[StBernard] From Craig: Spyware and Keyloggers

[Westley Annis]

I'll also add my take on spyware/keyloggers:

There are spyware commercial programs available that can detect and help on
keylogging programs. Below is a definition. Basically, a"Keylogger" is an
invisible software program that identity thieves can use to track your
online activity."

Here is how one can detect a Keylogger:

Check the task list by press ctrl+alt+del in windows. Examine all the tasks
running, if you unsure of a task look it up on a search engine. 

Use the system configuration utility to determine which task are loaded at
start-up (type "msconfig" in the run box to start). 

Run your antivirus checker, it's possible this will pick up the Keylogger on
your system.  Scan your hard disk for the most recent files stored. Look at
the contents of any files continually updating (these might be logs). 

Download a specific keylogger detector program, and see if it detects
anything. 
Run this Spybot program. 

Some of the commercial programs include those by Symantec/Norton
(Symantec.com), McAfee (Mcafee.com) and Spybot programs (such as Ad-Aware
below) or Spyware Defender, or E-Trust and Spyware Blaster. I use 
Ad-aware, Norton, and others either because I'm crazed, paranoid or that
some programs find some spyware while others find an array of different
instances.

Here's a video describing:

http://www.symantec.com/content/en/us/home_homeoffice/media/flash/tours/nis2
008/index.html

It's good to have a decent firewall (Such as ZoneAlarm(.com) that monitors
traffic into and out (Internet) your computer as well. If you're using XP or
98, you're not protected properly with its firewalls.

Lavasoft has a commercial version (Pro) but also has a nice shareware/free
version to try (Ad-Aware):

http://www.download.com/Ad-Aware-2007-Free/3000-8022_4-10045910.html?part=dl
-ad-aware&subj=dl&tag=top5

And..

Lastly, a "keylogger" can also be placed on systems to protect one's
interest. It could be placed as a device attached at the rear, or as
software for: Employer's to trace an employee's activities, a spouse/"loved
one" checking in on one's internet activity, or a parent protecting one's
child's activity and/or internet actions.

All: Definition:

A Keylogger is a program that records all keystrokes and stores them for
later retrieval. The existence of a keylogger is usually kept a secret and
is hidden from whoever it is targeting. For example, They may be used by
company to monitor an employee they're suspicious of, a keylogger could even
be installed for backup purposes in case of a system crash. It could be
useful to know that you always have a backup of whatever you type.

Keyloggers are categorized as a form of spyware, and will most likely store
the keystrokes to a file (which may be encrypted) and can be accessed by the
attacker, normally by the use of a password. 

Some keyloggers also capture the screen at regular intervals (screen
recorders). Also it's possible for keyloggers to automatically email the
captured keystrokes to the attacker so they don't even need physical access
the attacks system once it's been installed.

Further reading: http://www.askmehelpdesk.com/advice/f-474.html

--jer
-----------------------------------------------------
Westley,

I did some quick searching...what's a good way to detect if you've had a key
logging application placed on your machine?  If it's been put there via a
Trojan virus or something, will the normal anti-virus programs detect it
upon scanning the drive?  From what I read, there are a number of ways of
getting one of these things placed on your machine and it seems they can be
difficult to detect and remove.  Any suggestions?

I think I've got my machine fairly secure, no one else uses it, I don't open
unknown emails, etc., but this might be a good instance for you to give us a
lesson in cybersecurity 101.

Jim