Spyware, Viruses, & Security forum

General discussion

Keyloggers - Whats the best program to scan for them?

by gjkiii / February 10, 2006 9:05 AM PST

Any thoughts on what to use? Thank you

Post a reply
Discussion is locked
You are posting a reply to: Keyloggers - Whats the best program to scan for them?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Keyloggers - Whats the best program to scan for them?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Keyloggers
by Marianna Schmudlach / February 10, 2006 10:03 AM PST

A Keylogger (KeyLogger, Key Logger, or Keystroke Logger) is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans).

A Key Logger normally consists of two files: a DLL which does all the work and an EXE which loads the DLL and sets the hook. Therefore when you deploy the hooker on a system, two such files must be present in the same directory.

More: http://www.pestpatrol.com/Support/About/About_KeyLoggers.asp

Collapse -
Keyloggers
by gjkiii / February 10, 2006 10:14 AM PST
In reply to: Keyloggers

Thanks for that Marianna. Is Probot Activity Monitor the best program to scan for keyloggers?

Collapse -
No.......
by Marianna Schmudlach / February 10, 2006 10:36 AM PST
In reply to: Keyloggers
Collapse -
Marianna
by marinetbryant / February 10, 2006 10:55 AM PST
In reply to: No.......

I had a post on advanced keylogger that was found by, of all people, AOL. My EWIDO hasn't detected it and it is paid and updated. I do trust my Ewido, though.

Tom

Collapse -
Tom...
by Marianna Schmudlach / February 10, 2006 11:19 AM PST
In reply to: Marianna

ewido finds:

Trojans and Keyloggers
No chance for thieves to steal your bank data and personal sensitive information by tapped Internet connections, remote controlled webcams or secret keyboard recordings.

I wonder what AOL found if ewido didn't find anything Wink

Collapse -
Marianna
by marinetbryant / February 10, 2006 9:49 PM PST
In reply to: Tom...

It doesn't give any details, just says advanced keylogger blocked at this time, this day. But thanks for reenforcing my faith in Ewido!

Tom

Collapse -
If I add Ewido.....
by gjkiii / February 10, 2006 11:02 AM PST
In reply to: No.......

If I add Ewido to my computer which currently has AVG, Searchbot,
AD-aware, and Microsoft Antipyware will I get conflicts? Also is this overkill to have all 5 of these programs?

Collapse -
IF you add ewido.....
by Marianna Schmudlach / February 10, 2006 11:17 AM PST
In reply to: If I add Ewido.....
Collapse -
Evido
by gjkiii / February 10, 2006 2:00 PM PST
In reply to: IF you add ewido.....

Thank you for all your help marianna. I installed Evido. You mentioned running it on demand. I notice it still shows up in my tray. It does not show up in my msconfig or startup folder. How do I remove it from the tray? Thank you

Collapse -
Hi, I'm not Marianna but to answer your
by roddy32 / February 10, 2006 8:32 PM PST
In reply to: Evido

question, it shows up in the tray because the "Process Guard" is on for the first 2 weeks after you download it. To disable the guard, which should also remove it from the tray, open the program and there is a list titled "additional" on the front of the program. Click where it says "Remove Guard" and follow the prompts. You MAY have to reboot after that, I don't remember, it's been a long time since I had to do this myself. Once that is done, you can still use the scanner whenever you want, just click on whatever program shortcut you have for it. One further note. After the first 2 weeks is up, you will also lose the automatic updating but you can use the manual update button which only takes a few seconds unless it is a full database update which is rare. We post the updates in our "Updates" thread here in this forum if you would like to check that periodically. Ewido normally updates 2 or 3 times a day.

Collapse -
(NT) (NT) Thanks Roddy
by gjkiii / February 11, 2006 12:45 AM PST
Collapse -
(NT) (NT) You are welcome. :)
by roddy32 / February 11, 2006 12:56 AM PST
In reply to: (NT) Thanks Roddy
Collapse -
EWIDO
by marinetbryant / February 10, 2006 11:20 AM PST
In reply to: If I add Ewido.....

I have Ewido, NOD32, Adaware SE Plus, AdWatch, MS Beta, Spyware Blaster, Outpost Firewall and whatever AOL throws into the mix.

Tom

Collapse -
Which provides better protection, The Cleaner or Ewido?
by Harv / February 10, 2006 3:25 PM PST
In reply to: Keyloggers

I installed The Cleaner about 3 years ago, when you brought it to my attention in this forum. So far, I've never had any problem with trojans. Do you think Ewido is a better application for protection against trojans, worms, keyloggers, etc.?

Collapse -
They are both good Harv but ewido
by roddy32 / February 10, 2006 9:57 PM PST

seems to remove more lately than the other trojan programs. It is only a little over a year old but is an excellent program. BUT if the Cleaner has worked for you for 3 years, I see no reason to change. If you ever got infected with something that ewido would remove but the Cleaner wouldn't you could download it at that time.

Collapse -
Is it overkill to have both trojan applications on my pc?
by Harv / February 11, 2006 4:40 AM PST

I did have Ewido installed on my pc for the 14-day trial period. After that time period, realtime monitoring ceased. So I uninstalled Ewido, because all I had was a manual trojan scanner. Sad

Collapse -
You only want one of them
by roddy32 / February 11, 2006 4:51 AM PST

for realtime anyway IMO Harv. I would feel more comfortable also having ewido as a backup but with the guard disabled so you have a backup scanner and only use it of you need it. It is not totally necessary but I would not call it overkill either. I've personally got quite a number of emergency programs on my own computer that I rarly use except to keep them updated but I have them on hand for an emergency. The reason I do this is that some malware will not let you download things which you would not have to do if you already have them, on the computer. As long as space is not an issue for you, I see no harm in having extras. I also do it so I know how to use the programs so I can answer questions about them if need be. Happy

Collapse -
Can you still get updates after the trial period?
by Harv / February 11, 2006 7:58 AM PST

Roddy, I agree with you about having a backup trojan application, so I just re-installed Ewido. I un-installed it awhile back, because Realtime Protection and Automatic Update options became inactive after the trial period. Since I don't intend to purchase it, will I still be able to download the updates manually, when the trial period ends, in order to keep the definitions current for an on-demand scan?

Collapse -
Yes Harv, you can get the updates
by roddy32 / February 11, 2006 8:08 AM PST

manually and they only take a few seconds to download unless it is a full datebase update which is rare. I always post the updates in the updates thread every day. It updates usually 2 or 3 times a day on the week days and a little less often on the weekends. If you are only going to use it to scan, you actually only have to make sure it is up to date when you do the scan.

Collapse -
Does Ewido free version offer ANY protection after the
by Harv / February 12, 2006 4:41 AM PST

trial period expires? I noticed Realtime Monitoring ceased after 14 days, so I assumed the application was no longer protecting my pc against spyware, etc. Also, Automatic Online-Update ceased and I was unable to find a way to manually update the definitions (i.e., an Update button). For these reason, I uninstalled the application.

Collapse -
I just found the Update button in Ewido.
by Harv / February 12, 2006 4:44 AM PST

Don't know how I could have missed it! LOL

Collapse -
LOL, The answer to your other question Harv is
by roddy32 / February 12, 2006 5:55 AM PST

yes, the realtime monitoring ceases but you will have the scanner and it will be updated when you hit the button now that you have found it. LOL

Collapse -
Thanks, roddy.
by Harv / February 12, 2006 8:17 AM PST

I guess I'll have to be content with just a spyware scanner after the 14 day trial period ends, if I don't want to pay to play. Happy

Collapse -
I thought that was all you
by roddy32 / February 12, 2006 9:54 AM PST
In reply to: Thanks, roddy.

needed was a backup because you said you already have the Cleaner if I remember correctly?

Collapse -
SnoopFree Privacy Shield
by Alphalutra1 / February 11, 2006 8:58 AM PST

SnoopFree Privacy shield is a free product that will actively warn against key loggers and programs trying to read your screen, and will allow you to block them, and delete the file. Its a proactive approach, so you never will get a keylogger instead of getting one having it translate all of your data, then deleting it. Its available here http://www.snoopfree.com/PrivacyShield.htm

Collapse -
Sounds interesting...
by gjkiii / February 11, 2006 1:40 PM PST

Sounds like a good program though when I searched for it on this forum I did not find anything on it.

Collapse -
Google "Snoop Free Privacy Shield" to see what some ...
by glenn30 / February 11, 2006 10:57 PM PST
In reply to: Sounds interesting...

are saying... especially the Lockergnome site. CAUTION may be in order.

Glenn

Collapse -
It does conflict with DEP
by Alphalutra1 / February 11, 2006 11:07 PM PST

Winblows SP2 has a built in feature called Data Execution Prevention. It has a tendency to conflict with the SnoopFree. You just need to set both of its processes to the ignore list on DEP and everything will be fine. I had NO problems whatsoever unistalling it.

If you want an alternative which is truly awesome and has so many more features, try out Online Armour from Tall Emu. It is a sweet product, blocks all keyloggers, protects your personal data, tracks whatever a program does to your system and allows you to change those things it did, etc. It isn't free however. Try out the 30 day trial, you might fall in love with the program.

Alphalutra1

Collapse -
SnoopFree Doesn't uninstall & can't be deleted
by dlsears / July 12, 2006 2:27 PM PDT

I can't get rid of this program. It acts just like malware because it constantly reinstalls itself to Windows XP SP2 C:\windows\system32

Anybody got any ideas about how to delete it?

Collapse -
SnoopFree uninstall
by Marianna Schmudlach / July 12, 2006 3:35 PM PDT

How do I uninstall SnoopFree Privacy Shield?
To uninstall SnoopFree Privacy Shield, follow these steps:

Click on Start -> Control Panel -> Add or Remove Programs
Scroll down until you find SnoopFree Privacy Shield in the list of installed programs.
Click on SnoopFree Privacy Shield and then on the Change/Remove button to start the uninstall process.

http://www.snoopfree.com/faq.htm

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Big stars on small screens

Smosh tells CNET what it took to make it big online

Internet sensations Ian Hecox and Anthony Padilla discuss how YouTube has changed and why among all their goals, "real TV" isn't an ambition.