June 30th, 2005, 04:40 PM
internet settings being changed
I have a friend who has xp home
I set his connection up and added Kerio and AVG.The machine is using dial-up and not very often online.
After about 2 months I checked his connection and could not get on.In his internet options settings I noticed
(1) that it was using a proxy server ??
(2) dial whenever a network connection is not present.its a standalone pc.
I had turned off his server "service" and this was turned on.
Does he need to be concerned ??
June 30th, 2005, 05:10 PM
What connection is it attempting to dial?
Dial whenever a network connection is not present is basically telling the machine to try and connect to the internet (network).
Change the settings back, keep an eye on it and see if it happens again, if so....when and what was being done just before the settings changed?
If you want to make God laugh....make plans.
June 30th, 2005, 10:26 PM
Could you post your 'friends' security routine ?
what apps do they have / use ? - adaware / spybot / cwshredder etc.
when do they use them ?
What level of expertise are we looking at ? - you AND friend
Has there been a history of this type of problem ?
Does YOUR system suffer ?
add whatever else you feel I've missed
AND if there is NO security routine in place ..................
Might I suggest reading THIS
I'm not saying there IS anything amiss, BUT :
if you follow the above link, and abide by it, it WILL enable you to know that the problem could well be the 'nut' that holds the mouse
A bit cruel as it is your friends PC :
Set him as a power user, with password required to logon.
Set yourself as admin, with STRONG password, hopefully friend will not be tech savvy enough to realise that physical access is THE tool of choice, and that he doesn't have ERD Commander around .............
If this stops the problem ..............................................................
Introduce your friend to a LART
55 - I'm fiftyfeckinfive and STILL no wiser,
Beware of Geeks bearing GIF's
come and waste the day :P at The Taz Zone
June 30th, 2005, 11:25 PM
"Does he need to be concerned ??"
Most definitly! this needs immediate looking into...his machine could be dialing some offshore phone number which is billing him @ 50 bucks per minuit. there's an awful lot of "dialers" out there.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
June 30th, 2005, 11:36 PM
Might I recommend that he gets these, updates them and runs them in SAFE MODE :
Both of them are free and the second one is a specialist app for detecting trojans and diallers.
July 1st, 2005, 06:02 PM
My friend is a novice user and rarely online.
Ad-aware is installed but ??
I went to grc before and was stealthed and no important ports open.
AVG is on auto
Kerio is still using default settings but still chatters !
I used black vipers services guide.
Have not had this problem before and he hasnt complained of not being
able to do what he does,I think he is usually at secure sites.
I will look a bit closer tommorrow and get back
Thank you all for your response
July 1st, 2005, 06:05 PM
Please use the applications that I have suggested
July 1st, 2005, 10:47 PM
HAd a Customer with a problem like this.. except the Mail settings would be changed as well..
the upshot.. had Netsky.p and Agobot Removed these to suckers and setup a Smoothy box.
Netsky was email virus, and agobot was an internet worm, it got through inspite of dopy GRC.COM's shields up saying ALL ports were stealth..
BTW: Smoothy = Smoothwall express
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
July 2nd, 2005, 06:16 PM
Hi to all
Well my friend really is a novice,after an hour or two
d/loading those progs nihil suggested,and thanks ,Ive now got
them on my own machine.I asked him if he was happy with his PC
and he replied "well,yes it seems to be faster since the isp
installed a speed booster,yes it does use a proxy and yes the settings
were changed back,but not the Server service.There was
nothing found out of place by those progs so all is well.
Thanks for the advise though.
you guys are legends.