My problem is closely related to "Donna's". We have 2
computers, running XP, networked in our home, using a dial-
up connection. When the client computer is brought out of
hibernate, (host on standby), the host computer
immediately starts dialing up and continues to do so until
the dial-up request has been manually canceled 4-5 times.
I talked to my ISP and they said "it could be one of a
hundred things". I'm not sure I buy into that, but then
if I knew what was wrong, I wouldn't be here asking for
help. Any help would be appreciated.
TeeJay,
You have multiple programs, all automatically requesting internet access. You
need a port monitor, a process monitor, and malware analysis.
Get Port Explorer (free) from
<
http://www.diamondcs.com.au/portexplorer/index.php?page=home> to show you what
network connections your computer is actually opening, and what processes are
opening them. And Process Explorer (free) from
<
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml>. Provides way more
information than Task Manager.
How current is your virus protection? Try these free online virus scans:
<
http://www.bitdefender.com/scan/license.php>
<
http://www.pandasoftware.com/activescan/com/activescan_principal.htm>
<
http://security.symantec.com/ssc/home.asp>
<
http://housecall.trendmicro.com/housecall/start_corp.asp>
Now check for, and learn to defend against, additional carriers of infection.
First, download LSP-Fix and WinsockXPFIx from <
http://www.cexx.org/lspfix.htm>,
and CWShredder from <
http://www.majorgeeks.com/download4086.html>. All are
free.
Next, run CWShredder. Have it fix all variants.
Now check for, and remove, spyware. Get HijackThis
<
http://www.majorgeeks.com/download.php?det=3155> and Spybot S&D
<
http://security.kolla.de/index.php?lang=en&page=download>. Both free.
1) Install and run Spybot. First update it ("Search for updates"), then run a
scan ("Check for problems"). Trust Spybot, and make all recommended deletions.
2) Install and run HijackThis. Do NOT make any changes immediately. Save the
HJT Log.
3) Have your HJT log interpreted by experts at one or more of the following
forums (and post it here):
<
http://forums.net-integration.net/>
<
http://www.spywareinfo.com/forums/>
<
http://forums.tomcoyote.org/>
<
http://www.wilderssecurity.com/>
If removal of any spyware affects your ability to access the internet (some
spyware builds itself into the network software, and its removal may damage your
network), run LSP-Fix and / or WinsockXPFIx.
Harden your browser. There are various websites which will check for
vulnerabilities, here are three which I use.
http://www.jasons-toolbox.com/BrowserSecurity/
http://bcheck.scanit.be/bcheck/
https://testzone.secunia.com/browser_checker/
Harden your operating system. Check at least monthly for security updates.
http://windowsupdate.microsoft.com/
Block possibly dangerous websites with a Hosts file. Three Hosts file sources I
use:
http://www.accs-net.com/hosts/get_hosts.html
http://www.mvps.org/winhelp2002/hosts.htm
(The third is included, and updated, with Spybot (see above)).
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
