![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Needing some techie help
There's a story here, I'll try to sum up quickly:
A friend of ours recently committed suicide, leaving a wife and five year old daughter. As a part of his decline to that act, he went through a paranoid stage and installed a keylogger called (we think) Spectre on his wife's computer. Now that she is a single mom, she needs to work from home but the software interferes with the functioning of her scanner, network connection, fax, etc.
I have Googled and Bing'd till I'm blue in the fingers, but the two reputable guides I found for removing it (websites that didn't just try to sell me more software) didn't do me any good. The registry keys and dll files they suggested weren't there, but when I hit the login access keys (ALT+CTRL+SHIFT+S), the login screen came up, so I KNOW it's there.
I've installed a HOSTS file with a suspected domain shit-canned.
I've installed WinPatrol, but it doesn't list any processes or startup entries that look suspicious.
I've installed and run SuperAntiSpyware, but it found nothing.
Question: Is there a freeware tool for Windows that allows me to identify a window - the login screen, for instance - and identify its parent process?
Question: Is there a freeware tool for Windows XP that monitors and logs outgoing TCP/IP traffic? This software phones home periodically with screenshots and captured data, so there is definitely outgoing traffic. I need, at the very least, to kill those packets.
Question: any other helpful advice?
Worse come to worst, I can slam the harddrive and reinstall the OS, assuming she can find her original install disc. I've got a "borrowed" copy of XP, but no idea if it actually works or not, or if it does if she'd be able to get security updates, etc.
A friend of ours recently committed suicide, leaving a wife and five year old daughter. As a part of his decline to that act, he went through a paranoid stage and installed a keylogger called (we think) Spectre on his wife's computer. Now that she is a single mom, she needs to work from home but the software interferes with the functioning of her scanner, network connection, fax, etc.
I have Googled and Bing'd till I'm blue in the fingers, but the two reputable guides I found for removing it (websites that didn't just try to sell me more software) didn't do me any good. The registry keys and dll files they suggested weren't there, but when I hit the login access keys (ALT+CTRL+SHIFT+S), the login screen came up, so I KNOW it's there.
I've installed a HOSTS file with a suspected domain shit-canned.
I've installed WinPatrol, but it doesn't list any processes or startup entries that look suspicious.
I've installed and run SuperAntiSpyware, but it found nothing.
Question: Is there a freeware tool for Windows that allows me to identify a window - the login screen, for instance - and identify its parent process?
Question: Is there a freeware tool for Windows XP that monitors and logs outgoing TCP/IP traffic? This software phones home periodically with screenshots and captured data, so there is definitely outgoing traffic. I need, at the very least, to kill those packets.
Question: any other helpful advice?
Worse come to worst, I can slam the harddrive and reinstall the OS, assuming she can find her original install disc. I've got a "borrowed" copy of XP, but no idea if it actually works or not, or if it does if she'd be able to get security updates, etc.