?
Solved

how to detect spy-ware

Posted on 2003-02-20
11
Medium Priority
?
395 Views
Last Modified: 2010-04-11
i just found out my password had been stolen, and i think the most likely reason is there was some activity logging software in the public computers. how can i detect these spies?  
0
Comment
Question by:foxroom2
11 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 7993166
The best product is Adaware:
http://www.lavasoft.com

Run it and it will find all these vermin that steal your stuff...
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7993182
Sorry, wrong url

http://www.lavasoft.nu

0
 

Expert Comment

by:mjelwood
ID: 7993227
Another good Spybot removal program is Spybot Search & Destroy by PepiMK Software.

http://spybot.eon.net.au/

I would suggest using both the Adaware and Spybot. Each of them will pickup Items in which the other missed. Install and run both of them. They both seem to very well. Enjoy

Michael
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Expert Comment

by:Da5id
ID: 7993421
Although those two will work if the system has commertial spyware installed, this is unlikely to be the problem. I think it is more likely that someone has loaded up a keystroke recorder. Simple versions of these simply write each keystroke to a hidden txt file, however better ones will store all keystrokes in ram and only write to file occasionally in order to make detection more difficult. If they are good you will not be able to detect them however for simple ones try viewing the processes or programs running on the computer and look for anything suspecious. Good ones will hide themselves, have different names etc.
Goodluck
Tris
0
 

Expert Comment

by:el_burizone
ID: 7993861
Try also www.pestpatrol.com.
But: There's also another method to monitor, what you are sending to the net: I.E. Man-in-the-midle. There is a computer (usually) proxyserver, which can easily catch all traffic from tha whole lan, you are connected to. There is one more easy way to monitor the traffic on the lan and it is called sniffing. This can be done also easily, but not so easily as being man-in-the-middle. These cannot be detected (you simply must presume that someone is monitoring your net activities). They can see everything you do, pages you look at, your icq commmunication, your login/passwords etc. etc.  And there are not many things you can do about it. Fullstop.
0
 
LVL 10

Expert Comment

by:LRI41
ID: 7994337
In addition to the three programs cited, Ad-Aware,
Spybot and Pest Patrol which I use all three, you
might also want to take a look at:

Lockergnome Windows Digest] Bullhead Graffiti and the Nucleus  
Date: 2/15/2003 11:52:54 AM Pacific Standard Time

Spyware-Guide.com

http://www.spywareguide.com/

{Guide to stopping spies} Spyware Guide provides information about
spyware and adware, something we all despise, right? OK, who
shouted, "No?" You must write spyware. If not, e-mail me; I've
gotta meet you. The site does clearly state that it does neither
agrees nor disagree with the makers of spyware or adware software,
and it is NOT a sounding board for debate. It's there as a
resource to serve the Internet community. Recently, two spyware
programs attacked me; one was from a program that I was testing
for you Gnomies (which I immediately removed it from the review
list), and another came out of nowhere. I looked them up and this
source listed one of them, explaining what it is and how to squash
it. I dropped a line to the folks behind the site telling them
about the second piece of spyware that I encountered, and maybe
it'll be posted soon. Especially nice is the Blocklist File
download [

http://www.spywareguide.com/blockfile.php

] and the list
of companies who create spyware and malware. Take a bite out of
spyware! [Meryl]




...list of known spywares, how to remove them, who is a maker, and more

http://www.spywareguide.com/

Spyware guide was created to provide an all inclusive resource to spy ware applications, what they do and how they’re used. These resources include: which software applications can detect and defeat spyware, an extensive database of all known spy ware applications and contact information. Take the time to create a username and password to take advantage of these and many more features of Spyware Guide.
·     Spyware Guide has a large frequently asked questions (FAQ) library that’s easily searchable with down to earth terms that will help you understand
·     Spyware Guide has provided the largest database of spyware applications for you to search and become more informed. Each information is crosslinked, so you dig around for related information if you want.
·     Want to inoculate your Pc against malicious ActiveX components? Check the latest Spyware BlockList File
·     Don't forget our hand-picked and categorised privacy products section.
We answer our email. If you’ve discovered something, a spy ware application or if you need to know more information about a term or how it works. Then feel free to drop us a note. Spyware Guide will help.

:  http://www.spywareguide.com/  On main page check also "Blocklist File Download" link.  

Spyware Block List File
What and Why?
Tired of all that Spyware and Adware crap being installed by ActiveX ?
But don't want to loose out on functionality?
We have created a system that blocks all known "bad" ActiveX controls from running inside Internet Explorer by setting the "Kill bit".
When a page tries to install a component from our list, it will fail.
When a page tries to use a component from our list that was already present on your system, it will fail too!
Other, "friendly" components are not affected.
Download and Installation
The best part of it is that we can pull this off without any programs running on your Pc, without even having to run a program to install the block list! All you need to down is download the -small- registry file below (Right-Click, choose "Save As...") and then double click it to enter it into the registry and activate the protection.
 Download Now!
Last Update: 2003-2-12 20:10:52
Check back here often!


I haven't used this one yet.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 7996901
Interesting. I've heard pro/con on all. Adaware seems more commonly popular but not best, but I run none yet, so I'll make no vote, other than to try something of the above since you are interested. My next curiousity would be best way to kill MS messenger, IM, etc., when I have to reload OS frequently (and bring them new life). These get me as many popups as I get on surfing to 'bad' sites. Even though I've disabled many such IM functions in registry.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 7996920
> i just found out my password had been stolen

Sorry, had minor distraction of the comments there. In end, Run a rebuild of your PC is in order, apply all patches for hacks, and install firewall like ZoneAlarm to cut the traffic to and from your PC.

You have cable? This is getting common where people in same neighborhood have gotten SW to read the wire, so it may be that you are in a network promiscuos mode. More likely they've wun a hack on your IE or IM, and if you want that stopped, wou'd best consider an alternative to each, such as Opera or NetScape.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 7996931
OS makes a difference. For forensics, try BlackIce, and if you run NT family you should review its event logs to find out what the computer itself knows has been going on. Do not forget to change passwords frequently, and make both ID and password as long in length as you can.
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9816057
No comment has been added lately, so it's time to clean up this TA.
I will leave the following recommendation for this question in the Cleanup topic area:

PAQ - no points refunded

Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

zenlion420
EE Page Editor
0
 

Accepted Solution

by:
YensidMod earned 0 total points
ID: 9863218
This question is PAQed  and no points refunded (of 25).

YensidMod
Community Support Moderator
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
This blog will spread awareness about Dropbox. We have given the statements based upon our experience. Along with this, there is a section of some new plans that should be added in Dropbox this year. This will make the storage service enhanced from …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question