8 February 2002
Cryptome purchased a copy of Anti-Keylogger yesterday (thanks to AG), installed it on a couple of machines and ran the program. It runs on Windows 9X, not W2K or NT.
One machine, a laptop running ME, was reported clean:
System scanning is started ------------------------------------------------------------ [2/8/2002 5:38:15 PM] Running keystroke monitoring programs are not found on your system.
A desktop running Windows 98 got this report:
System scanning is started ------------------------------------------------------------ [2/8/2002 5:37:13 PM] The following LOG-files are detected: - c:\windows\cookies\index.dat - c:\windows\network~2\blackice\log0007.enc - c:\windows\history\history.ie5\index.dat - c:\windows\tempor~1\content.ie5\index.dat LOG-files selected for detection: - c:\windows\cookies\index.dat - c:\windows\network~2\blackice\log0007.enc - c:\windows\history\history.ie5\index.dat - c:\windows\tempor~1\content.ie5\index.dat
None of these appear to be keylogging files, though they show logs of machine monitoring by BlackIce, a firewall program, and IE.5, Internet Explorer. The laptop had neither BlackIce or IE installed.
Nothing in Anti-Keylogger documentation describes how to tell the difference between its suggestion of keylogging detection and simply examining overt system and usage monitoring logs. Nor any justification for the use of the term "anti-keylogging" as anything more than a sly bait and switch marketing gimmick.
The program is capable of pointing to easily spotted logging files, and might point to concealed logs if there were any, but more likely it is up to the user to figure out what to do about any concealed keyloggings, including those neatly concealed by "anti-keylogging" programs. Certainly IE's obnoxious log of surfing should be dumped, perhaps IE too, and beyond that Microsoft itself. See Microsft's Hidden Files:
http://www.astalavista.com/library/os/win95-98/mshidden.txt
Cryptome's evaluation: Anti-Keylogger is rancid snakeoil. The cost of this futile anti-FBI investigation was $59.95. Futile for us, but Anti-Keylogger may now be monitoring our machines and forwarding data to its deeper customers. We're in Anti-Keylogger's database for selling to the FBI, though the FBI is could be running Anti-Keylogger as a honeypot sting. It smells like Elcomsoft, famous supplier to the USG of encryption cracking (and worse) programs.
If Anti-Keylogger wants to correct this thumbs-down, refund $59.95, plus $1 million for our needy honeypot, and prove it can out the FBI's Scarfo DIRT.
From Anti-Keylogger's parent company Raytown's website:
"In God we trust. All others we monitor." NSA motto
Do you need to track employees and monitor workstations at all times?Do you need to know what your child is doing on the computer?
Do you want to see how others are using your PC while you are away?
Do you want to find out if your wife/husband is having an online affair?
Our general-purpose monitoring software for Windows 95/98/ME/NT/2000 is your solution. Because it records every keystroke on your computers invisibly and stores the keystrokes in a file that ONLY YOU can see. ONLY YOU will know exactly what was going on. Monitoring software track and report all activity on your PC (including DOS sessions).
________________________
Raytown Corporation was founded in 1999. The main specialization is developing monitoring and anti-monitoring software. We are independent security software developers corporation with more than 10 years of experience. We are proud of our achievements and excellent customer support. Today our products and custom solutions may be found in more then 70 countries all over the world including a large number of Fortune 500 companies, law enforcement, government and military agencies.
Our international team consists of people from USA, Israel, Ukraine, Russia and other countries.
Our high-tech computer security technologies are utilized by both individuals and organizations worldwide.
Our software is a nice example of our ability to combine software development skills with a deep understanding of the security solutions needing to all contemporary organizations all around the world.
We provide all our customers with the highest quality service. All activities are handled discreetly, with strict confidentiality.
Please let us know what services might be of interest to you or your Company.
If you need any further information regarding our activities please do not hesitate to contact us.