I had recently shut down my webserver because of several small renovations to the house. I just hooked up my webserver to my main computer set up and saw that there was another user created under the name "Support". Couldn't log in to that user so I logged into my main with no problems. Then an application, "ygoow" was starting up. I immediately went into the processes and closed it before it fully started up. I went into user settings to change the password to "Support" and then logged in to that one. Again, "ygoow" was starting up and I immediately closed that process. I went to check the programs ("Start" - "All Programs") and saw that moorhunt was installed. I never used that program, don't even know what it is. It was in some foreign language that I can't figure out either when I opened that program up. It looked to be like a shell dos kind of thing with a command-like prompt and everything.
Does anyone know what either of these programs are? Am I a victim of some sort of attack on my webserver? None of the other computers in the house seem to have any problems from the last few months. Any help or information would be appreciated. I will probably be reinstalling XP or getting Windows Server for my webserver to try and keep the apparent attackers (i.e. hackers) out of my webserver. Is there anything I could do like call my ISP to see if anyone has been attempting any illegal access to my network?
Thanks for any information and help that can be given.