Question- Third Party Seaching Thru History? HELP!

Logan said:
you said he doesn't have access but all it takes is about 10 min. never had him over and left thte computer on and unattended for that long? he's never asked to check his email? nothing of that sort? keylogger is the simplest solution so don't dismiss it because you can't think of how he could do it.

EDIT: i also just did a google search and found many remote keyloggers that require no physical access to deploy. i might suggest opening your task list and finding out what every running program does. you might just find a running keylogger program.

You should have some sort of Virus protection software... make sure its up to date and run a scan... i believe they should be able to catch it if it is in fact a keylogger.
 
Ran HijackThis and got these results:
Logfile of HijackThis v1.99.1
Scan saved at 10:22:04 PM, on 5/15/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\scvhost.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\M-Audio Ozone\Install\Ozinst.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Windows Media Connect 2\wmccds.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.


Not sure if any of that seems shady. Yeah, the people I spoke to made it seem like he has some sort of program that allows him to do this. It sounds shady but he never comes over and knows the info. Hm. Oh well, thanks again.
 
Thanks. I removed it. But what does it all mean? Could that be the source of the issues I was dealing with? Is there any way to know? And is simply deleting it from the task bar good enough?

Thanks again for your continuing help.
 
Back
Top Bottom