Page 1 of 2 12 LastLast
Results 1 to 20 of 25

Thread: Need help in finding a possible spying program on PC

  1. #1
    Advanced Member
    Join Date
    Jan 2006
    Posts
    499

    Need help in finding a possible spying program on PC

    Anyone know how to find the spying programs on a PC that someone could install to watch what they do on the Internet? Not spy-ware the other kind. I have been asked to search a PC for one. I searched on-line and I didn't know how many of these programs there are and they say that they are completely invisible. That crap should be illegal.

  2. #2
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,992
    Most get caught by adaware/spybot/super antispyware/AVG anti spyware/A squared.

    You can also run hijackthis and check the log to see if theres anythign out of place in it.

  3. #3
    Advanced Member
    Join Date
    Jan 2006
    Posts
    499
    In my hung over state I never thought of that lol. Thanks!!! Hi-jack this should show it, Now I just have to find it

  4. #4
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,992
    Quote Originally Posted by jasonb31 View Post
    In my hung over state I never thought of that lol. Thanks!!! Hi-jack this should show it, Now I just have to find it
    If a file in hijackthis looks odd or you dont know what it is, just go here: http://www.processlibrary.com/

  5. #5
    Advanced Member
    Join Date
    Jan 2006
    Posts
    499
    Wow now thats a site to have as favorite if I ever saw one. Thanks.

  6. #6
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    Most AV pgms won't detect such spying programs, and only some antispy apps will detect them. And even more unlikely that HjT will list it. This is because these are legit programs. They don't go undetected because they are legit, they go undetected because they are rootkits, or they act the same way a rootkit acts, they are disguised as drivers or load as a driver at boot. When the driver loads, it can then spawn one or several other drivers or hidden programs such as dlls. And these dlls and drivers will not be listed in Task manager or HjT logs. You would need to use rootkit detection utils or autoruns, apps that show ALL files and programs that exist in memory or the page file. No single rootkit detector can detect all rootkits either, thus autoruns can assist in locating the "undefined" pgms and drivers that exist. Followed by direct manual inspection of the "undefined" file (it's attibutes and properties), one can they determine if it's what one is looking for.
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  7. #7
    Banned
    Join Date
    Sep 2006
    Location
    IL
    Posts
    4,059
    Tell your friend to stop looking at porn.

  8. #8
    Advanced Member
    Join Date
    Jan 2006
    Posts
    499
    Quote Originally Posted by Comtrad View Post
    Tell your friend to stop looking at porn.
    Dude did you read the original post? Its not spyware. It would be a spying program that a person installed on an unsuspecting persons PC.

  9. #9
    Advanced Member
    Join Date
    Jan 2006
    Posts
    499
    Thanks for the heads up TonyT.

  10. #10

  11. #11
    Banned
    Join Date
    Sep 2006
    Location
    IL
    Posts
    4,059
    Quote Originally Posted by jasonb31 View Post
    Dude did you read the original post? Its not spyware. It would be a spying program that a person installed on an unsuspecting persons PC.
    I didn't say it was from the porn.

    Kid who wants to look at porn on his computer at home.


    A spying program that was put on someones computer would easily be found as all you have to do is log in as admin. and delete the program. It is obviously not this persons computer in full.

  12. #12
    SG Enthusiast Rainbow's Avatar
    Join Date
    Dec 2001
    Location
    Pittsburgh
    Posts
    2,920
    The new Winpatrol (free) will also find and remove it.

  13. #13
    Second Most EVIL YARDofSTUF's Avatar
    Join Date
    Nov 2000
    Location
    USA
    Posts
    69,992
    Quote Originally Posted by TonyT View Post
    Most AV pgms won't detect such spying programs, and only some antispy apps will detect them. And even more unlikely that HjT will list it. This is because these are legit programs. They don't go undetected because they are legit, they go undetected because they are rootkits, or they act the same way a rootkit acts, they are disguised as drivers or load as a driver at boot. When the driver loads, it can then spawn one or several other drivers or hidden programs such as dlls. And these dlls and drivers will not be listed in Task manager or HjT logs. You would need to use rootkit detection utils or autoruns, apps that show ALL files and programs that exist in memory or the page file. No single rootkit detector can detect all rootkits either, thus autoruns can assist in locating the "undefined" pgms and drivers that exist. Followed by direct manual inspection of the "undefined" file (it's attibutes and properties), one can they determine if it's what one is looking for.
    Lots of legit keyloggers and key finders get picked up by virus/spyware scans

  14. #14
    Elite Member TonyT's Avatar
    Join Date
    Jan 2000
    Location
    Fairfax, VA
    Posts
    10,338
    Quote Originally Posted by YARDofSTUF View Post
    Lots of legit keyloggers and key finders get picked up by virus/spyware scans
    While that's partially correct, most AV pgms don't detect keyloggers, but most antispy pgms do detect them. There's basically 3 types of keyloggers: hardware devices inline or inside the keyboard itself, software that uses the keyboard hooks, and software rootkits. Almost no AV or antispy will detect and remove the rootkit types. AV/antispy can detect processes spawned by rootkits, but the malware returns when the driver-rootkit reloads at next boot or logon.

    Keyloggers are most often detected because they generate logs, and keylogger removal tools search and detect these logs, then trace back to the pgm that is creating them.
    No one has any right to force data on you
    and command you to believe it or else.
    If it is not true for you, it isn't true.

    LRH

  15. #15
    Moderator YeOldeStonecat's Avatar
    Join Date
    Jan 2001
    Location
    Somewhere along the shoreline in New England
    Posts
    50,913
    Quote Originally Posted by jasonb31 View Post
    That crap should be illegal.
    A lot of them are properly used by businesses to help curb employee computer mis-use. Products such as SpectorSoft. Fully legit, and IMO shouldn't be made illegal.
    MORNING WOOD Lumber Company
    Guinness for Strength!!!

  16. #16
    Elite Member Jim's Avatar
    Join Date
    Oct 2000
    Posts
    13,231
    Quote Originally Posted by jasonb31 View Post
    That crap should be illegal.
    Like anything else, it is not the tool that is against the law, just the misuse of it.

  17. #17
    SG Enthusiast Rainbow's Avatar
    Join Date
    Dec 2001
    Location
    Pittsburgh
    Posts
    2,920
    Unfortunately the Major use of this software is for illegal and destructive purposes. No good ever comes out of it imo.
    As an admin at a University I would never dream of using this kind of software on anyones computer unless instructed to do so by the authorities for suspected illegal activities.

  18. #18
    Senior Member ghettoside's Avatar
    Join Date
    Mar 2003
    Location
    At Large in the US
    Posts
    5,134
    Webroot spysweeper can detect rootkits, and it's pretty good at detecting keyloggers too

    another app I've used for rootkit detection removal is rootkit revealer
    Quote Originally Posted by Norm View Post

    There are idiots everywhere.

    At work, in forums, in poetry classes, everywhere!

  19. #19
    Advanced Member
    Join Date
    Jan 2006
    Posts
    499
    Quote Originally Posted by Comtrad View Post
    I didn't say it was from the porn.

    Kid who wants to look at porn on his computer at home.


    A spying program that was put on someones computer would easily be found as all you have to do is log in as admin. and delete the program. It is obviously not this persons computer in full.
    You are just clueless so please stop with the ignorant coments. Did I ask you for them? No!!

  20. #20
    Banned
    Join Date
    Sep 2006
    Location
    IL
    Posts
    4,059
    Quote Originally Posted by jasonb31 View Post
    You are just clueless so please stop with the ignorant coments. Did I ask you for them? No!!
    That's the beauty of internet forums. It's an open discussion.

    Just saying, that's what it sounds like. Anyone who actually owned the computer would be able to easily remove it.

Similar Threads

  1. Please new to dsl and already having problem
    By weedancer in forum General Broadband Forum
    Replies: 46
    Last Post: 03-09-07, 06:23 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •