detecting keyloggers - Page 2
Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: detecting keyloggers

  1. #11
    Junior Member
    Join Date
    Nov 2007
    Posts
    4
    thanks for all the info guys...

    how about UnHack me? my brother in law discovered this one recently and recommended it... anyone tried it before?

  2. #12
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    I googled 'unhackme forums' and this is one of the posts I came across.

    UnHackMe 4.5 released on September 11, 2007

    And here is the conclusion of my great experience with it:

    If you are not going to purchase a license don't even think to install the trial, it will jump in your face every very few seconds asking for registration.

    I installed and uninstalled after less than 30 minutes in which registration window jumped in my face more than 30 times

    A very ugly way to make sales and I think a rootkit, trojan, or virus is very welcome when compared to that ugly and terroristic registration window

    They must change it's name to: " ReHackMe 4.5 times/minute " this is more realistic
    So downgrade to version 1 if you need to be hacked only 1 time/minute
    I think that version 4.5 is quite enough, please developers no more higher versions
    another review said that it disabled the users keyboard, and they had to do a system restore to get it back... I am not sure of these user's level of expertise, but I would stick with some of the free ones that JP or I mentioned.

    Westin
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  3. #13
    Junior Member
    Join Date
    Jun 2006
    Posts
    8
    Try using Icesword, gmer, Helios.

  4. #14
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    AVG also do an anti-rootkit product:

    http://free.grisoft.com/doc/download...otkit/us/frt/0

    A-Squared used to be pretty good at detecting keyloggers:

    http://www.emsisoft.com/en/software/free/

    Here is a site with a wide range of detection and prevention software:

    http://www.antirootkit.com/software/index.htm
    Last edited by nihil; November 5th, 2007 at 07:43 PM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #15
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    ...But even if they are rootkits, they should still be detectable and with a root kit scanner. Even rootkits need to store data somewhere, and that would show up as a discrepancy in a rootkit scan, wouldn't it?
    That *used* to be the case. Next gen keyloggers don't store anything, they merely forward it off. Memory Resident weaponized rootkits are growing fast. Automated tools are 50/50 at best in today's crimeware arena. The good 'ole days of using automated tools to be a security practitioner are over folks.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  6. #16
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    But suppose you're not connected to the web when you type something? Does that mean this new generation can't store the info to forward when you ARE connected?

  7. #17
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    Quote Originally Posted by JPnyc
    But suppose you're not connected to the web when you type something? Does that mean this new generation can't store the info to forward when you ARE connected?
    The answer is, it depends. If the code is written to grab targeted data, it can sit in memory until a socket is established. Of course there will be limitations on the collected data until there is a connection established.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  8. #18
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi TH13,

    I am getting a little confused . Are we talking about RAM here? As far as I know that can be scanned and dumped so detection and elimination are possible? For example, wouldn't a reboot get rid of it?

    I have read about other possible malware infections that involve the various memory locations in a box that hold stuff like the BIOS and the low level firmware for peripheral devices. I guess this would include CD/DVD drives and video cards. AFAIK these memory locations can be flashed, so in theory they could be infected.

    I am guessing that because those memory locations are not "volatile" the malware could be made to run and load into RAM whenever the host device was started.

    I am not aware of any of the commonly used anti-malware tools that scan or lockdown these memory locations?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  9. #19
    Junior Member
    Join Date
    Jun 2006
    Posts
    8
    Thats because i dont believe they exist nihil. I have not run across any program that can lock them down. Or scan them for malware.

  10. #20
    Senior Member JPnyc's Avatar
    Join Date
    Jan 2005
    Posts
    2,734
    Some people, and even some security articles I've read, extol the use of virtual keyboard to thwart key loggers. As we all know, when a key is pressed on the keyboard it sends a keycode identifying which key was pressed. It seems to me it wouldn't matter how that keycode was generated, when it comes to logging. So a virtual keyboard, or even voice recognition software, would still be vulnerable to key loggers, yes?

Similar Threads

  1. Defeating Keyloggers
    By bat21 in forum Newbie Security Questions
    Replies: 6
    Last Post: March 24th, 2006, 12:05 AM
  2. Password-stealing keyloggers skyrocket
    By intmon in forum Security News
    Replies: 1
    Last Post: November 21st, 2005, 07:09 PM
  3. Spyware Keyloggers
    By Relyt in forum Spyware / Adware
    Replies: 3
    Last Post: April 15th, 2005, 05:27 AM
  4. Detecting Rootkits And Kernel-level Compromises In Linux
    By MrLinus in forum *nix Security Discussions
    Replies: 0
    Last Post: November 18th, 2004, 09:08 PM
  5. About Keyloggers
    By strandedthinker in forum Newbie Security Questions
    Replies: 3
    Last Post: March 1st, 2003, 06:52 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •