Re: Exploit

Thanks for your response David. I have a PS2 mouse.

David


"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eh0hWbf9FHA.1420@xxxxxxxxxxxxxxxxxxxxxxx
> From: "David Kelsey" <david_kelseyNO@xxxxxxxxxxxxxxx>
>
> | Yesterday, my cursor suddenly started moving on its own, with no input
> from
> | me, and I could not stop it. It moved to the start button, clicked it,
> then
> | clicked run, entered the address of my other network computer plus 'my
> | documents' and the name of my accounts file, which it opened. While all
> | this was going on, I was trying to end task with the Task Manager, where
> the
> | open task was called 'too funny LA 21' or something similar, which was
> the
> | subject line of an e-mail I received from a friend in Canada. It
> contained
> | a nun joke within the body of the message. It took several attempts to
> end
> | task.
> |
> | Then I started removing all trace of the e-mail from both computers, and
> | emptied whatever folders I could. My deleted items folder on one
> computer
> | had already been emptied (not by me) of all mails except about 30 or 40
> | ZDNet pages which I had received and deleted over several months. I
> have
> | e-mailed ZDNet with the details in case they know anything about it.
> |
> | I got the latest updates, and scanned both machines with Norton and AVG,
> | with no result. MS Antispyware ran and found nothing, but then it never
> has
> | found anything ever on either machine. I checked with Symantec, and
> found
> | nothing relating to this activity, either real or hoax.
> |
> | Since then, both machines appear to be running normally.
> |
> | Does anyone recognise this exploit, if that is what it is, please? It
> seems
> | to be a macro of sorts, but I don't have it in my EZ Macros list, and I
> have
> | deleted any trace of macros from Excel, not that there appeared to be
> | anything active. I can't think how anything could know the address of
> my
> | accounts file, nor can I think of any reason for accessing it. It
> doesn't
> | contain any passwords or anything that could be used to get into my bank
> or
> | whatever. However, it is very worrying, because obviously the run
> command
> | could have been anything. Having said all that, it could be a useful
> macro,
> | if I knew where to find it. I am the only user of the machine it
> cropped up
> | on, and my wife is the only other person in the house. She wouldn't set
> up
> | any macros. Could there be a key logger on board?
> |
> | I have XP Pro SP2 with all updates, four spyware programs, and two
> antivirus
> | programs, plus the XP firewall and my ISP's firewall. You'd think the
> thing
> | would be locked down tight, wouldn't you?
> |
> | David Kelsey
> |
>
> What kind of mouse do you use (PS/2, USB, wireless, etc) ?
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>


.