Re: Keylogger Question



From: "Johnnycat" <Johnnycat@xxxxxxxxxxxxxxxxxxxxxxxxx>

| A friend of our family has recently gotten a divorce, and her husband had
| some computer know how. He left a computer for her to use, but increasingly
| she is becoming worried that perhaps a keylogger or other some such software
| has been left behind as a present because periodically he says things that
| she doesn't think he should even know about. She knows that he installed
| something on their daughter's pc that records information and emails it to
| him, so she's worried that he might have that on her pc as well. She doesn't
| know what it was, or what it was called. I know that most keyloggers with
| email capability have the ability to hide from normal detection, so I was
| wondering if anybody had any suggestions on where to look for this. I've
| thought about maybe installing zonealarm and seeing when/if something is
| trying to email information to him, etc. I also seem to remember seeing a
| program on the net that would show all programs loaded/running on a system,
| including items like Magic Folders. I can't find that one again, but thought
| maybe somebody on here might have heard/seen it, or have any other
| suggestions on tracking this down. I've thought of just blowing the box away
| and reloading, but he took all of the software that they had when he moved
| and they aren't exactly getting along so well that he'd let her have it all
| to reload. Any suggestions would be helpful. Thanks.

Keyloggers are Trojans and there are anti virus News Groups specifically for this type of
discussion.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus

The following Multi AV Scanning Tool can detects 100's of Keylogging Trojans using the
scanners from four different AV vendors.

Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm


.