Can I find out who put Keylogger on my PC

My name is Ed. I work with cold case files with x-FBI agent. Mostly on girls who disappeared off i-45 south out of Houston but also all of Texas.

I have files with witnesses who do not want to be identified. We have kept this information secret for 15 years. We want NO PRESS..and want our witnesses identities kept secret.

On my home/office computer, yesterday, I ran Spy Sweeper. Something I do each week.... Perfect Keylogger and Stealth Website showed up ? It must have happened between March 22nd and March 28, the last time I ran that program. But I am not sure, as I updated Spy Sweeper that morning...so I might have "NOT" update for some time, and thought the Sweeper would catch all... so no telling how long it has been there.

I am very concerned who might have done this. Is there a way for me to catch them. It DID NOT happen at my home/office. Must be email or wireless?

I have a wireless and am on cable. Any thoughts on this.

Thanks

Ed

 

Is your system password protected?
nO....
Are ALL user accounts including the Administrator account password protected? NO

By default Win 2000 and Win XP Administrator accounts have no password. You must set one. OKAY I WILL
Is the Guest account disabled? GUEST ACCOUNT? NOT SURE WHAT THAT IS

Who has access to the passwords
FAMILY MEMBERS KNOW MY EMAIL PASSWORDS. I NEVER CHANGE THEM.

Did you look in Add/Remove programs for these programs?
YES...DID NOT SEE IT
Which program is finding them?
SPY SWEEPER FOUND IT AND ALSO X-CLEANER FOUND IT AND EVENTUALLY GOT RID OF IT.
Attach a log to your next message. THIS IS LOG "AFTER" CLEANING. THE SPY SWEEPER HISTORY LOG, AFTER I UPDATE, ERASED LOG EXCEPT FOR THIS...

:00 PM: Registry Sweep Complete, Elapsed Time:00:00:18
6:00 PM: Starting Cookie Sweep
6:00 PM: Found Spy Cookie: 2o7.net cookie
6:00 PM: hp_administrator@2o7[1].txt (ID = 1957)
6:00 PM: Found Spy Cookie: advertising cookie
6:00 PM: hp_administrator@advertising[1].txt (ID = 2175)
6:00 PM: Found Spy Cookie: falkag cookie
6:00 PM: hp_administrator@as-us.falkag[1].txt (ID = 2650)
6:00 PM: Found Spy Cookie: atlas dmt cookie
6:00 PM: hp_administrator@atdmt[2].txt (ID = 2253)
6:00 PM: Found Spy Cookie: zedo cookie
6:00 PM: hp_administrator@c5.zedo[1].txt (ID = 3763)
6:00 PM: Found Spy Cookie: ru4 cookie
6:00 PM: hp_administrator@edge.ru4[2].txt (ID = 3269)
6:00 PM: Found Spy Cookie: mediaplex cookie
6:00 PM: hp_administrator@mediaplex[2].txt (ID = 6442)
6:00 PM: hp_administrator@msnportal.112.2o7[1].txt (ID = 1958)
6:00 PM: Found Spy Cookie: nextag cookie
6:00 PM: hp_administrator@nextag[1].txt (ID = 5014)
6:00 PM: Found Spy Cookie: questionmarket cookie
6:00 PM: hp_administrator@questionmarket[1].txt (ID = 3217)
6:00 PM: Found Spy Cookie: servedby advertising cookie
6:00 PM: hp_administrator@servedby.advertising[2].txt (ID = 3335)
6:00 PM: Found Spy Cookie: server.iad.liveperson cookie
6:00 PM: hp_administrator@server.iad.liveperson[1].txt (ID = 3341)
6:00 PM: Found Spy Cookie: spylog cookie
6:00 PM: hp_administrator@spylog[1].txt (ID = 3415)
6:00 PM: Found Spy Cookie: tacoda cookie
6:00 PM: hp_administrator@tacoda[1].txt (ID = 6444)
6:00 PM: Found Spy Cookie: trafficmp cookie
6:00 PM: hp_administrator@trafficmp[2].txt (ID = 3581)
6:00 PM: Found Spy Cookie: tripod cookie
6:00 PM: hp_administrator@tripod[1].txt (ID = 3591)
6:00 PM: hp_administrator@zedo[1].txt (ID = 3762)
6:00 PM: Cookie Sweep Complete, Elapsed Time: 00:00:00
6:00 PM: Starting File Sweep
6:23 PM: File Sweep Complete, Elapsed Time: 00:23:21
6:23 PM: Full Sweep has completed. Elapsed time 00:28:09
6:23 PM: Traces Found: 25
6:29 PM: Removal process initiated
6:29 PM: Quarantining All Traces: perfect keylogger
6:29 PM: Quarantining All Traces: stealth webpage recorder
6:29 PM: Quarantining All Traces: 2o7.net cookie
6:29 PM: Quarantining All Traces: advertising cookie
6:29 PM: Quarantining All Traces: atlas dmt cookie
6:29 PM: Quarantining All Traces: falkag cookie
6:29 PM: Quarantining All Traces: mediaplex cookie
6:29 PM: Quarantining All Traces: nextag cookie
6:29 PM: Quarantining All Traces: questionmarket cookie
6:29 PM: Quarantining All Traces: ru4 cookie
6:29 PM: Quarantining All Traces: servedby advertising cookie
6:29 PM: Quarantining All Traces: server.iad.liveperson cookie
6:29 PM: Quarantining All Traces: spylog cookie
6:29 PM: Quarantining All Traces: tacoda cookie
6:29 PM: Quarantining All Traces: trafficmp cookie
6:29 PM: Quarantining All Traces: tripod cookie
6:29 PM: Quarantining All Traces: zedo cookie
6:29 PM: Removal process completed. Elapsed time 00:00:03
6:49 PM: | End of Session, Tuesday, March 28, 2006 |

 

Yes...the Perfect Keylogger etc., has been erased...That is not longer an issue.

BUT THE ISSUE IS....WHO PUT IT ON MY PC.....THIS IS VITAL THAT I FIND OUT. Lives could be at stake...

I need to find out "how" and "who" and "when" they did this. I have wireless...could it be done that way? Email? There should be tracks left on my PC, even though the program has been erased..

CAN YOU HELP ME? IF NOT...DO YOU KNOW SOMEONE WHO CAN?

Thanks

Richard ><>

 

Just found a couple hidden porn vids on my pc which are not mine and they correspond to the date in which SpySweeper picked up the Keylogger and Stealth Webpage.... I have not deleted...thinking there may be a way to find out who sent them onto my PC an HOW? Also..found this file...see below..not sure if it is connected. Please look over and let me know what you think. Thanks Ed
- <window name="WinHidden" lang="JavaScript" visible="false" x="0" y="0" width="400" height="300" title="Hidden">
<script src="core.hp.main/WindowEvent.js" />
- <script>
- <![CDATA[
title = application.script.gDisplayName;

var hive_obj = application.script.gHive;
var wm_is_ok = false;

function handleOnOpen( )
{
// make sure media player is available
var is_ok = true;
if ( ! wm_is_ok )
{
is_ok = false;
}
else
{
var pcs;
var ver = MediaPlayer.versionInfo;
if ( ver && ( pcs = ver.match( /^(\d+)\./ ) ) )
{
if ( pcs[1] < 9 )
is_ok = false;
}
}

if ( ! is_ok )
{
application.script.gStartupOk = false;
alert( application.strings.mp_version_error );
return;
}
}

function ResizeApp()
{
var app_s = application.script;
var vp_man = app_s.gVPMan;

if ( app_s.gGoingFullScreen )
{
app_s.gGoingFullScreen = false;
return;
}

var last_win = app_s.gHive.get_last_window( "null" );

if ( ! app_s.initRes() )
{
WindowEvent_ExitApp();
return;
}

var p_res = WindowEvent_BestResolution( last_win, app_s.gResolution );

// If the resolution didn't change, then don't do anything
if ( p_res == app_s.gDisplayedResolution )
return;

if ( last_win != "null" )
{
var win_str = "application." + last_win;
var win_obj = eval( win_str );
if ( win_obj )
{
app_s.gSwitchingWindow = true;
win_obj.script._WindowEvent_Cleanup();
win_obj.Close();

WindowEvent_OpenWindow( last_win, app_s.gResolution );
}
}
}

function handleMuteChanged()
{
var core_vp = application.script.gVPMan.get_vp( "VP_Core" );
if ( ! core_vp )
return;

var btn = core_vp.button_roles["SoundOnOff"];
if ( ! btn )
return;

btn.role = Event.mute;
}

function handleOnClose()
{
try {
MediaPlayer.uiMode = "invisible";
}
catch(e) {
}
}


]]>
</script>
<action name="OnOpen" action="handleOnOpen();" />
<action name="OnClose" action="handleOnClose();" />
<action name="OnDisplayChange" action="ResizeApp();" />
- <!-- Used for find files
-->
<object name="ShellApp" id="ShellApp" class="Shell.Application" />
- <!-- Used to test for the presence of the media player cuz it's required
to run this application.
//
-->
- <object name="MediaPlayer" class="WMPlayer.OCX" x="0" y="0" width="1" height="1" required="false" windowless="false">
<action name="NdaOnCreateObject" action="wm_is_ok=true;" />
</object>
- <object name="VolCntl" id="VolCntl" class="hp.VolumeCntl">
<action name="MuteChanged" action="handleMuteChanged();" />
</object>
</window>