Help, with Keylogger

Discussion in 'malware problems & news' started by Neutron4ever, Feb 28, 2009.

Thread Status:
Not open for further replies.
  1. Neutron4ever

    Neutron4ever Registered Member

    Joined:
    Feb 28, 2009
    Posts:
    1
    Hi, after looking in my registry, I found KSGenerator.KeystrokeGenerator and KSGenerator.KeystrokeGenerator.1

    Are these keyloggers? And should I delete them?
     
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
  3. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Where in the registry is this located? What keys and sub keys is it in?

    How many instances?

    This information could help to determine what it belongs to.
    There isn't a lot of google info for what you provided. 2 exact results.
     
  4. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Looks like it does not work for Vista. I am wondering if it detects commercial keyloggers. I have been reading that many of these anti-keylogger programs ignore the commercial ones. Spycop is evidently the only program that specifically detects the commercial ones, as far as I know.
     
  5. FiOS Dan

    FiOS Dan Registered Member

    Joined:
    May 24, 2006
    Posts:
    86
    Location:
    Redondo Beach, CA
    Just curious the tester are you relaying information or do you have firsthand experience with this program? I have bookmarked the site but before DLing I thought it best to check first.
     
  6. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    Downloaded,installed, and ran KL-Detector.
    It comes with directions and provides a detailed log.
    The only caveat with this program is that you have to turn all security programs off.
     
  7. FiOS Dan

    FiOS Dan Registered Member

    Joined:
    May 24, 2006
    Posts:
    86
    Location:
    Redondo Beach, CA
    Got it...thanks.
     
  8. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
  9. Blue Ring

    Blue Ring Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    100
    First, doing a full AV scan of your computer would be smart. Maybe a couple of the free online AV scans would be good as well. Then try any AS scanners you might have also to see if they find anything.

    After that, I think perhaps Spycop would be a good recommendation as suggested by Caspian. But that's only if it is a commercial keylogger. Spycop most likely won't find any private builds. Anyway here's a link to the free trial download. http://www.spycop.com/download.htm The trial will only do a partial scan (75%), but hey still worth trying it imo.

    Another antikeylogger you could try is DataGuard. http://www.maxsecuritylab.com/ It has a completely free version too. I recently gave it some tests and it doesn't do too bad against different keyloggers, even the free version. It won't find everything out there, but it did stop the Elite keylogger cold, which is often a tough one to beat, so maybe worth a try running it and see if it finds anything.

    Also run any rootkit scanners you have, they can be very helpful against some of the keyloggers that use rootkit like techniques to hide.

    Not trying to undermine your advice The Tester, but I don't think I would rely on KLDetector at all. I've tried it in the past and it didn't do very well, and a lot of false positives too. If your dealing with a well hidden keylogger, I doubt KLDetector will do much good.
     
  10. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,221
    Out of curiosity, don't good Antivirus programs intercept keyloggers?
     
  11. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    I went to the SpyCop website to download and I could not so I sent them an email. Here is their response:

    Hi - Thank you for your email. Due to an ethics disagreement between vendor and distributor, the product that you knew as SpyCop is now SpyReveal. New sales company, identical product.

    The SpyReveal website is still under construction, however we made it urgent
    priority that the product and updates are delivered to our customers. The
    download links work, and updates are being distributed via SpyReveal.
    Additionally, the lifetime subscription requirement has been removed under the
    new name. SpyReveal is a lifetime product and you will never have to renew again.

    We hope to have SpyReveal available for general sale to new customers within a week.

    Answers to common questions - http://www.SpyReveal.com/faq.htm
    SpyReveal User's Manual - http://www.SpyReveal.com/scmanual.htm
    Adware vs. monitoring - http://www.SpyReveal.com/spyware-safety.htm
    Download the latest software version - http://www.SpyReveal.com/download.htm

    Regards,

    SpyReveal Team
     
  12. Blue Ring

    Blue Ring Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    100
    Thanks for the info Caspian, I wasn't aware they changed the name. The new name sounds kinda cool, I like it.

    I don't really understand where they say:
    "the lifetime subscription requirement has been removed under the
    new name. SpyReveal is a lifetime product and you will never have to renew again"
    So they're saying it is back to a one time purchase again? You just buy it once and never have to pay again?
     
  13. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Yes that's the way it sounds to me. A one time purchase with lifetime upgrades. As far as I know, it is the only anti-keylogger that specifically scans for the commercial keyloggers. More recently I have read that most of the anti-keylogger programs intentionally ignore the commercial ones because they have legitimate uses like for businesses. But in my opinion, that is a f*cked up policy because you know that they are also being abused.
     
  14. Blue Ring

    Blue Ring Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    100
    I remember when Spycop came out in 2002? or around that time (forgot actual year of release) and it was a one time purchase with free updates, then they changed it. So that would be interesting if they go back to the old marketing model.

    In regards to other antikeyloggers not detecting commercial keyloggers, I think maybe what your thinking of is many antivirus and antispyware vendors were not including keyloggers in their databases or they were calling them riskware or the like. I don't remember hearing about this issue with any antikeyloggers.

    In fact, in different tests I do every now and then with antikeyloggers, I find quite the opposite to be true - most antikeyloggers excel at finding commercial keyloggers. It's the AVs and AS that seem to often be very weak in this area.
     
  15. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    Thanks for drawing that distinction and correcting that misinformation. I agree, it is primarily the Antispyware vendors like MBAM and SAS who have been opposed to detection of commercial monitoring programs. I don't have any knowledge of whether the AV companies have decided for or against detecting them.

    I do think that (the former) SpyCop is exellent at what it does, because that is all that it does.

    And I am confused by the staement they are releasing... "Due to an ethics disagreement between vendor and distributor, the product that you knew as SpyCop is now SpyReveal. New sales company, identical product." I got the same email response to an inquiry I sent them when I went to update the program and noticed the new name. In all sincereity, I am a bit suspicious of the statement. Maybe cautious would be a better word, except what I feel inside is stronger than caution. And we sometimes have to go with our gut. For the time being, at least, I am not using SpyCop until I learn more. I don't mean that as a slight against the company, except to say that in my opinion, this changeover to SpyReveal isn't being handled very flawlessly. :)

    By the way, wouldn't it be nice to hear back from the OP? ;)
     
  16. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    Can you recommend any other antikeylogger programs?
     
Loading...
Thread Status:
Not open for further replies.