Keyloggers - does antivirus detect them

Discussion in 'Security Software' started by Spin, Dec 5, 2006.

  1. Spin

    Spin Guest

    Gurus,

    If you visit a malicious web site and a key logger gets downloaded to your
    computer, does the typical Antivirus client detect it? How about if someone
    surreptiously installs a keylogger on my computer when I am not around? My
    computer is open and I live with a lot of roommates.
     
    Spin, Dec 5, 2006
    #1
    1. Advertisements

  2. From: "Spin" <>

    | Gurus,
    |
    | If you visit a malicious web site and a key logger gets downloaded to your
    | computer, does the typical Antivirus client detect it? How about if someone
    | surreptiously installs a keylogger on my computer when I am not around? My
    | computer is open and I live with a lot of roommates.
    |

    Yes. Traditional anti virus companies do very well in detecting Keylogging Trojans.

    If you have mnay 'mates around LOCK DOWN this system. Do not share it. Keep it password
    protected with "strong" passwords. If it is a notebook, lock it away in a safe place. I
    have seen too many posts were 'mates take adavatage of a good willed person and perform
    malicious activity.

    You can use the following to scan your computer...


    Download MULTI_AV.EXE from the URL --
    http://www.ik-cs.com/programs/virtools/Multi_AV.exe

    To use this utility, perform the following...
    Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
    Choose; Unzip
    Choose; Close

    Execute; C:\AV-CLS\StartMenu.BAT
    { or Double-click on 'Start Menu' in C:\AV-CLS }

    NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
    FireWall to allow it to download the needed AV vendor related files.

    C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
    This will bring up the initial menu of choices and should be executed in Normal Mode.
    This way all the components can be downloaded from each AV vendor's web site.
    The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

    You can choose to go to each menu item and just download the needed files or you can
    download the files and perform a scan in Normal Mode. Once you have downloaded the files
    needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
    during boot] and re-run the menu again and choose which scanner you want to run in Safe
    Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

    When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
    file. http://www.ik-cs.com/multi-av.htm

    Additional Instructions:
    http://pcdid.com/Multi_AV.htm


    * * * Please report back your results * * *
     
    David H. Lipman, Dec 5, 2006
    #2
    1. Advertisements

  3. Hi,

    Keylogers would need administrative permissions to install on the system.
    Don't browse, read e-mail etc. with this permissions. This should also
    eliminate most of other malware (spyware, viruses, .)

    Browsing the Web and Reading E-mail Safely as an Administrator, Part 2
    http://blogs.msdn.com/michael_howard/archive/2005/01/17/354708.aspx

    Antivirus will not detect hardware keylogers that can be attached to the
    computer if (when) you leave it unattendent.
     
    Miha Pihler [MVP], Dec 5, 2006
    #3
  4. Spin

    Bogwitch Guest

    Hi,

    Whilst Miha is correct, it is worth noting that if your roommates have
    unsupervised, physical access to your system, then it would be trivial to
    aquire administrative permissions on your system.

    With these administrative permissions it would be possible to test several
    keyloggers to find one that is not detected as malware or to ensure that the
    keylogger is not checked by the anti-virus software, perhaps by placing the
    file in an Alternate Data Stream or by placing the executable name into an
    exclusions list within the AV software.

    To mitigate some of the risks of physical access, you should consider as a
    very minimum, securing your case with a good padlock, ensuring you have a
    BIOS password and that your system is configured to boot from the C: Drive
    only.

    Miha mentioned hardware keyloggers. A quick visual inspection should alert
    you to the presence of a hardware keylogger. However, it would not be a
    difficult task to build the keylogger directly into the keyboard.

    In short, if an attacker has physical access to your system, it is only a
    matter of time before they will have electronic access to your data.

    Hope this helps,

    Bogwitch.

     
    Bogwitch, Dec 5, 2006
    #4
  5. Spin

    S. Pidgorny Guest

    G'day:

    Unless full disc encryption (BitLocker on Vista, or a 3rd party product) is
    used.
    Still they can install hardware key logger. With some creativity - _inside_
    the computer case.
     
    S. Pidgorny, Dec 6, 2006
    #5
  6. Spin

    Bogwitch Guest

    Inside the keyboard would be easier, IMO.

    bogwitch.
     
    Bogwitch, Dec 6, 2006
    #6
  7. Spin

    stevengerrard223

    Joined:
    Aug 29, 2013
    Messages:
    10
    Likes Received:
    0
    It's not that difficult to detect or find a keylogger on your computer. There are plenty of anti-spyware program from Internet, you can deep search from Google and try one. I have just killed a myjad keylogger and I feel Good:)
     
    Last edited: Oct 14, 2013
    stevengerrard223, Aug 29, 2013
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.