Solved

spying on spyware

Posted on 2006-11-04
4
215 Views
Last Modified: 2013-12-04

Hi,

I'm looking for a program that will tell me exactly what data SPYWARE.EXE
is reading and writing. I used filemon and diskmon from sysinternals.com,
but the last one especially is a bit cumbersome.

thanks a lot for helping,

Haico
0
Comment
Question by:haico
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 7

Accepted Solution

by:
Chatable earned 63 total points
ID: 17873363
There are a lot of ways to spy on a program.
As you noticed there is filemon which will tell you what data it reads/writes to files on the disk. There is also regmon, (also from sysinternals) which will tell you the data it reads/writes to the registry.
Also you should use WireShark (http://www.wireshark.org) to see what it sends to the Internet.
All this is really nice but will only be meaningful if the data is sent in plain-text, which is not the case for most spyware. Most spyware software will send data (and even save it to disk) with some sort of scrambling (sometimes even encryption), so the output of filemon or wireshark will look like a weird binary mess. Unfortunately decoding the data usually requires disassembling the software in question.
Maybe before doing anything yourself you should try searching a bit on that specific spyware that you have. You may very well not be the first one who's trying to determine what it does.
0
 
LVL 11

Assisted Solution

by:Dmitri Farafontov
Dmitri Farafontov earned 62 total points
ID: 20133755
Try to utilize Sandboxie and VMWare virtual machine. It is as close to the real world as possible within an a relatively safe and isolated environment. Again why I say relative is since nothing is 100% secure.
0
 
LVL 1

Expert Comment

by:Computer101
ID: 21101064
Forced accept.

Computer101
EE Admin
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question