Spyware often comes with freeware, that's why it is "free". A good antivirus program only costs about $30. I think that is the easiest solution.

There are some out there (try a search for keylogger detector). Just beware ... if it's not from a reputable company then it may be a keylogger itself!
I think (and someone correct me if I'm wrong) that one of the better defenses against a keylogger is a good firewall. The keylogged data needs some way to get out and an open port seems the most obvious to me.
I like having a software and a hardware firewall (belt and suspenders approach)...

Please do not suggest using Anti-virus
software and a Firewall. These are both
already in place, along with Ad-aware
and Spybot. Thanks.

Please do not ask questions in a public forum if you don't want to hear the answers given.

One of the best chances of observing a keylogger's dirty work is a firewall with *egress* filtering and logging (which few do well, I think).

If you currently have a problem (or think that you might) and what you already have is not working, why rudely dismiss a whole class of answers? You might need a different version or brand of something that you already think that you have.

And yes, I'd be vary wary of a pre-built 'free' executable to do this, other than from a very reputable source. ZoneAlarm does quite reasonable egress detection/warning and is free but is NOT freeware for example.

Rgds

Damon

[edited by: DamonHD at 9:03 pm (utc) on Sep. 24, 2007]

I think (and someone correct me if I'm wrong) that one of the better defenses against a keylogger is a good firewall.

A conventional firewall isn't going to do you any good.

The keylogged data needs some way to get out and an open port seems the most obvious to me.

Yes, an open port seems the most obvious to me, as well.

If I wrote a keylogger, now, what port would I use....

Doesn't take much thought. Outbound on Port 80.

Now, how is the firewall going to help again?

An application-level gateway might help, because you could restrict outbound on port 80 to Firefox, MSIE, etc.

Logging your traffic can help. What's that going out on port 80 at 4AM while I'm asleep?

One reason that ZoneAlarm is good is that it has a function to automatically block ALL access (other than select programs that you vet) when your screensaver comes on. Your browser and mail programs should NOT be on the allowed list, for starters.

ZA also reports unexpected programs using such potentially-OK outbound connections as to 80 or 443 or 25.

As I say, a good egress firewall in its full definition *might* be able to help catch a keylogger, though there are plenty of covert channels still available (eg by modulating how fast IE works when connecting to keylogger-friendly/compromised site for one tinfoil-hat example).

Rgds

Damon