Would cutting and copying defeat keylogging?

birkee

davb wrote: »

There are ways to capture what is in the clipboard, so unless you use something to clear it afterwards, you could make it less secure.

Thanks for pointing that out davb, useful information.
Mine usually sorted out by shutting down the PC when finished.

Ximian

Some keyloggers capture and log the clipboard contents, for example: http://www.award-soft.com/content/view/63/74/

Kerrypaty

No it won't I got caught out in a similar fashion as I play a few games online. If you're that paranoid; wipe then secure your PC. Make sure you have a good firewall before you do anything.

Apples2

I used to use 007 Spy Software, it takes screen grabs at pre determined intervals.

You open your Notepad file with all your passwords on and viola, a nice screengrab with all your info clear as day.

bingo_bango

Apples2 wrote: »

I used to use 007 Spy Software, it takes screen grabs at pre determined intervals.

You open your Notepad file with all your passwords on and viola, a nice screengrab with all your info clear as day.

So why do you need to use random string instruments then?

Apples2

'Cos it'll break your heart lol :laugh:

Charlton_King

Just resurrecting this one.

I've just realised that, some time ago, my bank sent me a small device called a 'card reader' which has to be positioned near my computer whenever I do any bank transfers during internet banking.

See:

http://www.co-operativebank.co.uk/servlet/Satellite/1228376873753,CFSweb/Page/Bank-InternetBanking

I guess this means I'm safe even if there IS a secret keylogger on my PC, as I very rarely make any such transfers (not a single one in the last six months) and can do without the device, calling the bank by phone in such cases. Even if a crook obtained my entire logging in security information, without this device he would find it useless.

Is that correct?

RussJK

lodzor wrote: »

you could type your password with random characters inserted and delete them after. (Password entered as paddsswoggrd).

It would really look something like this to the keylogger:

padd^^sswog^g^rd or
padd^H^Hsswog^Hg^Hrd or
padd{backspace}sswog{backspace}g{backspace}rd

Maybe your approach might work if you typed paddsswoggrd but highlighted the bolded portions with the mouse and typed over them. None of this would matter though if the keylogger can directly read the asterixed text.

Virtual keyboards don't work if the keylogger takes little screenshots on mouse clicks.

If someone genuinely believes they have a keylogger despite not finding it then they really should backup their stuff, format, wipe the MBR (in case of a rootkit), and reinstall. Set up security properly as a first step, then scan the backup files with Malwarebytes, Spybot, and the Microsoft Malicious Software Removal Tool among others.

Charlton_King

RussJK wrote: »

You never answered anyone's question of why you felt you had a keylogger.

Too long to go into.

In any event the question I posed in the OP is still relevant as a subject for discussion and I'm interested to hear responses, particularly to my last post on the thread.

Alot_does_not_exist

Charlton_King wrote: »

Just resurrecting this one.

I've just realised that, some time ago, my bank sent me a small device called a 'card reader' which has to be positioned near my computer whenever I do any bank transfers during internet banking.

See:

http://www.co-operativebank.co.uk/servlet/Satellite/1228376873753,CFSweb/Page/Bank-InternetBanking

I guess this means I'm safe even if there IS a secret keylogger on my PC, as I very rarely make any such transfers (not a single one in the last six months) and can do without the device, calling the bank by phone in such cases. Even if a crook obtained my entire logging in security information, without this device he would find it useless.

Is that correct?

Yes, you're safe.