AT & Keyloggers

Discussion in 'other anti-trojan software' started by JO, Dec 3, 2003.

Thread Status:
Not open for further replies.
  1. JO
    Offline

    JO Guest

    Does AT software also catch keyloggers or do I need a separate software for that?

    Also do I need a dedicated AT software or does an AV and anti-spyware software like spywareguard, adaware and spybot do the trick.

    Thanks in advance.
  2. Gavin - DiamondCS
    Offline

    Gavin - DiamondCS Former DCS Moderator

    Hi,

    TDS detects hundreds of known malicious keyloggers, and a lot of "commercial" keyloggers too. These are actually a danger, we try to add detection for as many as possible. There are anti keylogger programs - some are actually made by those who also make the keyloggers.. nice isnt it ? (sarcasm :))

    TDS also has generic/heuristic detection for keyloggers, I think of the other AT's only Pest Patrol also has it.

    Programs like AdAware, Spybot, SpywareBlaster are for spyware and adware really, and although some detect keyloggers they probably arent going to be doing an overly good job of it, simply because they need to add detection for the keyloggers first. Commercial ones are a problem, noone especially not those freeware tools wants to pay for them. The actual risk from these keyloggers does however seem smaller than that of malicious keyloggers created by trojan writers.
  3. illukka
    Offline

    illukka Spyware Fighter

    at least spybot does catch some keyloggers.
    trojan hunter has lot's of 'em in its rulesets, tds too, even pest patrol has a key patrol component.. kaspersky, when u download bases from the updates_x directory detects keyloggers too
    i seem to remember that there was even a specialised program to detect keyloggers.. was it anti-keylogger or somthing??
    spycop is a big name in this http://spycop.com/products.htm
  4. Gavin - DiamondCS
    Offline

    Gavin - DiamondCS Former DCS Moderator

    Yes those too

    KAV detects malicious keyloggers without extended bases - they are called TrojanSpy.
  5. illukka
    Offline

    illukka Spyware Fighter

    yes it does, the x-bases are for the ultra paranoids, they detect _COMMERCIAL_ keyloggers and commercial remote acces software tools too.. so if you strongly suspect that you're spied on it is a good option to try...
  6. controler
    Offline

    controler Registered Member

    Just a quick word on Spybot S&D
    I know if you send Patrick samples of those Keyloggers, he will add them to Spybot detection. ;)
  7. claire
    Offline

    claire Guest

    Trojan Hunter also detects keyloggers.
  8. Nancy_McAleavey
    Offline

    Nancy_McAleavey Expert Member

    BOClean detects and deletes trojans, keyloggers and all sorts of malicious spyware (the stuff you can't stop from downloading, installing or uninstalling).

    http://www.nsclean.com/boclean.html
  9. illukka
    Offline

    illukka Spyware Fighter

    sorry nancy, i forgot boclean.. thanks for correcting me
  10. tutankamon
    Offline

    tutankamon Registered Member

    Hi all,
    What about Digital Patrol? It gets a good write up in the latest computer mag, also a good score.
  11. illukka
    Offline

    illukka Spyware Fighter

    i trialed digital patrol last february.. in short you can find better detectors than it..it does find some trojans and keyloggers etc. that's true...
    there might have been development, it's been 10 months.. but it had a lot to catch up, the competition was miles ahead of it
  12. controler
    Offline

    controler Registered Member

    I am guessing TDS-3 is working on Iopus-starr keylogger as we speak ;)
    I know it don't detect it yet.

    con
  13. DolfTraanberg
    Offline

    DolfTraanberg Registered Member

    Unless you have a local spy at your house there must be a Trojan running as well to get the data out.
    Dolf
  14. controler
    Offline

    controler Registered Member

    ok this is not a keylogger that has the option to send via e-mail but NOD-32 and TDS-3 do not detect this one yet.

    con
  15. rerun2
    Offline

    rerun2 Registered Member

    I do not know TDS's nor NOD's policy on keyloggers, but it may be because this is a commercial keylogger. SpyCop detects it.

    Attached Files:

  16. Paul Wilders
    Offline

    Paul Wilders Administrator

    con,

    I presume you've submitted this one to the software companies mentioned?

    regards.

    paul
  17. controler
    Offline

    controler Registered Member

    I am working on getting another REAL ISP e-mail acocunt here in the big city. Hotmail uses Mc afee and Yahoo uses Norton to scan their mail. They also only allow one meg of info to be transmitted. I figured everyone would do a google :)
    Just tried Hotmail and the file is 1.6 meg so it was too big. And tried Yahoo neither allow that big of a file.
    Anyplace I can FTP to?
    Since this is a commercial Monitoring program, I see no harm in posting the companies link here.
    http://www.iopus.com/starr.htm


    con
  18. Paul Wilders
    Offline

    Paul Wilders Administrator

    con,

    That will do as well ;)

    regards.

    paul
  19. controler
    Offline

    controler Registered Member

    As of today 12/26/2003

    this keylogger is still not removed.


    con
  20. spy1
    Offline

    spy1 Registered Member

    :D

    That's why the smart ones use SpyCop to detect keyloggers.

    That's what it does . Pete
  21. controler
    Offline

    controler Registered Member

    Spy 1

    I know you are not calling me stupid LOL

    I think what we are doing here is proving who
    is brave enough to include comercial keyloggers and who is not.
    As I mentioned before, I installed this keylogger
    for testing reasons.
    Now as you suggest I will give Spycop a try.
    I also have anti-keylogger as you may remember.
    I guess if a keylogger has an install program and runs invisable, it is not a trojan but rather on the risky list.
    Although, If that same keylogger was installed by someone other then yourself it becomes a trojan in my mind.
    Am I beating a losing horse to death here ?

    con
  22. controler
    Offline

    controler Registered Member

    as you suggested I gave Spycop Trial a try on the latest BETA iopus-starr keylogger and it does not find anything o_O


    con
  23. spy1
    Offline

    spy1 Registered Member

    Con - I wouldn't depend on the trial version of SpyCop to detect it's own rear end with both hands and a compass! :eek: Pete

    *Did you really say "beta"?

    **And, no - of course i wasn't calling you stupid.

    *** Is your version of Anti-Keylogger the most recent? The paid for one?
  24. controler
    Offline

    controler Registered Member

    Yes this is the newest BETA version.
    I sure don't want to buy any software to see it's newest database.
    Just like Andreas was saying A 2 would detect some of the files I had. It didn't.
    I had the newest A2 scan engine running on a fresh
    install of Windows.
    As of now I only have TDS-3 A 2 Norton AV 2003, Spybot S&D and Look & Stop installed on this system.

    And version 5.0 Beta build 116 iOpus STARR Keylogger

    These settings are stored in the 256 bit AES encrypted "starr.ini"
    file. Administrators can directly change it's settings here.

    PROTECT Logging engine:
    1.Use Starr File Protection (When active it makes files completlt invisable
    for every application.
    2.Hide process from task manager after auotstart.



    [SETTINGS]
    FolderLogs=<DATA>
    FolderReports=<DATA>
    NameLogs=#<USER>#<PC>#.sxx
    LE_SendBytes=0
    LE_SendLastTime=0
    LE_SendNumber=1
    FolderLAN=\\Admin-PC\StarrReports\
    FolderLANUser=
    FolderLANPwd=
    IniVersion=5000116
    FirstStart=0
    LicenseKey=AAAAA-BBBBB-CCCCC-DDDDDD-EEEEE-FFFFF
    Autostart=1
    AutostartMode=1
    TestURL1=http://www.iOpusemail.com/index_a.htm
    TestURL2=http://www.iopus.de/is-online-test/index_a.htm
    BannerText=<CR>
    ALL ACTIVITIES ON THIS SYSTEM ARE MONITORED.
    BannerShow=0
    BannerFrequency=1800
    LogWebsites=1
    ReportFormat=101
    LogKeystrokes=1
    LogApplicationPath=1
    LogApplication=1
    LogChat=1
    LogTech=0
    LogSTARR=0
    LogAol=1
    PwdLog=xxxxxxxxx
    LogDuringWinLogon=1
    CreateSupportLog=1
    SkipEventsShorterThan=2
    UseSkipFeature=0
    SendReportFormat=100
    SendAsZip=0
    EmailAssumeAlwaysOnline=0
    SendZipPassword=
    SendAddNumber=1
    SendDeltaKB=30
    LogfileMaxsizeMB=20
    SendMode=0
    EmailUseUserAccount=1
    SendEveryXMinutes=60
    EmailUnlock=0
    SendDelete=1
    SendTrigger=1
    EmailTo=YOUR-EMAIL@-HERE-.COM
    EmailSmtp=
    EmailFrom=
    EmailPort=25
    EmailSubject=Report, No. <COUNTER>, Current User:<USER>
    SendFilePrefix=No[<COUNTER>]-
    EmailPopName=
    EmailPopPwd=
    EmailPopHost=
    InstallKeyboardMonitor=1
    InstallFileProtection=1
    ActivateFileProtection=1
    HideProcess=1
    DeleteMRUEntriesAfterReboot=1
    DeleteMRUEntriesInstantly=1
    StartStarrcmdWord=starrcmd5
    AskEngineRestart=1
    ShowDialogRunWord=1
    ScreenCaptureQuality=1
    ScreenCaptureMode=2
    ScreenCaptureIntervall=60
    MonitorScreenCapture=1
    LogUserListExclude=1
    LogUserList=
    DLLMode=0
    KeyboardMonitorMode=1
    PmMode=1
  25. muf
    Offline

    muf Registered Member

    I have thought about buying Anti-keylogger, but have been unsure as i can not decide if this is the best one or Spycop is. Controler, you say you have Anti-keylogger. did it detect the iopus-starr keylogger? You never actually said, and was you using the most up to date version?

    muf
Thread Status:
Not open for further replies.