• Quick note - the problem with Youtube videos not embedding on the forum appears to have been fixed, thanks to ZiprHead. If you do still see problems let me know.

Internet connection piracy?

ok, I've installed the rootkit revealer and will let you know what that finds. It's running as I post this.

The malwarebyte software didn't find anything but a couple of McAfee items that had been disabled and it removed those.

I don't have anyone outside my house fooling with anything. I have four wolves in the yard and nobody gets past them, plus, I'm home all the time because I'm an at home transcriber for a hospital.

I do have a firewall. The windows firewall wasn't running when the Picassa encounter occurred, since then I've installed McAfee Security system with a firewall that I lock down when I don't use the computer and also fired up the Windows Defender firewall.

Nobody uses the other computer on the network except my husband who very rarely uses it.

I don't have the software for the router handy or the manual... husband installed that and I'm clueless where the manual and software is. This computer has been reformatted directed by Dell to fix the sound card a month ago. I run Microsoft Remote Desktop Web Connection to access the hospital system. I sure hope they haven't been infected by this. Criminey.

I'm as certain as I can be that the router isn't wireless. The only wireless thing I'm running is the Hughes.net satellite receiver. Both computers are connected to the router by ethernet cards and the Hughes.net receiver is also connected to the router.

I'm lost as a goose in a hail storm here. I'm pretty desperate to fix this problem because it involves my work. I use my own computer to connect to the hospital and transcribe remotely.
 
Last edited:
Again, I would recommend following the majorgeeks malware removal guide I posted earlier. Follow the clean-up procedures for your operating system. It will take an hour or two to get through it, but is well worth it. If it finds something, there will be resources there to fix it. If it finds nothing then your PC is clean and you can focus on other possibilities (the other PC, a physical hijacking of your ISP connection, etc...).
 
Make and model of the router is BEFSR41 Linksys ethernfast cable/dsl router with 4 port switch. This is the link for the router that I have: http://www.linksysbycisco.com/US/en/products/BEFSR41

Madurabob, I'll have to wait until tonight to go through the procedures you suggest. I'm working right now, but I'll follow your directions tonight for sure.

I just installed the Windows Service Pack 3 btw.
 
Last edited:
volatile said:
Can you post a screenshot or two of your router settings page? Or even just confirm the make and model number of the router?
Click to expand...

Where would I find this? I'll be happy to post a screenshot of the router settings page. I just don't know where it is. I'm not a complete idiot about computers, but I've never had to look for this information before. :confused:
 
I tried to follow the steps to log in to the router using the web based utility and it wouldn't let me. arghhhh
 
Teresa.Hall said:
Where would I find this? I'll be happy to post a screenshot of the router settings page. I just don't know where it is. I'm not a complete idiot about computers, but I've never had to look for this information before. :confused:
Click to expand...

I *think* you can see your router's set up like this if you still have the default settings in place (I have a similar router, but with wireless included):

Put this address in your browser address bar: 192.168.1.1
A id/password dialog box should appear. Leave the ID field blank, then put "admin" in the password field and hit enter.
You should be taken to page with several tabs for reviewing/updating the various settings.

Of course, one of the first things you'll want to do if this works is change the router ID and PW.
 
Teresa.Hall said:
I tried to follow the steps to log in to the router using the web based utility and it wouldn't let me. arghhhh
Click to expand...

So, you got to the id/pw dialog box, but it would not let you log in with "admin"? I guess that means your husband set up an ID/PW when he set up the router - that's a good thing.

If he's forgotten the ID and PW, you can reset the router to factory defaults by pushing and holding for 30 seconds the "reset" button on the back of the router.
 
By resetting the router to factory default then what do I do? I'm grasping at straws here but i'm willing to try anything if it will solve my problem. :)
 
Teresa.Hall said:
By resetting the router to factory default then what do I do? I'm grasping at straws here but i'm willing to try anything if it will solve my problem. :)
Click to expand...

My bad - do NOT reset to factory defaults unless you have no other option. Doing so will reset everything, not just the ID/PW. So, before you do it, make sure you know the basic settings such as DHCP or Static IP address, ISP login ID and Password, and any specific ports. You should have this all available from hughenet and its simple to load back into the router settings, but you really don't want to risk being offline for a long time because you find you are missing a key piece of info after you reset the router.

If it were me, I would gather the necessary info, connect the hughesnet cable directly to my PC, bypassing the router, and establish a working connection. Only then reset the router. In fact, it might be a good test to run the connection without the router for a few days to see if the apparent hijacking happens again. It sounds like most of the time you have no need for the router anyway.

Then you can follow the router's set up FAQ to get it set back up, running a firewall, and have an ID/PW you remember.
 
Glad I didn't push that reset button, yet. :)

I ran the rootkit revealer software and it created a log. I couldn't tell what if any of that was a problem or not. I wish I was more of a puter nerd so I could understand these things.
 
Last edited:
Teresa.Hall said:
Glad I didn't push that reset button, yet. :)

I ran the rootkit revealer software and it created a log. I couldn't tell what if any of that was a problem or not. I wish I was more of a puter nerd so I could understand these things.
Click to expand...

you could post the log here and we can look through it, if you want.
 
madurobob said:
make sure you know the basic settings such as DHCP or Static IP address, ISP login ID and Password, and any specific ports. You should have this all available from hughenet and its simple to load back into the router settings, but you really don't want to risk being offline for a long time because you find you are missing a key piece of info after you reset the router.
Click to expand...

Is it possible someone else knows this info and is logging in to the ISP from another physical location?
 
Teresa.Hall said:
Glad I didn't push that reset button, yet. :)

I ran the rootkit revealer software and it created a log. I couldn't tell what if any of that was a problem or not. I wish I was more of a puter nerd so I could understand these things.
Click to expand...

We all learn this way, by trial and experience.

Please be sure to clean out your cache files as well, you can use the TOOLS in IE and select delet, that will clear most of them.

And then try http://www.ccleaner.com/, just to make sure your files are empty, it also amkes scanning a lt faster. I think that the Geek meisters will probably help you after you run through their Malware Removal Guide, if that page of instruction don't get, the modified HJT and guidance they give you will help it out.

If you work for a hospital i am sure their firewall is just fine, I thought it might be a small bussiness.

Also this might be a good time to make back up files of all your data and pictures, like to CDs.

Good Luck, it is actaully a good thing that M-Bam did not find something.

You could also try Superantispyware, which the geeks recomend. Recently I have found M-Bam more effective.

(We had this huge infection last year at work, ugh. It is almost taken care of.)
 
leonAzul said:
Is it possible someone else knows this info and is logging in to the ISP from another physical location?
Click to expand...

I'm not sure how hughesnet works, but its certainly possible with other types of connections (dial-up for sure, some cable, DSL not likely).

Teresa: another thing you might consider is changing your logon password with Hughsnet. If this is a simple case of someone cracking your account, that could put an end to it.

I'd suspect malware before a pure hijacking/theft of service, but anything is possible.
 
Dancing David said:
We all learn this way, by trial and experience.

Please be sure to clean out your cache files as well, you can use the TOOLS in IE and select delet, that will clear most of them.

And then try http://www.ccleaner.com/, just to make sure your files are empty, it also amkes scanning a lt faster. I think that the Geek meisters will probably help you after you run through their Malware Removal Guide, if that page of instruction don't get, the modified HJT and guidance they give you will help it out.

If you work for a hospital i am sure their firewall is just fine, I thought it might be a small bussiness.

Also this might be a good time to make back up files of all your data and pictures, like to CDs.

Good Luck, it is actaully a good thing that M-Bam did not find something.

You could also try Superantispyware, which the geeks recomend. Recently I have found M-Bam more effective.

(We had this huge infection last year at work, ugh. It is almost taken care of.)
Click to expand...

One thing I've learned is to back everything up. I did that before I installed anything else.

The hospital I work for isn't huge by any stretch of the imagination, but it isn't just a little hometown hospital either. It's a tweener, I guess. Best of luck with knocking that infection on out from last year. I'm feeling a lot better about my problem though that may be my false sense of security from the help you all have given me. :clap:

I'll change my password on my internet account for sure next. That one is so simple I didn't even think of it. :rolleyes:
 
grmcdorman said:
Do you have a wireless router? If so, check that you have wireless security enabled (preferably WPA); you may also want to change your wireless password just in case.
Click to expand...

Your router's status page should tell you how many bytes have been sent and received since the last reset. You can use that to figure out whether your ISP's measurement is wrong.
 
Teresa.Hall said:
One thing I've learned is to back everything up. I did that before I installed anything else.

The hospital I work for isn't huge by any stretch of the imagination, but it isn't just a little hometown hospital either. It's a tweener, I guess. Best of luck with knocking that infection on out from last year. I'm feeling a lot better about my problem though that may be my false sense of security from the help you all have given me. :clap:

I'll change my password on my internet account for sure next. That one is so simple I didn't even think of it. :rolleyes:
Click to expand...

Well it is a school district, we buy Panda AV because it is cheap and then the security levels are a mess, half the machines are never updated, then there are flash dives from home, we get infections that are three years out of date.

Then there are people using Walgreen's photos, Coupon printers, Limewire and all sorts of stuff that tries to wreck the firewall, older kids let their lttle sib use their flash drives...
 
Oh David, that sounds like pure chaos. My husband and I live out in the country 6.5 miles away from the nearest town. That's the reason for the Hughes.net satellite internet. We're miles away from cable or DSL access. When you speak of little sibs using flash drives I think OMG. I didn't know what a computer was until I was probably 15 and didn't own one until my 30's. The first computer I ever operated was at the small town clinic, an IBM 5110 I think. It was a monster. How times have changed.
 
Last edited:
You must log in or register to reply here.

Back
Top Bottom