It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Sawing off logs: what do I do about a keystroke logger?

page: 1
1

log in

join
share:

posted on Oct, 31 2008 @ 11:05 PM
link   
For a long time surfing the net like a Viking of old, I went where I pleased, and cared not what sites I visited, or who might know what I was doing on the web. I've been posting a lot of controversial statements on this website in the 9/11 forum and I've always had an inexplicable interest in porn (whodathunkit?) which goes way back to the days of burlesque.

I have never called for anybody's assassination, for rebellion, for riot, for mayhem or even for mischief. I have never collected kiddy porn or sought it out. (Sometimes it is mixed in with other stuff so you can see links to it.) Other than that I believe that I have the right to look at anything I want to look at on the web. I am a sane adult with no criminal record.

Recently, after not having one for a long time, I installed a firewall on my computer. Today, for the first time, the firewall alerted me to something that was trying to activate some kind of .exe that was associated with a keystroke logger. The firewall recommended blocking the process, which I did.

Can any of the cyber elite, who frequent these forums tell me what is likely to be going on in this case? Who is watching me, the cops? Hackers? Kids with nothing better to do?

Also, does a keystroke logger leave a file anywhere on the computer that I can delete?

Is it possible for me to trace the URL of the person operating the keystroke logger?

Where (what folder) is the keystroke logger likely to be hidden on the computer?

Thanks for any responses.




posted on Oct, 31 2008 @ 11:15 PM
link   
THe firewall, if it is robust, will tell you everything about the program. Keyloggers are nasty. They steal passwords. If you do online banking then check your accounts.

superantispyware is a great free program I use to clean up

google it, try it

good luck

edit to add
www.hijackfree.com...

The above will show you what programs are running in the background.

[edit on 31-10-2008 by venividivici]



posted on Oct, 31 2008 @ 11:21 PM
link   
reply to post by venividivici
 

Thanks for the info. I'm thinking it might be wise to have a special dedicated computer for online financial transactions. I have an old laptop that I could probably use for that kind of thing.



posted on Oct, 31 2008 @ 11:26 PM
link   

Originally posted by venividivici
THe firewall, if it is robust, will tell you everything about the program. Keyloggers are nasty. They steal passwords. If you do online banking then check your accounts.

superantispyware is a great free program I use to clean up

google it, try it

good luck

edit to add
www.hijackfree.com...

The above will show you what programs are running in the background.

[edit on 31-10-2008 by venividivici]


ditto in the spyware vvv mentioned. I do a complete cleanup and scan every week or so after supposedly catching something according to Dell customer service. No problems since.



posted on Oct, 31 2008 @ 11:27 PM
link   
I've been waiting for a post like this, as I test software and ways to deal with malware on my offtime as a hobby.
Heres a post from a old guild I was in and people where getting hacked weekly from keyloggers.



#######Ten Commandments for Your Computer Sanity by Snift!####### 1. Dont assume anything. Make some time to learn about securing your system.
2. Acquire and use a reliable antivirus program. Select an antivirus that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.
3. Acquire and use a reliable firewall solution. Again, independent reviewers are your best bet for reasonable choices. Some operating systems come with a firewall which only filters incoming traffic. Use a firewall that can control both incoming and outgoing Internet traffic.
4. Do not open e-mails coming from unknown or distrusted sources. Many viruses spread via e-mail messages so please ask for a confirmation from the sender if you are in any doubt.
5. Do not open the attachments of messages with a suspicious or unexpected subject. If you want to open them, first save them to your hard disk and scan them with an updated antivirus program.
6. Delete any chain e-mails or unwanted messages. Do not forward them or reply to their senders. This kind of messages is considered spam, because it is undesired and unsolicited and it overloads the Internet traffic.
7. Avoid installing services and applications which are not needed in day-by-day operations in a desktop role, such as file transfer and file sharing servers, remote desktop servers and the like. Such programs are potential hazards, and should not be installed if not absolutely necessary.
8. Update your system and applications as often as possible. Some operating systems and applications can be set to update automatically. Make full use of this facility. Failure to patch your system often enough may leave it vulnerable to threats for which fixes already exist.
9. Do not copy any file if you don't know or don't trust its source. Check the source (provenance) of files you download and make sure that an antivirus program has already verified the files at their source.
10. Make backups of important personal files (correspondence, documents, pictures and such) on a regular basis. Store these copies on removable media such as CD or DVD. Keep your archive in a different location than the one your computer is in. If something happens and you think you may be infected by Viri/trojan/spyware/keylogger ect, download Highjackthis! from URL icrontic.com... , make an account on the site, do a system scan and post the log in the Spyware & Virus Removal section and they will fix you right up. Here I have listed a few good and free utilitys to keep your system safe, I have used a few but the majority of the people give them a thumbs up. **Spyware Removal** Ad-Aware 2007 - icrontic.com... (Older versions where decent, not tried the new one) CCleaner icrontic.com... (Uber program, reg cleaner, harddrive cleaner ect all in one, name stands for CrapCleaner
) CWShredder 2.19 - icrontic.com... (Only used for when you get the horrably annoying CoolWebSearch or CoolWWW spyware that refuses to die any other way) AVG Anti-Spyware 7.5.0.50 - icrontic.com... (Never used but AVG = nuff said) Spybot - Search & Destroy 1.4 - icrontic.com... (Have to be carefull with this one in advanced mode, it will dig and remove any and everything related to an ad or spyware on your system, even built in ones in the older MSN Messenger and they refuse to work but DEFANATLY does its job very well, also comes with IE guard,TeaTimer in the same package. Basicly a software-chainsaw, I never leave 127.0.0 without it) Anti-Virus AVG Free - free.grisoft.com... (arguably the best antivirus ever) Kaspersky 30 day Trial - www.kaspersky.com... (never tried it) Avast! 60 day trial, free after registration - www.avast.com... (never tried) If you decide to get one of each of those, perferably AVG Free,Spybot and if your really naughty, Zonealarm Free firewall, www.zonealarm.com... its a bit annoying with the question asking at first but i promise it gets better, just look at what wants access to the net, if your unsure, google it.


The best software I've used to date would be Comodo Firewall (free) AVG (free) NOD32 (not free) Highjackthis (free) Spybot SnD (free but showing its age) and RegRun Security if you're really paranoid, comes with 17 different programs to clean your system.
If you need any help, just U2U me.

#edit to make the post all prettyfied#

[edit on 31-10-2008 by Snift]



posted on Oct, 31 2008 @ 11:44 PM
link   
Thanks to both stikkinikki and Snift. Currently I am using AVG 8.xx (Free), Spybot S&D, ADAware (Free), WinPatrol, Comodo Firewall (Free), and have used Hijack This and CWShredder as needed. It looks like I have most of the good tools in the box already. I will have to download Superantispyware, CCleaner and RegRun Security and give them a try.

There is another interesting program which I had on another computer. It's called regshot. It can take a snapshot of the registry and compare it with a previous snapshot and tell you how the registry changed in the interval. You really have to be on top of things to make efficient use of a program like that, but it is an interesting diagnostic tool. Unfortunately, like a lot of people, I am not really methodical about computer security maintenance.

Thanks again for the responses.



[edit on 1-11-2008 by ipsedixit]



posted on Nov, 1 2008 @ 12:25 AM
link   
And don't use I.E.
Firefox 3x with noscript plugged in------no more driveby downloads and self installing scripts.
And remember---only 1 type of each for protection, if you don't want massive problems and a very slow computer.
1 AV
1 firewall
1 anti-spy/malware
Free ones are very good, but I prefer Zonealarm security suite for an all in one solution. Mccaffee and Nortons have caused me no end of problems in the past.



posted on Nov, 1 2008 @ 12:38 AM
link   
reply to post by gotrox
 

Recently, when I was having a lot of trouble navigating on this site, I switched to Opera, and for a while now I've run it on and off with IE. I can definitely notice a difference. IE is slow by comparison.

My current setup is pretty uncluttered, except for an overlap of WinPatrol and Spybot's Tea Timer. I noticed a big slowdown on startup when I started using Comodo Firewall, but it came highly recommended, especially as freeware. Money is an issue with me. I know that AVG is not the most thorough AntiVirus available but it also is highly recommended among the free stuff.

Thanks for the tips.



posted on Nov, 1 2008 @ 01:21 AM
link   
Install a keyscrambler program.
This is the one i use and its FREE.
www.tipandtrick.net...
www.download.com...

[edit on 1-11-2008 by ANNED]



posted on Nov, 1 2008 @ 05:38 PM
link   
reply to post by ANNED
 

Thanks for the links ANNED. I appreciate the help. I just got finished downloading the keyscrambler.



posted on Nov, 1 2008 @ 10:35 PM
link   

Originally posted by gotrox
And don't use I.E.
Firefox 3x with noscript plugged in------no more driveby downloads and self installing scripts.
And remember---only 1 type of each for protection, if you don't want massive problems and a very slow computer.
1 AV
1 firewall
1 anti-spy/malware
Free ones are very good, but I prefer Zonealarm security suite for an all in one solution. Mccaffee and Nortons have caused me no end of problems in the past.


Tried them all, over last two years. Norton is getting faster. However, NOD is sworn by for a lot of hacker/crack types, and personally Kaspersky lets NOTHING through. Sometimes for fun, go to different web-sites of SECURITY software makers, then have them scan your computer. Trend, Mcafee, Zone uses a Kaspersky version for it's anti-virus portion (internet security sweet), AVG, Norton. Again, personally, Kaspersky seems to win out in a lot of tests, and PERSONALLY, I have never been shut down with Kaspersky. ANyone tries to be sneaky, anything tries to run, etc; it gets prevented from executing "payloads." I think those who work for antivirus companies PROBABLY use Kaspersky.

--Depends on WHO the TS is, why he has a keylogger. IF a girlfriend put it there? Or a boyfriend? TOO many variables. Honestly, I like to get in there to take a look myself. A FREE tool that tends to find # NOTHING else does is on incodesolutions.com; "RemoveITpro." It won't be ACTIVE but is free to update and help with scans. VERY quick, VERY effective. That program has helped me repair EVERY computer people have brought to me that did not work anymore, lol. Small, little memory, quick. HOWEVER, Kaspersky is where it is at overall (read the reviews). 2008 version. The 2009 interface kinda bugs me, and I don't like the "ZONES" it puts things into; restricted, more restricted, etc. NOTHING is ever perfect but like somebody posted above; some BASIC common sense things can help a LOT.

edit: people can add "exceptions" so security software won't FIND the nasty. Example; an ex was cheating, I could not prove it, I put "KGB free edition" on there. I then went into Norton on that computer then made it IGNORE the files associated with it (scanned, it found it, then I told it to forget about that file in the future). The file kept working and security was preserved for other things. SOMEBODY close to the TS could do something similar. Also, there are some things out there that security companies and government coordinate to be LIKE THIS; not found. Hence, I would need more background information. MOST times, the "drive by" trojan dropper technique is to set up something larger (zombie bots that wait to carry something out for instance) OR to gather something VALUABLE such as credit card numbers.

[edit on 1-11-2008 by AdmiralX]



posted on Nov, 2 2008 @ 03:45 AM
link   
reply to post by AdmiralX
 

Thanks for the info. I haven't had the time in the last couple of days to really get out the weed whackers and go looking for whatever it was that upset my firewall, but this week I should be able to put some time into it.



new topics

top topics



 
1

log in

join