The eBlaster program uses keylogging and stealth e-mailing as its primary methods for logging everything you type, including your personal information and periodic screenshots of websites you visit. The keylogging functionality allows eBlaster to record e-mails, Internet chats, website browsing, instant messaging and any other typing you do on your computer. The keystrokes and screenshots are collected in log files and sent via e-mail protocols from your computer through a tunnelled Internet interface to a hacker's computer. The hacker can then easily retrieve and use any personal information you typed while eBlaster was active on your computer. While remote installation through an e-mail attachment is possible, eBlaster is usually installed manually on targeted computers, and is designed to operate undetected by most commercial antivirus programs.
- Skill level:
- Moderately Challenging
Other People Are Reading
Inspect peculiar file names on your hard drive that have the hidden attribute checked. To see the hidden files in a folder, open Windows Explorer. Go to the boot drive's Windows folder, click "Tools," select "Folder Options" and move to the "View" tab. Select "Show Hidden Files and Folders" and uncheck "Hide Protected Operating System Files." Click "OK" to close the window and search the contents of the folder.
Search your Windows folder and subfolders on a periodic basis for a file named "URLMKPL.DLL" that has a 486kb file size. This is one of the most important files eBlaster uses in its execution.
Disconnect your network connection for an hour while typing in an open program (for example, a document, game, spreadsheet, calendar or e-mail) if you suspect eBlaster is on your computer. eBlaster's main function is to send outbound e-mail about your computer usage through the Internet. The delayed send gives you the opportunity to search your computer for newly created files in system and user account folders.
Tips and warnings
- Since eBlaster keylogging uses some of the same technologies as rootkit viruses, you may be able to successfully detect the presence of the keylogger with tools such as Microsoft's Rootkit Revealer, Sophos' Anti-Rootkit or McAfee's Rootkit Detective (see Resources).
- If you believe eBlaster is installed on your computer, you should not remain connected to the network. Take the necessary steps to determine that your computer is free of eBlaster and then run a full antispyware scan before reconnecting to the network.
- 20 of the funniest online reviews ever
- 14 Biggest lies people tell in online dating sites
- Hilarious things Google thinks you're trying to search for