AT & Keyloggers

Discussion in 'other anti-trojan software' started by JO, Dec 3, 2003.

Thread Status:
Not open for further replies.
  1. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Yes, I thought so - thanks for the clarification. Pete
     
  2. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    As a sort of wrap-up to this thread, I'd like to add that I contacted SpyCop after we got done playing around with this and i got two responses from them.

    The first one:

    "Hi Pete,
    SpyCop, unlike many of our competitors, is not filename dependant. Our brute
    force scanning system scans every byte within files...not just their
    attributes, making SpyCop capable of detecting any morphing spy which randomly
    changes its filenames. The speed may not be the fastest, but no stone will be
    left unturned after a SpyCop scan :)"

    and the second:

    "Hi Pete,
    After reviewing the thread, we found a post referring to SpyCop only detecting
    the main exe. This is normal. When a spy program is detected, we request
    that users send the scan results, and then we provide a custom removal utility
    for their particular system to eradicate the spy. SpyCop's rename feature can
    be used to immediately disrupt the spy program during the time that we are
    working on the custom utility. We do things this way to prevent possible
    damage to a user's system should a detection be a false alarm, though this is
    rare."

    I really wish I'd have thought to re-trial Advanced Anti-Keylogger on this one during the thread, but it didn't occur to me at the time - I've a feeling it would have caught it, as well.

    In any case, I think a totally great job was done by everyone who participated in this thread. It was interesting and even fun! Pete
     
  3. Longthing

    Longthing Registered Member

    Joined:
    Jul 27, 2002
    Posts:
    40
    I received a couple of e-mails infected with W32.dumaru.y yesterday. This virus also containes a keylogger. When i scanned the file with TDS, TDS gave the following warning: Possitive identification <adv> (in archive) Possible keylogger. TDS also gave a warning for Excessive space characters.
     
  4. Vile

    Vile Guest

    Re: AT & Keyloggers

    Hello,

    I was wondering, I have a few computers set up in the office. and some one has told me that say for example, that you are on yahoo instant messanger and someone sends you a file... how do they attach a keylogger onto that file and make it "undected"? I am asking this because not only does this concern me, but I would like to know how I might be able to send someone one. I think it is supposed to be able to log other computer, whos ever computer that you send the file or folder to and then when they get back online it is supposed to tell you what all they did. this is what I was told, I would like to know what i need to send something like that...
     
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    18,252
    Location:
    New England
    Re: AT & Keyloggers

    Hello Vile,

    No one here is going to help you send a keylogger to some one. That's not what this site is about. We help people secure themselves not break other people's security.
     
  6. EyesOnU

    EyesOnU Guest

    Re: AT & Keyloggers

    Sending someone a keylogger without them knowing about it is a highly unethical thing to do. And if it isn't illegal it dam well should be! I hope your not planning on doing anything like that to someone. Just think how you would feel if someone did it to you. I just can't wait till laws are passed making all this stuff totally illegal. Then anyone caught doing such a crime will finally get what coming to them.
     
  7. controler

    controler Guest

    Re: AT & Keyloggers

    Hi

    Just a couple quick things i forgot to mention here.

    First , if you are using a wireless keyboard. that can be picked up from outside the home. Second, from what I hear, The Government has equipment that can pick up hard wired keystrokes from outside the home. I am sure there isn't too many other regular people that have this sort of equipment though.
    Just look for the cars without whitewalls and guys wearing sunglasses outside your window lol
    Yes this was a good thread and hope it shed some light to some people.

    controler :)
     
  8. New Here

    New Here Guest

    Re: AT & Keyloggers

    I have been reading your posts and have picked up some very useful information. Thanks all!

    However, here is my conundrum.....I am worried about my users at work installing keyloggers to capture admin passwords. Some of these users get temporary local admin rights....and I am reasonably sure that they install these things.

    So, here is my question: is there any way the check, without installing software, if a USER installed keylogger is running?

    Any thoughts, help, ideas, or even hints would be great!
     
  9. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    Re: AT & Keyloggers

    If you could run FILEMON from Sysinternals.com on the machine just start typing and analyse what files are modified by filtering file access entries, or just browse through a log. You may or may not find a stealthed logger, depending on what sort of API hooking it is doing.

    Without installing anything.. you could type lots and lots over and over into notepad and then check last accessed files sorted by date in the Windows and System folders, maybe get lucky...
     
  10. controler

    controler Guest

    Re: AT & Keyloggers

    guest?

    since you are saying your users I am guessing you are the owner?

    Any of the online scan sites might work for you but they usualy require installing some active x first, which should not be a problem for you since you are the owner and have admin rights.

    Bruce
     
  11. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Re: AT & Keyloggers

    Hi Infinity, As I had to remove miakica's post your's became irrelevant :D

    Pilli
     
  12. Infinity

    Infinity Registered Member

    Joined:
    May 31, 2004
    Posts:
    2,651
    Re: AT & Keyloggers

    Good Enough :lol

    looks like someone needs a job ;)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.