List of discussion boards
You are not allowed to post messages to this board. Minimum level of membership required for posting on this board is Brain Bishop.
Harley: One could edit the registry, but that's not something that should be done by the casual user. TweakUI might help, but I don't know if it comes in a flavour compatible with your friends computer, since you didn't mention the OS. Outhouse is a PITA to make behave, especially when you have the audacity to not use Bill Gate's favourite.
<You may have to do it from DOS, which in the newer M$CRap products is a lot harder than it used to be, which is why I still have 95OSR2 and will have until debian gets installed. ;>
Oooh.. sounds like so much fun... could be my chance to be that quiet little fly-on-wall and watch fishy and rek in live action, throwing around their b---- erm.. *blushes* nevermind 'notherstory.. Except that now I think they're both certified security experts and as to hacking, the less said, the better.
File transfer protocol, yes (part of the tcp/ip suite). Web-page constructor, no. Though it is often used to -upload- 'pages' (or files), so I suppose you could say it aids in the construction of sites. It's simply a means of (gasp!) transfering files from one machine to another. :)
I dont'use quicken (or have it installed), so I've no idea what the .exe is named. I wondered about that myself, but didn't check. I will say this, again, though. Do not open _any_ attachment unless you know exactly what it is, and if it's a pif, dll, exe, bat, com, vb (and a slew of other application type files), use a -good- antivirus to scan it with -first-. Always be aware that even your best friend could be affected by a worm propogating itself without their awareness. And if you -don't- run an antivirus program and you run windows, the same goes for you. There are more ways to contract unfavorable code than just opening the wrong email attachment. And the further we advance, more 'methods' are discovered every day.
What happens with the stolen passwords depends on what the theif wants to do with them, if anything. :/ The other 'check' was probably testing your ports. Password stealers can be some type of keystroke capture program which sends it's data to a particular place (ftp/http location, email address, irc channel, whatever). Passwords can be located in a variety of different files (cookies, pwl files 'wallet' files, etc. They're supposed to be encrypted, but windows encryption is notoriously inept.
The fact that your machines share a router does not necessarily mean they're all corrupted, but they could be, especially if you share files or programs between them. All of them should be checked, and disinfected if necessary.
If by 'wipe out everything and start from scratch' you mean a low-level format of all drives and re-installation of everything from CD, you should be safe. Just be sure when you re-load you include an up-to-date antivirus program. :)
These files are major programs, but if you have the disks you could replace them. The problem is that most trojans deposit other programs onto your system (often hidden) which carry out their 'dirty work' (or 'payload'). Your entire system needs 'disinfected'. PWSteal.Trojan (PassWord steal) tells me you also need to change every password you use, right down to the one you use to log on to your ISP.
A good antivirus can often 'disinfect' files, but sometimes it is necessary to delete these files and replace them from a non-contaminated CD. You may have to reinstall quicken and others from your windows CD. You -must- keep your antivirus program updated, otherwise new virii (which are released daily) can slip past your defenses.
NEVER open an email attachment without checking it first, even when it appears to be from a trusted source. They may be infected and don't yet realize it.
The links I gave you will often have detailed instructions for disinfecting your system from certain virii, but it sounds like you are infected with more than one. If you are unsure of your abilities, then you need to find someone who knows what they're doing to help you clean your system.
usually you won't find them 'by name'. Your best bet is to find a good anti-virus program. And just for future reference, here are some good links to check out if you think you have (or hear about) a virus:
That's because it loads the page as it reads it. I believe IE renders the whole page before displaying any of it, which is one of the reasons it seems so slow sometimes. (I say, "I believe," because I haven't used IE (or even had it on my machine) in about six or eight years... other than at my brother's house, and that's rarely.)
If they're +h files, you may have to attrib -h -r -s first (though some of those may not apply, it can't hurt). Not sure how 98's 'dos' works with that.
Be careful using the /y switch. Like BBW said, if you make a mistake, you could be in big trouble. Deltree works just as well if you leave off the /y, and you can -read- what tree you're about to delete, giving you a chance to double-check and change if necessary.