- Jun 5, 2005
- 1,820
- 2
- 81
I was referred to a private investigation firm by an old coworker to clean up a machine with spyware. I figured it was going to be an easy job, run a few scans, possible some manual removal of crap.
Found one fairly harmless trojan, ran avg, malwarebytes, ad aware, spybot, and even ccleaner. Overkill, really, as the machine appeared to be in half decent shape.
Turns out they actually meant spy software. Such as.. keyloggers... etc.
So my question is... where should I start looking? I assume I should start by looking to see if there are any strange processes running... check out the registry for what runs on startup.. etc.. But has anyone ever gone out looking for traces of keyloggers and/or other crap that can be used to spy on another machine?
Found one fairly harmless trojan, ran avg, malwarebytes, ad aware, spybot, and even ccleaner. Overkill, really, as the machine appeared to be in half decent shape.
Turns out they actually meant spy software. Such as.. keyloggers... etc.
So my question is... where should I start looking? I assume I should start by looking to see if there are any strange processes running... check out the registry for what runs on startup.. etc.. But has anyone ever gone out looking for traces of keyloggers and/or other crap that can be used to spy on another machine?