Possible to Be Hacked This Way?

[BuffBot]

Okay so my roommate is concerned that her ex-boyfriend (who was fairly computer-saavy) has installed some sort of key-logger on her computer after they broke up and she moved out. He has been to our apartment and has used her computer to try to "work on something" for her and he has since been able to get into her Facebook, MySpace and e-mail accounts.

She is afraid he installed some sort of key logger and I am wondering what I would look for if it was in fact installed. Would it show up in processes? Would it be easy to get rid of? (Easy is subjective...I guess possible would be the word I'm looking for). Or is this something that I would have to reformat her Laptop to get rid of?

Any ideas or information would be appreciated, thanks!

 

[Public]

Yes its very doable and he probably did do it. If its hidden it will be hard for you to find. Can check for recently installed apps or documents.

 

[BuffBot]

Yeah I was thinking about running a program that tells me the programs recently installed but that only goes back 30 days. Are there programs that can go farther back than that? This was like 6 months ago or so when she thinks he installed it.

 

[rob]

Yes, it is possible. There are other ways, though. if she saved her passwords for things in her browser, that data is easily retrieved. If he did that, it would be very hard to prove.

My advice is to download a few malware scanners (malwarebytes, hijack this, etc) and see if they find anything. If you can't find anything, i think your only recourse is to reinstall. Nuke them from orbit, it's the only way to be sure.

 

[BuffBot]

Yeah MWB and HJT were pretty much what I was thinking. If I can't find anything, I'll recommend that I do a reformat. Whether or not she wants to do that is her call though. I just know that I won't be paying any bills on her computer....lol

 

[PRWraith]

If that fails, theres always the boot n nuke strategy

 

[Blitzkrieg]

Talk about a bitter ex-bf. Nuke it! Probably the best way... besides, if you can't remember the last time you wiped a system, it's probably time to do so anyway.

 

[devestator]

IMO, your best bet if you really think he installed a keylogger is to reformat.

The reason, there a ways to write a keylogger that will not be picked up by antivirus / malware protection software, and no I'm not giving out the information on how to do it.

Also, checking recently installed programs will not work, because 99% of the time, you do not actually install a virus. There is no need to install it in order to have it do what needs to be done. You may modify certian registry entries to cause it to start a process at specific times. When the computer starts, anytime you start a program, and other things. There are probably at least 10 different places in the registry if not more that a process could be started. Thats not to mention other ways to do it without the registry.

And if he did it half way covertly you would not be able to tell what it is in the process list. He could have named it anything, and you would never know which one his process is.

 

[BuffBot]

Thanks for the tips guys, that's basically what I was telling her I just wanted to be sure. Looks like I'll be nuking it

 

[rob]

Don't forget to put your own keystroke logger on there, so when your relationship with her goes south, you can be a dick, too!

 

[kirbanmanaburn]

If she's concerned about losing stuff on her PC, just have her back everything up to an external HD. Then if she REALLY needs a file from her old PC, she can just lift it a la carte off of the HD and onto the new PC with minimal risk of bringing the keylogger with it.

P.S., then go over to this guy's house and break his face with a lead pipe.

 

[Bearcub]

I'd add tea-timer in or something that requires permission for any registry/startup changes, and password protect that shit with a solid password.

 

[jodwop]

Hmm... I had a desktop running XP for 8 years and never did a wipe. Maybe I am so anal and hardheaded that when I had a problem, I relentlessly attacked it and cleaned it up.

Before you go all nuclear on it, TEST IT!

KL Detector

S&D, Adaware... only look for so much. You need to use one that is not confined to a specific list of variables. Also those are not interactive, which is how a keylogger works... try KL. If you find something, then at least you and she know what he did and can confront him on the little problem.

 

[burntbulb]

something that many ppl dont know is if you use firefox and you set it to save your passwords you can read them in plain text ..

Tools>Options>security tab>Saved Passwords>Show Passwords

I have peeked into a few ppls stuff after they borrowed my computer ... ive heard there are plugins that can encrypt those passwords but i haven't looked into it.

 

[Blitzkrieg]

Hopefully they knew to not save information on anything important. A few sites, such as some local banks, have methods to deter people from doing so... but damn. Didn't know about the Firefox thing though, good to know.

 

[marius13dk]

I would start out with changing all the passwords, and if he somehow picks them up again. Take a friend and a bat over to his house and pursuade him that what he is doing is a really bad idea