| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 73473 | 2006-10-20 00:28:00 | key stroke loggers | jonp (7517) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 492830 | 2006-10-20 00:28:00 | Does anybody know whether the "standard" spyware detectors (adaware, spybot) pick up key stroke logggers or is a different detection program required ? Ta very much. |
jonp (7517) | ||
| 492831 | 2006-10-20 00:53:00 | From what I have read, no, Adaware and Spybot, etc don't pick up all of the key stroke loggers. Some of them are so stealthy that nothing will pick them up, if their advertising is to be believed. However, these are the sophisticated loggers that are paid for and physically installed on a machine, not the ones that come in with a trojan so if you are worried that you have a key stroke logger on your own machine or are planning to send one to someone else then they are likely to be detected. |
FoxyMX (5) | ||
| 492832 | 2006-10-20 01:44:00 | From what I have read, no, Adaware and Spybot, etc don't pick up all of the key stroke loggers . Some of them are so stealthy that nothing will pick them up, if their advertising is to be believed . However, these are the sophisticated loggers that are paid for and physically installed on a machine, not the ones that come in with a trojan so if you are worried that you have a key stroke logger on your own machine or are planning to send one to someone else then they are likely to be detected . so what you're telling me is that if I run adaware or spybot that should pick up anything that has arrived surreptitiously rather than being manually installed ? that is exaclty the information i am after thankyou foxymx |
jonp (7517) | ||
| 492833 | 2006-10-20 02:51:00 | most spyware progs do not detect legit apps (non spyware). if a keylogger is spyware then it may be targeted. if its legit it may not, it all depends on what side of the fence the anti-spyware companies will sit on ;) | tweak'e (69) | ||
| 492834 | 2006-10-20 03:27:00 | A software keystroke logger works by intercepting the keyboard interrupt provided by the OS . This is usually fairly easy to detect (even if the OS-provided interrupt has been replaced) . What spyware detectors do about it depends on them . :D Hardware keystroke loggers can not be detected by software, though the means of getting the information once captured might be detectable . Exotic methods which detect the radiation from the screen electronics (etc) are less likely to occur, and in theory would be totally undetectable . |
Graham L (2) | ||
| 492835 | 2006-10-20 03:39:00 | so what you're telling me is that if I run adaware or spybot that should pick up anything that has arrived surreptitiously rather than being manually installed ? that is exaclty the information i am after Sorry, I meant to say that a key stroke logging program that came in via a trojan would probably be detectable with a trojan detection or possibly anti-virus program, not anti-spyware programs . It may also show up in HijackThis . I don't think Adaware or Spybot would detect them . Depending on what kind of logger was installed, its attempts to send out the info being logged may also possibly be detected by a third-party firewall . A firewall would not pick up the sophisticated ones, however . |
FoxyMX (5) | ||
| 492836 | 2006-10-20 04:03:00 | most spyware progs do not detect legit apps (non spyware) . if a keylogger is spyware then it may be targeted . if its legit it may not, it all depends on what side of the fence the anti-spyware companies will sit on ;) I just tried the new version of Xoftspy, which is Paretologic Antispyware . I did a scan with it the other day, it picked up 7 entries (belonging to Avast AV), in the registry and detected it as realspy which is a keylogger (spyware) . It looks like the entries Avast puts in the registry are identical to what Realspy installs (activeskin4 entries) . The only diff is, the files Winrsm . exe; getyahoo . dll, (part of realspy) or the registry run entry to run winrsm . exe arent on my system . And the files above arent running in task manager . Or on the hdd . |
Speedy Gonzales (78) | ||
| 492837 | 2006-10-20 04:12:00 | Note on XoftSpy: XoftSpy was listed on this page because of concerns with false positives (1, 2, 3, 4), questionable license terms, and the use of aggressive, deceptive advertising (1, 2), including exploitation of the name "spybot" by affiliates. Earlier versions of XoftSpy were also Ad-aware knockoffs. (There was clone of XoftSpy named SpyBurn, but that application is no longer available.) Over the past few months, XoftSpy has taken aggressive steps to reign in its affiliates (who were primarily responsible for the unsavory advertising), revised its license text, and released a new version of XoftSpy (version 4.0) that addresses our concerns with false positves. Given these changes we can no longer regard XoftSpy as "rogue/suspect" anti-spyware. Domains: paretologic.com (Note: other domains associated with XoftSpy include: adware-destroyer.com, adware-elimination.com, adwarekillers.com, adware-real-free-scan.com, adwares.net, anti-adware.net, antispywares.com, deletespyware.net, nomorespyware.net, removespyware.net, softspy.net, softwho.com, spywarebest.com, spyware-detection.net, spywareprof.com, spywarepurge.com, spywarerem.com, spywareremoval.net) [A: 6-26-04 / U: 12-7-04]http://www.spywarewarrior.com/rogue_anti-spyware.htm#xos_note |
tweak'e (69) | ||
| 492838 | 2006-10-20 04:14:00 | www.spywarewarrior.com That was before v4, its now upto version 5. That statement is no longer valid. |
Speedy Gonzales (78) | ||
| 492839 | 2006-10-20 08:36:00 | apples fall far far from the tree, yeah right! reminds me of gator/claria. | tweak'e (69) | ||
| 1 2 | |||||