Solved

Computer Security and Scanning

Posted on 2007-12-05
1
180 Views
Last Modified: 2013-12-04
Can anyone tell me how to scan my computer to see if some sort of spy ware or key logger is instaled? Not the run of the mill spyware, I have Symantic End Point as well as others for them what Im looking for is if some one may have got onto my computer and installed or setup somthing. Their are many that once installed wont show in program files dir, nor will they show in the add/remove.
0
Comment
Question by:GD_GRAY
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 33

Accepted Solution

by:
Dave Howe earned 250 total points
ID: 20413580
The sysinternals site has three good tools for this; in order:

Process explorer - shows what is currently running. doesn't show dll injection and so forth:
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/ProcessExplorer.mspx

Autoruns - shows what programs are set to autorun on machine boot:
http://www.microsoft.com/technet/sysinternals/ProcessesAndThreads/Autoruns.mspx

RootkitRevealer - shows any programs trying to hide themselves from the first two tools. this is the tool that was used to discover the sony rootkit being added by various music cds...:
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
OfficeMate Freezes on login or does not load after login credentials are input.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question