.

New to Computer Exploits

<<

airforcegoonie

Post Sun Oct 12, 2008 12:21 am

New to Computer Exploits

Currently I am stationed in Afghanistan.  I have noticed my computer adware program has been stopping a key logger.  I am new to Ethical hacking.  The only language I know a bit is HTML.  Where do I start to figure out who and what is the problem on my computer, thanks KC
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sun Oct 12, 2008 10:14 am

Re: New to Computer Exploits

Well what exactly is the problem? You have a keylogger that was blocked/denied access or is something else going on?

Isn't there an IA/INFOSEC person you can take it to?
<<

airforcegoonie

Post Mon Oct 13, 2008 3:44 am

Re: New to Computer Exploits

My IA solution to everything is wipe the drive and start over.  I would rather find out where it is and fix it.  Or at least get the knowledge base to start figuring it out.  I have nothing but time to learn stuff over here.  The computer is my personal computer as well, not a military computer.  Thanks for you help, KC
<<

Kev

Sr. Member
Sr. Member

Posts: 428

Joined: Sat Sep 29, 2007 12:26 pm

Post Mon Oct 13, 2008 6:18 pm

Re: New to Computer Exploits

Hopefully your anti-adware program has also identifies the offending keylogger program so you can examine it. You need to make sure that it truly is a being identified correctly and not a false positive.  If the keylogger is really being blocked by your program, you are not in immediate  danger (at least not form this particular malware) and you can take some time to research the particulars.
<<

airforcegoonie

Post Tue Oct 14, 2008 2:28 am

Re: New to Computer Exploits

Thanks!  I'll check it out tonight, KC
<<

Fathercat

Newbie
Newbie

Posts: 24

Joined: Wed May 07, 2008 9:23 am

Location: St Louis

Post Wed Oct 15, 2008 10:35 am

Re: New to Computer Exploits

What is the name of the keylogger?  The IAs I know over in the sandbox are pretty good at helping folks, if not call always call the geeks on the TNC.


CISSP
<<

Cr@sh

Newbie
Newbie

Posts: 5

Joined: Thu Dec 04, 2008 2:04 pm

Post Thu Dec 04, 2008 2:40 pm

Re: New to Computer Exploits

I would also run rootkit revealer from microsoft, I found a keylogger that was completely undetectable under Norton corporate, spybot S&D, Adawarepro! rootkit revealer found it then I just removed it under safemode by deleting the files found in the windows/system32 folder and also deleting the registry entry's it made.
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Thu Dec 04, 2008 4:15 pm

Re: New to Computer Exploits

I would first check your adware program logs for information regarding this keylogger. Maybe you'll find clues that will tell you where it came from. Try looking for the first entry or the first time the program detected it. Also, if you know the name of the keylogger use the following command in a dos shell
  Code:
c:\dir /TC /S keyloggername
This will you give the creation date/time for all the files that have this name. With this information you can start looking for system/application logs that were generated around this date.

Furthermore, if you want, you can use HijackThis  (http://www.trendsecure.com/portal/en-US ... hijackthis) and post the log for me to analyze.
Security+, OSCP, CEH
<<

pseud0

User avatar

Recruiters
Recruiters

Posts: 210

Joined: Sat Nov 17, 2007 8:26 pm

Location: Detroit, Michigan

Post Mon Dec 08, 2008 6:13 pm

Re: New to Computer Exploits

Depending on how stable your internet connection is out in the suck, you could try to pull down Helix or Knoppix live CDs.  Boot off from the CD and run the external malware scanning tools.  You'll get a much more complete and trustworthy report. 
CISSP, CISM, CISA, GCIH, GREM, CEH, HMFIC, KTHXBIROFLCOPTER

Return to Malware

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software