Posted on 07/31/2015 8:02:12 PM PDT by Hostage
A neighbor's estranged Ex has possibly installed spyware and a key logger onto a new notebook given as a 'gift' to both neighbor and teenage daughter.
The neighbor is the custodial parent of the one teenage daughter who recently received the new 'spy loaded' notebook computer from her estranged parent. The notebook runs Win 8.1 and is to be eventually upgraded to Windows 10. The teenager was told directly by the estranged parent that everything the custodial parent does could be seen and recorded and then messaged out clandestinely.
The neighbor would like to know the following:
1. How to detect if spyware and key logging is really taking place on the computer?
2. If spyware/key logging is detected, how to get rid of it for sure and can it be traced back to the Ex?
3. The notebook accesses the internet through a hotspot encrypted modem. Is there any danger that the encryption key to the wifi modem has been captured?
4. Should the OS be reinstalled to be sure the spyware is flushed out? How to know for sure and how to prevent it coming back?
That will not be sufficient. Remove the hard drive, trash it, and install a new one with a fresh Windows install.
Thanks for the input.
Can work files be saved first?
Neighbor says they have data on Google Drive. Should that be flushed too?
They are going to install Win 10. But the install is an upgrade. They should do a new install?
Yes, new install. Your work files should be okay—just copy them off. The files on Google Drive are probably okay too
Start from scratch. Also check your state laws if laws have been broken. you can check which services are running in the back ground.
Me being me, I would troll the ex like crazy though. Tape up the mic and camera first
How do they check services running in the background? Task Manager?
No way to do it if the machine is compromised.
I’m assuming you mean a software keylogger since its a laptop / notebook. Many of the antivirus programs will flush them out. Most of them send logs remotely to another computer via email so disconnect the computer from the Internet first. I’ve installed them many times. They’re pretty easy to remove. Many can simply be removed using the Uninstall function. You just have to find the name of the program or you can use a keylogger detection program like the following:
http://download.cnet.com/Keylogger-Detector/3000-2162_4-75744701.html
http://www.blazingtools.com/antispy.html
Doesn’t Malware Bytes detect these things?
Reinstall the OS and format the drive. Then put a bag of dog shit on his steps, light it on fire, and ring his doorbell.
Perfect, thank you. I’ll forward those links.
The crazy ex may also be the administrator. Is there an easy way to change that? Maybe with a new install/upgrade to Win 10?
Thanks!
If the estranged parent is trying to be sneaky, they’re doing it wrong. My guess is its just a mind game, else why tell the kid about it? Better safe than sorry, however.
He’s right. There is no way to have any confidence in anything now running on this machine. Although you can save your documents and such, I would scan any content you pull from the compromised machine on an entirely different computer. [In fact, I would scan it with two different virus scanners if it was one of my clients.] Just because a file isn’t an “executable” that doesn’t mean you can’t be tricked into opening it in a way that re-installs malicious code, so even supposedly “safe” content has to be approached as if it’s compromised until proven otherwise.
“... Remove the hard drive, trash it, and install a new one with a fresh Windows install” Very good advice.
I would add: Turn the old drive over to someone for analysis.
Isolate all other computers from the network, or buy a new router for a new network.
Change all passwords (email, FB, WiFi) from the updated unit.
Have any computers fully checked before joining network.
Consider whether the Ex’s comments meet the standard for bullying or child abuse in your state.
Reinstalling Windows you will need to recreate user id’s you want. The reinstall of the OS will take care of any unwanted superusers.
Thanks to everyone. Freepers are the best.
M4L Keylogger
Oh yeah, I would put on a show just for him. All Faked with backup video proof, then when he tries to use it lower the boom on him.
My living room would look like the end of “Bachelor Party”, donkey and all!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.