I have a question on spyware with remote install.I think my wife has some how installed spyware with a remote install on my work computer.Is this possable ??? Can it get throu(I work at ford mo. co.)The reason I say this is she is finding out info that is only on my work computer.I know this is big trouble if she gets cought.Is their a way I can find out with out going to Ip and if so how can I remove it if its their. Thanks Jim

Well, i think you may not mean spyware, you may mean a keylogger or some remote monitoring software. Do you have a firewall on this computer? If not, get one. She may have used Netbus or Sub7 or something. Have you downloaded any email attachemets? Scan for Virii, in case you got one from email. Wow, there is so many possibilities here. Could you give us some more info?



slick

your computer is locked in ford motors and you think your wife put a trojan on it...is that what your saying? i would imagine ford filters their email for dangerous attachments as would the AV on your workstation. unless your wife is a leet haxor or knows someone 'well' that is i cant imagine this happening. could she have hired some one (PI) to check up on you?

when you say she knows things that are only kept on your computer do you mean communications with someone? it your wife a techie?



Sorry! im busy at work and shouldn't even respond when i cant give full attention....nevermind!

If you are not able to physically go to the computer on which you wish to install eBlaster, you may benefit from our Remote Install Add-On, which allows you to email the eBlaster program to the recipient's email address. Perfect for parents with kids away at school or employers with remote offices.

This is an add-on for eblaster

I found it here- http://www.spectorsoft.com/products/eBlaster_Windows/entry.asp?refer=6998

From the FAQ
18. I do not have physical access to the PC I wish to monitor. Does
eBlaster support remote installation?

If you purchase the eBlaster Remote Install Add-On, you may be able to send the program installation file to another email address.

Assuming that the receiving email client will allow the receipt of a .EXE file attachment and that the user opening the email clicks on the file attachment, then eBlaster will automatically install itself on that computer. Once installed on the remote computer, eBlaster will send recordings from that computer to your email address.

VERY IMPORTANT: You MUST be the owner of the computer to which you are remotely installing eBlaster. If you are NOT the owner, or have not received permission from the owner to install eBlaster on that computer, you could be in violation of state or local law by monitoring the activities of property that does not belong to you.

This is my work computer, I work for ford motor co. I`m sure they have antivirus.Is it posable for it to get throu Them??I have down loaded stuff from her e-mails,but It would have to be a store bought program because she is not super smart with programs.

You mention eblaster in your subject line, is this program running on your computer? If so:

eBlaster now has optional Remote Install if you do not have physical access to the computer you wish to monitor.

You said she is not very computer smart. Does she know anyone that is?

Cheers:

If you have eblaster on your Computer Then
look for netsplr.exe in the system32 directory. rename (or delete) and re-boot. That should disable it.
http://lists.jammed.com/crime/2003/07/0132.html

Streetfighter: It's really rather simple....... Report it to the tech department at Ford. They will fix it for you.

He doesn't want to report it to IT

I know this is big trouble if she gets cought.Is their a way I can find out with out going to Ip and if so how can I remove it if its their. Thanks Jim

I assume that it was supposed to be IT not Ip

MadBeaver: Ahem..... If that was truly the case all he would have to do is ask his wife since asking is the lesser of the two evils. Hell, he can even coerce his wife into telling the truth by threatening to report her. Furthermore, it would probably be quite difficult for Ford to determine exactly where the infection came from so his wife would be kinda difficult to accuse. Therefore, since finding out whether she has or not is hardly a major obstacle, allow me to present a scenario that might fit the bill:

[suspicious, crabby old fart mode]

1. He wants to know how to find out if Ford themselves have installed a keylogger on his machine because he isn't exactly "flavor of the month right" now for some reason.

Yeah, that would work...... Things that lead me to such a diabolical conclusion:-

1. He can't go to IT 'cos his wife would get in trouble..... Yeah, right.... Nice wife, and he doesn't want to get her into trouble.......

2. His wife isn't very good with computers....... but she can get a keylogger past Ford's security from the outside and install it on a machine where I will almost guarantee that he doesn't have admin rights.

3. He already knew the name of the program..... Eeeek.... So he knows what it is but he can't remove it...... Ford put it there is beginning to edge out into the lead by a neck.

At the finish line I believe my scenario looks pretty damn good........ And that was the reason for my first response....... It's called "testing the water"..... The rest of you dived in without thinking that he might, in fact, be trying to do something.... er..... unethical/immoral/

[/suspicious, crabby old fart mode]

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=253485#post710821) by MadBeaver
He doesn't want to report it to IT

I assume that it was supposed to be IT not Ip

Yeah, but this is why I deleted my post. I was first thinking that it could be a Trojan or Spyware so I told him to install Spybot, but if his wife is sending something like that with malicious intent, the IT deptartment needs to know so they can clean the system. My second thought was that he had malicious intent so that was another reason to delete my post.

At the finish line I believe my scenario looks pretty damn good........ And that was the reason for my first response....... It's called "testing the water"..... The rest of you dived in without thinking that he might, in fact, be trying to do something.... er..... unethical/immoral/


Very True
I guess I souldn't be so trusting without more information.



Well StreetFighter which one is it?

She is not a techie,I don`t want to report it to it because I don`t want anything to happen to her.Tiger shark/suspicious,crabby old fart your name fits you well, I`m just a guy who knows very little about computers except how to play games on them. As far as your diabolical conclusion. I`m not trying to TEST THE WATER.One thing I Know is ford monitors their computers along with most major companys.What happened was a female emailed me and asked me to lunch and I didn`t go my wife found out.So I typed e-mail trackers and up pop spector software along with this web site.So I thought That I would ask you guys if it was posable for a program like that to get thru.(Thats it)besides if I wanted to get some info on how to mess around on the computer their are a million sites just for that.I was just looking for a little help. Is that not what forms are for????

Streetfighter:

I`m just a guy who knows very little about computers except how to play games on them

No offense meant but I certainly believe that after your last post. Tiger Shark is my nom de plume/handle/screen name or whatever you want to call it - things in square brackets "[" and "]" indicate a change of mode/mood if you like so [suspicious, crabby old fart mode] means begin that mode and the same thing with a "/" at the beginning means end the mode..... It's a programming thing..... what can I say..... ;)

I was the one testing the water..... I wanted to see what your response was to my suggestion of reporting her..... you kinda skipped over it in the initial post.

Ok.... Now I am satisfied that you are not the object of Ford's scrutiny.......

Depending on your position and job in the Ford will depend upon the level of restriction they are placing on you. I'm going to guess, (probably wildly), but it's a guess based on probabilities, (there are only so many people at Ford that are given high priviledges on their machines and in what they can send or receive), that you are in one of the more restricted groups, (feel free to correct me if I am wrong because it does have a bearing on what wifey darling could have done. My guess is that you may not receive emails containing any kind of executable file and that you are only a user on your workstation, (as opposed to a power user or administrator). If that is the case then the chances that wifey dearest got anything through is quite remote bearing in mind your profession of her level of knowledge.

If you are higher up or the admins at your facility don't follow procedure properly then it is possible that she could get stuff onto your machine with a low level of knowledge but without knowing exactly what it is it is practically impossible to tell you how to remove it.

Finally, two little points to note on a personal level:-

1. Wifey darling's suspicions were raised by more than a single event to make her try something like this - so there was smoke before this little fire.
2. Coupled with 1..... If wifey dearest has reached this level of distrust then you need to start planning for the day of the separation for it will come....... Been there twice - so I'm no novice... ;)

OK lets take a deep breath here, OK, now from what you posted here:

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=253485#post710849) by streetfighter
So I typed e-mail trackers and up pop spector software along with this web site.So I thought That I would ask you guys if it was posable for a program like that to get thru

I read into that, that you have not confirmed if you have this or any software on you system that is hijacking your email, you are asking if it is possible, right?

Well anything is possible, but I really got to figure a company like Ford has quite a few things in place that would either prevent or detect this type of software.

Now, before we start looking for a high tech cause here, have you thought maybe someone at Ford has spilled the beans on you and this "female" to your wife (maybe even the 'female' herself).

Cheers:

Thanks, a million for the answers.I just can`t figure out how she could find out about the e-mail. She is very jealous.The last thing in the world I would want is two women.Thanks again guys

Streetfighter
Can you install programs on your workstation?

Question for everyone: Would an AV pickup something like eblaster?

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=253485#post710876) by MadBeaver
Streetfighter
Can you install programs on your workstation?

Question for everyone: Would an AV pickup something like eblaster?

Symantec (http://securityresponse.symantec.com/avcenter/venc/data/spyware.eblaster.html) does.

Cheers:

Question for everyone: Would an AV pickup something like eblaster?

Quite probably not, because they are not proper trojans or viruses.

I remember a few weeks back when "Lover Spy" was being spammed all over the place. I got the trial and it certainly seemed to work (within the limitations of the trial).

I scanned for it with the latest Spybot, AdAware, Mcafee 7.0 and AVG and none of them detected it. McAfee later added it to their AV, with the comment that it was not strictly speaking, "malware".

It is not so much the products, but the the purpose to which they are put?

I believe that a keylogger detector would catch them.

I would have thought that an outfit the size of Ford would have had policies and software to prevent executables from running within e-mail.

streetfighter.................

1. Is this a laptop that you take home from time to time?
2. Have you just had one incidence, that particular e-mail?

I hope that you appreciate that loading such stuff on a Corporate machine is a gross breach of security, and that your employers may well take the view that you are responsible for the actions of your immediate family :(

I hope it is not too late, as this stuff "phones home" on a regular basis and may well be spotted by the Admins. It might be a good idea to make sure that your machine is powered off/ disconnected from the network when you are not at work as that would be a dead giveaway.

Good luck

Do not cheat your wife!!!
...hey,just joking!Women are strange!