D
David Kelsey
Yesterday, my cursor suddenly started moving on its own, with no input from
me, and I could not stop it. It moved to the start button, clicked it, then
clicked run, entered the address of my other network computer plus 'my
documents' and the name of my accounts file, which it opened. While all
this was going on, I was trying to end task with the Task Manager, where the
open task was called 'too funny LA 21' or something similar, which was the
subject line of an e-mail I received from a friend in Canada. It contained
a nun joke within the body of the message. It took several attempts to end
task.
Then I started removing all trace of the e-mail from both computers, and
emptied whatever folders I could. My deleted items folder on one computer
had already been emptied (not by me) of all mails except about 30 or 40
ZDNet pages which I had received and deleted over several months. I have
e-mailed ZDNet with the details in case they know anything about it.
I got the latest updates, and scanned both machines with Norton and AVG,
with no result. MS Antispyware ran and found nothing, but then it never has
found anything ever on either machine. I checked with Symantec, and found
nothing relating to this activity, either real or hoax.
Since then, both machines appear to be running normally.
Does anyone recognise this exploit, if that is what it is, please? It seems
to be a macro of sorts, but I don't have it in my EZ Macros list, and I have
deleted any trace of macros from Excel, not that there appeared to be
anything active. I can't think how anything could know the address of my
accounts file, nor can I think of any reason for accessing it. It doesn't
contain any passwords or anything that could be used to get into my bank or
whatever. However, it is very worrying, because obviously the run command
could have been anything. Having said all that, it could be a useful macro,
if I knew where to find it. I am the only user of the machine it cropped up
on, and my wife is the only other person in the house. She wouldn't set up
any macros. Could there be a key logger on board?
I have XP Pro SP2 with all updates, four spyware programs, and two antivirus
programs, plus the XP firewall and my ISP's firewall. You'd think the thing
would be locked down tight, wouldn't you?
David Kelsey
me, and I could not stop it. It moved to the start button, clicked it, then
clicked run, entered the address of my other network computer plus 'my
documents' and the name of my accounts file, which it opened. While all
this was going on, I was trying to end task with the Task Manager, where the
open task was called 'too funny LA 21' or something similar, which was the
subject line of an e-mail I received from a friend in Canada. It contained
a nun joke within the body of the message. It took several attempts to end
task.
Then I started removing all trace of the e-mail from both computers, and
emptied whatever folders I could. My deleted items folder on one computer
had already been emptied (not by me) of all mails except about 30 or 40
ZDNet pages which I had received and deleted over several months. I have
e-mailed ZDNet with the details in case they know anything about it.
I got the latest updates, and scanned both machines with Norton and AVG,
with no result. MS Antispyware ran and found nothing, but then it never has
found anything ever on either machine. I checked with Symantec, and found
nothing relating to this activity, either real or hoax.
Since then, both machines appear to be running normally.
Does anyone recognise this exploit, if that is what it is, please? It seems
to be a macro of sorts, but I don't have it in my EZ Macros list, and I have
deleted any trace of macros from Excel, not that there appeared to be
anything active. I can't think how anything could know the address of my
accounts file, nor can I think of any reason for accessing it. It doesn't
contain any passwords or anything that could be used to get into my bank or
whatever. However, it is very worrying, because obviously the run command
could have been anything. Having said all that, it could be a useful macro,
if I knew where to find it. I am the only user of the machine it cropped up
on, and my wife is the only other person in the house. She wouldn't set up
any macros. Could there be a key logger on board?
I have XP Pro SP2 with all updates, four spyware programs, and two antivirus
programs, plus the XP firewall and my ISP's firewall. You'd think the thing
would be locked down tight, wouldn't you?
David Kelsey