Re: Computer appears to be controlled by someone else

From: Jason Wade (savon1414_050404+to.nospam_at_earthlink.net)
Date: 05/18/04 

Date: Tue, 18 May 2004 03:03:35 GMT

On Mon, 17 May 2004 11:14:11 -0500, JL wrote:

> I'm running Win XP home edition and using Norton A/V. The computer
> appears to be controlled by someone else. Random things happen,
> programs open and close, the mouse moves on its own. Frankly, very
> creepy. When I run a full scan with Norton, it indicates that I have no
> viruses.
>
> I have three questions I'd appreciate any direction on.
>
> 1)What might I do to identify the problem and to rid my computer of
> this?

Do some online scans:
http://www.bitdefender.com/scan/license.php
http://www.ravantivirus.com/scan/
http://www.pandasoftware.com/activescan/

The malware you're facing might not be a virus, but a spybot or trojan
instead:
http://www.safer-networking.org/
http://vil.nai.com/vil/stinger/
http://www.lavasoftusa.com/software/adaware/

> 2) if I were to reformat the hard drive and reinstall Win XP should I
> expect that it would solve the problem, or is there a chance that the
> problem would remain even if I reformat?

If you go online without a firewall, and if you don't get your OS patched,
yes, the problems will recur.

If you do decide to reinstall xp, enable the firewall (icf) first, then
download all the updates. Read these:

http://www.sans.org/rr/papers/index.php?id=1298
http://www.cert.org/tech_tips/before_you_plug_in.html

I suggest installing linux alongside windows just in case windows gets
jammed up for some reason. This would require that you partition your
drive.

> 3) Do these symptoms mean that someone is actively controlling the
> computer, or might these things be happening randomly given that a
> virus/trojan is resident on my computer?
>
>
There are probably 100,000 trojanized, zombied windows computers on the
Internet. Yours could be one.

> Thanks for any help you might provide.

You're welcome. 

-- 
Need a safer, more secure and stable operating system?
http://www.linux-mandrake.com/en/
http://www.debian.org/
http://www.slackware.com/

Relevant Pages

  • Re: Trojan horse Downloader.Generic.ML
    ... connection running Windows 98 with ALL updates and clicked one of the links. ... I got rid of the trojan file about a week later, it was kept only to verify ... firewall down completely, it might prevent the firewall from getting ... To do that you arrange to prevent any executable code getting ...
    (comp.security.firewalls)
  • Re: Trojan horse Downloader.Generic.ML
    ... connection running Windows 98 with ALL updates and clicked one of the links. ... I got rid of the trojan file about a week later, it was kept only to verify ... firewall down completely, it might prevent the firewall from getting ... To do that you arrange to prevent any executable code getting ...
    (alt.computer.security)
  • Re: Firewalls and Anti-Virus Installation After Your Windows PC Is On The Internet
    ... >> the services Windows enables by default, ... > firewall for that. ... >> By now, the malicious hacker has installed their Trojan Horses, ... You come along and install say one firewall, ...
    (comp.security.misc)
  • Re: Firewalls and Anti-Virus Installation After Your Windows PC Is On The Internet
    ... >> the services Windows enables by default, ... > firewall for that. ... >> By now, the malicious hacker has installed their Trojan Horses, ... You come along and install say one firewall, ...
    (alt.computer.security)
  • Re: Trojan horse Downloader.Generic.ML
    ... > I got rid of the trojan file about a week later, ... popular virus scanners" DID start finding it? ... > Sure it's the usual model for a home Windows user but it is not effective ... > firewall down completely, it might prevent the firewall from getting ...
    (alt.computer.security)
Quantcast