Question

Locked

Keyloggers

By amateur_82 ·
Good Morning,

How do you identify if there is a keylogger software to your PC office or at any other public PC?

And if it is not easy to spot these softwares, how can you protect yourself, especially when you are using your credit card and you suspect that there might be a keylogger installed?

Thanks in advance for your time

This conversation is currently closed to new comments.

13 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Spyware

by alrocky69 In reply to Keyloggers

Trend Micro AntiVirus plus AntiSpyware 2008 is a very good tool to detect and remove spyware. I use it both in corporate and personal environments and can tell you it worked out nicely. You can also have a look to the web Trend Micro engine to remove those threats. The link is http://housecall.trendmicro.com/ and it is free though.

Collapse -

Not to argue, but.....

by robo_dev In reply to Spyware

I have Trend on several PCs at home, and have found it to be very poor at catching viruses and spyware.

I now use PC Tools Spyware Doctor as my anti-spyware (along with Trend for viruses).

In the past year, PC Tools has detected at least six nasty viruses or spyware apps (such as the horrible vundo) that Trend has blissfully ignored. I plan to switch to PC Tools Anti-virus and chuck the half-dozen Trend licenses.

I also use AVAST on some PCs, with good results so far.

Collapse -

One rather obvious sensible answer ...

by OldER Mycroft In reply to Keyloggers

DO NOT USE a public PC or an office PC to buy online.

Of course, sometimes the 'keylogger' isn't installed on the local machine - it may exist anywhere down the chain of online network connections.

Alternately, my Bank has issued me with a card scanner that rather resembles a small calculator.

My cards slot into this device and all online transactions involve answering a formulaic question by typing into the scanner with the card inserted - the LCD then gives me a series of characters that I input as authorisation.

This authorisation code, once used, is from then on invalid. This is supposed to be a keylogger defence.

Such is life!

Collapse -

Another case for booting to a live CD/flash

by jdclyde In reply to One rather obvious sensib ...

It wouldn't matter WHAT the system was infected with, it won't be running.

Collapse -

Good Point !! You're not as daft as your avatar looks <NT>

by OldER Mycroft In reply to Another case for booting ...
Collapse -

That's the best answer I've heard today....

by robo_dev In reply to Another case for booting ...

you can't hack what you can't write to.

However there are HARDWARE keystroke loggers. These devices were used for the largest attempted bank heist in history ($440M USD from Sumitomo in the UK).

http://www.cioupdate.com/trends/article.php/3600126/Lessons-Learned-from-Biggest-Bank-Heist-in-History.htm

Collapse -

check the Task Manager

by nepenthe0 In reply to Keyloggers

Antispyware should block keylogger spyware. There may be keylogger spyware that can evade antispyware programs, however. The FBI has a secret 'Magic Lantern' keylogger program to determine private keys for encrypted files (theoretically, the FBI must obtain a warrant from a federal court based upon 'probable cause').

I recommend that you open the Task Manager (Ctrl-Shft-Esc for Windows XP operating systems) each session and familiarize yourself with the running processes. To determine the process, see:

http://www.processlibrary.com/

If you spot something unfamiliar, and ProcessLibrary cannot identify it, worry about spyware, and guide yourself accordingly.

Rick/Portland, OR USA

Collapse -

Not to argue but.....

by robo_dev In reply to check the Task Manager

Any well-behaved keystoke logger is going to hide the process, hook itself to another process (winlogin.exe, explorer.exe) so you are not going to see it. Even the really dumb ones do things like naming themselves similar to other processes.

Over the years I've seen many, many viruses and keystroke loggers that evade or even actively disable AV/anti-spyware programs. Some do things like patching explorer.exe in memory, installing a hacked version of IE, or similar shenanigans.

I've done some investigative work using the eBlaster app which, at the time, was ignored by AV and anti-spyware vendors as a legit program. It ran as a hidden process, and unless somebody was really, really good, they could not spot that program on the PC.

Collapse -

How do you identify

by unknownneversay In reply to Keyloggers

in my office chief instal KeyBag keylogger on my Mac, i see which process was not...

Collapse -

If it were easy to disable, it would not be any good.....

by robo_dev In reply to How do you identify

http://www.protemac.com/KeyBag/

Maybe you could run another OS with bootcamp?

Of course the boss might be tipped-off if you're running XP on your machine.

Back to Software Forum
13 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums