Theses are very malicious programs, and it is quite possible if you have been infected you were doing something you should not be. The most common way to get infected is by downloading another program you probably have been using a peer to peer program to download software that you should no be for free. They are usually disguised with another program ( you know the type some people pay for ) There are lots of Trojans about which can cause you lots of grief once installed on your pc it will give someone remote access to your pc. From then on they can pretty much do as they please.
Maybe they just want to have a look around peep in your files and cause no harm. The chances are they want something like your bank details so be warned. The moral of this story is always scan everything before you open it. And be sure to keep your anti virus and Spyware up2date. Even doing this you are still vulnerable, why? Because your anti virus & Malware programs can’t detect something they don’t know about. Unfortunately some one has to create something bad before someone can create a fix for it.
It would be a good idea not to have automatic log on for things like internet banking. And certainly not for someone who has an Administrative account. If someone can remotely gain access to an account with Administrative rights they can do pretty much as they please with your pc. There was a Trojan called Back orifice which once installed on a victims pc the server (the person with control had full access to the system) Windows XP users were being targeted by a Trojan called “phel” which is an anagram of the word help once again when installed on a victims pc they could access anything, and that was effecting people running sp2 so it just shows you must be careful and keep your system up2date.
By the way folks if you are using Windows XP, you should have Service pack 3 installed on your system by now.