Print this articleHardware keyloggers are small inline devices placed in between the keyboard and computer. They are so extremely small that they are very hard to detect and can unnoticed for long time periods. This type of device requires that the person placing the device be in physical contact with the computer. A family member to see what is being done on the computer when not supervised usually places this type of keylogger in a home. They are capable of capturing passwords, user names, and other personal information. This includes conversations via instant messenger and e-mails. The software keylogger uses a hooking device to monitor all keystrokes. It uses the Window function of SetWindowHookEx(). This type of program is installed via corrupted files on the net or through other spyware techniques. Once downloaded into the system they initiate the hook function and a DLL function for logging. This software can capture almost every thing one does on the computer. The third type of keylogger is the kernel/driver one. This type gets its information directly from the keyboard. It replaces the main software for tracking keystrokes. It can be so cleverly programmed that it is almost completely undetectable. It is executed on boot and starts before any user-level programs start up. It cannot get auto-complete passwords like the other types can.
Even though there are so many types of companies making keyloggers out there today, they all are pretty much alike. Most of these are well hidden in many trojans circulating the Internet. These are the common hook type keyloggers. There are several features that one can use to spy on any unsuspecting user. There is the infamous stealth mode that has no icon to see that it is working. This keylogger is virtually hidden from the person being spied on. There is also remote installation. This attaches the keylogger feature to other programs such as e-mail and instant messenger. It can be sent via e-mail to be installed on another computer. This feature is used to get the conversations and information between more than one person. The last feature that most have is the smart rename. This allows all the keylogger and registry files to be renamed. This type of spyware can be hard to detect. Most anti-virus software may not see this device.
There are some ways to avoid accidentally downloading a keylogger program or avoid being captured on one. Well if the program figures out keyboard click it would make sense to use a virtual keyboard for private use. This would be used for passwords and other secure transfers of information. This is a keyboard on the monitor that one would use the mouse to type with. No clicks will be detected and transferred to remote computer. This will not be practical for all applications because the slow typing method. It is mostly used to put in passwords, credit card numbers, and other private applications. Be aware that some keyloggers can also track mouse clicks as well so the virtual keyboard is not useful. You would want to make sure that your virtual keyboard has a feature that allows you to hover over the letter you want instead of clicking on it. The best way to make sure you are keylogger free is manually check your machine first. If there seems to be nothing physically on the machine itself use an anti-spyware program to detect the corrupt software.
Adware and Spyware sneaks onto your computer several different ways. Most of it gets installed bundled with software that computers user voluntarily download and install onto their computer because it claims to speed up the computer, fix problems, or add some functionality. Most of this software doesn't do what it claims, and will in fact slow down your computer and cause problems because of the spyware that is bundled with it.
Some programs even claim to remove spyware from your computer, when, in fact, it installs more. Spyware can also masquerade as "updates" for your computer or use a similar trick to convince you to click on a pop-up add or download a program, so be sure to only get updates from trustworthy places.
Another common way that adware and spyware gets on computers is through peer-to-peer file sharing programs. Kazaa, for example, uses Cydoor and GAIN adware programs to deliver advertisements. When you install Kazaa, you also install Cydoor and GAIN, which then deliver pop-up advertising to your computer. Many other P2P file-sharing programs, including Ares, have similar adware bundled with them.
Browser toolbars, such as the dreaded Hotbar, are another common source of adware and spyware. These toolbars sit at the top or your browser window and offer some sort of tools that enhance your browsing experience. Usually they provide a search box, allowing you to do an internet search right in the toolbar. They may also provide bookmarks or other functionality.
Unfortunately, they almost always come with undesired functions, such as reporting your browser habits back to some central source or displaying advertisements. Hotbar, for example, tracks the web sites you visit and reports them for marketing purposes. If you need the functions that these toolbars offer, use Firefox as your browser and find an extension that suits your needs.
Removing Adware/Spyware
The first thing is to remove the adware and spyware that has already infected your computer. There are many programs out there claiming to get rid of spyware. Most of these programs actually just install more of it. Fortunately, there are a few programs out there that are for real. The better news is that the two best anti-adware programs I know of are free.
ParetoLogic AntiSpyware
ParetoLogic AntiSpyware provides above average coverage at a reasonable price. The program is a premium version of XoftSpy SE (ParetoLogic's standard antispyware product) and boasts extremely fast scan times, a beautiful interface, and a number of additional real-time protection features. Plus it stays fresh with very frequent updates from the developer. My favourite anti-spyware program.
Spyware Remover
Spyware Remover advanced system cleaner works to repair and correct errors caused by ad and spywares and also tweaks PC for optimal performance. The best anti-spyware tool I know, uses cutting-edge anti-spyware technology to protect its users from the latest spyware threats. I like this tool due to very large set of spyware/adware/malware it can handle. And more over, Spyware Remover blocks any illegal PC activity while running.
Spybot
Another good program is called Spybot. The project was started by one gentleman with a special interest in privacy. It has since grown into what many consider one of the most effective anti-spyware/anti-adware program available.
Spybot's focus is on accuracy. The program aims to remove all the spyware that it can find on your computer without any false positives. A false positive is when an anti-adware program identifies a legitimate file as spyware when it shouldn't. False positives are a pet-peeve of the Spybot team, and they work very hard to avoid them. You can be certain that when Spybot identifies a file, it really is a malicious file.
The program is easy to install, easy to use, easy to update, and most importantly, its effective. It eliminates the adware currently on your system and blocks it from coming back. The newest version also offers real-time protection by blocking adware programs as they try to install themselves, warning you if anything acts out of turn.
After you download the file, double click it to install it. The installation is straight forward. The first time you run the program, it should ask you to update the program and make some back-ups. Just follow the directions it provides. You only have to do that once.
From then on, try to run the program about once a week. Every time you run it, get all the available updates first (through the "search for updates" feature inside the program.) Then, use the immunize feature, which blocks known bad programs. Finally, run a scan. That should keep your computer free of all adware and spyware.
Adaware
As good as Spyware Remover is, it’s a big internet out there. In order to keep all your bases covered, you should install a secondary program. I recommend Adaware SE Personal by Lavasoft. Also easy to install, update, and run, Adaware will easily mop up anything that Spybot doesn't cover.
Adaware's focus is on completeness. Lavasoft really wants to get all the adware and spyware off your computer, and they use very aggressive scanning to get the job done. They feel that your privacy is worth a few false positives. The result is a very through scan of your computer. Just make sure you look the list of files it identifies over for false positives or you may loose access to a file you actually wanted.
Get Adaware here. Remember to keep both programs up to date and run them regularly.
Tricky Malware
Some malware can use nasty tricks to reinstall itself after you remove it. If you are having trouble getting rid of a particularly bad infection, try this:
- Update your virus scanner and both Adaware and Spybot definitions.
- Reboot your computer. Press the F8 Key right as windows is starting. Choose to boot into "Safe Mode."
- In "Safe Mode", run a full scan with your virus scanner and both Adaware and Spybot. Delete any malicious files that they find.
- Reboot the computer normally.
Safe Mode only loads the minimum programs your computer needs to run. That should keep the malware programs from running in the background and reinstalling themselves while you remove them. If that still doesn't work, you will have to search online for a way to get rid of that specific malware program. You could also try some of the other programs listed below.
Of course, at some point, it becomes more practical to back up all of your data, erase the entire had drive, and reinstall windows than to try to surgically remove hundreds of individual pieces of malware. If you back up regularlly, you can restore a backup that is less infested and clean that instead of starting all over. In addition to spyware removers you can also use system optimizer\registry cleaner, such as RegCure for example.
In addition to prohibiting spyware, the Spyblock (Software Principles Yielding Better Levels of Consumer Knowledge) Act would also outlaw the installation of adware programs without a computer user's permission. The Senate Commerce, Science and Transportation Committee approved the bill Thursday.
Spyblock, sponsored by Senator Conrad Burns, a Montana Republican, would prohibit hackers from remotely taking over a computer and prohibit programs that hijack Web browsers. The bill would protect antispyware software vendors from being sued by companies whose software they block.
"I am pleased that a majority of the committee agrees with me that Congress must act to protect the right of consumers to know when potentially dangerous Spyware is being downloaded onto their computers," Burns said in a statement. "As the Spyblock Act moves forward to the Senate floor, I hope we can continue making it a stronger bill by making sure the private sector has all the right tools it needs to successfully slow the spread of malicious spyware."
The Spyblock Act now moves to the full Senate for consideration. The U.S. House of Representatives passed two antispyware bills in October 2006 and again in May, but the Senate has so far failed to act on spyware legislation.
The Spyblock Act would allow the U.S. Federal Trade Commission and state attorneys general to seek civil penalties against spyware and adware distributors.
List of anti-spyware software vendors known to support the Spyblock Act :
ParetoLogic
SpywareRemover.com
WinSpy.com
AdWareAlert Software, Inc.
Advance Software, Inc.