AW: [Honeywall] Sebek-WIN32 v3.0.4

Stefan Vömel svoemel at
Tue Jun 17 05:01:42 EDT 2008


Sebek is a tool for silently capturing keystrokes, it uses many techniques
that are also implemented in some known rootkits. That's why it's detected
by your virus scanner even though I would rather see it as a false positive.
After all, it's only a tool and can be used by both "whitehats" and

Concerning the stability: The Win32 version doesn't work for me either:
After installing Sebek, the system (Win XP) gets extremely unstable and
constantly crashes with a blue screen as it is in your case. I feel that the
software is a bit outdated and I've stopped using it. On Windows 2000,
however, it seems to work properly. 

Best regards,



	Von: honeywall-bounces at
[mailto:honeywall-bounces at] Im Auftrag von Imran Shaikh
	Gesendet: Dienstag, 17. Juni 2008 08:48
	An: honeywall at; honeypots at
	Betreff: [Honeywall] Sebek-WIN32 v3.0.4

	Dear all,

	I have scanned Sebek-WIN32 v3.0.3 & Sebek-WIN32 v3.0.4 but both are
infected and AV detected it as a Malware. Also, when I restarted my PC1
after installation of Sebek-WIN32 v3.0.3 and restarted my PC2 after
installation of Sebek-WIN32 v3.0.4, BLUE screen error occur.

	 I am using  Win 2003 server Enterprise Edition with Sp2 and
HoneyNet CD-ROM roo-1.4.hw-20080423134017.

	 Please help me regarding this problem.

	Your urgent and helpful response will be highly appreciated. 

	Thanks & Regards,

	 Imran Shaikh

More information about the Honeywall mailing list