1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Hacked, Trojan, violated... but which is it?

Discussion in 'Windows XP' started by msnews, Aug 9, 2010.

  1. msnews

    msnews Flightless Bird

    I have 4 xp machines, one i use as a server with 4 external usb hardrives
    attached. I was sitting in front of the server when my mouse began to move
    on its own, hover over the date in the task bar, opening up my Gom music
    player, hovering over the pause button on my nero back up program, skipping
    all over the place, I heard myself saying, don't you dare. The children
    were watching and getting scared. I disconnected the mouse but it
    continued. I disabled the network adapter on the server, it continued. I
    launched notepad, and basically had a conversation with it. It was typing, I
    disconnected the keyboard, it carried on typing, I freaked out! What was
    it?
     
  2. Tigger

    Tigger Flightless Bird

    msnews writted thus:

    > I have 4 xp machines, one i use as a server with 4 external usb
    > hardrives attached. I was sitting in front of the server when my mouse
    > began to move on its own, hover over the date in the task bar, opening
    > up my Gom music player, hovering over the pause button on my nero back
    > up program, skipping all over the place, I heard myself saying, don't
    > you dare. The children were watching and getting scared. I
    > disconnected the mouse but it continued. I disabled the network adapter
    > on the server, it continued. I launched notepad, and basically had a
    > conversation with it. It was typing, I disconnected the keyboard, it
    > carried on typing, I freaked out! What was it?


    It could be "backdoor.nepoe"
    A backdoor trojan that allows malicious users to gain remote access to
    the affected computer. It spreads across the Internet.
    Panda AV can remove it I seem to recall.
     
  3. Michael

    Michael Flightless Bird

    "msnews" <notinterestedgoaway@hotmail.com> wrote in message
    news:#gWI9p7NLHA.1796@TK2MSFTNGP06.phx.gbl...
    > I have 4 xp machines, one i use as a server with 4 external usb hardrives
    > attached. I was sitting in front of the server when my mouse began to move
    > on its own, hover over the date in the task bar, opening up my Gom music
    > player, hovering over the pause button on my nero back up program,
    > skipping all over the place, I heard myself saying, don't you dare. The
    > children were watching and getting scared. I disconnected the mouse but
    > it continued. I disabled the network adapter on the server, it continued.
    > I launched notepad, and basically had a conversation with it. It was
    > typing, I disconnected the keyboard, it carried on typing, I freaked out!
    > What was it?
    >

    Are you running any AV? Try running the free versions of these:
    http://www.malwarebytes.org/ &
    http://superantispyware.com/

    If you're running a valid copy of Windows you may want to change your AV to
    MSE, especially if you're running Norton or Crapafee!
    http://www.microsoft.com/security_essentials/

    --

    "Don't pick a fight with an old man.
    If he is too old to fight, he'll just kill you."
     
  4. msnews

    msnews Flightless Bird

    Hi all Thanks for feedback. I have run avast av, which did discover a
    malware in the rootkit sytem of the server, but it was not called
    backdoor.nepoe. Can a malicious program operate keyboard and mouse with no
    internet and no keyboard or mouse connected? The interaction was too
    familiar feeling for it to be a trojan bot even if it did scan my ex hds for
    info, and was able to answer questions. Some questions we were saying, were
    answered before I even typed them, creating the suspicion that we had a mic
    was on in the house or that we were being bugged! It seemed more like a hack
    really but how is this possible with know enabled network connection or
    attached devices?


    "msnews" <notinterestedgoaway@hotmail.com> wrote in message
    news:%23gWI9p7NLHA.1796@TK2MSFTNGP06.phx.gbl...
    >I have 4 xp machines, one i use as a server with 4 external usb hardrives
    >attached. I was sitting in front of the server when my mouse began to move
    >on its own, hover over the date in the task bar, opening up my Gom music
    >player, hovering over the pause button on my nero back up program, skipping
    >all over the place, I heard myself saying, don't you dare. The children
    >were watching and getting scared. I disconnected the mouse but it
    >continued. I disabled the network adapter on the server, it continued. I
    >launched notepad, and basically had a conversation with it. It was typing,
    >I disconnected the keyboard, it carried on typing, I freaked out! What was
    >it?
    >
     
  5. Peter Taylor

    Peter Taylor Flightless Bird

    On 8/9/2010 4:16 PM, msnews wrote:
    > Hi all Thanks for feedback. I have run avast av, which did discover a
    > malware in the rootkit sytem of the server, but it was not called
    > backdoor.nepoe. Can a malicious program operate keyboard and mouse with no
    > internet and no keyboard or mouse connected? The interaction was too
    > familiar feeling for it to be a trojan bot even if it did scan my ex hds for
    > info, and was able to answer questions. Some questions we were saying, were
    > answered before I even typed them, creating the suspicion that we had a mic
    > was on in the house or that we were being bugged! It seemed more like a hack
    > really but how is this possible with know enabled network connection or
    > attached devices?


    Is the server still connected to the other computers?

    --
    Peter Taylor
     
  6. msnews

    msnews Flightless Bird

    Yes, it was Peter?

    mine and my daughters were still connected.
    ..
    So even though I had disconnected keyboard and mouse, disabled network
    adapter, pulled out network adapter from back of pc, it still carried on.
    Pulled plug on my daughters pc, it still carried on. Pulled plug on my pc,
    it still carried on.. In the end, I just pulled plug on router itself, so
    no power. Then and only then, did it stop. I saved the notepad doc of convo
    in its entirety at 11.49pm on the desktop. Went back 3 hours later to find
    half the convo content missing with no moderation to date accessed, modified
    or created properties. Whats that all about..? Creepy! Granted pc was left
    on with net enabled overnight for virus scan, but with external hds
    disconnected, interface devices disconnected how can the doc be modified.

    So my question is... it possible to suspend the timestamp on a pc, make
    changes to docs and revert time stamp and it reflect in document properties?

    any answers would be appreciated, coz right now, the kids think we have a
    ghost in the house!


    "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
    news:i3pc6c$egp$1@news.eternal-september.org...
    > On 8/9/2010 4:16 PM, msnews wrote:
    >> Hi all Thanks for feedback. I have run avast av, which did discover a
    >> malware in the rootkit sytem of the server, but it was not called
    >> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
    >> no
    >> internet and no keyboard or mouse connected? The interaction was too
    >> familiar feeling for it to be a trojan bot even if it did scan my ex hds
    >> for
    >> info, and was able to answer questions. Some questions we were saying,
    >> were
    >> answered before I even typed them, creating the suspicion that we had a
    >> mic
    >> was on in the house or that we were being bugged! It seemed more like a
    >> hack
    >> really but how is this possible with know enabled network connection or
    >> attached devices?

    >
    > Is the server still connected to the other computers?
    >
    > --
    > Peter Taylor
     
  7. Tigger

    Tigger Flightless Bird

    msnews writted thus:

    > Hi all Thanks for feedback. I have run avast av, which did discover a
    > malware in the rootkit sytem of the server, but it was not called
    > backdoor.nepoe. Can a malicious program operate keyboard and mouse with
    > no internet and no keyboard or mouse connected? The interaction was too
    > familiar feeling for it to be a trojan bot even if it did scan my ex hds
    > for info, and was able to answer questions. Some questions we were
    > saying, were answered before I even typed them, creating the suspicion
    > that we had a mic was on in the house or that we were being bugged! It
    > seemed more like a hack really but how is this possible with know
    > enabled network connection or attached devices?
    >
    >


    ROFL Got any clever kids in the house??
    You might have been the butt of a practical joke...
     
  8. Peter

    Peter Flightless Bird

    On 08/09/2010 07:48 PM, msnews wrote:
    > Yes, it was Peter?
    >
    > mine and my daughters were still connected.
    > .
    > So even though I had disconnected keyboard and mouse, disabled network
    > adapter, pulled out network adapter from back of pc, it still carried on.
    > Pulled plug on my daughters pc, it still carried on. Pulled plug on my pc,
    > it still carried on.. In the end, I just pulled plug on router itself, so
    > no power. Then and only then, did it stop. I saved the notepad doc of convo
    > in its entirety at 11.49pm on the desktop. Went back 3 hours later to find
    > half the convo content missing with no moderation to date accessed, modified
    > or created properties. Whats that all about..? Creepy! Granted pc was left
    > on with net enabled overnight for virus scan, but with external hds
    > disconnected, interface devices disconnected how can the doc be modified.
    >
    > So my question is... it possible to suspend the timestamp on a pc, make
    > changes to docs and revert time stamp and it reflect in document properties?
    >
    > any answers would be appreciated, coz right now, the kids think we have a
    > ghost in the house!


    I would scan the other computers for malware. Is the firewall in the
    router enabled and is the router password protected?

    --
    Peter
     
  9. msnews

    msnews Flightless Bird

    Well, its just me, and my two girls.. a teen and a younger daughter, both
    don't care about IT and don't wish to understand as long as they can get on
    facebook and dollspalace.com, therefore no IT knowhow whatsoever.

    I may be the butt of a practical joke, but its a very good one! Im an
    intelligent gal, not an IT pro or anything, but savvy enough to maintain a
    network and keep it like fortnocks for the last 10 years, virus and trojan
    free, but this is a new one on me! hijack a pc with no internet or
    interactive devices.. I wantt to know how they did it!

    donna

    "Tigger" <Tony@the.jungle.drums> wrote in message
    news:i3pfpd$4hv$1@news.eternal-september.org...
    > msnews writted thus:
    >
    >> Hi all Thanks for feedback. I have run avast av, which did discover a
    >> malware in the rootkit sytem of the server, but it was not called
    >> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
    >> no internet and no keyboard or mouse connected? The interaction was too
    >> familiar feeling for it to be a trojan bot even if it did scan my ex hds
    >> for info, and was able to answer questions. Some questions we were
    >> saying, were answered before I even typed them, creating the suspicion
    >> that we had a mic was on in the house or that we were being bugged! It
    >> seemed more like a hack really but how is this possible with know
    >> enabled network connection or attached devices?
    >>
    >>

    >
    > ROFL Got any clever kids in the house??
    > You might have been the butt of a practical joke...
     
  10. Elmo

    Elmo Flightless Bird

    msnews wrote:
    > Yes, it was Peter?
    >
    > mine and my daughters were still connected.
    > .
    > So even though I had disconnected keyboard and mouse, disabled network
    > adapter, pulled out network adapter from back of pc, it still carried on.
    > Pulled plug on my daughters pc, it still carried on. Pulled plug on my pc,
    > it still carried on.. In the end, I just pulled plug on router itself, so
    > no power. Then and only then, did it stop. I saved the notepad doc of convo
    > in its entirety at 11.49pm on the desktop. Went back 3 hours later to find
    > half the convo content missing with no moderation to date accessed, modified
    > or created properties. Whats that all about..? Creepy! Granted pc was left
    > on with net enabled overnight for virus scan, but with external hds
    > disconnected, interface devices disconnected how can the doc be modified.
    >
    > So my question is... it possible to suspend the timestamp on a pc, make
    > changes to docs and revert time stamp and it reflect in document properties?
    >
    > any answers would be appreciated, coz right now, the kids think we have a
    > ghost in the house!
    >
    >
    > "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
    > news:i3pc6c$egp$1@news.eternal-september.org...
    >> On 8/9/2010 4:16 PM, msnews wrote:
    >>> Hi all Thanks for feedback. I have run avast av, which did discover a
    >>> malware in the rootkit sytem of the server, but it was not called
    >>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
    >>> no
    >>> internet and no keyboard or mouse connected? The interaction was too
    >>> familiar feeling for it to be a trojan bot even if it did scan my ex hds
    >>> for
    >>> info, and was able to answer questions. Some questions we were saying,
    >>> were
    >>> answered before I even typed them, creating the suspicion that we had a
    >>> mic
    >>> was on in the house or that we were being bugged! It seemed more like a
    >>> hack
    >>> really but how is this possible with know enabled network connection or
    >>> attached devices?

    >> Is the server still connected to the other computers?
    >>
    >> --
    >> Peter Taylor


    If it's a wireless router, that's probably how they were gaining entry.
    It has to be someone within, say.. a hundred feet of the router, if
    that's the case. Turning off your keyboard and mouse wouldn't affect
    their control of your machine.

    --

    Joe =o)
     
  11. msnews

    msnews Flightless Bird

    Hi Joe,

    thanks for that. You are right, it is a wireless router... and my daughter
    hasn't managed to get wireless on her ipod ever since, so thats worth
    considering. But the wireless is password protected, and the password is
    loooong!

    "Elmo" <elmogeek@xxx.invalid> wrote in message
    news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
    > msnews wrote:
    >> Yes, it was Peter?
    >>
    >> mine and my daughters were still connected.
    >> .
    >> So even though I had disconnected keyboard and mouse, disabled network
    >> adapter, pulled out network adapter from back of pc, it still carried on.
    >> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
    >> pc,
    >> it still carried on.. In the end, I just pulled plug on router itself,
    >> so
    >> no power. Then and only then, did it stop. I saved the notepad doc of
    >> convo
    >> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
    >> find
    >> half the convo content missing with no moderation to date accessed,
    >> modified
    >> or created properties. Whats that all about..? Creepy! Granted pc was
    >> left
    >> on with net enabled overnight for virus scan, but with external hds
    >> disconnected, interface devices disconnected how can the doc be modified.
    >>
    >> So my question is... it possible to suspend the timestamp on a pc, make
    >> changes to docs and revert time stamp and it reflect in document
    >> properties?
    >>
    >> any answers would be appreciated, coz right now, the kids think we have a
    >> ghost in the house!
    >>
    >>
    >> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
    >> news:i3pc6c$egp$1@news.eternal-september.org...
    >>> On 8/9/2010 4:16 PM, msnews wrote:
    >>>> Hi all Thanks for feedback. I have run avast av, which did discover a
    >>>> malware in the rootkit sytem of the server, but it was not called
    >>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
    >>>> no
    >>>> internet and no keyboard or mouse connected? The interaction was too
    >>>> familiar feeling for it to be a trojan bot even if it did scan my ex
    >>>> hds
    >>>> for
    >>>> info, and was able to answer questions. Some questions we were saying,
    >>>> were
    >>>> answered before I even typed them, creating the suspicion that we had a
    >>>> mic
    >>>> was on in the house or that we were being bugged! It seemed more like a
    >>>> hack
    >>>> really but how is this possible with know enabled network connection or
    >>>> attached devices?
    >>> Is the server still connected to the other computers?
    >>>
    >>> --
    >>> Peter Taylor

    >
    > If it's a wireless router, that's probably how they were gaining entry.
    > It has to be someone within, say.. a hundred feet of the router, if
    > that's the case. Turning off your keyboard and mouse wouldn't affect
    > their control of your machine.
    >
    > --
    >
    > Joe =o)
     
  12. PA Bear [MS MVP]

    PA Bear [MS MVP] Flightless Bird

    > ...The children were watching and getting scared.

    Scared you'd figure out that one of them infected the computer or...?

    msnews wrote:
    > I have 4 xp machines, one i use as a server with 4 external usb hardrives
    > attached. I was sitting in front of the server when my mouse began to move
    > on its own, hover over the date in the task bar, opening up my Gom music
    > player, hovering over the pause button on my nero back up program,
    > skipping
    > all over the place, I heard myself saying, don't you dare. The children
    > were watching and getting scared. I disconnected the mouse but it
    > continued. I disabled the network adapter on the server, it continued. I
    > launched notepad, and basically had a conversation with it. It was typing,
    > I
    > disconnected the keyboard, it carried on typing, I freaked out! What was
    > it?
     
  13. msnews

    msnews Flightless Bird

    have wireless back now, it seems antivirus has been disabled on my machine
    and I can't re-install.it.

    "msnews" <notinterestedgoaway@hotmail.com> wrote in message
    news:-Op9pPiAOLHA.6100@TK2MSFTNGP05.phx.gbl...
    > Hi Joe,
    >
    > thanks for that. You are right, it is a wireless router... and my
    > daughter hasn't managed to get wireless on her ipod ever since, so thats
    > worth considering. But the wireless is password protected, and the
    > password is loooong!
    >
    > "Elmo" <elmogeek@xxx.invalid> wrote in message
    > news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
    >> msnews wrote:
    >>> Yes, it was Peter?
    >>>
    >>> mine and my daughters were still connected.
    >>> .
    >>> So even though I had disconnected keyboard and mouse, disabled network
    >>> adapter, pulled out network adapter from back of pc, it still carried
    >>> on.
    >>> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
    >>> pc,
    >>> it still carried on.. In the end, I just pulled plug on router itself,
    >>> so
    >>> no power. Then and only then, did it stop. I saved the notepad doc of
    >>> convo
    >>> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
    >>> find
    >>> half the convo content missing with no moderation to date accessed,
    >>> modified
    >>> or created properties. Whats that all about..? Creepy! Granted pc was
    >>> left
    >>> on with net enabled overnight for virus scan, but with external hds
    >>> disconnected, interface devices disconnected how can the doc be
    >>> modified.
    >>>
    >>> So my question is... it possible to suspend the timestamp on a pc, make
    >>> changes to docs and revert time stamp and it reflect in document
    >>> properties?
    >>>
    >>> any answers would be appreciated, coz right now, the kids think we have
    >>> a
    >>> ghost in the house!
    >>>
    >>>
    >>> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
    >>> news:i3pc6c$egp$1@news.eternal-september.org...
    >>>> On 8/9/2010 4:16 PM, msnews wrote:
    >>>>> Hi all Thanks for feedback. I have run avast av, which did discover a
    >>>>> malware in the rootkit sytem of the server, but it was not called
    >>>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse
    >>>>> with
    >>>>> no
    >>>>> internet and no keyboard or mouse connected? The interaction was too
    >>>>> familiar feeling for it to be a trojan bot even if it did scan my ex
    >>>>> hds
    >>>>> for
    >>>>> info, and was able to answer questions. Some questions we were saying,
    >>>>> were
    >>>>> answered before I even typed them, creating the suspicion that we had
    >>>>> a
    >>>>> mic
    >>>>> was on in the house or that we were being bugged! It seemed more like
    >>>>> a
    >>>>> hack
    >>>>> really but how is this possible with know enabled network connection
    >>>>> or
    >>>>> attached devices?
    >>>> Is the server still connected to the other computers?
    >>>>
    >>>> --
    >>>> Peter Taylor

    >>
    >> If it's a wireless router, that's probably how they were gaining entry.
    >> It has to be someone within, say.. a hundred feet of the router, if
    >> that's the case. Turning off your keyboard and mouse wouldn't affect
    >> their control of your machine.
    >>
    >> --
    >>
    >> Joe =o)

    >
    >
     
  14. Elmo

    Elmo Flightless Bird

    msnews wrote:
    > have wireless back now, it seems antivirus has been disabled on my machine
    > and I can't re-install.it.
    >
    > "msnews" <notinterestedgoaway@hotmail.com> wrote in message
    > news:-Op9pPiAOLHA.6100@TK2MSFTNGP05.phx.gbl...
    >> Hi Joe,
    >>
    >> thanks for that. You are right, it is a wireless router... and my
    >> daughter hasn't managed to get wireless on her ipod ever since, so thats
    >> worth considering. But the wireless is password protected, and the
    >> password is loooong!
    >>
    >> "Elmo" <elmogeek@xxx.invalid> wrote in message
    >> news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
    >>> msnews wrote:
    >>>> Yes, it was Peter?
    >>>>
    >>>> mine and my daughters were still connected.
    >>>> .
    >>>> So even though I had disconnected keyboard and mouse, disabled network
    >>>> adapter, pulled out network adapter from back of pc, it still carried
    >>>> on.
    >>>> Pulled plug on my daughters pc, it still carried on. Pulled plug onmy
    >>>> pc,
    >>>> it still carried on.. In the end, I just pulled plug on router itself,
    >>>> so
    >>>> no power. Then and only then, did it stop. I saved the notepad doc of
    >>>> convo
    >>>> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
    >>>> find
    >>>> half the convo content missing with no moderation to date accessed,
    >>>> modified
    >>>> or created properties. Whats that all about..? Creepy! Granted pc was
    >>>> left
    >>>> on with net enabled overnight for virus scan, but with external hds
    >>>> disconnected, interface devices disconnected how can the doc be
    >>>> modified.
    >>>>
    >>>> So my question is... it possible to suspend the timestamp on a pc, make
    >>>> changes to docs and revert time stamp and it reflect in document
    >>>> properties?
    >>>>
    >>>> any answers would be appreciated, coz right now, the kids think we have
    >>>> a
    >>>> ghost in the house!
    >>>>
    >>>>
    >>>> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
    >>>> news:i3pc6c$egp$1@news.eternal-september.org...
    >>>>> On 8/9/2010 4:16 PM, msnews wrote:
    >>>>>> Hi all Thanks for feedback. I have run avast av, which did discover a
    >>>>>> malware in the rootkit sytem of the server, but it was not called
    >>>>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse
    >>>>>> with
    >>>>>> no
    >>>>>> internet and no keyboard or mouse connected? The interaction was too
    >>>>>> familiar feeling for it to be a trojan bot even if it did scan my ex
    >>>>>> hds
    >>>>>> for
    >>>>>> info, and was able to answer questions. Some questions we were saying,
    >>>>>> were
    >>>>>> answered before I even typed them, creating the suspicion that we had
    >>>>>> a
    >>>>>> mic
    >>>>>> was on in the house or that we were being bugged! It seemed more like
    >>>>>> a
    >>>>>> hack
    >>>>>> really but how is this possible with know enabled network connection
    >>>>>> or
    >>>>>> attached devices?
    >>>>> Is the server still connected to the other computers?
    >>>>>
    >>>>> --
    >>>>> Peter Taylor
    >>> If it's a wireless router, that's probably how they were gaining entry.
    >>> It has to be someone within, say.. a hundred feet of the router, if
    >>> that's the case. Turning off your keyboard and mouse wouldn't affect
    >>> their control of your machine.


    Download, install, update and run these:

    Malwarebytes© Corporation
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    SuperAntispyware
    http://www.superantispyware.com/superantispywarefreevspro.html

    --

    Joe =o)
     
  15. msnews

    msnews Flightless Bird

    Fantastic. Thank you to Joe (Elmo) for recommending

    Malwarebytes© Corporation
    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    SuperAntispyware
    http://www.superantispyware.com/superantispywarefreevspro.html

    I ran on all my machines and it did identify a number of malware, trojans!
    I got excited just viewing the log, and the malwarebytes software removed
    them for free.

    Thanks to everyone for all the replies!



    "Elmo" <elmogeek@xxx.invalid> wrote in message
    news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
    > msnews wrote:
    >> Yes, it was Peter?
    >>
    >> mine and my daughters were still connected.
    >> .
    >> So even though I had disconnected keyboard and mouse, disabled network
    >> adapter, pulled out network adapter from back of pc, it still carried on.
    >> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
    >> pc,
    >> it still carried on.. In the end, I just pulled plug on router itself,
    >> so
    >> no power. Then and only then, did it stop. I saved the notepad doc of
    >> convo
    >> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
    >> find
    >> half the convo content missing with no moderation to date accessed,
    >> modified
    >> or created properties. Whats that all about..? Creepy! Granted pc was
    >> left
    >> on with net enabled overnight for virus scan, but with external hds
    >> disconnected, interface devices disconnected how can the doc be modified.
    >>
    >> So my question is... it possible to suspend the timestamp on a pc, make
    >> changes to docs and revert time stamp and it reflect in document
    >> properties?
    >>
    >> any answers would be appreciated, coz right now, the kids think we have a
    >> ghost in the house!
    >>
    >>
    >> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
    >> news:i3pc6c$egp$1@news.eternal-september.org...
    >>> On 8/9/2010 4:16 PM, msnews wrote:
    >>>> Hi all Thanks for feedback. I have run avast av, which did discover a
    >>>> malware in the rootkit sytem of the server, but it was not called
    >>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
    >>>> no
    >>>> internet and no keyboard or mouse connected? The interaction was too
    >>>> familiar feeling for it to be a trojan bot even if it did scan my ex
    >>>> hds
    >>>> for
    >>>> info, and was able to answer questions. Some questions we were saying,
    >>>> were
    >>>> answered before I even typed them, creating the suspicion that we had a
    >>>> mic
    >>>> was on in the house or that we were being bugged! It seemed more like a
    >>>> hack
    >>>> really but how is this possible with know enabled network connection or
    >>>> attached devices?
    >>> Is the server still connected to the other computers?
    >>>
    >>> --
    >>> Peter Taylor

    >
    > If it's a wireless router, that's probably how they were gaining entry.
    > It has to be someone within, say.. a hundred feet of the router, if
    > that's the case. Turning off your keyboard and mouse wouldn't affect
    > their control of your machine.
    >
    > --
    >
    > Joe =o)
     
  16. Justin

    Justin Flightless Bird

    In article <O0wl7IPOLHA.5860@TK2MSFTNGP04.phx.gbl>,
    "msnews" <notinterestedgoaway@hotmail.com> wrote:

    > Fantastic. Thank you to Joe (Elmo) for recommending
    >
    > Malwarebytes© Corporation
    > http://www.malwarebytes.org/mbam/program/mbam-setup.exe
    >
    > SuperAntispyware
    > http://www.superantispyware.com/superantispywarefreevspro.html
    >
    > I ran on all my machines and it did identify a number of malware, trojans!
    > I got excited just viewing the log, and the malwarebytes software removed
    > them for free.
    >
    > Thanks to everyone for all the replies!
    >
    >
    >
    > "Elmo" <elmogeek@xxx.invalid> wrote in message
    > news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
    > > msnews wrote:
    > >> Yes, it was Peter?
    > >>
    > >> mine and my daughters were still connected.
    > >> .
    > >> So even though I had disconnected keyboard and mouse, disabled network
    > >> adapter, pulled out network adapter from back of pc, it still carried on.
    > >> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
    > >> pc,
    > >> it still carried on.. In the end, I just pulled plug on router itself,
    > >> so
    > >> no power. Then and only then, did it stop. I saved the notepad doc of
    > >> convo
    > >> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
    > >> find
    > >> half the convo content missing with no moderation to date accessed,
    > >> modified
    > >> or created properties. Whats that all about..? Creepy! Granted pc was
    > >> left
    > >> on with net enabled overnight for virus scan, but with external hds
    > >> disconnected, interface devices disconnected how can the doc be modified.
    > >>
    > >> So my question is... it possible to suspend the timestamp on a pc, make
    > >> changes to docs and revert time stamp and it reflect in document
    > >> properties?
    > >>
    > >> any answers would be appreciated, coz right now, the kids think we have a
    > >> ghost in the house!



    This wouldn't have happened on a Mac!

    Other than you, every other account should be a normal user to prevent
    junk like that from being installed. When something needs to be
    installed you should be the one to do it.
    Each kid should have her own account on each machine.
    Microsoft security essentials is actually pretty good and its free. Get
    rid of your current AV software and install that.

    Scan that machine again - every week there's a good chance the malware
    will come back. In my years of experience maleware and spyware never
    truly go away and the only thing that cures it 100% is a reformat and
    reinstall of the OS.
     

Share This Page