Help Found Keylogger

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

sarah9296

Thread Starter
Joined
Jan 8, 2006
Messages
14
Hi everyone!!

Until now, I thought I was just being paranoid, but today, I obtained WinZip. I never knew that there were archives "zipped."

Anyway, while attempting to unzip a download, I accidently unzipped a folder entitled "keylogger". In it, were 3 different files: FreeKeylogger, UltraKeylogger and READ ME FIRST. The company name on all were IWantSoft.

READ ME FIRST advised me not to use FreeKeylogger and Ultrakeylogger together as this may damage "spying results."

I checked the properties of all 3 files. All were created on 11/15/05. I am pretty sure I know who managed to get these things onto my computer, but I need to find out for sure. I own this computer outright and know that I can have this person prosecuted.

Does anyone know how I can get more details on who is spying? AND MOST IMPORTANTLY: How can I remove these permanently?

Last summer I purchased an elaborate Mcafee security package which includes anti spyware software, so I don't understand how they missed this one. My logs are only kept for 90 days, so I doubt I'll be able to get any details from them (it's just over 90 days now).

I'm reporting it to Mcafee, but who else can I report it to so that I can trace the source? I don't think the local police will be of much help with this kind of thing.

I'd sincerely appreciate any help with this.

Sarah
 
Joined
Sep 12, 2003
Messages
20,583
sarah9296 said:
Hi everyone!!

Until now, I thought I was just being paranoid, but today, I obtained WinZip. I never knew that there were archives "zipped."

Anyway, while attempting to unzip a download, I accidently unzipped a folder entitled "keylogger". In it, were 3 different files: FreeKeylogger, UltraKeylogger and READ ME FIRST. The company name on all were IWantSoft.

READ ME FIRST advised me not to use FreeKeylogger and Ultrakeylogger together as this may damage "spying results."

I checked the properties of all 3 files. All were created on 11/15/05. I am pretty sure I know who managed to get these things onto my computer, but I need to find out for sure. I own this computer outright and know that I can have this person prosecuted.

Does anyone know how I can get more details on who is spying? AND MOST IMPORTANTLY: How can I remove these permanently?

Last summer I purchased an elaborate Mcafee security package which includes anti spyware software, so I don't understand how they missed this one. My logs are only kept for 90 days, so I doubt I'll be able to get any details from them (it's just over 90 days now).

I'm reporting it to Mcafee, but who else can I report it to so that I can trace the source? I don't think the local police will be of much help with this kind of thing.

I'd sincerely appreciate any help with this.

Sarah
Hi Sarah,

Welcome to TSG! Sorry to hear about your problem.

First things first, a keylogger is a more serious kind of spying software than what is normally considered spyware such as tracking cookies, adware popups, etc. Don't get me wrong, any software that attempts to spy on what you do on your computer is a problem, and needs to be expunged.

One thing you can do now is to download/install SnoopFree anti-keylogger which will help to block out any keylogger on your system. You must deny the action when the detection occurs by SnoopFree. That is, of course, if the keylogger is the hooking kind. There are several kinds, the most serious being a kernel level keylogger, which SnoopFree will not be able to do anything about.

If SnoopFree notifies you that the keylogger is attempting to hook into your system - that's when you can deny it via SnoopFree. SnoopFree loads before any system routines, so it will be on the job helping to protect you from any hooking type keyloggers. It also installs an entry into the Add/Remove list, which makes it easy to uninstall.

You can get (free) Snoopfree Privacy Shield at: http://www.snoopfree.com/default.htm

There is a chance that your keylogger is not the hooking kind in which case SnoopFree probably cannot help you avoid it, so you may have to pay for a software that can detect and remove it.

For a great read on the different kinds of keyloggers at Security Focus website, see:
Introduction to Spyware Keyloggers: http://www.securityfocus.com/infocus/1829 at website
http://www.securityfocus.com/foundations

If you want to read up on anti-keyloggers at Wilders Security Forum, you can do so by reading * Summary of Anti-Keyloggers at Wilders Security Forum (6 pages)
http://www.wilderssecurity.com/showthread.php?t=94734&page=1&pp=25

Unhackme is generally considered one of the best anti-keylogger software (paid):
UnhackMe: http://www.greatis.com/unhackme/

Aslo, if paying is not a problem there is this one just fairly new on the block:
* Up and coming Anti-keylogger (can detect and remove kernel mode keyloggers including the worst, Elite keylogger)
Anti-Keylogger Elite(AKE): http://www.remove-keyloggers.com/($59.95)

Best of luck,

-- Tom
 

sarah9296

Thread Starter
Joined
Jan 8, 2006
Messages
14
Thanks, Tom!

I will try snoopfree first and see how that goes. Hopefully, I won't have to resort to my credit card to resolve this problem.

I just don't understand what people get out of "cyberspying". But, I guess if you have no life of your own ... just screw up someone else's.

I'm just wondering ... could that person have installed those programs remotely? or did that have to be sitting here?

Again, I appreciate it and will keep you posted.

Sarah
 
Joined
Sep 12, 2003
Messages
20,583
sarah9296 said:
Thanks, Tom!

I will try snoopfree first and see how that goes. Hopefully, I won't have to resort to my credit card to resolve this problem.

I just don't understand what people get out of "cyberspying". But, I guess if you have no life of your own ... just screw up someone else's.

I'm just wondering ... could that person have installed those programs remotely? or did that have to be sitting here?

Again, I appreciate it and will keep you posted.

Sarah
Hi Sarah,

Rereading your first message in this thread, I would first question the intent of installing an archive with keyloggers. Some folks feel the need to keep track of their teens and so resort to utilizing keyloggers, and some of the teens are smart enough to know the difference that they are being watched.

Remote installation requires that your computer would have had to have been hacked - i.e. intruded upon by a trojan attack to get control of your computer. Most likely the downloaded zip file containing the folder with the keyloggers was installed when you got the computer if it was about the date you mentioned - 11/15/05.

-- Tom
 

sarah9296

Thread Starter
Joined
Jan 8, 2006
Messages
14
Hi again:

I was able to download SnoopFree and it seems to be working. Their site showed me 3 warnings advising me that the following were attempting an "illegal keyboard hook": McAfee.com/VSO/McVSEscn.exe; MSN Messenger/msnmsgr.exe; and Windows Messenger/msmsgs.exe.

Since no one in this house uses Windows or MSN messenger, I denied access to these two. (I hope there are no repercussions for denying them, but the machine is still working!). Since I have the entire McAfee security center installed, I called them and asked about their McVSEscn executing and if it's normal. But as luck would have it, the man I spoke with could barely speak English and with my PC inexperience, I don't think I got the point across. He just said that they would never try to "keyboard hook" a customer.

Do you think it's just normal for that type of warning to come up? Can a hacker use these common IM programs to gain access?

Sarah
 
Joined
Sep 12, 2003
Messages
20,583
sarah9296 said:
Hi again:

I was able to download SnoopFree and it seems to be working. Their site showed me 3 warnings advising me that the following were attempting an "illegal keyboard hook": McAfee.com/VSO/McVSEscn.exe; MSN Messenger/msnmsgr.exe; and Windows Messenger/msmsgs.exe.

Since no one in this house uses Windows or MSN messenger, I denied access to these two. (I hope there are no repercussions for denying them, but the machine is still working!). Since I have the entire McAfee security center installed, I called them and asked about their McVSEscn executing and if it's normal. But as luck would have it, the man I spoke with could barely speak English and with my PC inexperience, I don't think I got the point across. He just said that they would never try to "keyboard hook" a customer.

Do you think it's just normal for that type of warning to come up? Can a hacker use these common IM programs to gain access?

Sarah
Hi Sarah,

The best policy to follow is to deny everything that hooks whatever it is. After installing SnoopFree for the first time, imagine my surprise when I found out that my ISP was hooking into my email client! Most often the customer service are not technically astute enough to know or find out from their technical support staff what the answer is, in which case, in the past I have escalated a problem or asked it to be to the techical support staff level. Then I began to get answers by talking to some technically competent folks.

In your case, assume that they are doing what SnoopFree tells you they are, and deny it - problem solved.

Hackers have been known to use IM lately, so beware any intrusion alert.

-- Tom
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top