Anti-Keylogging Recommendations? 179
BeeazleBub writes "A friend asked me about the best programs to detect and remove spyware/logging/monitoring software that might have been placed on her computer by a spouse. Since there are a plethora of good and bad programs out there, I thought I would ask the slashdot crew for their recommendations. What is simple, reliable and most effective? I'm sure some of you have had the same question or circumstance. (No, booting from a Linux CD is not an option for this user)."
Most Worthless Ask Slashdot Ever. (Score:5, Insightful)
It's a domestic dispute that no one wants to get into. The obvious solution, to own your computer with free software, is not an option. All that's left is to delve into the cesspool of Winblows "solutions" and other inappropriate technical answers to an environment of broken trust.
Re:Most Worthless Ask Slashdot Ever. (Score:5, Insightful)
Re:Most Worthless Ask Slashdot Ever. (Score:5, Interesting)
Too true.
Nowadays, if you need a "trusted" computer, think about getting a Mac Airbook that you can slip into a folder in a filing cabinet when not in use, or keep with you all the time.
Using a laptop raises the hurdle for installing a hardware keylogger (they're usually just dongles that sit between the keyboard and the computer), and using OS X should raise the bar a bit to install malware (not that it doesn't exist, it just might be more difficult to find, and navigating in OS X will be more challenging for a user not use to it).
Using a small footprint laptop (like the Air), means you can hide it "in plain site", or in a place you can ensure physical control over (although personal control trumps al others for security).
Realize that unless you're using encrypted protocols to browse web sites or send/receive email, your traffic could still be intercepted on the network, but that again requires a more sophisticated user than the average "Spouse who installed a keylogger".
Re: (Score:2)
Re:Most Worthless Ask Slashdot Ever. (Score:5, Insightful)
Honestly, if you're at the point in a relationship where you're spying on each other, it's time to just throw in the towel and find a partner you can trust.
Re: (Score:2)
All that's left is a band of gold
All that's left of the dreams I hold
Is a band of gold
And the dreams of what love could be
If you were still here with me
Re:Most Worthless Ask Slashdot Ever. (Score:5, Insightful)
Sorry, gotta call utter bullshit on this one.
Seriously, if you are in an abusive relationship, LEAVE. Leave before it gets worse, leave before it injures or kills you.
A psychologically abusive relationship is just as bad as a physically abusive one -- perhaps worse, because the victim is led to believe a pack of lies that keeps them from leaving.
There is no reason to stay married in this situation. If you're worried about the whole "till death do us part" thing, consider that the abuser broke the vows first by failing to love and honor.
Re:Most Worthless Ask Slashdot Ever. (Score:5, Insightful)
Re: (Score:2)
Re: (Score:2)
Divorce is only causes unhappines because of the arbtrary rules and government sticking it's nose in and keeping conceps like alimony alive. If it were easier to people to end a marriage, I say people would be happier overall. Y
Re: (Score:2)
Not so clear-cut at all... (Score:2)
Who said anything, about the relationship being abusive? There is evident lack of trust, but "abusive"?..
Uhm, a bit of fear-mongering, but Ok...
Hold on, how can something, that can not kill you, possibly ever be "as bad or perhaps worse", than something, that can?
Re: (Score:2)
Unfortunately, many people still cling to the romantic notion that a person can be "changed" (especially through "love"), and that even the most deranged psycho will eventually turn into a normal person if given enough "love".
Re: (Score:2)
The implied attitude of "Too late! You should've thought of that before you got married!" is extremely unhelpful and is part of what causes physically and psychologically abused people to stay with their abusers.
Marriage is a voluntary partnership, not a slave contract. If either side fails seriously in their commitment, the partnership is null and void, and either party is free to associate or disassociate as they see fi
Re: (Score:3, Insightful)
Re: (Score:2)
That said, it's a totally ridiculous explanation for what is obviously a real dysfunctional relationship.
I think the idea that people's marriages are "their own business" is so deeply ingrained in our culture that we come up with whatever wacky fantasies we have to to justify not offering support when someone'
Re: (Score:2)
Marriage is "til death do you part", not "until we aren't happy anymore."
That's how I intend on my marrige to be when I eventually get married...
...However; such a statement ignores the harsh reality that there are real situations where a marrige must end. My mother has 12 brothers and sisters. Even though the family believes that marriage is "til death do you part", there were some abusive situations where the marrige had to end. No one should have to wait for death in order to get away from an alcoholic; or to avoid a mistake made at a very young age.
Re: (Score:2)
I'll bet there's a good back story (Score:5, Insightful)
Here's the answer. She's trying to solve a human problem with a technical solution. It won't work. If she has to use a suspect windows computer, there's no software that will guarantee it's clean. It can't be done.
And if you can't trust the person you're married to, your main problems in life aren't computer problems.
Re:I'll bet there's a good back story (Score:5, Insightful)
I agree. My first thought was "don't get involved."
Even if you think the husband is a spouse-abusing homicidal maniac, don't do this. If there is evidence, turn him into the police. Otherwise stay out.
She can google it. She can take it somewhere (like Best Buy, Circuit City, etc). I know their terrible, but hey. If they work things out, you are the guy who tried to help her get out of the marriage. That won't ender you to him. If things go farther, how do you think you'll be treated if there was a key-logger and your solution didn't work? If there is no key-logger and she is just reaching and scared and overwhelmed, then playing into that could make things worse (in the harder for them to get together and fix their marriage if possible sense).
She can use another computer, reinstall Windows, whatever. Don't get in the middle of someone else's fight (unless it is to save their life or some such, in which case, again, call the police). I seriously doubt doing this will make your life easier in any way.
Tell her to go to a private eye. Talk to a (better) divorce attorney. But tell her you don't want to get involved in this.
Re: (Score:3, Interesting)
Either way, your and the GP's comments are spot on. There isn't a technical solution to a social problem.
Re: (Score:2)
If they work things out, you are the guy who tried to help her get out of the marriage.
For what it's worth -- be aware that interference in someone else's marriage is a tort in some states. Which means that, if alleged in court, the other spouse can sue you for damages.
Do you want to wind up in court and potentially paying for someone else's divorce? (To say nothing of a charge of adultery, which is still a crime in some states and can conceivably lead to jail time.)
Re: (Score:2)
That said, the setup is stupid. Either wipe the damn thing, or well.. wipe the damn thing.
Seriously, it takes 4 hours at most to get windows installed, drivers, and service packs. The only reason not to do that would be pirated software, and well, you get what you pay for eh?
Even FINDING a keylogger isn't going to do anything, if there is one, IT DOESNT PROVE THE SPOUSE DID IT. It could always come in through a hole of some kind. (If the gal is dumb enoug
Re: (Score:2)
Re: (Score:2)
Actually that didn't occur to me at all. If that's the case... then the poster needs to stop trying to break up a marriage. How to remove a keylogger is far besides the point.
Re: (Score:2)
As I said. If she is being beaten or abused, that's one thing. Help her out. But if that's the case, she needs out NOW, not to play little games like "Is there a keylogger on my computer".
If it's just a normal "I'm not happy"/"I don't like you"/"why did you sleep with my sister" type thing, just stay out. Don't get involved in the petty details. It may just be a big fight they could work through if they didn't have all sorts of people supporting them breaking up and making it easier. The same people who di
Re: (Score:2)
I'd like to know why "booting from a Linux CD" isn't an option, though. Even if she has to use Windows for something work related, if she's doing anything where she wants privacy, what's wrong with a LiveCD? You can use AIM and Firefox. A LiveCD and a thumbdrive she can hide for files would work pretty well for that, and she doesn't have to be that bright to do it.
Re: (Score:2)
Re: (Score:3, Informative)
There's a reason I directly quoted the summary; I recognize THAT it's not an option. Why it's not an option is the question.
Re: (Score:2)
Learn to read. I'm clarifying that I want to know something about the topic. That's pretty on topic. I mean, seriously:
"I want to know why:" followed by a line from the summary is offtopic? Whatever you're smoking, you better be sharing.
Re: (Score:3, Insightful)
You are absolutely right, which pretty much ends this discussion right there.
Normally I'd suggest to do a complete Windows reinstall (assuming you have to run Windows), or install Linux, but you can't trust a Linux machine either, if others have physical access to them (and they know what they're
Divorce. (Score:5, Insightful)
whoops (Score:2)
Re: (Score:2)
I guess I'm old-fashioned, but I'd have thought that another option would be to work on fixing the root problem, rather than just bailing on the relationship.
Divorce (Score:3, Insightful)
Re: (Score:3, Insightful)
"Trust" means "I trust that I know my partner, and know what they are capable of and what they can be relied upon."
It does NOT mean "I trust my partner to do X."
For example, my wife can't trust me to take out the trash, and I can't trust her to change the oil in our car. Does that mean we should get a divorce?
Re: (Score:3, Insightful)
If you need to monitor everything someone does then you don't trust them.
Re: (Score:3, Informative)
"If you have to monitor someone, you don't trust them."
And staying stuck in that relationship isn't healthy. Even the Catholic church allows for divorce in the case of adultery.
Re:Divorce (Score:4, Insightful)
Re: (Score:2)
Format disk (Score:4, Informative)
Re: (Score:2)
that's the least of her problems (Score:4, Informative)
1) Isn't this missing the forest for the trees? If a marriage is so lacking in trust that she thinks her spouse is spying on her, there's a problem. If her spouse actually did install such a thing, there is similarly a problem. This is a much greater problem than the software itself. If she wants to save the marriage, this is the sort of situation where a counselor or similar trusted third party could be very helpful.
2) If the logger or other software is indeed there, what is she worried about him discovering? If she's just (rightfully) angry about the installation of this software, and trying to demonstrate a point by removing it, that's one thing. But if there actually is something she wants to hide, again this is a far bigger problem in the relationship than the software.
Good luck to your friend. This sounds like a tough spot to be in.
Re:that's the least of her problems (Score:4, Insightful)
Re: (Score:3, Interesting)
Perhaps she is trying to gather valuable information for the divorce.
If that was the case, then a detached 3rd party who is a specialist in the field should be doing the forensics.
If she takes the computer in for repair with claims if running slow and suspect being the target of a directed attack, then that can be used as evidence.
If joe schmoe guy who is her friend does the same, the court would most likely ignore or strike that evidence out, and also gives the husband an attack vector by claiming this guy planted it to undermine their marriage or trying to get into her pa
No luck (Score:3, Insightful)
A small Asus EEE PC with a encrypted SSD, grub/bios password and hidden away may allow the person to communicate in secret with some measurement of security against non-technical opponents with limited resources, if the person is able to use some kind of SSL proxy so that the data can't be sniffed easily. Tempest attacks or even simple hidden cameras may spoil even that.
So, get a divorce instead.
--
Regards
Simple (Score:5, Funny)
From my own experience, Tin foil hats are good, but access to the government computers to make sure they aren't after you is more comforting to me.
Note to federal agents: I have not gained access to your computers. And you might want to change your desktop wallpaper, scantily clad women on a work computer is just begging for a lawsuit.
First Thing... (Score:2)
Lastly, the guy should divorce her. If she's spying on him its to find grounds for a divorce that will net her a nice chunk of change in the settlement. Probably saying something stupid like he's surfing porn (what guy doesnt?) is the sam
Re: (Score:2)
Anyway, several people here have already stated the blindingly obvious, and I'll agree with it 100%. If things are to the point where this is even a question, then the marriage is doomed. She doesn't trust him to not spy on her, and if he IS spying, then he doesn't trust her. Communication Fail and Trust Fail built i
Impossible (Score:3, Insightful)
There's no way to be 100% certain that nothing's being logged. Possible data gathering points:
No, there is no software you can run that will tell you if you're being monitored, by virtue of the fact that such software is impossible.
Have her get a cheap laptop - maybe an Eee PC - and configure OpenVPN to a friendly router. You're a geek, right? If you're serious about her privacy, make it happen.
Re:Impossible (Score:5, Informative)
Re: (Score:2)
Well, I meant those as examples, not an exhaustive list. But yeah, there's an almost unlimited number of ways an attacker could get information.
Oh, and another protection: format the drive, re-install Windows, and immediately install TrueCrypt to encrypt the entire drive (same idea for Linux, but the original question was for Windows). That should go a long way to prevent non-hardware attacks.
Ugh, didn't anyone read Cryptonomicon? (Score:3, Insightful)
Obviously you just modify your space bar and numlock LED drivers to perform all I/O in morse code.
Then you type in and display bunch of misleading information to entrap the eavesdropper into doing something silly / stupid / illegal and nab 'em on it.
As far as still being able to check your email and bank accounts and stuff without compromising your passwords, just set up some kind of password vault that uses biometric authentication or something so you never have to type in your actual login / password on the untrusted machine. You'd have to do the setup for the private key and all on a trusted system of course.
Is the spouse out of the house? (Score:4, Interesting)
Any networking hardware like routers that could be compromised would need to be replaced or reflashed. Since she doesn't have the capability of dealing with a boot CD, her only option is third party intervention or going to the library to use their computers.
We're missing too much info...
How tech savvy is the spouse? Does he still live there? What kind of network setup is being used? etc. etc.
No LiveCD, but a floppy? (Score:2)
Re: (Score:2)
And hey! If it bootable from USB or anything - your choice!
In any case you can upgrade from 11.0 to 12.0 anyway. (Although I don't see any reason why anyone would want to update kernel and glibc)
Go pen and paper (Score:2)
And nuke the site from orbit. It's the only way to be sure.
Cant use a liveCD? (Score:2)
On either system good virus scanner will keep you covered from 95% of keyloggers so your fine unless you married a geek, but if you married a geek you'd be running linux/bsd anyway (possibly with a custom filesystem)
A friend.... (Score:4, Insightful)
Re: (Score:2)
A friend asked me about the best programs to detect and remove spyware/logging/monitoring software that might have been placed on her computer by a spouse.
When trying to be vague, as this person is, the whole "on her computer by a spouse" is really too much information. Should we really care that it was the spouse? Isn't it equa
Re: (Score:2)
Actually, I think "spouse" is pretty relevant. Think your babysitter's digging through your hard drive? Get a new one. Don't trust your maid? Get a new one. Landlord gives you the creeps? Move. But it'd be a whole lot harder to just get rid of a spouse (ask Hans), and the emotional consequences for doing so are hopefully more significant than deciding not to hire the same plumber next time.
A couple things to think about (Score:2)
For software keyloggers, you can use a tool like SpyBot [safer-networking.org] to try to find them -- however, I can't guarantee it'll find your specific keylogger, if there is one. There's probably better software at this point, but I haven't used Windows in years.
Another option is to use Windows' built-in search, and search for files modified in the past couple days. If there's a keylogger, odds are its log files will show up. I've accidentally found a keylogger on a friend's computer this way.
Another option is to use a liv
So Let's Summarize... (Score:3, Insightful)
Gets from
Easy "divorce" answer... (Score:2)
It's also badly missing the realities.
If there's that much paranoia, odds are one or both parties are moving towards divorce but know they need to do a bunch of things to either avoid getting screwed in the process (or, if they're malicious, screw the other side).
From experience with friends going through divorce, you should really be doing a bunch of things before you turn the cold war hot:
You should ensure there's money to pay for l
Re: (Score:2)
The courts care about;
- kids
- assets
- giving as much (of the two above) to women as possible
Yeah, if you are thinking your marriage is rotten, there's good reason to get proof to motivate you to end it. But, photos of a spouse at a hotel mean exactly dick in divorce court. They might mean something for child custody, but that's about it.
Why do... (Score:4, Funny)
"A Linux live CD is not an option". Bullshit. You windows-swilling pansy, grow some balls and try Linux. It won't kill you, it won't make you gay, and it won't rape your dog. Are you terrified of being free from >99% of viruses/trojans/spyware/adware/rootkits? Is there some kind of Stockholm syndrome going on here? You LIKE it when windows beats you, don't you? You hide the bruises, that's why you always wear those sweaters.
You sick, twisted fuck.
Re: (Score:2)
My dog still hasn't forgiven me.
Re: (Score:2)
My dog still hasn't forgiven me.
The flag you want is --NO_VIOLATE_FIDO
detecting malware .. (Score:3, Informative)
The only sure way is a clean install or re-imaging from a hidden partition at boot. Something that would be a pain to set up and probably wouldn't even work with the current incarnation of Windows.
Your bet bet is to get your friend to install these Sysinternals [slashdot.org]">utilitys and see if they can detect the keylogger by its activity. Monitoring activity [wireshark.org] at the firewall is also a good place to detect suspicious activity.
What is it about Windows that your friend absolutly needs to use. Are there alternatives [slashdot.org] out there.
If you absolutly can't survive without Microsoft applications then why not use a version of Linux that comes with CrossOver [codeweavers.com], this allows Windows applications to run natively on Linux, without the the same level of malware threat. Eg, by clicking on an URL or opening an email attachment.
Re: (Score:2)
Well, yea, but it's virtually impossible to infect a locked down Linux, by clicking on a URL or opening an attachment. The worst that can happen is compromise of the users home dir and not the whole box.
An embedded OS with the user running in a virtual machine would be a solution. In theory, once you reboot any malware is flushed from the system.
I've user the restore from hidden partition solution, while it is a pain, it does work a
use a computer outside the home (Score:3, Insightful)
I did a website for a women's aid group ("WA"), they wanted information about how to keep it hidden from an abusive partner that the women were in touch with WA. I did a review of what the national centers gave as advice, including details of removing history files and such. In the end I settled for the only method being to use a public computer (eg at a library).
Someone else can spy on you for sure, but unless your partner works at the City IT center or for the library (or wherever) then it's not going to be your partner spying on you.
If you _need_ to get out the house and contact someone and your being abused and can't - please call directory enquiries and contact your local Womens' Aid organisation. They can advise you, give you temporary accommodation in a safehouse, help you talk to the police, help you seek mediation; basically empower you to take back control of your situation.
Re: (Score:2)
But yes you're probably right, husbands are generally considered to be capable of looking after themselves - violent abuse perpetrated by females is not (apparently) that uncommon.
Here are some good ones.... (Score:4, Informative)
I have been fixing Windows computers for over 10 years and can suggest the following programs from personal experience. There is no guarantee that they will find all keyloggers but they will detect the progs you find by using google.
1) Spybot Search & Destroy (free) http://www.safer-networking.org/ [safer-networking.org]
This is a spyware checker, cleaner. It will also find keyloggers and screen capturing software
2) Antivir (free for personal use) http://www.free-av.com/ [free-av.com]
This is an Antivirus / malware program which I have found to kick the shit out of Norton Antivirus (Personal + Corporate) and McAfee.
3) Norton Antivirus 2008 (not free)
This is another antivirus program, it is not as good as Antivir but it may contain different malware signatures then Antivir.
4) Adaware (free) http://www.lavasoftusa.com/ [lavasoftusa.com]
Like Spybot but less strict, I don't use it anymore but you should run it anyway.
5) Windows Defender (free) http://www.microsoft.com/athome/security/spyware/software/default.mspx [microsoft.com]
This one is made (purchased) by Microsoft and is actually quite good, I can highly recommend it to remove crap from a computer. This one is free and includes an "active shield"
If you run suggestions 1,2,4 and 5 above you can assume that your computer is clean. To be sure format and reload.
As for the rest, follow the advice above and end the relationship....
these are not really solutions (Score:2)
He's going to know that she has scanned for spyware, it'll be in his keylogger info.
IMHO the solution is to use a different computer that the spouse could not have accessed, eg at a library or cybercafe.
If they wanted suggestions for combating keyloggers then they shoul
Re: (Score:2)
All good points, except #2.
Stay far, FAR away from Avira. Not only does it hang, seize up and fail to complete its own updates and scans, but it drags system resources down tenfold more than the other alternatives.
It also requires the "questionable" use of quite a few daemons which don't seem to be necessary with the other free AV products (like ClamAV, AVG Free and so on).
No easy solution exists (Score:2)
However the problem is different. In most juristiction, installing a keylogger is a criminal act. One that could well tip the balance in a divorce proceedings. (I expect divorce will be the next step here, as things cannot really work out anymore: One or both partners are paranoid, and there is no trust left.) So if there is good reason to believe in the presence of a
Re: (Score:2)
Graphical entry mechanisms (Score:2)
Easy: Knoppix (Score:2)
Detecting hardware keyloggers (Score:2)
Do hardware keylogers supply thier own batteries or could it their power usage be (again theoretically) detected?
Do they log messages from they computer to the keyboard (e.g lock changed)? could anti key loggers spam the keyboard with lock toggles until the memory fills up?
With the ones that dump t
Donny? Is that you? (Score:2)
Format and Re-install (Score:2)
Spidey sense tingling... (Score:2)
Huge paranoia probably due to the person you're afraid of intercepting something incriminating is still in the house?
If my theory isn't the case, tell your friend to get out. Go to family, a shelter, anything. Just get the F out. If there's nothing sinister under the surface here, that's not a healthy relationship. Get. Out. Of. It.
If my suspicions prove accurate, I can s
Re: (Score:2)
The only thing that stopped me from doing some crap like that, was recognizing that it would ultimately be a self-destructive act. I had all sorts of violence planned for the guy that broke up my marriage, but stopped for two reasons; a) I would get caught and b) it would have killed his dogs too. (I like animals.)
Despite being an ordinarily very caring and nice person, I was ready to do these things. Pile on it worse, is the spouse has a relationship with them, but NOT so mu
Hmm.. (Score:2)
This'll fix the rotton bounder. (Score:2)
Tell your friend to get a lancet, puncture her finger and splash a drop of blood on a vertical surface somewhere in her home which is fairly obvious.
Have her just vanish. Tell her to leave her passport behind and on no account to touch her bank accounts. Once you are sure she is out of harm's way, Tell the local police that your friend is missing.
Uncle Sams's paranoid police and vindictive legal system will do all the dirty work for her, and keep her (ex-)
Re: (Score:2)
Don't forget the part about flooding the car so there's inch-deep standing water in it. Even if the spouse in question manages to escape the clutches of the legal system, their car will still be messed up (bonus if it was an expensive car).
Re: (Score:2)
What I can say is that I sincerely believe that Hans and his Russian helpers have made a really top of the line file system. I have used it for about 3 years and it has ne
Not the solution (Score:2)
You need relationship counciling, not security software.
Relationship, Not Computers (Score:2)
Nor, frankly, should you. This is a sign of some serious problems in that relationship. Your friend might be to blame, or her spouse might be to blame, or the concept of blame might not even apply; it's tough to tell with the little information here. But the solut
Re: (Score:2)
A boot sector virus/keylogger could survive a reformatting.
Re: (Score:2)
Re: (Score:2)
Boot sector viruses were extremely common back in the day. It doesn't need to be all that complicated.
Consider a boot sector virus that stores a 16-bit dos keylogger binary in an "unformatted" area of the disk. Every time the user formats his/her drive, the bootsector virus copies this binary to C:\DOS\memBoost.com and appends a line to autoexec.bat.
MS Systems up to Windows ME would have been vulnerable to this. Maybe even Windows 2k (as part of backwards compatibility), I can't
Re: (Score:2)
Wow. Cyber-flexing isn't nearly as intimidating as RL-flexing.
Re: (Score:2)
Relax buddy. This is the internet.
Re: (Score:2)
Re: (Score:2)
Both the laptop and my computer got wiped after she had no more access to them. Her computer, probably isn't wiped.
(It's not my wife though, my wife's boyfriend is a geek and not stupid enough to pose a question like this.)
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
Might be a way to defeat keylogging if it was implemented in hardware, but in software, I'm dubious.
Re: (Score:2)
I was cleaning up a slow WinXP SP2 PC for a friend, and after two 'format & re-install' sessions, was still getting virus/trojan found messages as soon as I would install AVG Free.
After poking around, C: is not being reported correctly (total disc size)...Okay, reboot with old Win 98 'rescue'/boot floppy...fdisk, delete all found partitions, make new active partition (use whole disc- or some such), restart, format, reinstall XP, again format (full, not 'qui