Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can a keylogger jump between OSes in multiboot?


  • Please log in to reply
4 replies to this topic

#1 HydraHeaded

HydraHeaded

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 AM

Posted 24 November 2008 - 08:29 AM

Not sure if this is the right place to post it:

If I've two XPs installed, one in C: and the other in D: drive, and a keylogger gets into the C: drive Windows, can it jump to the D: drive so that when I boot the D: drive Windows installation, it will log keystrokes there as well?

And suppose there is no internet connection configured for D: drive, can it pass on the logs to C:, and then upload them when the C: installation boots?

Maybe I'm being paranoid, but still...

BC AdBot (Login to Remove)

 


#2 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 24 November 2008 - 02:14 PM

I'd say yes; but what scans have you done and what odd computer behaviour have you had or is this a hypothetical question?

#3 HydraHeaded

HydraHeaded
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 AM

Posted 24 November 2008 - 06:35 PM

Its hypothetical. Anyway, no one has sent me a keylogger, I myself downloaded Ardamax from the site itself, and was wondering if it would start spying on me.

#4 ruby1

ruby1

    a forum member


  • Members
  • 2,375 posts
  • OFFLINE
  •  
  • Local time:01:56 AM

Posted 25 November 2008 - 05:36 AM

if this

http://www.ardamax.com/

is the program you have??

Use this keylogger to find out what is happening on your computer while you are away, maintain a backup of your typed data automatically or use it to monitor your kids.

Maybe to monitor if the computer IS used unauthorised by others


but

Ardamax Keylogger is an invisible keylogger that captures a user's activity and saves it to an encrypted log file. The log file can be stored as a text or web page


If you then DO get an infection on there ,you have to consider what happens to the 'stored data' within that keylogger program ..................................

??was there a specifc reason WHY you felt you needed this program ?

#5 HydraHeaded

HydraHeaded
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 AM

Posted 25 November 2008 - 11:05 AM

Well actually I wanted to find out if my AV would detect it or not, which is why I downloaded it. Bitdefender did detect it, but only when I right-clicked the file and scanned it, even though I have real-time scanning active. SuperAntiSpyware plain missed it, and Malwarebytes' Anti-Malware did give a message once. Bitdefender on the other hand just ate up the file. I thought SuperAntiSpyware and Malwarebytes were the best apps for dealing with such stuff. Or are there better ones? Anyway, I've deleted the file from my computer now.

Now in this case, I myself downloaded the keylogger so it wouldn't send off any logs anywhere. But if a keylogger was sent to me by someone, and it remote installed itself, it might be able to sneak out the logs. The thing is that I've come across places on the net where they give tutorials on how to bind the keylogger to a file, preferably exe, but even jpeg images work. So you get an image attached in your email, and you download it, and as soon as you open it, the image opens but at the same time the keylogger stealthily installs. And I download too much stuff from my mails... Yahoo does scan it first, but not sure what they use and how effective it is.

By the way, even though I've uninstalled the Ardamax keylogger and even run the specific uninstalling app available at their website, I feel it might have left a trace somewhere. Any exact way to find out, or any behaviour I should watch out for?

Thanks.

Edited by HydraHeaded, 25 November 2008 - 11:06 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users