Active discussions

Meet the Other Phone. Only the apps you allow.

Meet the Other Phone.
Only the apps you allow.

Buy now

Please or to access all these features

Talk
Geeky stuff
Original poster

Is a keylogger a security threat?

12 replies

sittinghere33 · 16/08/2010 10:49

Hi,

I have posted about my husband and installed a free trial of a keylogger. It gave me some interesting stuff but need to know the following if anyne can help...

  • Is it compromising my security on my computer? A few people are saying i should get rid of it as people could hack.
  • Why did i not recieve any data on chat?
  • He seemed to have got rid of our windows live chat, anyway of getting it back?

This really is make or break time so i really appreciate this.

Thanks

OP posts:
NetworkGuy · 16/08/2010 12:20

If there's anywhere you enter username/password to access a site or account, then that info can be logged, and therefore yes, you are potentially compromising your security.

I have not followed past threads of yours to know why you have tried this. Unfortunately I have not tried any key loggers to know what they are capable of - but if ever a piece of software was capable of being modified for a secondary purpose, this would be it - for example, every 2 days or when a certain amount of text has been collected, the s/w could monitor how busy your internet connection is, and if you have a few things going on, could then "pump" all the data that had been collected off to some remote website... for who knows (?) to view.

Could inadvertently give away access to your bank (depending on how different the questions are each time you login).

As for windows live chat - sorry, have come across a number over the years, like AOL Instant Messenger, ICQ, MSN, Yahoo, and so on. You should be able to reinstall it without too many problems by visiting the website (Oh, was it "Windows Live" - part of Microsoft, you mean?).

Did you mean that nothing you typed in chat was logged ? It probably depends on how the key logger works - most of the time, your keystrokes cause characters to be put into a memory buffer, read by whichever application (browser / WP / calculator) happens to be in focus.

Some software may directly check the keyboard and turn off the buffer. Games for example. It would mean the keylogger would have no 'fresh' data to log, for the time nothing was going into the buffer. Some chat software might do this... perhaps to avoid being logged (!)

onagar · 16/08/2010 13:46

Can you post the name of the keylogger and the site you got it from. We may be able to tell you how dangerous it is.

Original poster
sittinghere33 · 16/08/2010 14:41

Thanks, it was relytec keylogger. May get rid of it as we speak...
It was to monitor my hubby. I can see he was looking at poen when i was out which im ok with but wondered if he had entered any date/chat sites. A few came up but then i cant see any click throughs or registrations for them....
A bit worrying though as he has been on sites like yesicam

Thanks

OP posts:
onagar · 17/08/2010 13:53

Well it is a genuine program and not itself a trojan which is good. Could find no site offering ways to access it from outside. That isn't absolute proof that it is safe, but quite reassuring.

I would remove it when not using it any more to be on the safe side.

The only thing I would say about the results you found is to be cautious. While it may well mean what you think it means it's also possible it could include pages that were popups in with those actually clicked on. I'm not familiar with the program so I don't know if it makes the difference clear.

Original poster
sittinghere33 · 18/08/2010 09:05

Thanks, I stayed out yest and am checking results today then taking it off. I get whaty you mean re pop ups so I will see.
So far its mainly porn and if he has chatted or registered this will show up so i will look... May need help again but if not thanks very much

OP posts:
Original poster
sittinghere33 · 19/08/2010 08:10

Oh, one more question if anyone can help.

There are quite a few links like this below and i have clicked on them, put them into google etc but nothing comes up. What could they be when they start with a number?

Web Site: 213.174.154.20/v/html.php?o=1&d=137

OP posts:
liamsdaddy · 19/08/2010 11:48

a number is just the normal way of communicating on the internet. There are Domain Name Servers (DNS) that convert the more human readable address into something computers can more easily deal with.

So for instance mumsnet.co.uk is 213.161.73.140

I'm getting a lot of weird results for IP lookups on 213.174.154.20, so that isn't a defined web host - possibly it's a peer-2-peer?

Original poster
sittinghere33 · 19/08/2010 13:13

There are a few more like these too. Sorry but what is a peer 2 peer? Especially in the context of my thread?
Thanks

OP posts:
NetworkGuy · 19/08/2010 14:00

The number is the IP address. Every web server has one (or more) IP addresses.

When you are online, your internet link also gets a unique IP address (either dynamic - your ISP has a 'pool' of numbers, and assigns one for you to use while online, or static, where the ISP will always give you the same number).

These numbers are a bit like phone numbers, but are used for getting data from one place to another. For example, if you request a web page on a web site, first task is to find the correct IP for that site. It's done by using a DNS lookup. It's like calling directory enquiries (but done by the software without you needing to get involved).

So your PC can now send a request for a page to a known IP address. However, to get the data back to you, the IP address you are using needs to be sent as well. A bit like having a "reply to" postal address on the back of a posted letter.

For many services, a 'name' is used (to assist humans) but it is not essential - an IP address is fine instead. A 'name' comes in handy is when the IP address can be changed (for example, moving from a small web hosting firm to a bigger one, if the website becomes very popular and the small web hosting firm cannot cope with millions of requests).

Unfortunately if there's just an IP address it is less easy to determine which company runs the website. A domain name makes it more easy (though not guaranteed).

NetworkGuy · 19/08/2010 14:07

sorry, had not spotted posts since 10:00

peer to peer is where files are copied from person to person (avoiding storing them on particular websites). Many (not all) are copyright items like films, music, games. Sharing them this way is more anonymous because sharing copyright items is clearly not encouraged.

Original poster
sittinghere33 · 20/08/2010 13:02

Thanks so i take it could just be another website then not a chat or anything. cheers

OP posts:
m0nkeynuts · 21/08/2010 17:46

I did a little search and it looks like it's maybe a porn site:

This link traces 213.174.154.20 to 4slyvip.com

A google search on 4slyvip.com brings up this. Domain registration details here.

Don't click if you're at work! Nothing nasty on these pages, but folk might wonder why you're googling porn sites...

New posts on this thread. Refresh page