Locating SPY software

Toggle sidebar Toggle sidebar

goobernoodles

Golden Member
Jun 5, 2005
1,820
2
81
I was referred to a private investigation firm by an old coworker to clean up a machine with spyware. I figured it was going to be an easy job, run a few scans, possible some manual removal of crap.

Found one fairly harmless trojan, ran avg, malwarebytes, ad aware, spybot, and even ccleaner. Overkill, really, as the machine appeared to be in half decent shape.

Turns out they actually meant spy software. Such as.. keyloggers... etc.

So my question is... where should I start looking? I assume I should start by looking to see if there are any strange processes running... check out the registry for what runs on startup.. etc.. But has anyone ever gone out looking for traces of keyloggers and/or other crap that can be used to spy on another machine?
 

lxskllr

No Lifer
Nov 30, 2004
57,685
7,912
126
I'm no expert, but A/V software should pick up "legitimate" spyware also. They work the same way, it's just a matter of intent. In addition to what you said, scan for rootkits, and programs that allow remote PC operation.
 

goobernoodles

Golden Member
Jun 5, 2005
1,820
2
81
Well, just by searching the registry, I found traces of pc spy keylogger and vskeylogger. I'm going to hold off until tomorrow, as they might have just wanted proof... but... As far as these keyloggers go, how can I be sure they are removed, if that is indeed what I need to do?
 

goobernoodles

Golden Member
Jun 5, 2005
1,820
2
81
I'm going to answer my own question and just recommend to them to just do a full system rebuild. As it's the only way to be 100% sure you have a clean machine.
 

balloonshark

Diamond Member
Jun 5, 2008
6,406
2,844
136
It seems like I remember a-squared anti-malware would detect commercial keyloggers. It's worth looking into although a rebuild is best. If they use usb devices, I would scan them also to prevent possible reinfection.

I would also investigate the likelihood of a hardware keylogger.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |