Join or sign in Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below. Use Your Email Use FacebookUse Linkedin

Keyloggers

Locked

Good Morning,

How do you identify if there is a keylogger software to your PC office or at any other public PC?

And if it is not easy to spot these softwares, how can you protect yourself, especially when you are using your credit card and you suspect that there might be a keylogger installed?

Thanks in advance for your time

Topic

Clarifications

In reply to Keyloggers

Clarifications

Spyware

In reply to Keyloggers

Trend Micro AntiVirus plus AntiSpyware 2008 is a very good tool to detect and remove spyware. I use it both in corporate and personal environments and can tell you it worked out nicely. You can also have a look to the web Trend Micro engine to remove those threats. The link is http://housecall.trendmicro.com/ and it is free though.

Not to argue, but…..

In reply to Spyware

I have Trend on several PCs at home, and have found it to be very poor at catching viruses and spyware.

I now use PC Tools Spyware Doctor as my anti-spyware (along with Trend for viruses).

In the past year, PC Tools has detected at least six nasty viruses or spyware apps (such as the horrible vundo) that Trend has blissfully ignored. I plan to switch to PC Tools Anti-virus and chuck the half-dozen Trend licenses.

I also use AVAST on some PCs, with good results so far.

One rather obvious sensible answer …

In reply to Keyloggers

DO NOT USE a public PC or an office PC to buy online.

Of course, sometimes the ‘keylogger’ isn’t installed on the local machine – it may exist anywhere down the chain of online network connections.

Alternately, my Bank has issued me with a card scanner that rather resembles a small calculator.

My cards slot into this device and all online transactions involve answering a formulaic question by typing into the scanner with the card inserted – the LCD then gives me a series of characters that I input as authorisation.

This authorisation code, once used, is from then on invalid. This is supposed to be a keylogger defence.

Such is life! 😉

Another case for booting to a live CD/flash

In reply to One rather obvious sensible answer …

It wouldn’t matter WHAT the system was infected with, it won’t be running.

Good Point !! You’re not as daft as your avatar looks :D

In reply to Another case for booting to a live CD/flash

😉

That’s the best answer I’ve heard today….

In reply to Another case for booting to a live CD/flash

you can’t hack what you can’t write to.

However there are HARDWARE keystroke loggers. These devices were used for the largest attempted bank heist in history ($440M USD from Sumitomo in the UK).

http://www.cioupdate.com/trends/article.php/3600126/Lessons-Learned-from-Biggest-Bank-Heist-in-History.htm

check the Task Manager

In reply to Keyloggers

Antispyware should block keylogger spyware. There may be keylogger spyware that can evade antispyware programs, however. The FBI has a secret ‘Magic Lantern’ keylogger program to determine private keys for encrypted files (theoretically, the FBI must obtain a warrant from a federal court based upon ‘probable cause’).

I recommend that you open the Task Manager (Ctrl-Shft-Esc for Windows XP operating systems) each session and familiarize yourself with the running processes. To determine the process, see:

http://www.processlibrary.com/

If you spot something unfamiliar, and ProcessLibrary cannot identify it, worry about spyware, and guide yourself accordingly.

Rick/Portland, OR USA

Not to argue but…..

In reply to check the Task Manager

Any well-behaved keystoke logger is going to hide the process, hook itself to another process (winlogin.exe, explorer.exe) so you are not going to see it. Even the really dumb ones do things like naming themselves similar to other processes.

Over the years I’ve seen many, many viruses and keystroke loggers that evade or even actively disable AV/anti-spyware programs. Some do things like patching explorer.exe in memory, installing a hacked version of IE, or similar shenanigans.

I’ve done some investigative work using the eBlaster app which, at the time, was ignored by AV and anti-spyware vendors as a legit program. It ran as a hidden process, and unless somebody was really, really good, they could not spot that program on the PC.

How do you identify

In reply to Keyloggers

in my office chief instal KeyBag keylogger on my Mac, i see which process was not…

If it were easy to disable, it would not be any good…..

In reply to How do you identify

http://www.protemac.com/KeyBag/

Maybe you could run another OS with bootcamp?

Of course the boss might be tipped-off if you’re running XP on your machine.

you can turn to their live support for help.

In reply to Keyloggers

http://www.keylogger4u.com
you can turn to their live support for help.

how to detect a keylogger

In reply to Keyloggers

Open the Task Manager by holding the Control and Alt keys and pressing Delete. Check the “Tasks” and “Processes” tabs for any suspicious or unfamiliar program names. Research any suspect programs online.

Select the “Run” function from your computer’s Start menu. Enter “msconfig” to open your computer’s start-up configuration menu. Key loggers that evade your Task Manager may not be able to avoid this menu. Research any strange or unexpected start-up programs.

Download a reputable antivirus program if you cannot detect a key logger, or are unsure if you have found one. Many antivirus programs are updated regularly to combat new, evolved key logger programs. Select your antivirus software carefully as some programs contain viruses. Hundreds of free key logger detection programs are available online

Read more: How to Detect a Key Logger | eHow.com http://www.ehow.com/how_5855091_detect-key-logger.html#ixzz2LCxPQiHQ
Source: http://www.microkeylogger.com/

[Author]

Replies