Looking for simple way to check Vista for keystroke logger

By jdclyde ·
Greetings all.

Have a friend that is in Florida that has been compromised. Someone is getting into her computer and making trouble with her live-in-boyfriend.

I don't know if he is doing it, or if it external. All I do know is that someone is getting into her account, and partial truths are coming back to her. I know it is partial, as the most recent was that she had sent ME some pics, and that is something that didn't happen, even though we did chat a few times using the facebook messenger.

What utilities can she download and run to look for either keystroke loggers, screen/IM/email captures, and root kits?

She is not an advanced user, is too far away for me to help, and can't afford to take it to a shop.

Thanks everyone!


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Download and run these

by Nimmo In reply to Looking for simple way to ...

Some advice to give is to make sure there is an antivirus software program installed and up to date. Also good pratice to change passwords every now and then.

Collapse -

She does have AV

by jdclyde In reply to Download and run these

but I think it is Norton.

I also do suspect it might have been installed by the guy she is living with.

Seems odd to me someone on the internet targeting her to hack her computer, and then email her and her boyfriend about what is on the system.

I did have her log into all of her accounts while at work, and change the passwords. Then to NOT access them from home, for now. She is also going to go to the bank today to put talk to them, and put in a fraud alert.

I have used the malwarebytes and have already recommended that and S&D, but have not played with sysinternals. Will give me something to do after work today.



Collapse -

Re: SysInternals/Rootkit Revealer

by christianshiflet In reply to She does have AV

The only thing I would mention about Rootkit Revealer (RR) is that if your friend is truly a novice or less technical user, you should review the report that RR generates.

I could see it being confusing to a lot of people and may flag things that are not really an issue but will cause undue concern to somebody already worried that they are being spied on. Beyond that, though, it can be a great tool.

And on the topic of logs that may confuse the average user, a HijackThis log may be helpful in determining what is running on the suspect computer as well. Hope that helps.

Collapse -

Log file export?

by jdclyde In reply to Re: SysInternals/Rootkit ...

Guess I will have to try this out, and look at the options for saving and sending the log file.

I can't believe someone doesn't have a rootkit/malware/AV detector/remover that runs off a live linux cd yet. The single best way to scan/detect/remove is to use an OS that will ignore many of the MS protocols and rules that can be used by infections to hide.

Collapse -

build one

by shasca In reply to Log file export?

Related Discussions

Related Forums