Some loggers are visible as processes, but those are the school project variety. The agressive loggers are either disguised as valid system services or patch into the kernel. They're essentially rootkits and tough to notice. Hopefully one or more scanners will either notice the fingerprint or provide some confidence the system is clean.
Best is to attach a suspect drive as a slave to a known clean box. Reduces chances of something getting under the radar. When someone is truly concerned (and it's sometimes warranted) I suggest reverting to a known safe image backup or reinstall. Depends on time vs. concern. If you reinstall that would be a great time to start making quickly restorable images for situations like this.
BTW, if you have trouble getting rid of any of the scanners boot in safe mode and try again. Some aren't the cleanest code you'll run into.
__________________
There are a vast number of people who are uninformed and heavily propagandized, but fundamentally decent. The propaganda that inundates them is effective when unchallenged, but much of it goes only skin deep. If they can be brought to raise questions and apply their decent instincts and basic intelligence, many people quickly escape the confines of the doctrinal system and are willing to do something to help others who are really suffering and oppressed." -Manufacturing Consent: Noam Chomsky and the Media, p. 195
|