• Welcome to Tux Reports: Where Penguins Fly. We hope you find the topics varied, interesting, and worthy of your time. Please become a member and join in the discussions.

Hacked, Trojan, violated... but which is it?

M

msnews

Flightless Bird
I have 4 xp machines, one i use as a server with 4 external usb hardrives
attached. I was sitting in front of the server when my mouse began to move
on its own, hover over the date in the task bar, opening up my Gom music
player, hovering over the pause button on my nero back up program, skipping
all over the place, I heard myself saying, don't you dare. The children
were watching and getting scared. I disconnected the mouse but it
continued. I disabled the network adapter on the server, it continued. I
launched notepad, and basically had a conversation with it. It was typing, I
disconnected the keyboard, it carried on typing, I freaked out! What was
it?
 
T

Tigger

Flightless Bird
msnews writted thus:

> I have 4 xp machines, one i use as a server with 4 external usb
> hardrives attached. I was sitting in front of the server when my mouse
> began to move on its own, hover over the date in the task bar, opening
> up my Gom music player, hovering over the pause button on my nero back
> up program, skipping all over the place, I heard myself saying, don't
> you dare. The children were watching and getting scared. I
> disconnected the mouse but it continued. I disabled the network adapter
> on the server, it continued. I launched notepad, and basically had a
> conversation with it. It was typing, I disconnected the keyboard, it
> carried on typing, I freaked out! What was it?

It could be "backdoor.nepoe"
A backdoor trojan that allows malicious users to gain remote access to
the affected computer. It spreads across the Internet.
Panda AV can remove it I seem to recall.
 
M

Michael

Flightless Bird
"msnews" <notinterestedgoaway@hotmail.com> wrote in message
news:#gWI9p7NLHA.1796@TK2MSFTNGP06.phx.gbl...
> I have 4 xp machines, one i use as a server with 4 external usb hardrives
> attached. I was sitting in front of the server when my mouse began to move
> on its own, hover over the date in the task bar, opening up my Gom music
> player, hovering over the pause button on my nero back up program,
> skipping all over the place, I heard myself saying, don't you dare. The
> children were watching and getting scared. I disconnected the mouse but
> it continued. I disabled the network adapter on the server, it continued.
> I launched notepad, and basically had a conversation with it. It was
> typing, I disconnected the keyboard, it carried on typing, I freaked out!
> What was it?
>
Are you running any AV? Try running the free versions of these:
http://www.malwarebytes.org/ &
http://superantispyware.com/

If you're running a valid copy of Windows you may want to change your AV to
MSE, especially if you're running Norton or Crapafee!
http://www.microsoft.com/security_essentials/

--

"Don't pick a fight with an old man.
If he is too old to fight, he'll just kill you."
 
M

msnews

Flightless Bird
Hi all Thanks for feedback. I have run avast av, which did discover a
malware in the rootkit sytem of the server, but it was not called
backdoor.nepoe. Can a malicious program operate keyboard and mouse with no
internet and no keyboard or mouse connected? The interaction was too
familiar feeling for it to be a trojan bot even if it did scan my ex hds for
info, and was able to answer questions. Some questions we were saying, were
answered before I even typed them, creating the suspicion that we had a mic
was on in the house or that we were being bugged! It seemed more like a hack
really but how is this possible with know enabled network connection or
attached devices?


"msnews" <notinterestedgoaway@hotmail.com> wrote in message
news:%23gWI9p7NLHA.1796@TK2MSFTNGP06.phx.gbl...
>I have 4 xp machines, one i use as a server with 4 external usb hardrives
>attached. I was sitting in front of the server when my mouse began to move
>on its own, hover over the date in the task bar, opening up my Gom music
>player, hovering over the pause button on my nero back up program, skipping
>all over the place, I heard myself saying, don't you dare. The children
>were watching and getting scared. I disconnected the mouse but it
>continued. I disabled the network adapter on the server, it continued. I
>launched notepad, and basically had a conversation with it. It was typing,
>I disconnected the keyboard, it carried on typing, I freaked out! What was
>it?
>
 
P

Peter Taylor

Flightless Bird
On 8/9/2010 4:16 PM, msnews wrote:
> Hi all Thanks for feedback. I have run avast av, which did discover a
> malware in the rootkit sytem of the server, but it was not called
> backdoor.nepoe. Can a malicious program operate keyboard and mouse with no
> internet and no keyboard or mouse connected? The interaction was too
> familiar feeling for it to be a trojan bot even if it did scan my ex hds for
> info, and was able to answer questions. Some questions we were saying, were
> answered before I even typed them, creating the suspicion that we had a mic
> was on in the house or that we were being bugged! It seemed more like a hack
> really but how is this possible with know enabled network connection or
> attached devices?

Is the server still connected to the other computers?

--
Peter Taylor
 
M

msnews

Flightless Bird
Yes, it was Peter?

mine and my daughters were still connected.
..
So even though I had disconnected keyboard and mouse, disabled network
adapter, pulled out network adapter from back of pc, it still carried on.
Pulled plug on my daughters pc, it still carried on. Pulled plug on my pc,
it still carried on.. In the end, I just pulled plug on router itself, so
no power. Then and only then, did it stop. I saved the notepad doc of convo
in its entirety at 11.49pm on the desktop. Went back 3 hours later to find
half the convo content missing with no moderation to date accessed, modified
or created properties. Whats that all about..? Creepy! Granted pc was left
on with net enabled overnight for virus scan, but with external hds
disconnected, interface devices disconnected how can the doc be modified.

So my question is... it possible to suspend the timestamp on a pc, make
changes to docs and revert time stamp and it reflect in document properties?

any answers would be appreciated, coz right now, the kids think we have a
ghost in the house!


"Peter Taylor" <noemailspam@please.com.invalid> wrote in message
news:i3pc6c$egp$1@news.eternal-september.org...
> On 8/9/2010 4:16 PM, msnews wrote:
>> Hi all Thanks for feedback. I have run avast av, which did discover a
>> malware in the rootkit sytem of the server, but it was not called
>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
>> no
>> internet and no keyboard or mouse connected? The interaction was too
>> familiar feeling for it to be a trojan bot even if it did scan my ex hds
>> for
>> info, and was able to answer questions. Some questions we were saying,
>> were
>> answered before I even typed them, creating the suspicion that we had a
>> mic
>> was on in the house or that we were being bugged! It seemed more like a
>> hack
>> really but how is this possible with know enabled network connection or
>> attached devices?
>
> Is the server still connected to the other computers?
>
> --
> Peter Taylor
 
T

Tigger

Flightless Bird
msnews writted thus:

> Hi all Thanks for feedback. I have run avast av, which did discover a
> malware in the rootkit sytem of the server, but it was not called
> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
> no internet and no keyboard or mouse connected? The interaction was too
> familiar feeling for it to be a trojan bot even if it did scan my ex hds
> for info, and was able to answer questions. Some questions we were
> saying, were answered before I even typed them, creating the suspicion
> that we had a mic was on in the house or that we were being bugged! It
> seemed more like a hack really but how is this possible with know
> enabled network connection or attached devices?
>
>

ROFL Got any clever kids in the house??
You might have been the butt of a practical joke...
 
P

Peter

Flightless Bird
On 08/09/2010 07:48 PM, msnews wrote:
> Yes, it was Peter?
>
> mine and my daughters were still connected.
> .
> So even though I had disconnected keyboard and mouse, disabled network
> adapter, pulled out network adapter from back of pc, it still carried on.
> Pulled plug on my daughters pc, it still carried on. Pulled plug on my pc,
> it still carried on.. In the end, I just pulled plug on router itself, so
> no power. Then and only then, did it stop. I saved the notepad doc of convo
> in its entirety at 11.49pm on the desktop. Went back 3 hours later to find
> half the convo content missing with no moderation to date accessed, modified
> or created properties. Whats that all about..? Creepy! Granted pc was left
> on with net enabled overnight for virus scan, but with external hds
> disconnected, interface devices disconnected how can the doc be modified.
>
> So my question is... it possible to suspend the timestamp on a pc, make
> changes to docs and revert time stamp and it reflect in document properties?
>
> any answers would be appreciated, coz right now, the kids think we have a
> ghost in the house!

I would scan the other computers for malware. Is the firewall in the
router enabled and is the router password protected?

--
Peter
 
M

msnews

Flightless Bird
Well, its just me, and my two girls.. a teen and a younger daughter, both
don't care about IT and don't wish to understand as long as they can get on
facebook and dollspalace.com, therefore no IT knowhow whatsoever.

I may be the butt of a practical joke, but its a very good one! Im an
intelligent gal, not an IT pro or anything, but savvy enough to maintain a
network and keep it like fortnocks for the last 10 years, virus and trojan
free, but this is a new one on me! hijack a pc with no internet or
interactive devices.. I wantt to know how they did it!

donna

"Tigger" <Tony@the.jungle.drums> wrote in message
news:i3pfpd$4hv$1@news.eternal-september.org...
> msnews writted thus:
>
>> Hi all Thanks for feedback. I have run avast av, which did discover a
>> malware in the rootkit sytem of the server, but it was not called
>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
>> no internet and no keyboard or mouse connected? The interaction was too
>> familiar feeling for it to be a trojan bot even if it did scan my ex hds
>> for info, and was able to answer questions. Some questions we were
>> saying, were answered before I even typed them, creating the suspicion
>> that we had a mic was on in the house or that we were being bugged! It
>> seemed more like a hack really but how is this possible with know
>> enabled network connection or attached devices?
>>
>>
>
> ROFL Got any clever kids in the house??
> You might have been the butt of a practical joke...
 
E

Elmo

Flightless Bird
msnews wrote:
> Yes, it was Peter?
>
> mine and my daughters were still connected.
> .
> So even though I had disconnected keyboard and mouse, disabled network
> adapter, pulled out network adapter from back of pc, it still carried on.
> Pulled plug on my daughters pc, it still carried on. Pulled plug on my pc,
> it still carried on.. In the end, I just pulled plug on router itself, so
> no power. Then and only then, did it stop. I saved the notepad doc of convo
> in its entirety at 11.49pm on the desktop. Went back 3 hours later to find
> half the convo content missing with no moderation to date accessed, modified
> or created properties. Whats that all about..? Creepy! Granted pc was left
> on with net enabled overnight for virus scan, but with external hds
> disconnected, interface devices disconnected how can the doc be modified.
>
> So my question is... it possible to suspend the timestamp on a pc, make
> changes to docs and revert time stamp and it reflect in document properties?
>
> any answers would be appreciated, coz right now, the kids think we have a
> ghost in the house!
>
>
> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
> news:i3pc6c$egp$1@news.eternal-september.org...
>> On 8/9/2010 4:16 PM, msnews wrote:
>>> Hi all Thanks for feedback. I have run avast av, which did discover a
>>> malware in the rootkit sytem of the server, but it was not called
>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
>>> no
>>> internet and no keyboard or mouse connected? The interaction was too
>>> familiar feeling for it to be a trojan bot even if it did scan my ex hds
>>> for
>>> info, and was able to answer questions. Some questions we were saying,
>>> were
>>> answered before I even typed them, creating the suspicion that we had a
>>> mic
>>> was on in the house or that we were being bugged! It seemed more like a
>>> hack
>>> really but how is this possible with know enabled network connection or
>>> attached devices?
>> Is the server still connected to the other computers?
>>
>> --
>> Peter Taylor

If it's a wireless router, that's probably how they were gaining entry.
It has to be someone within, say.. a hundred feet of the router, if
that's the case. Turning off your keyboard and mouse wouldn't affect
their control of your machine.

--

Joe =o)
 
M

msnews

Flightless Bird
Hi Joe,

thanks for that. You are right, it is a wireless router... and my daughter
hasn't managed to get wireless on her ipod ever since, so thats worth
considering. But the wireless is password protected, and the password is
loooong!

"Elmo" <elmogeek@xxx.invalid> wrote in message
news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
> msnews wrote:
>> Yes, it was Peter?
>>
>> mine and my daughters were still connected.
>> .
>> So even though I had disconnected keyboard and mouse, disabled network
>> adapter, pulled out network adapter from back of pc, it still carried on.
>> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
>> pc,
>> it still carried on.. In the end, I just pulled plug on router itself,
>> so
>> no power. Then and only then, did it stop. I saved the notepad doc of
>> convo
>> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
>> find
>> half the convo content missing with no moderation to date accessed,
>> modified
>> or created properties. Whats that all about..? Creepy! Granted pc was
>> left
>> on with net enabled overnight for virus scan, but with external hds
>> disconnected, interface devices disconnected how can the doc be modified.
>>
>> So my question is... it possible to suspend the timestamp on a pc, make
>> changes to docs and revert time stamp and it reflect in document
>> properties?
>>
>> any answers would be appreciated, coz right now, the kids think we have a
>> ghost in the house!
>>
>>
>> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
>> news:i3pc6c$egp$1@news.eternal-september.org...
>>> On 8/9/2010 4:16 PM, msnews wrote:
>>>> Hi all Thanks for feedback. I have run avast av, which did discover a
>>>> malware in the rootkit sytem of the server, but it was not called
>>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
>>>> no
>>>> internet and no keyboard or mouse connected? The interaction was too
>>>> familiar feeling for it to be a trojan bot even if it did scan my ex
>>>> hds
>>>> for
>>>> info, and was able to answer questions. Some questions we were saying,
>>>> were
>>>> answered before I even typed them, creating the suspicion that we had a
>>>> mic
>>>> was on in the house or that we were being bugged! It seemed more like a
>>>> hack
>>>> really but how is this possible with know enabled network connection or
>>>> attached devices?
>>> Is the server still connected to the other computers?
>>>
>>> --
>>> Peter Taylor
>
> If it's a wireless router, that's probably how they were gaining entry.
> It has to be someone within, say.. a hundred feet of the router, if
> that's the case. Turning off your keyboard and mouse wouldn't affect
> their control of your machine.
>
> --
>
> Joe =o)
 
P

PA Bear [MS MVP]

Flightless Bird
> ...The children were watching and getting scared.

Scared you'd figure out that one of them infected the computer or...?

msnews wrote:
> I have 4 xp machines, one i use as a server with 4 external usb hardrives
> attached. I was sitting in front of the server when my mouse began to move
> on its own, hover over the date in the task bar, opening up my Gom music
> player, hovering over the pause button on my nero back up program,
> skipping
> all over the place, I heard myself saying, don't you dare. The children
> were watching and getting scared. I disconnected the mouse but it
> continued. I disabled the network adapter on the server, it continued. I
> launched notepad, and basically had a conversation with it. It was typing,
> I
> disconnected the keyboard, it carried on typing, I freaked out! What was
> it?
 
M

msnews

Flightless Bird
have wireless back now, it seems antivirus has been disabled on my machine
and I can't re-install.it.

"msnews" <notinterestedgoaway@hotmail.com> wrote in message
news:-Op9pPiAOLHA.6100@TK2MSFTNGP05.phx.gbl...
> Hi Joe,
>
> thanks for that. You are right, it is a wireless router... and my
> daughter hasn't managed to get wireless on her ipod ever since, so thats
> worth considering. But the wireless is password protected, and the
> password is loooong!
>
> "Elmo" <elmogeek@xxx.invalid> wrote in message
> news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
>> msnews wrote:
>>> Yes, it was Peter?
>>>
>>> mine and my daughters were still connected.
>>> .
>>> So even though I had disconnected keyboard and mouse, disabled network
>>> adapter, pulled out network adapter from back of pc, it still carried
>>> on.
>>> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
>>> pc,
>>> it still carried on.. In the end, I just pulled plug on router itself,
>>> so
>>> no power. Then and only then, did it stop. I saved the notepad doc of
>>> convo
>>> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
>>> find
>>> half the convo content missing with no moderation to date accessed,
>>> modified
>>> or created properties. Whats that all about..? Creepy! Granted pc was
>>> left
>>> on with net enabled overnight for virus scan, but with external hds
>>> disconnected, interface devices disconnected how can the doc be
>>> modified.
>>>
>>> So my question is... it possible to suspend the timestamp on a pc, make
>>> changes to docs and revert time stamp and it reflect in document
>>> properties?
>>>
>>> any answers would be appreciated, coz right now, the kids think we have
>>> a
>>> ghost in the house!
>>>
>>>
>>> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
>>> news:i3pc6c$egp$1@news.eternal-september.org...
>>>> On 8/9/2010 4:16 PM, msnews wrote:
>>>>> Hi all Thanks for feedback. I have run avast av, which did discover a
>>>>> malware in the rootkit sytem of the server, but it was not called
>>>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse
>>>>> with
>>>>> no
>>>>> internet and no keyboard or mouse connected? The interaction was too
>>>>> familiar feeling for it to be a trojan bot even if it did scan my ex
>>>>> hds
>>>>> for
>>>>> info, and was able to answer questions. Some questions we were saying,
>>>>> were
>>>>> answered before I even typed them, creating the suspicion that we had
>>>>> a
>>>>> mic
>>>>> was on in the house or that we were being bugged! It seemed more like
>>>>> a
>>>>> hack
>>>>> really but how is this possible with know enabled network connection
>>>>> or
>>>>> attached devices?
>>>> Is the server still connected to the other computers?
>>>>
>>>> --
>>>> Peter Taylor
>>
>> If it's a wireless router, that's probably how they were gaining entry.
>> It has to be someone within, say.. a hundred feet of the router, if
>> that's the case. Turning off your keyboard and mouse wouldn't affect
>> their control of your machine.
>>
>> --
>>
>> Joe =o)
>
>
 
E

Elmo

Flightless Bird
msnews wrote:
> have wireless back now, it seems antivirus has been disabled on my machine
> and I can't re-install.it.
>
> "msnews" <notinterestedgoaway@hotmail.com> wrote in message
> news:-Op9pPiAOLHA.6100@TK2MSFTNGP05.phx.gbl...
>> Hi Joe,
>>
>> thanks for that. You are right, it is a wireless router... and my
>> daughter hasn't managed to get wireless on her ipod ever since, so thats
>> worth considering. But the wireless is password protected, and the
>> password is loooong!
>>
>> "Elmo" <elmogeek@xxx.invalid> wrote in message
>> news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
>>> msnews wrote:
>>>> Yes, it was Peter?
>>>>
>>>> mine and my daughters were still connected.
>>>> .
>>>> So even though I had disconnected keyboard and mouse, disabled network
>>>> adapter, pulled out network adapter from back of pc, it still carried
>>>> on.
>>>> Pulled plug on my daughters pc, it still carried on. Pulled plug onmy
>>>> pc,
>>>> it still carried on.. In the end, I just pulled plug on router itself,
>>>> so
>>>> no power. Then and only then, did it stop. I saved the notepad doc of
>>>> convo
>>>> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
>>>> find
>>>> half the convo content missing with no moderation to date accessed,
>>>> modified
>>>> or created properties. Whats that all about..? Creepy! Granted pc was
>>>> left
>>>> on with net enabled overnight for virus scan, but with external hds
>>>> disconnected, interface devices disconnected how can the doc be
>>>> modified.
>>>>
>>>> So my question is... it possible to suspend the timestamp on a pc, make
>>>> changes to docs and revert time stamp and it reflect in document
>>>> properties?
>>>>
>>>> any answers would be appreciated, coz right now, the kids think we have
>>>> a
>>>> ghost in the house!
>>>>
>>>>
>>>> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
>>>> news:i3pc6c$egp$1@news.eternal-september.org...
>>>>> On 8/9/2010 4:16 PM, msnews wrote:
>>>>>> Hi all Thanks for feedback. I have run avast av, which did discover a
>>>>>> malware in the rootkit sytem of the server, but it was not called
>>>>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse
>>>>>> with
>>>>>> no
>>>>>> internet and no keyboard or mouse connected? The interaction was too
>>>>>> familiar feeling for it to be a trojan bot even if it did scan my ex
>>>>>> hds
>>>>>> for
>>>>>> info, and was able to answer questions. Some questions we were saying,
>>>>>> were
>>>>>> answered before I even typed them, creating the suspicion that we had
>>>>>> a
>>>>>> mic
>>>>>> was on in the house or that we were being bugged! It seemed more like
>>>>>> a
>>>>>> hack
>>>>>> really but how is this possible with know enabled network connection
>>>>>> or
>>>>>> attached devices?
>>>>> Is the server still connected to the other computers?
>>>>>
>>>>> --
>>>>> Peter Taylor
>>> If it's a wireless router, that's probably how they were gaining entry.
>>> It has to be someone within, say.. a hundred feet of the router, if
>>> that's the case. Turning off your keyboard and mouse wouldn't affect
>>> their control of your machine.

Download, install, update and run these:

Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispyware
http://www.superantispyware.com/superantispywarefreevspro.html

--

Joe =o)
 
M

msnews

Flightless Bird
Fantastic. Thank you to Joe (Elmo) for recommending

Malwarebytes© Corporation
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

SuperAntispyware
http://www.superantispyware.com/superantispywarefreevspro.html

I ran on all my machines and it did identify a number of malware, trojans!
I got excited just viewing the log, and the malwarebytes software removed
them for free.

Thanks to everyone for all the replies!



"Elmo" <elmogeek@xxx.invalid> wrote in message
news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
> msnews wrote:
>> Yes, it was Peter?
>>
>> mine and my daughters were still connected.
>> .
>> So even though I had disconnected keyboard and mouse, disabled network
>> adapter, pulled out network adapter from back of pc, it still carried on.
>> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
>> pc,
>> it still carried on.. In the end, I just pulled plug on router itself,
>> so
>> no power. Then and only then, did it stop. I saved the notepad doc of
>> convo
>> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
>> find
>> half the convo content missing with no moderation to date accessed,
>> modified
>> or created properties. Whats that all about..? Creepy! Granted pc was
>> left
>> on with net enabled overnight for virus scan, but with external hds
>> disconnected, interface devices disconnected how can the doc be modified.
>>
>> So my question is... it possible to suspend the timestamp on a pc, make
>> changes to docs and revert time stamp and it reflect in document
>> properties?
>>
>> any answers would be appreciated, coz right now, the kids think we have a
>> ghost in the house!
>>
>>
>> "Peter Taylor" <noemailspam@please.com.invalid> wrote in message
>> news:i3pc6c$egp$1@news.eternal-september.org...
>>> On 8/9/2010 4:16 PM, msnews wrote:
>>>> Hi all Thanks for feedback. I have run avast av, which did discover a
>>>> malware in the rootkit sytem of the server, but it was not called
>>>> backdoor.nepoe. Can a malicious program operate keyboard and mouse with
>>>> no
>>>> internet and no keyboard or mouse connected? The interaction was too
>>>> familiar feeling for it to be a trojan bot even if it did scan my ex
>>>> hds
>>>> for
>>>> info, and was able to answer questions. Some questions we were saying,
>>>> were
>>>> answered before I even typed them, creating the suspicion that we had a
>>>> mic
>>>> was on in the house or that we were being bugged! It seemed more like a
>>>> hack
>>>> really but how is this possible with know enabled network connection or
>>>> attached devices?
>>> Is the server still connected to the other computers?
>>>
>>> --
>>> Peter Taylor
>
> If it's a wireless router, that's probably how they were gaining entry.
> It has to be someone within, say.. a hundred feet of the router, if
> that's the case. Turning off your keyboard and mouse wouldn't affect
> their control of your machine.
>
> --
>
> Joe =o)
 
J

Justin

Flightless Bird
In article <O0wl7IPOLHA.5860@TK2MSFTNGP04.phx.gbl>,
"msnews" <notinterestedgoaway@hotmail.com> wrote:

> Fantastic. Thank you to Joe (Elmo) for recommending
>
> Malwarebytes© Corporation
> http://www.malwarebytes.org/mbam/program/mbam-setup.exe
>
> SuperAntispyware
> http://www.superantispyware.com/superantispywarefreevspro.html
>
> I ran on all my machines and it did identify a number of malware, trojans!
> I got excited just viewing the log, and the malwarebytes software removed
> them for free.
>
> Thanks to everyone for all the replies!
>
>
>
> "Elmo" <elmogeek@xxx.invalid> wrote in message
> news:R_2dnQQhlLNgwv3RnZ2dnUVZ_u2dnZ2d@insightbb.com...
> > msnews wrote:
> >> Yes, it was Peter?
> >>
> >> mine and my daughters were still connected.
> >> .
> >> So even though I had disconnected keyboard and mouse, disabled network
> >> adapter, pulled out network adapter from back of pc, it still carried on.
> >> Pulled plug on my daughters pc, it still carried on. Pulled plug on my
> >> pc,
> >> it still carried on.. In the end, I just pulled plug on router itself,
> >> so
> >> no power. Then and only then, did it stop. I saved the notepad doc of
> >> convo
> >> in its entirety at 11.49pm on the desktop. Went back 3 hours later to
> >> find
> >> half the convo content missing with no moderation to date accessed,
> >> modified
> >> or created properties. Whats that all about..? Creepy! Granted pc was
> >> left
> >> on with net enabled overnight for virus scan, but with external hds
> >> disconnected, interface devices disconnected how can the doc be modified.
> >>
> >> So my question is... it possible to suspend the timestamp on a pc, make
> >> changes to docs and revert time stamp and it reflect in document
> >> properties?
> >>
> >> any answers would be appreciated, coz right now, the kids think we have a
> >> ghost in the house!


This wouldn't have happened on a Mac!

Other than you, every other account should be a normal user to prevent
junk like that from being installed. When something needs to be
installed you should be the one to do it.
Each kid should have her own account on each machine.
Microsoft security essentials is actually pretty good and its free. Get
rid of your current AV software and install that.

Scan that machine again - every week there's a good chance the malware
will come back. In my years of experience maleware and spyware never
truly go away and the only thing that cures it 100% is a reformat and
reinstall of the OS.
 
You must log in or register to reply here.
Top