Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: software - keyloggers etc

From: "H. Nachtwandler" <sleepwalker () saintly com>
Date: Thu, 29 Jan 2004 11:38:51 -0500
[TALLAT: PLEASE FORWARD THIS BACK TO MAILING LIST IF IT DOES NOT GET POSTED THERE.  I AM WRITING FROM ADDRESS NOT ON 
LIST, SO MY REPLY MAY BE AUTOMATICALLY REJECTED.]

Hello, Tallat:
  After reading your e-mail, I decided to experiment on my home PC, viz.,--

  I ran updated scans on my computer using AdAware and Spybot Search & Destroy.  These scans found a few tracking 
cookies, which I subsequently quarantined.  Thereafter, I installed and ran Spy Sweeper.  The Spy Sweeper scan notified 
me that supposedly I had keylogger "Key Interceptor" installed on my computer; *however*, when I examined the file that 
Spy Sweeper designated as "Key Interceptor", it ended up being nothing more than an innocent html file--part of my 
Oracle manual, in fact.
  Spy Sweeper indicated that this Oracle manual html file was an "exact match" to the signature of "Key Interceptor"; 
so I'm deducing that Spy Sweeper is prone to produce false positives.  You may want to check the files that your Spy 
Sweeper identified as cdilla, spyworks, winwhatwhere, and confirm whether or not they are indeed spyware: they may 
simply be false positives.

...If I were cynical, I would believe that Spy Sweeper's poor behaviour might be a sinister marketing tactic to 
intimidate users, lead them to believe that Spy Sweeper detects spyware that other antispying software cannot 
detect;--but I am not *so* cynical, and therefore I will remove my tinfoil hat and reserve judgement for now....

Kind Regards,
Nachtwandler.

[...]

I have downloaded spybot, ad aware, swatit and update these regularly ie
once a week I check for updates plus have an anti-virus and zonealarm
firewall.  Well to my surprise after reading an article about the above
decided on a hunch to try out "spy sweeper" and it found the following in my
windows 98:

cdilla
spyworks
winwhatwhere (or is it winwherewhat?)

On the pc.

So my question is, is there any one product which will find these things
above or do I need to keep down loading lots and lots of different types of
software programmes to find different things?  Why did a software programme
like spybot or swatit not find the above three?

[...]
-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: