Keyloggers can be either software or hardware based. Software-based keyloggers are easy to distribute and infect, but at the same time are more easily detectable. Hardware-based keyloggers are more complex and harder to detect. For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information in a world where encrypted traffic is becoming more and more common.

As keyloggers become more advanced, the ability to detect them becomes more difficult. They can violate a user’s privacy for months, or even years, without being noticed. During that time frame, a keylogger can collect a lot of information about the user it is monitoring. A keylogger can potential obtain not only passwords and log-in names, but credit card numbers, bank account details, contacts, interests, web browsing habits, and much more. All this collected information can be used to steal user’s personal documents, money, or even their identity.

A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry. Or, the more sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:

• Undetectable in the process list and invisible in operation
• A kernel keylogger driver that captures keystrokes even when the user is logged off
• A remote deployment wizard
• The ability to create text snapshots of active applications
• The ability to capture http post data (including log-ins/passwords)
• The ability to timestamp record workstation usage
• HTML and text log file export
• Automatic e-mail log file delivery

All keyloggers are not used for illegal purposes. A variety of other uses have surfaced. Keyloggers have been used to monitor web sites visited as a means of parental control over children. They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web. Additionally, in December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.

The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.

When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.

To increase your odds of not encountering a Trojan, follow these guidelines.

1. Remain diligent
Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.
2. Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.
3. Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
4. Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.

Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer’s security and decrease the possibility of infection by consistently following these guidelines.

Here are just a few of the new features that you’ll see:

· The new OneCare Circle provides a single view that you can use to monitor the security and maintenance of your networked PCs. The OneCare circle also enables one-click actions to resolve issues among computers within a home PC network

· Printer sharing support helps you easily share the printers that are connected to your networked PCs —now the whole family can use the same printer.

· Speedier PC start times via removal of rarely used applications from the Start menu. Look for this on the enhanced Monthly Report.

· Configuration monitoring that makes fixes and recommendations designed to help you get the most out of your computing experience.

These enhancements and more will be automatically delivered to all subscribers over the next several weeks. Windows Live OneCare will tell you when the update is starting and ask you to restart when it’s complete. Then you’ll be ready to start enjoying all of the new features that are now included in OneCare.

If you’d like to learn more about this update or would like to try Windows Live OneCare for 90 days, please visit http://onecare.live.com.

This month’s batch of patches fix some fairly dangerous flaws. Redmond labels a security flaw “critical” if attackers could use it to seize control over a vulnerable system without any help from the victim. What’s more, a dozen of the flaws earned the highest rating on Microsoft’s “exploitability index,” which is the software maker’s best estimation of the likelihood that criminals will soon develop reliable ways to exploit them to break into Windows-based machines.

Patches are available for Windows 2000, XP, Vista, Windows Server 2003 and Windows Server 2008. Microsoft said none of the vulnerabilities affect Windows 7, its newest operating system. Windows users can download the updates from Windows Update or via Automatic Updates

Many of the flaws fixed this month stem from faulty ActiveX controls, tiny programs built to work with Internet Explorer that have full access to the Windows operating system. As a result, flaws in ActiveX controls can give hackers extremely powerful tools with which to take over vulnerable systems. In my opinion, ActiveX flaws are among the prime reasons to browse the Web with an alternative browser, such as Firefox or Opera. Indeed, according to Microsoft, all of these ActiveX vulnerabilities can be exploited merely by convincing an Internet Explorer user to visit a hacked or malicious Web site.

At least five of the vulnerabilities are ActiveX flaws associated with a software development “template” or code library that Microsoft makes available to other software makers and uses throughout Windows. Last month, Microsoft issued an emergency update to fix this flawed template, known as an “active template library” or ATL, and the company says attackers are currently exploiting at least one of those ATL flaws.

Today’s release also fixes four ActiveX flaws that shipped with most supported versions of Microsoft Office, including Office 2000 Web Components, Office XP, and Office 2003. Microsoft warns that at least one of these Office flaws is actively being exploited online.

Another notable update shipped this month fixes a pair of critical flaws in the way Windows processes .AVI files, meaning attackers could use this vulnerability to hijack Windows computers just by getting someone to open a booby-trapped video file.

As usual, please drop a line in the comments if you experience any problems installing these patches, or stability or usability issues after installing them. A breakdown of the vulnerabilities fixed in this month’s patch release is available here.

Browsers are like windows, through which your computer interacts with the outside world. It is the gateway, through which you can access the vast information available on the Internet.

But at the same time, they are also the pathways, through which malware can sneak into your computers. They can take the exploit the security holes in your browsers to infect your computer. For any robust PC Security plan, it is important to plug these browser security holes.

How to Plug Security Holes in Your Browsers

There is one simple trick, nothing complex. Just remember to update your browser with the latest release. Most of the browsers like Firefox and Google Chrome have an automatic software update feature and they notify you as soon as a new stable release version is available for download. You just have to listen to them and keep on updating.

Internet Explorer updates are released by Microsoft alongwith the Windows Updates. You just have to keep the Automatic Windows Update ON. But for some of the browsers like Opera, you might have to keep a eye yourself on the availability of the new release and download the new version afresh.

How to Test Your Browser Security

I just found one useful online Browser Security Test, which is absolutely free to use. Nothing complex, just head on to the website http://bcheck.scanit.be/bcheck/index.php. It will identify your browser details. Click on the Start Security Test, and your browser will be grilled with some rigorous testing. This tool is available for both of the popular Internet browsers, Internet Explorer and Firefox.

What Browser Security Tests Does it Perform

It may not be making much sense to you, but if you are interested, following is the list of the security tests performed by it.

For Internet Explorer (Total 9 Tests)

1. Internet Explorer bait & switch race condition
2. Internet Explorer createTextRange arbitrary code execution
3. Windows MDAC ADODB ActiveX control invalid length
4. Adobe Flash Player video file parsing integer overflow
5. XMLDOM substringData() heap overflow
6. Apple QuickTime MOV file JVTCompEncodeFrame heap overflow
7. Apple QuickTime ‘QTPlugin.ocx’ ActiveX Control Multiple Buffer Overflows
8. Window location property cross-domain scripting
9. Internet Explorer XML nested SPAN elements memory corruption

For Firefox (Total 10 Tests)

1. Mozilla crashes with evidence of memory corruption
2. Mozilla crashes with evidence of memory corruption
3. Adobe Flash Player video file parsing integer overflow
4. Mozilla crashes with evidence of memory corruption
5. Apple QuickTime MOV file JVTCompEncodeFrame heap overflow
6. Mozilla code execution via QuickTime Media-link files
7. Mozilla crashes with evidence of memory corruption
8. Mozilla memory corruption vulnerabilities
9. Mozilla crashes with evidence of memory corruption
10. Mozilla Firefox MathML integer overflow

Remember, this is a bit old tool, and if you are running the current versions of Internet Explorer or Firefox, most likely your browsers will pass through these test. But still a useful eye-opening tool for those not in a habit of regular software updates.

What is Anonymous Internet Browsing

Anonymous or Private Web browsing is the way to surf Internet without leaving traces about yourself. There are specialized tools, which wipe out all the traces of your browsing, once you have closed the browser.

How to Clear Your Private Data from Browser

Although most of the modern browsers have the options to clear your private data anytime through their menu. But it is often difficult to go through the entire process and also there are limited options. For instance, if you just want to browse anonymously for a particular session then it is difficult to do so with regular browser features.

There are some browser extensions, which do the job perfectly.

“Private Browsing” is one such Firefox Extension. It can hide surfing trails that the browser leaves behind. You can select the different data you want to remove after ending the private session, including:

1. Browsing History
2. Downloads History
3. Disk Cache
4. Form Information
5. Cookies
6. Saved Passwords
7. Flash Cookies

Options in Firefox Private Browsing Addon

There are lots of option available to customize your preferences. See the screenshot.

You can set if must be show a statusbar icon, if you want the private browsing mode runs when start firefox, and if you want the application alert you about undeleted downloads in your disk after private mode to select it to delete.

Download Private Browsing

Anti Virus Program of 2009?”

We get asked the same questions everyday by my subscribers: “What is the best antivirus software?” and “How do I keep my PC safe on the internet today?” At PC Scan, we understand how challenging it can be for the average person to keep their computer running smoothly. Our team of computer experts have carefully reviewed and tested all the top antivirus software for you. To make it easier, we came up with the top 3 and are more than happy to share our results with you below…

#1 Paretologic Antivirus PLUS!™

ParetoLogic Anti-Virus Plus protects against viruses, malware, spyware. Will scan, clean and completely remove even the most deeply rooted viruses, spyware, adware, and even rootkits, which attempt to cover the tracks of potentially damaging malware. Will warn you and block malware-related websites. Protects against the rive-by-download.

We have been using Paretologic’s Antivirus Plus for a few years now. In that time we have not had one instance of virus infestation. Antivirus Plus runs in the background and uses very little resources which as computer techs is very important to us. There is nothing more annoying than a fast computer running slower than it should because your antivirus program is bogging it down.

“…detection and complete removal of viruses.” -
Brothersoft.com

“Premium protection against a wide variety of dangerous threats. Thwarts viruses, spyware, malware and even rootkits.” – SoftPedia.com

Download Paretologic’s Antivirus PLUS! FREE

#2 PC Tools Internet Security™

PC Tools Internet Security 2009 has been bundled with four main software capabilities.
It has an Anti-Spam feature included, which is responsible for monitoring the amount of Spam that a computer receives. It will allow the user to produce a “white list” to allow only e-mails from these addresses. This feature is highly customizable! Internet Security 2009 is also loaded with a Firewall feature. The Firewall is able to provide complete Stealth Mode protection. This Firewall is useful for anyone who is searching unfamiliar Web sites, and needs added protection. It does not only protect from viruses embedded in Web sites, but also detects Malware being installed for software applications. Yet the best features installed
with PC Tools Internet Security 2009 are its Anti-Spyware and Anti-Virus software. When installed, they are quickly able to scan the computer, and detect suspicious registry entries. Other characteristics of the Anti-Spyware software are its abilities to detect and destroy Rootkits, and prevent infection with Trojans.

“On behaviour-based detection of malware, PC Tools Internet
Security scored the highest of any suite we’ve tested.” - PCWorld.com

“Internet Security also had the highest detection, removal
and blocking rates”- PC Authority

Download PC Tool’s Internet Security FREE

#3 ESET NOD32 Antivirus 4.0™

Built on the award-winning ThreatSense engine, ESET NOD32 Antivirus proactively detects and disables more viruses, trojans, worms, adware, spyware, phishing, rootkits
and other Internet threats than any program available. ESET NOD32 Antivirus provides:

1) Proactive Protection – multiple layers of detection protecting you from Internet threats before it is too late.

2) Precise Detection – accurately identifies known and unknown threats; it consistently wins top awards from testing labs and is recognized for having zero false positives.

3) Lightweight Design – requires less memory and CPU power, allowing your computer to run fast and have more room for games, web browsing, and emailing.

4) Fast Scanning Speeds – highly efficient program ensures fast file scanning and product updates; it runs quietly in the background.

Version 4.0.314 includes advanced archive scanning, access control for removable media (previously available only to business,) a new system inspector for rootkit detection without running a full scan, and the ability to build custom-designed rescue CDs.

Download NOD32 Antivirus 4.0™ FREE