August 3rd, 2005, 03:36 AM
Question: IN Event Viewer, security section, when I spotted 13 anonymous user log in's does that indicate the specific time/date of keylogger intrusion?
August 3rd, 2005, 02:40 PM
The anonymous user log in's can be related to the keylogger and to valid system processes. Now I don't have any clue as to why I didn't mention this before, but the keylogger in question is sending screen shots and your keystrokes to the individual in question. Which means your ex has a copy of your posts here at AO... nuff said
August 3rd, 2005, 02:55 PM
Since the keylogger was removed, (silly person ), it will be practically impossible to find the destination of it's messages unless you have some outside logging system. You might find a configuration file in the folder it was located in since the cleaning software usually only removes the offending malware. That might point you to the target. Other than that you are reaching a dead end unless you can contact your ISP and get logs from them of all your outbound connections for the week before you removed the keylogger..... If you are REALLY lucky they will have logs - but don't hold your breath.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides