How do I detect key-loggers?

Question

My friend found out that there is an "eye icon" on the taskbar and we believe that someone may have put a spyware (bug) to find out what we are emailing to each other. Is this possible and how can we delete such a bug?

Ralph

Answer

This question was answered on December 23, 2005. Much of the information contained herein may have changed since posting.

Your description is consistent with a range of programs from “key-loggers” (programs that track every keystroke) to various malicious programs including an old version of the Navidad virus, which has a blue eye that gets added to your Systray (to the left of the clock on the bottom right corner of the screen) The first step in determining what it may be is to float your mouse over the top of the icon to see if it gives you a description If you can get anything to appear, try typing it exactly as you see it into Google with quotation marks around it (which tells Google to only bring back sites that have that exact phrase) to learn more about exactly what you may have installed in your system There are a host of key-logger programs that can be installed so that a record of everything you type (every word in every e-mail, every username/password in every secured website, every web address, etc.) is sent via a silent e-mail to a remote e-mail address There is no shortage of this type of malicious code designed to help steal your identity, but many parental control programs also have a component of the system that is designed to use this process to help parents keep track of what their kids are doing online from a remote computer There are a number of ways that someone can install such a program onto your computer, but generally, they would need access to your computer If they were trying to spy on you, however, they would generally do so without leaving such an obvious marker (the eye icon) It’s possible that you contracted a RAT (Remote Access Trojan) via an e-mail attachment (just another in a long list of reasons to be extremely suspicious of ANY e-mail file attachment), which could allow a remote user to access your computer or log all of your keystrokes Most anti-spyware programs such as Ad-Aware and SpyBot Search and Destroy (both are free and available by visiting www.datadoctors.com/approved) can detect and remove commonly known key-logging programs Not every program that is capable of logging your keystrokes is detectable by traditional spyware detection programs, but since they all do create a log file there is a more fundamental way to see if anything is logging your activity Another free program called KL-Detector (also available at http://www.datadoctors.com/help/approved_software.cfm ) is a simple program that once installed can monitor disk activity to see if a log file is created during a test session (Be sure to follow the directions exactly or you may get a false positive!) Identity theft has become such a big business on the Internet that large organized crime syndicates are now behind many of the attempts to compromise your personal information, so always pay attention to what you open or install on the Internet and keep all of your security software constantly updated!

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on December 23, 2005