn diallers are only got by visiting dubious sites and
    > clicking Ok where you shouldn't!
    >
    > Could something have come through my router and deposited all that stuff

    on
    > his system. I could believe maybe one attack but not this volume?


    Nope.

    SOMEONE had to go there and click "OK".

    I bet somebody was there that you're not aware was there.

    Or it was previously infected.

    Err - Any reason why you don't use the Lens on everyone? <B-)

    RwP
    Ralph Wade Phillips, May 30, 2004
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jim
    Replies:
    4
    Views:
    531
    Big Will
    May 5, 2005
  2. optimus
    Replies:
    1
    Views:
    655
    Phillip Remaker
    Dec 31, 2003
  3. The Maitch
    Replies:
    0
    Views:
    462
    The Maitch
    Apr 26, 2005
  4. Replies:
    19
    Views:
    657
  5. Andre Da Costa [Extended64]

    OT: Did anything bad happen today?

    Andre Da Costa [Extended64], Jun 7, 2006, in forum: Windows 64bit
    Replies:
    10
    Views:
    516
    David R. Norton MVP
    Jun 9, 2006
Loading...

Share This Page