# encrypted keyloggers?



## olivia (Feb 28, 2007)

I have suspected that my partner has had a keylogger on my computer for quite some time now. Not really an issue, except for the particular double standards and the golden rule. At this point, I'd like to find out and get rid of it. 

I asked an IT person I know who told me try the basics, see what's running. Run your spyware, blah blah etc. He told me from there try a rootkit revealer.???

None of the basic stuff found anything; I didn't think it would. I'm Jeeeyyyust computer literate enough that my partner would have to find something that wouldn't be found in like, a spybot scan, etc... (not that I'd necessarily know what i was looking at if i saw it, to any real extent.) But most of those, you have to pay for. And unless I'm paying for it and don't know it, (not likely. we're poor.) he's not using any of the free trial stuff that can be found on the internet.

Having too much time on his hands, and plenty of computer brains in his head, it would be not at all a problem for him to put something free and much more complicated for me to find on my lappy while i'm not home. 

Before I have to become very conspicuous (by taking the lappy out of the house, which almost never happens) to take it to a professional, is there anything else I can do? I've got the basic idea behind the whole rootkit revealer thing down, however, I where to find/how to use one. 

Does anyone have any other suggestions, or advice? 

Deliberately changing my passwords, or writing long word documents that tell him I think he's being a butthead, are enough to really irritate him, but not enough to make him admit that he put anything on here. 

Thank you in advance for your help.


----------



## johnwill (Sep 26, 2002)

Other than looking for rootkits and other malware, I'm not sure what you can do. You might post a HijackThis log and let the security guys take a look.

Please follow this HJT Log 5 Step Process to post a HijackThis log in the HijackThis Log Help forum here.


----------



## olivia (Feb 28, 2007)

I was told that using a rootkit revealer would be complicated; I have not yet searched for a rootkit, simply because I'm not sure what all the process would entail. If it's impossible to mess anything up with one, I'll try it. But honestly, I'm not even sure where to find one...


----------



## kinbard (Jul 1, 2006)

AVG has a free (and good) rootkit app. on their site.
http://www.grisoft.com/
Runs like an antivirus program, tell it what type of scan you want to do and let her rip.


----------



## olivia (Feb 28, 2007)

i'll try it... thank you!


----------



## olivia (Feb 28, 2007)

I tried the AVG product... no results. I'm going to try posting the hijack this log next...


----------



## Chode (Sep 8, 2006)

I have seen client machines where a partner has installed some kind of monitoring software clandestinely, but I think most of your scans would detect this. Sysinternals RootKit Revealer is easy to use, and should show most keyloggers, etc. even if they are very stealthy. Still,wouldn't it be more appropriate to discuss this with your attorney and a counselor?


----------



## olivia (Feb 28, 2007)

I would prefer to feel less helpless about it. An attorney or counselor would be mostly moot I think anyway; it would be a live-in boyfriend who would have put it on my computer. The more I know, the more I can take care of myself, and the less likely I am to have stuff like this happen again. 

I will certainly try what you have suggested, and thank you. The more I know the better; if there is or was something on this computer, he would know I'm posting to ask about it (I'm assuming) so the more I learn and see the better...


----------



## olivia (Feb 28, 2007)

Well, I ran the Sysinternals rootkit revealer and this is what it found:

C:\Documents and Settings\Olivia\My Documents\998487-p27.jpg	3/30/2007 9:45 PM	62.92 KB	Hidden from Windows API.

There's no way to tell where that came from, is there?


----------



## olivia (Feb 28, 2007)

??

The file name is just one page of my Dover Clip Art. Why on earth would that show up? (in a rootkit revealer?)


----------



## Cellus (Aug 31, 2006)

Right now the development of rootkit detection for the purposes of finding malicious modification is still hit and miss. While many rootkit detectors can detect specific known-malicious rootkits, a lot of detection is still based on generic detection. As a result detection is not expected to be as fine-tuned and granular as, say, your antivirus. Development has only recently started to kick off, while antivirus has been in development for over a decade.

As Johnwill recommended, go through our HijackThis 5 Step Process and allow someone from our Security Team to check your machine for infection.


----------

