Government Security
Network Security Resources

Jump to content

My Dad Installed A Keylogger On My Comp...

network virus keylogger
  • This topic is locked This topic is locked
44 replies to this topic

#1 Guest_happydud_*

  • Guests

Posted 02 September 2003 - 07:04 AM

Ok, here's the deal.
For some reason, my dad decided to go all "OMFG! Y R U STAYING UP SO LATE???@?!?!!?!!!oneoEN!@!!!" last night, (even though it was only 10...) and he said I went to bed at 2. I asked him how he knew this, and he said "I just know." Later, I asked him the same thing, and he said "Your computer told me."

The way he was acting leads me to believe that he installed a keylogger on my computer. (It's mine. I paid for every penny of it, built it myself, ect. It's not a family computer.) I don't have anything to hide, really.. It's just that I thought he trusted me, and in turn, I trusted him.. Well not anymore.
Right now I'm at school posting this, by the way, it's the only place I knew he didn't have access to that I'd have access to in a short amount of time.
Last night, after he went to bed, I kinda freaked. I didn't panic or something, but I let my ego get ahold of me and wrote a short notepad file saying basicly "I know you're watching, and you won't be for long." Right after I did this, I saw the stupidity of it. I've lost the element of surprise.. In an effort to somewhat regain it, I "sabatouged" (s?) my computer this morning, (I unplucked various cables, made some seem like they were plugged in, but aren't, etc.) and left a note that said, "It was acting funny, so I'm leaving it off until I can watch the virusscan scan through when I get home." This way, if he looks at his log today while I'm at school, er.. Hopefully he won't be able to.

Also last night, I had an idea.. The best way to catch a thief, is with another thief. The best way to catch a keylogger, is with another keylogger. I set up a keylogger, I'll remember the last thing I typed, and then when I come home from school the next day, I check for any new keystrokes. I'd assume this would be the command or password to open the program. I'm hoping it's a command, because then I wouldn't have to find the actual program.. Anyway, once I'm in his keylogger, I print out some logs, and Boom. He's busted.
I tried installing a keylogger last night, (I did all the typing on a different computer, installed through the network.) but I was playing with it, and I think I need to register to view the logs.. And registering costs about 100 dollars.

Basicly, what I need are a few suggestions. Are there any:
Good, free, easily downloadable keyloggers. They don't need to be fancy, just record the keys, preferably with a timestamp. (I know I can GET things free, but I don't have alot of time.)
I need a few suggestions too. How should I approach my dad? Should I leave a nice little note on his computer, or approach him directly?

Oh yeah. Are there any programs you can use to check for common keyloggers? I've already checked my computer, and I'm positive it's not a hardware keylogger.

Thanks for your help, and I'm sad I can't trust my dad anymore...

#2 Dillinja



  • Sergeant Major
  • 1,015 posts

Posted 02 September 2003 - 07:18 AM


Are you sure he didnt hear you tap tap tapping away at your keyboard at 2 in the morning?

#3 virus



  • Members
  • 506 posts

Posted 02 September 2003 - 07:41 AM

hehehe ... this seems more like the screening of Spy Kids 4 errr 3 whatever :lol:
Anywayz, What O.S are u using? There's a .rar file that I uploaded to the File Downloads section, has a program called Process Viewer. It lists the name of the .exe file and the path from where its being executed. In this way u should be able to find any weird programs running in the background and u can kill them. If u can't end them using Task Manager then download another program called 'Task kill', also available in the File Downloads section. Just do a search and you'll be able to find 'em.
Hope this helps .... :)

#4 Dillinja



  • Sergeant Major
  • 1,015 posts

Posted 02 September 2003 - 07:47 AM

Even if you cannot find a solution for your problem, I do hope you can learn to trust your dad again! :mellow:

#5 ddrj



  • Members
  • 19 posts

Posted 02 September 2003 - 08:21 AM

What could you be doing up at 10 pm, OMG, you must be looking at porn!!!!!

No but all parents have a way of monitoring their kids, up to a certain age, they go through their kids bag, and while you're at school, they go through your room.
It's natural, although you paid for the computer, you aren't paying for the electricity, or the space where you store the computer.

That being put aside, now to help you, I would recommend on digger's Process Viewer, instead of adding another keylogger to your PC, it could just be that he hear's you tapping away, if not, he's taking an educated guess.
See if there are any running processes you're not too sure of.
Update us on your status.


#6 mrBob


    Staff Sergeant

  • Sergeant Major
  • 321 posts

Posted 02 September 2003 - 08:24 AM

ehm, ctrl+alt+del? :P
but XLog is a nice keylogger though it isn't really nice to your free memory... <_<
it logs timestamps AND program caption. that way you can find a caption which looks like a keylogger orso (many keyloggers have a simple caption with the word Log or Key in it so you can search for that word then ;))
note: norton pops up... :unsure:
pretty funny story btw.... B)
but not very nice :ph34r:

#7 Travis



  • Sergeant Major
  • 2,101 posts

Posted 02 September 2003 - 09:20 AM

Run in the registry tells all... check it out and see if there are any files that shouldn't be running... 2 AM? thats late? sheesh parents these days don't understand the night is the best time :P

#8 Guest_OneNight_*

  • Guests

Posted 02 September 2003 - 10:01 AM

Hmm.. I dont even think he is using anything as sofisticated (;)) as a key logger. He just needs to open up ur win explorer and look at either the last creation dates of files or when a file was last modified.

Hell, he can even just do an advanced search in windows explorer to look for files modified in the last 24hrs and get the info.

I am assuming of course that you are actually doing -something- on the comp and not just sitting there staring at the screen until 2am.

And trying to hide that isnt so easy.

#9 Dillinja



  • Sergeant Major
  • 1,015 posts

Posted 02 September 2003 - 10:42 AM

And if it is your own computer, and you dont find any key loggers, how about setting, say, a bios password on it, to ensure it is protected when you are away from it?

If it is a case of him simply, as OneNight said, looking at file creation/modified date/times, then stopping him from even accessing windows should solve your mystery

edit: just a thought, if you are on the internet and you dont have your own phone line, all he has to do is pick up the reciever ...could be something as simple as that!

#10 isaiah



  • Members
  • 199 posts

Posted 02 September 2003 - 11:04 AM

Once you get it off just put a screensaver with pass make a hard one like %%good*5pass&^ there you go a good pass well and he can break that unless your dad is l33t

#11 Guest_jlhenry1_*

  • Guests

Posted 02 September 2003 - 11:45 AM

Here is a very nice keylogger. It super hidden, it is invisible from everyone but you. In Windows 9x, it isn't even in the task list. http://www.spyarsena...amilykeylogger/

#12 Guest_happydud_*

  • Guests

Posted 03 September 2003 - 07:28 PM

Ok, lets start from the top.
Dillinja- Nope. He was two doors, a staircase, and a floor away. He didn't hear me. :) (And I type super-stealthy.)
Digger- XP Pro. (Mandrake is sitting on 3 CD's ontop my chassis... so close...) I tried that, and looked at the processes running.. but they all looked normal, or I didn't know what they were. I looked at the directories they went to though, and they all checked out.
DDRJ- I'm almost 15, and he's trusted me for the past five years, ever since I figured out the password to connect back when we were on dial up. (Trusted as in stopped peeking over my shoulder, telling me when to go to bed, ect.) Boy that was funny...
MrBob- I didn't understand about half your post.. :P, but from what I did, alot of keyloggers don't seem to show up in the cntrl-alt-delete thing. (Or at least the better ones don't..)
dissolutions- I agree completely. My prime work hour is between 2 and 3 AM.. :(
Dillinja- I'm going to set a windows password on my Administrator account, and then open up a "dad" account which pretty much all you can do is log on, and log off. :D (The network runs through my computer, so if mine isn't logged into SOMETHING, then you can't print. So if he needs to print, he needs to log into something on my computer.)
Isaiah- I don't trust screensavers.. :P But yeah, I was going to go along with that too, probably.
Jlhenry- I'll check that out.

I've had the worst luck with keyloggers by the way... the best one I found, you could sometimes access the log, and it told you it was running when you turned the computer on, and gave you the option of uninstalling.. :P Useless.

Thanks for your help guys.

#13 virus



  • Members
  • 506 posts

Posted 04 September 2003 - 12:45 AM

I've tried Ghost keylogger. I must says its nice. I downloaded it from a P2P network using emule so I don't have a web-link to it. It has the capability to send the logs to an email that u specify. Its wicked ;)

#14 VincentVega


    Private First Class

  • Members
  • 46 posts

Posted 04 September 2003 - 01:09 AM

Just install a remote tool like winvnc and make sure the icon can not be seen in the systray, and enable weblogon or copy vncviewer to the computer at school

That way can you use the "view only" mode and see what is happening with your computer

Greetz VV

#15 Deus-DK



  • Members
  • 15 posts

Posted 04 September 2003 - 07:17 AM

Format your computer, install a 256 bit encryption tool, and make a pass u will ALLWAYS remember, that wy nothing on the disc can be read, no one will get access to it, and your dad... Well he cant do anything...

It makes the computer a bad ass fort if u have it turned off and someone tries to get access to it. Like your dad... If he dont have the pass, no way he's getting in...

Also tagged with one or more of these keywords: network, virus, keylogger