johnnyjoes
@Dial1.Dalla
thumbs down from:
Joey1812 
| help been shut down by my isp
Help I have been shut down by Direct Way. My tx modems lights and rx lights flash on and off when I try to access the web.
I have been forced to use dial up. I called Support and they say I was One of the people shut off due to something called a worm.
Here is the story ,came home the other night and both the modems where talking like crazy. Internet explore was not running but outlook was. anyway turned off the computer and tried to reboot but ten min later the modems started doing the same thing. I went to bed hopping it would stop. then weds I started getting a lot of email some from people I know and some from ones I didnt I trashed all the email from people I didnt know. However I opened one from someone I trusted and tried to open the file.
My email went crazy and the whole computer finily locked up.
I reinstalled windows but did not reformat or delete windows. All seem ok after doing this. This Am I got a email from earthlink stating they where going to temp shut down my sat service but can use their dail up to fix the problem.
what do I do ? I am using dial up and my email is still going crazy with emails comming in I know not from whom.
Do I trust these emails or just delete them.
the computer keeps connecting to the internet to send email with out me doing anything |
|
mboy
Premium
join:2001-04-13
Little Falls, NJ | reformat and reinstall. |
|
crl620
Premium
join:2002-05-15
Saint Louis, MO
clubs:
| reply to johnnyjoes
- Delete the emails
- Make SURE windows is updated: »windowsupdate.microsoft.com
- Install some type of firewall: »smb.sygate.com/products/spf/spf_ov.htm
--
Stop Bioterrorism AND Cancer - Team Discovery - United Devices |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ
 ·Speakeasy
| reply to johnnyjoes
said by johnnyjoes:
I have been forced to use dial up. I called Support and they say I was One of the people shut off due to something called a worm.
I trashed all the email from people I didnt know. However I opened one from someone I trusted and tried to open the file.
Here is an explanation of what a worm is in simple terms.
A worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.
This is what is occurring with your system. You must have opened something from someone that you trusted that was infected and thus infected your system. It's not always safe, and often the least so, to open things even from people you know. You are now sending out replicas of this worm.
You obviously have the need to learn some things about securing your system. Unfortunately, going on the Internet requires a lot of education along with a huge responsibility. Making sure that you have updated system patches, are running an updated Anti virus program, and running a firewall are just a few things to start with. Along with that, there are many other things to learn...once you have your system cleaned up and back running securely.
I hope that once you are up and running with a clean, secure system, you will come back here and start to learn. There are many here who are willing to educate as well as what you will gain from just reading and checking out the forum regularly.
--
JKK Age is a very high price to pay for my maturity. If I can't stay young, I can at least stay immature! |
|
sig
Premium
join:2001-05-05
| reply to johnnyjoes
There is a email worm going around that is sending out so many infected emails that it is in effect mail bombing some people and businesses email in boxes. It also can spoof the sender's address so the real origin of the email is not readily apparent.
But if your computer is sending email on its own it sure sounds like you're infected.
Now, you can reinstall windows all you want for all the good it will do (none apparently), but have you actually tried running an AntiVirus program to clean up your PC? That's usually the first step to take when someone's got an infected machine.
At the very least try running an online AV scanner like the one available from TrendMirco: »housecall.trendmicro.com/
Note: these online scanners are not a replacement for running a resident AV on your PC.
You haven't mentioned if you are running a firewall and an Antivirus program.
Check here for some free AVs and firewall programs:
»www.wilders.org/free_tools.htm
For pay versions of AV (generally considered a better option) see this page: »www.wilders.org/anti_viruses.htm |
|
ThatSailor
your tangerine of electricity is ripe
Premium
join:2003-08-21
Waterford, MI
| reply to jaykaykay
said by jaykaykay :
... There are many here who are willing to educate as well as what you will gain from just reading and checking out the forum regularly.
I joined just a few days ago and I cannot tell you how true this really is. I learn something from almost every topic I read. It's kind of addicting, in a good way. |
|
catahoula7
Catahoula
join:2002-12-30
| reply to mboy
said by mboy :
reformat and reinstall.
Exactly. I agree.
--
-- The Catahoula Hound Dawg |
|
fadort
join:2001-12-15
Southampton, NY
| wouldn't it have been intelligent if earthlink explained how to remove the worm, how to prevent it from happening again and provided links to more information on the matter?? I think maybe the isp should take more of a roll and help educate their users about stuff instead of just reacting and leaving it at that. |
|
sig
Premium
join:2001-05-05
| reply to johnnyjoes
Symantec's main page has links to info on SobigF (which it sounds like) and a fixit tool. »symantec.com/
McAfee has its Stinger clean up tool which apparently removes a number of infections also. »us.mcafee.com/virusInfo/default.···=stinger |
|
Loly Poly
@cox.net | reply to johnnyjoes
Use something other than Outlook Express. |
|
jhalleau
join:2003-03-04
Vancouver, WA
 ·Comcast
edited
| reply to fadort
said by fadort :
wouldn't it have been intelligent if earthlink explained how to remove the worm, how to prevent it from happening again and provided links to more information on the matter?? I think maybe the isp should take more of a roll and help educate their users about stuff instead of just reacting and leaving it at that.
I have direcway, and they did do this.It caused some outrage when they used a backdoor to launch a broser on your pc, but in that message it explained that 10/20% of dway was infected, gave links to tools and instructions for removal, and they also explained they would start shutting people off. They also sent the same info in an email I believe....
--
Host= Cpq D500,P4 1.9ghz, 512mb ram, 40GB HD, 5-6 clients networked 2-3 wireless rest wired.
[text was edited by author 2003-08-23 23:54:08] |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ
·Speakeasy
| reply to johnnyjoes
Remember, people. The user of the Internet/connection is ultimately responsible for securing their systems. Yes, accidents do happen just as they do in life, but for the most part, all too many people get behind the steering wheel of their computer without the least idea of how to drive it. That doesn't make much sense to me. Yes, I also feel that everybody else should help in the education process, just as parents hopefully do with children, but in the end, it is up to the individual to learn and process...not just get on the road and go for a drive without instructions or the knowledge of how to do that.
--
JKKAge is a very high price to pay for my maturity. If I can't stay young, I can at least stay immature! |
|
Sat_Man
Monotonous Isn't It
Premium
join:2001-09-14
Gray Court, SC
| said by jaykaykay :
Remember, people. The user of the Internet/connection is ultimately responsible for securing their systems. Yes, accidents do happen just as they do in life, but for the most part, all too many people get behind the steering wheel of their computer without the least idea of how to drive it. That doesn't make much sense to me. Yes, I also feel that everybody else should help in the education process, just as parents hopefully do with children, but in the end, it is up to the individual to learn and process...not just get on the road and go for a drive without instructions or the knowledge of how to do that.
The problem with DirecWay is they told their users that a firewall was not needed because they were behind a NAT. Tech Support has no clue and due to this many (the 10-20%) that were infected were just listening to DirecWay! I think now there will be a change in attitude and DirecWay will preach AV and firewalls.
>Fred
--
Fred US AirForce RetiredG11, 990, XPpro |
|
jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
Scottsdale, AZ
·Speakeasy
| said by Sat_Man :
The problem with DirecWay is they told their users that a firewall was not needed because they were behind a NAT. Tech Support has no clue and due to this many (the 10-20%) that were infected were just listening to DirecWay! I think now there will be a change in attitude and DirecWay will preach AV and firewalls.
>Fred
That is really sad! Also, from what I am gathering, I suspect that this is all too true with many ISP support staff who really are not much more educated then I.
--
JKKAge is a very high price to pay for my maturity. If I can't stay young, I can at least stay immature! |
|
jhalleau
join:2003-03-04
Vancouver, WA
·Comcast
| reply to Sat_Man
said by Sat_Man :
The problem with DirecWay is they told their users that a firewall was not needed
yep.... they sure did, and I do hope this changes there opinion. 10/20% seems like an astounding # to me, but then what do I know?
--
Host= Cpq D500,P4 1.9ghz, 512mb ram, 40GB HD, 5-6 clients networked 2-3 wireless rest wired. |
|
rustydog999
join:2002-06-17
the internet
| reply to johnnyjoes
said by Sat_Man :
""The problem with DirecWay is they told their users that a firewall was not needed because they were behind a NAT "".
Yes this is VERY true I have been on direcway for two years now. Was told when I first got it a firewall was NOT needed due to NAT. Was told many times by tech support that the firewall software I was running was causing what ever problem I called about.
Now they have put the burden back on us. I got lucky I have allways had norton internet secuirty running from day one.
I have all the updates to Xp which where a pain in the but to get. I had to go back to the site 3 times just to make sure I got all the updates times 3 computers the host and two clients.
And Av and Firewall software is up to date.
What they are doing from what they are letting on to is scanning our computers finding out if we are infected and shutting us down.
Earthlink was nice enough to email notices about the problems and what to do but only AFTER Hughes sent a worm through everybodys computer(past everybodys firewall) that unzipped a programe to displayed a full screen pop up message.
Now we are all worried that we will come home to find or software deleted and the modems shut down.
see this thread
»finstall.exe downloaded automatically!
I feel for Johnny Joe as he was one of the 20% that was told not to put any firewall on thier system are infected and alone in the dark.
All the Earthlink users have a ten hour dial up to fall back on to load updates but DW customers have none.
--
SRS Satmax 5 990 on a dual processor Athlon RSL 78 -82 |
|
sig
Premium
join:2001-05-05
| Well the thread starter appears to have an email worm which ordinarily a firewall wouldn't provide any protection from, although ZA+ and ZAP have features that address it if one becomes infected. Despite what an ISP may advise, adding a software firewall to a properly configured NAT router isn't a bad idea at all. While in an ISP's view a customer's firewall might cause them problems (although it often is used as a scapegoat for real ISP connectivity issues) msblaster should have taught ISP's that the lack of a firewall might cause them a much greater workload and issues for them to deal with.
But as far as email viruses are concerned, OE 6 can be strapped down a bit. Attachments can be blocked so the careless user cannot easily open them. And it has a setting "warn me if another application tries to send email as me." Since I've never had that problem don't know how it really works if an infection should occur.
But the one third party firewall I'm familiar with does have some interesting features regarding email. ZA+ (and ZAP) can restrict which apps are allowed to send mail. Additionally it has an email guard so that if one's email client starts sending too many emails in too short a time (the settings are configurable) ZA can shut it down. Also can prevent email sender spoofing. One can authorize only certain email accounts to send mail and if one's email app tries to send under another account or sender, ZA blocks that too.
Anyway, the original poster hasn't responded but how one gets infected by a worm and remedies it and how to prevent it shouldn't be a mystery to anyone by now with major outbreaks being covered by the media. Some ISP's have help pages on securing one's PC, recommend using AV's and provide links to free firewalls. Comcast apparently had a deal with McAfee whereby (if I've got it right) one could get McAfee's AV and firewall one year for free. So the ISP's can provide some education on safe computing on their sites without too much strain on themselves. Of course the users have to have enough of a clue to avail themselves of the information that is available. And that responsibility is on the user. |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
 ·Vonage
| reply to johnnyjoes
".....I called Support and they say I was One of the people shut off due to something called a worm."
Not to bash on the poster (he DID come here looking for help at least), but that one sentence says volumes....just a clue as to how many people are out there that don't have ANY idea of what's going on or how to protect themselves. No wonder there's such a huge problem.
If they don't even know what a 'worm' is.....
--
SB2K »www.sarah-brightman.com |
|
Hutch
My Throne is the Dunny
Premium
join:2000-10-14
Out House
·Internode
| reply to mboy
said by mboy :
reformat and reinstall.
said by mboy :
reformat and reinstall.
I agree, reformat and reinstall. Then install a Firewall. AntiVirus Application. Then call your ISP informing them you have fixed the issue.
Never open emails from persons you don't know. Better still install MailWasher and blacklist addresses you don't know. At least that way you can delete them before you download them.
--
*TeamZ*Member |
|
Flippant
So Much For Subtlety
Premium,Mod
join:2000-06-04
Katy, TX
Host:
Filesharing Software
Earthlink Cable
Texas Gulf Coast R..
AT&T U-verse
AT&T Southwest
| said by Hutch :
said by mboy :
reformat and reinstall.
said by mboy :
reformat and reinstall.
I agree, reformat and reinstall.
Install a firewall, then once you get your broadband back, make sure that you get all the latest patches from M$. |
|
