Google Answers: am I being hacked? uncontrolled eratic mouse clicks

View Question

Q: am I being hacked? uncontrolled eratic mouse clicks ( No Answer, 4 Comments )

Question

Subject: am I being hacked? uncontrolled eratic mouse clicks
Category: Computers > Security
Asked by: maximilian1703-ga
List Price: $5.00

Posted: 14 Nov 2004 03:29 PST
Expires: 14 Dec 2004 03:29 PST
Question ID: 428720

I have a broadband connection, Netgear router with hardware firewall. Often my mouse randomly opens and closes several applications. eg it randomly moves around desktop clicking on icons, the start menu etc. I have run my spyware software and nothing is found. I have disabled the Windows xp firewall and my McAffe firewall as recomended by Netgear, to avoid any conflicts. Am I being hacked when these events happen? Any advice on how to prevent this problem?
Request for Question Clarification by livioflores-ga on 14 Nov 2004 05:53 PST Please perform the following scans and tell us the results: -TrojanScan: http://www.windowsecurity.com/trojanscan/ -Trend Micro - Free online virus Scan: http://housecall.trendmicro.com/housecall/start_corp.asp Thank you. livioflores-ga
Request for Question Clarification by hummer-ga on 14 Nov 2004 06:46 PST Hi maximillian1703, Possessed Mouse: 10 reasons: http://www.micro2000uk.co.uk/techtips/techtips_possessed_mouse.htm How to: Spyware, Trojan And Virus Removal http://forums.majorgeeks.com/showthread.php?t=35407 KRC Anti-Spyware Tutorial http://www.greyknight17.com/spyware.htm Please let us know if any of those help. Regards, hummer
Clarification of Question by maximilian1703-ga on 14 Nov 2004 08:48 PST I have fully up to date McAfee Virus checker plus Coffee Cup spyware remover, so don't see point of trying unknown and on line services. None of the services I have report any trojan or other virus nor any spyware etc on pc. Still need help please. Thanks
Request for Question Clarification by hummer-ga on 14 Nov 2004 09:34 PST Hi maximillian1703, Did you have a look at my link "Possessed Mouse: 10 reasons"? In regards to the online virus scan, livioflores-ga gave you excellent advice. HouseCall (TrendMicro) often catches things that others miss and it wouldn't hurt to give it a try. If nothing pans out, following one of the tutorials I sent you would also be a good idea. Follow it step-by-step, it is important to be very methodical. Regards, hummer
Request for Question Clarification by livioflores-ga on 14 Nov 2004 10:39 PST I agree with hummer, McAffe can lose things that TrendMicro don't. Other thing that you can do is to download Active Ports, this is an "easy to use tool for Windows NT/2000/XP that enables you to monitor all open TCP and UDP ports on the local computer. Active Ports maps ports to the owning application so you can watch which process has opened which port. It also displays a local and remote IP address for each connection and allows you to terminate the owning process. Active Ports can help you to detect trojans and other malicious programs." http://www.download.com/3000-2085-10062969.html?part=65960&subj=dlpage&tag=button Install and run this program and use the Export List feature (File menu --> Export List) and post the list to see the files connected to the internet.
Clarification of Question by maximilian1703-ga on 14 Nov 2004 15:19 PST Hi thanks for the further input. Please read my comments for the moment I will get a new mouse as I could do with one, but I am not certain that the mouse itself is the real cause, although the probelm has come and gone before in recent months! Cheers for now Peter
Clarification of Question by maximilian1703-ga on 16 Nov 2004 07:03 PST Managed to get Active Ports working. Here is a posting of exported data as of now. Tried to get a list whilst mouse problem happens but too late to capture. Will try again. Unknown 0 192.168.0.2 2224 216.113.188.34 443 TIME_WAIT TCP System 4 192.168.0.2 138 LISTEN UDP System 4 192.168.0.2 137 LISTEN UDP System 4 0.0.0.0 445 LISTEN UDP System 4 192.168.0.2 2065 192.168.0.3 139 ESTABLISHED TCP System 4 192.168.0.2 139 LISTEN TCP System 4 0.0.0.0 445 LISTEN TCP alg.exe 636 127.0.0.1 1027 LISTEN TCP C:\WINDOWS\System32\alg.exe svchost.exe 804 0.0.0.0 135 LISTEN TCP C:\WINDOWS\system32\svchost.exe svchost.exe 876 192.168.0.2 123 LISTEN UDP C:\WINDOWS\System32\svchost.exe svchost.exe 876 127.0.0.1 1039 LISTEN UDP C:\WINDOWS\System32\svchost.exe svchost.exe 916 0.0.0.0 1026 LISTEN UDP C:\WINDOWS\System32\svchost.exe svchost.exe 980 192.168.0.2 1900 LISTEN UDP C:\WINDOWS\System32\svchost.exe svchost.exe 980 0.0.0.0 2869 LISTEN TCP C:\WINDOWS\System32\svchost.exe iexplore.exe 1700 127.0.0.1 2091 LISTEN UDP C:\Program Files\Internet Explorer\iexplore.exe iexplore.exe 1700 192.168.0.2 2253 66.102.11.99 80 ESTABLISHED TCP C:\Program Files\Internet Explorer\iexplore.exe iexplore.exe 1700 192.168.0.2 2251 216.239.51.88 80 ESTABLISHED TCP C:\Program Files\Internet Explorer\iexplore.exe iexplore.exe 1700 192.168.0.2 2249 216.239.51.88 80 ESTABLISHED TCP C:\Program Files\Internet Explorer\iexplore.exe iexplore.exe 1700 192.168.0.2 2235 216.239.59.99 80 ESTABLISHED TCP C:\Program Files\Internet Explorer\iexplore.exe CAgent.exe 2772 192.168.0.2 1128 212.44.132.21 80 CLOSE_WAIT TCP E:\Program Files\ABBYY FineReader 5.0 Pro\CAgent.exe RuLaunch.exe 2824 192.168.0.2 1061 212.0.126.134 80 CLOSE_WAIT TCP C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe IMApp.exe 2956 192.168.0.2 2264 212.227.15.149 110 ESTABLISHED TCP C:\PROGRA~1\INCRED~1\bin\IMApp.exe GoogleDesktopIndex.exe 3324 192.168.0.2 2237 63.247.129.10 80 CLOSE_WAIT TCP C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe GoogleDesktopIndex.exe 3324 192.168.0.2 2236 209.59.155.89 80 CLOSE_WAIT TCP C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe GoogleDesktopIndex.exe 3324 127.0.0.1 4664 LISTEN TCP C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
Clarification of Question by maximilian1703-ga on 16 Nov 2004 14:39 PST I have now installed a Packard Bell radio intelli-mouse. I am still noticing some eratic movement when using the mouse but this could be getting used to its speed etc. I have set up email alerts on my Netgear firewall protected router which has shown several tcp attacks via DOS from different ip addresses, but all have been blocked as expected. Whilst writing this I have watched my mouse pointer and it has remained static on the desktop if I don't touch it. Hopefully the problem is resolved, but I will keep this question live while I see how we go. Thank you for all those that have assisted. Cheers Peter
Clarification of Question by maximilian1703-ga on 18 Nov 2004 12:00 PST Having got my new radio mouse and using it for a day or two I still see eratic movements but no opening or closing of applications as before. It is still not ideal though mainly when navigating web sites in IE the mouse does not seem to want to go where I want all the time. It suddenly becomes difficult to point to where I want. I know this should not be the case! Could it be more likely a problem with XP?

Answer

There is no answer at this time.

Comments

Subject: Re: am I being hacked? uncontrolled eratic mouse clicks
From: dewolfe001-ga on 14 Nov 2004 10:59 PST

I think it is a possessed mouse. Try either plugging your mouse into
another computer or a new mouse into your computer. I've seen this
before and it comes from a cracked wire in the mouse cable. It will
fire out random clicks and movement instructions.

Subject: Re: am I being hacked? uncontrolled eratic mouse clicks
From: maximilian1703-ga on 14 Nov 2004 15:16 PST

I may well opt to try a new mouse 1st. I know I had this self same
problem some months back, before installing xp service pack 2 and it
has only recently started again, with no apparent cause. I have
checked my mouse and have cleaned it regularly, so if it is faulty
(doggy wire) then it could be that I suppose. I have looked at the 10
points mentioned by hummer-ga but none seem to fit the bill. I
acknowledge the possibility that McAfee may be missing something, but
I have no other sign that a virus is present. I also tried to download
the Active Ports app, but the download failed twice and when I did get
the zip file it was corupted! I have noticed that the problem mainly
seems to happen when I am using IE plus I have Incredimail and McAfee
Spamkiller running. Could there be an issue here I don't know about?
Any further thoughts would be appreciated I will be buying a new mouse
anyway and probably an optical/radio one will see. Cheers Peter

Subject: Re: am I being hacked? uncontrolled eratic mouse clicks
From: bomanator-ga on 30 Nov 2004 10:04 PST

Does it only occur when you are online?

Subject: Re: am I being hacked? uncontrolled eratic mouse clicks
From: maximilian1703-ga on 30 Nov 2004 11:31 PST

Yes I am online all the time when I switch my PC on as I have allways on broadband.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.

Search Google Answers for

Google Home - Answers FAQ - Terms of Service - Privacy Policy