# virus attack



## dunmovin (Dec 19, 2008)

has anyone else been hit by a virus which changes the keyboard configuration? Earlier today I got hit by one that changed certian keys (m,v,z,r wre changed to 6m,~v, /z, 2r) annoying but harmless enough, simply running the av and doing a syystem restore sorted the problem. However the av scan also detected a remote computer attack and showed an ip address of 85.62.229.134, this showed up as Spanish address on orange.es and was a dynmaic address changing every 15 seconds from 134 upward to 153.

Anybody else had anything like this?


----------



## JBODEN (Jul 10, 2009)

dunmovin said:


> has anyone else been hit by a virus which changes the keyboard configuration? Earlier today I got hit by one that changed certian keys (m,v,z,r wre changed to 6m,~v, /z, 2r) annoying but harmless enough, simply running the av and doing a syystem restore sorted the problem. However the av scan also detected a remote computer attack and showed an ip address of 85.62.229.134, this showed up as Spanish address on orange.es and was a dynmaic address changing every 15 seconds from 134 upward to 153.
> 
> Anybody else had anything like this?


'eset' detected an infected email yesterday and zapped it. Lesson: Never open any email if you don't know who it came from.


----------



## dunmovin (Dec 19, 2008)

I casn track IP addy down to a place south of madrid, seems to be out in the campo near a place called Yunclillos, but this may be a remotely controlled computer as well.

I didn't open any suspect mails, and would never open an attachment without know who sent it. The AV keeps show the risk type as "PortScan"


----------



## Stravinsky (Aug 12, 2007)

You are running AV Free are you?
I used to do that but realised that spending a small amount on full virus protection was well worthwhile


----------



## dunmovin (Dec 19, 2008)

Stravinsky said:


> You are running AV Free are you?
> I used to do that but realised that spending a small amount on full virus protection was well worthwhile


AV is norton internet security (part of the deal when I bought the laptop was 3 years full subscription). Whatever caused the kb config change must have got past that, but it did block the PortScan,and it logged the ip addy of the attacking computer. I put that into an ip address tracker and that was the result I got back(even with google map to pinpoint the location)

I should add the av only picked up the PortScan intrusion attempt, the kb config problem was fixed when I done a system restore


----------



## Stravinsky (Aug 12, 2007)

dunmovin said:


> AV is norton internet security (part of the deal when I bought the laptop was 3 years full subscription). Whatever caused the kb config change must have got past that, but it did block the PortScan,and it logged the ip addy of the attacking computer. I put that into an ip address tracker and that was the result I got back(even with google map to pinpoint the location)
> 
> I should add the av only picked up the PortScan intrusion attempt, the kb config problem was fixed when I done a system restore


Ah I understand ... thought you were talking about AVG, sorry


----------

