Jump to content


Photo

Keylogger o_O!!


  • This topic is locked This topic is locked
4 replies to this topic

#1 marcelon

marcelon

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 28 May 2007 - 01:17 PM

Hi guys, im having a problem...

At my work, i just found out that all the computers have a keylogger installed, and the company owner has acess to the logs. So, all that you type on the computer keyboard(passwords, emails, websites, all of it) is recorded to a log file (txt) so the "boss" can read it.

HOWEVER I use a PERSONAL notebook to work (my own notebook that i use at home)

A month ago my boss told me that there was a guy checking the serials of windows registry just to be sure that everybody runs Oficial versions of it, and he needed to check mine too. I let he check my note, and I said I would wait to him to do what he needed... he sent me to lunch 'cause it would take a while.


Well, last week we got and email, telling that all acess to websites/emails/MSN that does not have anything to do with the company was prohibited.


Then, I found out about the KEYLOGGER on my Notebook.


Its a process name "SERVICE.EXE" (not windows SERVICES.EXE) that is executed at boot (MSCONFIG) on a folder called "serverW" subfolders "IE" (internet explorer?), "KB" (keyboard?) & "SC"

Inside the first 2 folders, MANY *.txt files, the names correspond to 20070426.txt (year/month/day) all of them encrypted

How can I decrypt these *.txt files so I know what he had acess to? How to find out wich keylogging software he used?

Im linking a PRINTSCREEN so u can see the folder & files...

PRINTSCREEN


Thank u!

#2 marcelon

marcelon

    Member

  • Full Member
  • Pip
  • 2 posts

Posted 28 May 2007 - 01:59 PM

any thoughts?

Please read our Forum FAQ in order to find out what info we need (HijackThislog) so we can help you.

Edited by miekiemoes, 29 May 2007 - 07:29 AM.


#3 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,523 posts

Posted 31 May 2007 - 06:30 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.
If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.

[this is an automated reply]
This is an automated message. It does not count as help.

#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 01 June 2007 - 03:43 PM

As previously requested in your post.

Please read this article and follow the protocol.
http://www.spywarein...showtopic=23382
Then submit a fresh HijackThis log. It's the only way we can give you sound advice.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,091 posts

Posted 12 June 2007 - 08:36 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button