I have a customer who had an untitled chat window automagically open on her desktop while she was connected to the Internet. She was being told “secret” information by “ghost”, and her replies were labeled “server”. “Ghost” knew things such as herlogin name and password, info on her parents, etc. She is VERY scared and worried. Luckily, she doesn’t have anything on her computer that is critical to a business or anything.
A friend suggests that it is Back Orifice. My question is how do I find out what has been installed to do this (since most tools are running “hidden”)? Also, how can I catch and prosecute “ghost”?