Posted on 2006-05-19
Last Modified: 2010-04-11
   I have a small home network.  Four PC's all running WinXP which access the internet through a Netgear router (all PC's are wired to the router, no wireless) and then a cable modem (static IP address).  About two weeks ago one of the machines began to turn on by itself, occasionally, no more than once per day.  At the same time the boot went from; going straight to the desktop, to, having the welcome screen pop up with only the single icon for the user(no password).  
   Last night one of the other machines on this network was manually turned on and went to the Welcome screen with the single user icon rather than straight to the desktop.  

    I have run Adaware, Spybot, and have the current McAfee antivirus running on all machines, all scans find zero problems.  In additon the WinXP firewalls are all enabled.

    I am feeling a bit paranoid.  Is there something else I should be looking for?  Have I been hacked and how do I find out?

Thank you for taking time to read through this.
Question by:FernCrest
    LVL 11

    Accepted Solution

    The going to welcome screen is simply a fact of autologin having been disabled which can happen in a number of ways such as registry corruption , user "mis-clicking". What intrigues me is machines turning themselves on ?  The only thing i know of that would do this is a Wake on LAN signal but then the machine isnt actualy physically powered off but rather sitting in a hibernated style state.
     Or was that a mistype and you meant turn'd off by itself ..
    LVL 32

    Assisted Solution

    Yes, it does sound like as prueconsulting said above. You could leave the network cable unplugged and see if the pc still turns on by itself, or disable "Wake on LAN" in the bios.

    To be sure you don't have some malware, do the following:

    Download and run HijackThis from
    Copy-and-paste the resulting log back to that same web site (not here)
    Click on "Analyze", and then click on "Save Analysis" at the bottom of the next page.
    Finally post a link here to the saved analyzed page if you find anything unusual.


    Author Comment

      Thanks for the response.  Nope not a typo.  The computer will occasionally self start.  This "appears" to be from full off.
      Registry corruption might be a possibility.  Is there a way to check for it?
    LVL 11

    Expert Comment

    For some ideas on registry corruption troubleshooting see this article.

    or there are also a bunch of applications which provide this type of functionality out there as well .
    LVL 3

    Expert Comment


    Have you had any power bumps recently?

    LVL 24

    Expert Comment

    You can also try a check of your NICs, their settings, including in BIOS. Some come with a white wire that should be disconnected. BIOS can enable boot from LAN, or WakeUp on LAN. Those you should be able to disable in CMOS, or maybe they were, and the battery is getting old. How good are they at keeping time? There've been problems reported before in the hardware TA, and it being a form of hardware issue. Other than reconfigure, you may need a bios upgrade.

    Possibly some recent upgrades were made, or copies of files were moved from one machine to another.
    LVL 24

    Expert Comment

    LVL 24

    Expert Comment


    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
    If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    23 Experts available now in Live!

    Get 1:1 Help Now