Excluding Keylogger

[Whystimpy]

Two teenage boys keep crashing home computer due to porn sites, etc. and blame each other for it. I Created a BIOS password and after about a month or so one/both of them hacked into it so the problem continues.   Decided to install a commercial keylogger to find out whose crashing the computer.

Initially, the keylogger wasn't detected in a manual scan but because am not computer savvy made the mistake of running a boot scan and of course it showed up and was immediately removed.  I have uninstalled/reinstalled the keylogger several times but now am receiving warning that high threat mal-ware found when logging into the computer as well as in the manual scan report with no option to restore/exclude it. 

How do I exclude the keylogger from being detected/reported in the scan results so the boys don't know its there?

[Pondus]

Two teenage boys keep crashing home computer due to porn sites, etc. and blame each other for it.

have you tried OpenDNS ?
sett up your router with OpenDNS and you can block them from entering porn sites and lots more....

OpenDNS http://www.opendns.com/

[Whystimpy]

I've tried that type of stuff before and a friend is the one who gave me instruction on how to set the BIOS password.  Surely, there's a way to exclude the keylogger so I can find out all the places my boys are visiting?  Thanks!

[Pondus]

OpenDNS also have a log function   

[Whystimpy]

Quick question...we don't have a router and in fact there are four users on one computer.  We are interested in only monitoring the boys' user.  Does this matter?  I'll give it a try and thanks again.

[Pondus]

you can sett it up in your router, then everyone connected will be protcted by it
or you can sett it up in the computer, then only that computer will be protected by it
http://askbobrankin.com/what_is_opendns.html

And if you have two boys surfing like that, then you need this, if you don`t already have it?
you may be supprised of what it find!   Malwarebytes  www.malwarebytes.org

[DavidR]

Keyloggers can be excluded, assuming avast is actually alerting on it. But the problem with keyloggers is that they are not proactive, so you only find out after the fact and you have to actually monitor the what the keylogger reports.

You can add the full path to the file to the exclusions lists:
File System Shield, Expert Settings, Exclusions, Add and
avast Settings, Exclusions

~~~~
So OpenDNS is one way to go and using the Dashboard function can block categories. However, if they were able to get round your BIOS password, they are likely to get round your OpenDNS logon user name and password if you don't use strong passwords.

~~~~
I would also suggest that you assign them Limited User accounts (limits the damage any malware can do), so they don't have much rights to go snooping round other users areas. That would mean that all users would have to logon with a password (strong not one your boys can guess/hack).

~~~~
Another option is something like Naomi Parental Control software (freeware) http://www.radiance.m6.net/

[Whystimpy]

Actually, we do have Malwarebytes and routinely run it and believe it or not RARELY does anything show up for some reason.  Regularly update it and even updated it last night.  Nothing came up on that but it did in the AVAST scan. We were using AVG but switched to AVAST which has been substatially better. Hopefully, we be able to figure who the culprit(s) are.  I appreciate your help.

[Whystimpy]

Have been unable to determine the long file name to add to the exclusion list. How do I to find out what it is so I can add it?

[DavidR]

Well you said it was detected so it should be in the log file created by the scan.

You say it was a boot-time scan then check the C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\report\aswBoot.txt file (XP location) C:\ProgramData\Alwil Software\Avast5\report\aswBoot.txt (Vista, Win7 location), check this file using notepad for info on the scan/detections, etc.

This folder may be hidden, so you may need to change the windows explorer folder options to uncheck hidden files and folders.