Someone started controlling my computer over the Internet -- what happened?

There are "Trojan horse" type programs, such as Back Orifice and Netbus, that could cause the behavior you are describing. Both BO and Netbus are Windows 95/98 applications designed to allow other people to access your machine (generally for malicious purposes) over the Internet.

In order for anyone to use BO on your machine, you have to install the server side of the application. This is normally done by getting you to download an application or by sending the server EXE to you in an e-mail message and hoping you execute it. This is why it is called a Trojan horse -- you have to consciously or unconsciously run the EXE to install the server -- it does not propagate itself like a virus (see How Computer Viruses Work for a description of Trojans and viruses). Once you execute the server EXE, the server is installed and will start running automatically every time you turn on your computer.


With the server installed, an evil-doer can run the BO client program and control your computer remotely, running programs, erasing files... Obviously, this is not a good thing. It is easy to detect Back Orifice either manually or with software.

These links will help you learn more: