I need to sneak a keylogger onto an XP home PC...
I'm working for a client who has a 17 yr old (minor) daughter. The daughter has an XP Home PC with NTFS and one account name which is the Administrator account. The daughter bought the PC so basically has control over it. The mother needs to surreptitiously monitor the daughter's email and chat. The situation involves a boy at another school making Columbine-like threats. The parents of other involved kids are communicating about it and each is monitoring their kid's involvement with this one child before they go to the police.
There is a password on the account so we can't get in without the daughter knowing it. I have NT Commander which will change the password, but we can't tip off the daughter. I did ghost the hard drive and then change the password on the copy, and installed it as master and booted off it. We looked at Internet History because the mom is also concerned about drug, alcohol and occult involvement, so we checked where she's been online. But what we really need now is to monitor her email and chat sessions to this boy.
She has a usb keyboard, so a hardware keylogger is out. I understand that they don't make them for usb keyboards. Is there such a thing as a "trojan"-like (not a virus) keylogger software that the parent could give to the kid with the pretext it was a gift and the kid would install it (maybe its a game or screensaver) and it also would contain a hidden keylogger that could save data that the guest account could access, or it would stealthily email info out?
Wondering how anyone else might have handled a similar situation.
Thanks in advance
or
You could dump the hash off the ghosted HD with a boot floppy (search for "offline NT password & registry editor") (i don't recommend it on the original pc) you could put that hash into a cracker and crack it... or reset the pass (not before writing down the hash of the accounts on the box first- that floppy can tell you the current hash) thenyou could reset it to what you'd like, and when your done, put the hash back in just as it was. If there is not antivirus software, then a keylogger of your choice... ghost key logger... in theory
-rich