Re: Spyware which tracks keystrokes?
From: Susan (none_at_this.time)
Date: 03/24/04
- Next message: Rowdy Yates: "Re: interesting gsm project, help wanted"
- Previous message: jealous xmp: "Re: Spyware which tracks keystrokes?"
- In reply to: dulcie: "Spyware which tracks keystrokes?"
- Next in thread: Dulcie: "Re: Spyware which tracks keystrokes?"
- Reply: Dulcie: "Re: Spyware which tracks keystrokes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Mar 2004 20:32:18 -0500
On Tue, 23 Mar 2004 11:26:18 -0500, dulcie wrote:
> Have just read an unnerving article about something called 'EBlaster'
> which is sold at http://www.spectorsoft.com/ this program can be loaded
> onto your computer and can track all your keystrokes: all your emails
> from any email address, incoming and outgoing + send a copy of it all to
> another person. Presumeably that would include passwords too! Someone
> would have to get this software onto your machine in the first place,
> but that's not difficult if they have physical access to it - and
> (apparently) it's undetectable - if you look in your files/programs list
> you won't find it. does anyone know how you might (a) prevent this
> being put on the first place, and (b)detect it if it's already there?
> I've now been totally put off setting up an internet bank account!
>
> Thanks.
> Dulcie
Without installing any software to find it for you, you can probably see
the running eBlaster executable by doing <ctl-alt-del>. While it is a goal
of any virus/trojan author to elude detection here, a commercial program
like eBlaster should be listed.
Alternately, you can run msinfo32:
Start>run>(type msinfo32)>enter
If you are given the choice to choose "Advanced", then do so.
Expand: "Software Environment" and highlight "Running Tasks".
Look for the executable here.
If you want someone else's program to look for it, and clean it if
necessary, then consider Bazooka Adware and Spyware Scanner (free).
http://www.kephyr.com/spywarescanner/index.html
Technical:
eBlaster may be a combination of these files:
rmashlex.dll, nvrcr32.dll, eblaster.exe; msrac32.exe, ebsetup.exe,
it also creates these registry keys:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\
ShellServiceObjectDelayLoad\XmLdrKLocation =
{0C887F38-5178-43DA-B9F0-B856141FCDA4}
HKEY_LOCAL_MACHINE\Software\CLASSES\CLSID\
{6A6A1EAE-13E1-4DC7-8014-B7677EF6D47A}
HKEY_LOCAL_MACHINE\Software\CLASSES\CLSID\
{0C887F38-5178-43DA-B9F0-B856141FCDA4}
HKEY_LOCAL_MACHINE\Software\CLASSES\CLSID\
{2BE166ED-F16C-46DE-B623-3575FD985D6D}
-- Susan
sazy
- Next message: Rowdy Yates: "Re: interesting gsm project, help wanted"
- Previous message: jealous xmp: "Re: Spyware which tracks keystrokes?"
- In reply to: dulcie: "Spyware which tracks keystrokes?"
- Next in thread: Dulcie: "Re: Spyware which tracks keystrokes?"
- Reply: Dulcie: "Re: Spyware which tracks keystrokes?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
