How do you know what your child or employee is doing on the computer? What sites does he visit, with whom he communicates, what and to whom does he write?
For this, there are spyware - a special type of software that collects information about all of his actions without the user noticing. A spyware for your computer will do the trick.
Spyware for a computer should not be confused with a Trojan: the first is absolutely legitimate and is installed with the consent of the administrator, the second gets on the PC illegally and conducts hidden malicious activity.
Although, cybercriminals can also use legitimate tracking programs.
Spy apps are most often installed by business executives and system administrators to monitor employees, parents to spy on children, jealous spouses, etc. At the same time, the “victim” may know that she is being monitored, but more often than not, he does not.
Review and comparison of five popular spyware
NeoSpy
NeoSpy is a versatile spyware for keyboard, screen and user activity. NeoSpy works invisibly and can hide its presence during installation.
The user who installs the program has the opportunity to choose one of two installation modes - administrator and hidden. In the first mode, the program is put open - creates a shortcut on the desktop and a folder in the directory Program Files, in the second it is hidden.
Processes of the program are not displayed in the manager Windows tasks and third-party task managers.
The functionality of NeoSpy is quite wide and the program can be used both as home tracking and in offices to control employees.
The spyware is distributed in three versions under a shareware license. The price is 820-1990 rubles, but it can work for free (even in hidden mode) with restrictions when viewing reports.
What NeoSpy can do:
- monitor the keyboard;
- monitor website visits;
- show the user's screen in real time via the Internet from another computer or from a tablet;
- take screenshots of the screen and save snapshots from the webcam;
- monitor system events (power on, shutdown, computer downtime, removable media connection);
- intercept the contents of the clipboard;
- Monitor the use of Internet messengers, record Skype calls;
- intercept data sent for printing and copied to external media;
- keep statistics of work at the computer;
- send laptop coordinates (calculated over Wi-Fi).
Thanks to the Russian-language interface, a wide range of functions, correct keyboard interception and a completely hidden operating mode in the system, NeoSpy receives the maximum rating when choosing programs for user control.
Real Spy Monitor
The next spy is Real Spy Monitor. This English-language program has not only tracking functions, but can also block certain actions on the computer. Therefore, it is often used as a parental control tool.
For each account in the Real Spy Monitor settings, you can create your own prohibition policy, for example, to visit certain sites.
Unfortunately, due to the lack of an English-language interface, it is more difficult to understand how Real Spy Monitor works, despite the graphic thumbnails for the buttons.
The program is also paid. The license starts at $ 39.95.
Real Spy Monitor features:
- interception of keystrokes, clipboard contents, system events, websites, instant messengers, mail;
- work in a semi-hidden mode (without an active window, but with displaying the process in the task manager);
- work with multiple accounts;
- selective autostart for different accounts.
In general, Real Spy Monitor is liked by many users, among the shortcomings they note the high cost, the lack of a Russian-language interface and the display of the process in the task manager.
Actual Spy
Actual Spy is positioned by developers as a keylogger (keylogger), although the program can do more than just record keystrokes.
It controls the contents of the clipboard, takes screenshots of the screen, monitors site visits, and so on, which is part of the main set of spyware we reviewed.
When installed, Actual Spy creates a shortcut in the Start menu, so it can be noticed by the user. The launch also takes place openly - to hide the program window, you must press certain keys.
The possibilities of Actual Spy are not much different from those of competitors. Among the shortcomings, users noted that it correctly records keystrokes only in the English layout.
SpyGo
SpyGo is a spy kit for home use. It can also be used in offices to monitor employees.
To start monitoring, just press the "Start" button in SpyGo.
SpyGo is distributed under a shareware license and costs 990-2990 rubles, depending on the set of functions.
In trial versions, the monitoring duration is limited to 20 minutes per day, and it is not possible to send reports to email and via FTP.
Key features of SpyGo:
- monitoring of keystrokes;
- recording of all actions on the computer (launching programs, operations with files, etc.);
- control of visits to web resources (history, search queries, frequently visited sites, duration of stay on the site);
- recording what is happening on the screen;
- saving the contents of the clipboard;
- listening to the environment (if there is a microphone);
- monitoring of system events (time of turning on and off the computer, downtime, connecting flash drives, disks, etc.).
Important! The disadvantages of SpyGo, according to users, include the fact that it does not support all versions of Windows, when sending reports, it often throws errors and is quite easy to unmask.
Snitch
Snitch - the name of this program is translated as "snitch", and very unfriendly towards the user. Snitch spies on computer activity. It works hidden, does not require complex settings and has little effect on system performance.
The program is released in a single version.
Snitch features and functions:
- monitoring the keyboard, clipboard, system events, web surfing and communication in messengers;
- preparation of summary reports and schedules of controlled events;
- undemanding to network configuration;
- protection against unauthorized termination of the program process;
- monitoring is carried out even if there is no network connection.
Among the shortcomings, you can see conflicts with antivirus software.
How to detect a spy on a computer?
Finding spyware on your computer that doesn't show itself outwardly is difficult, but possible.
So, despite the legitimacy, the applications we reviewed can recognize special antiviruses,"Sharpened" for the search for spyware (Trojans with the function of espionage), so we recommend adding the installed program to the list of exceptions for such antiviruses.
And if you do not need to remove the spy, but only need to disguise your actions from it, you can use anti-espionage tools, which, despite the active spy on you, will prevent the interception of keyboard events and screenshots.
Then your correspondence and passwords will not fall into the wrong hands.
Good or bad, but modern realities are such that every year more and more of our personal space flows into communication with a computer. Many professions today can no longer be performed without using a PC, almost every family, especially in which there are growing children, is also trying to acquire one. Accordingly, if people spend a lot of time at the computer, then someone may have different kinds of news occasions associated with the desire to find out what a person is actually doing while sitting in front of the monitor. Moreover, in most cases, there is nothing reprehensible in the desire to monitor a person. Covert surveillance is most often required by the employer to identify unscrupulous employees and in the family, when there is no complete certainty that the child or spouse is not doing something that they can hide from you.
We present to the market a computer tracking program called NeoSpy. It contains many mechanisms that allow you to conduct a full-fledged covert surveillance for the actions of a person sitting at a PC. NeoSpy has a lot of possibilities.
NeoSpy program
Having installed this on your computer once, you will know exactly when and what programs were installed and launched, what files were created, edited or deleted, what system folders used by your tracking object (if it hides its "Desktop").
The NeoSpy program can take screenshots of the screen with a certain frequency, it saves everything that was typed on the keyboard into a separate text file, that is, it works as a keylogger. The latter function allows you to easily intercept the passwords of any user on a given computer.
Separately, NeoSpy saves the contents of the clipboard, which may also be in the process of tracking your wife or careless employee a compelling argument in your favor. The latest version of the NeoSpy program implements interception of passwords at the entrance to operating rooms. Windows systems XP and 2003, which allows you to access any account, even the administrator.
Interception Windows passwords XP goes unnoticed by the user
Special attention of the developers of the NeoSpy program, designed to track a person sitting at a computer, is paid to tracking user actions on the Internet. For starters, our spyware records the network connection and disconnection times. In the process of tracking a wife, child or employee suspected of wasting work time, it is very important to know which sites were visited. NeoSpy makes detailed reports on all visits to Internet sites.
The program allows you to monitor the consumption of Internet traffic, the number of incoming and outgoing megabytes is recorded separately. Communication on the network will also not pass by the NeoSpy spy program. It carries out and also monitors correspondence and intercepts passwords from any Internet pagers (QIP, ICQ, Miranda, & RQ and others). NeoSpy also intercepts passwords and messages from the Mail-agent from the popular mail.ru service.
You can view reports on tracking a person by the NeoSpy spyware program in three ways: spreadsheets, a sequence of events accompanied by screenshots (screenshots) and in the form of a web page. The collected data can be stored by the NeoSpy program on a computer under covert surveillance, or sent to the specified email address.
Tracking ICQ
Someone might wonder if the spyware needs so many different features. We will answer, as practice shows, they all find application, moreover, the most direct and with real tangible results.
Security services from a wide variety of commercial and non-commercial organizations are showing a very strong interest in our spyware program. Information is the most valuable commodity today, and the future of the business often depends on its preservation within the company. Therefore, many managers reasonably consider it possible to monitor non-disclosure of commercial information outside the company. You can track this by intercepting icq messages and monitoring other, non-work-related, activity of your employees.
Also, the NeoSpy spyware program will allow you to very quickly find out which of your employees is spending work time not on purpose, sitting it in social networks, on other third-party sites, or simply for non-work related activities. In disputes about the terms of dismissal, your arguments, documented in NeoSpy, can be decisive.
It is sad, but sometimes trust in close people, members of our families is undermined. 10 years ago she demanded hiring an expensive detective. Today you can become a detective yourself if you install covert surveillance of your wife's computer. With the help of NeoSpy, you will find out who your wife is talking to, what sites she visits, and what photos she views or posts. At best, you will dispel your doubts, but at worst, you will be ready to meet the impending marriage threat fully armed. Better to be forewarned than to get hit on the sly.
Covert surveillance of a child's computer is practically a necessity today. With the help of NeoSpy, you will find out in time what is happening to your child, what problems torment him, and what dangers may lie in wait.
A strong family is created by hard work, and our spyware can be your reliable assistant in this.
Programs that may interest you
NeoSpy- a program for tracking your computer.
- Checking the loyalty of the spouses;
- Control of children on the Internet;
- Calculation of careless employees at work.
NeoSpy intercepts and sends you email all correspondence, screenshots, visited sites and passwords.
PasswordSpy- program for recovering saved passwords from browsers and email programs.
- Recover lost passwords;
- Support for more than 100 programs (ie, chrome, opera, firefox, outlook, the bat! And others);
— Portable version can be run from a USB stick.
Browsers, email programs, instant messaging programs store information about the passwords you use and PasswordSpy can recover them.
VoiceSpy- program for hidden entry Skype conversations.
— Fast installation and permanent recording of all conversations;
- Completely hidden mode of operation;
- Sending recorded conversations in mp3 to e-mail.
Internet Sheriff- a program for blocking unwanted sites.
- Protection of the child from harmful and corrupting information;
- Blocking of entertainment and social networks for employees;
- Ready-made lists of porn sites, social networks, entertainment sites.
Reprinting materials from the site site is allowed only if all indexed links are saved, including links to the program page in the site directory
Hello.
Today's article is devoted more to executives (although if you want to know who is in your absence and how he works at your computer, the article will also be useful).
The issue of controlling the work of other people is quite complicated and, at times, very controversial. I think those who at least once tried to lead at least 3-5 people will understand me now. and coordinate their work (especially if there is really a lot of work) .
But those whose employees work at the computer are a little more fortunate :). Now there are very interesting solutions: special. programs that easily and quickly track everything that a person does during working hours. And the manager will only have to look at the reports. Convenient, I tell you!
In this article I want to tell FROM and TO how to organize such control. So, …
1. Choosing software for organizing control
In my opinion, one of best programs of a kind (to monitor employees' PC) is CleverControl. Judge for yourself: firstly, it takes 1-2 minutes to run it on an employee's PC (and no IT knowledge, i.e. no need to ask anyone to help you) ; secondly, 3 pcs can be controlled even in free version (so to speak, evaluate all the possibilities ...) .
C leverControl
Website: http://clevercontrol.ru/
A simple and convenient program for viewing who and what is doing on a PC. It can be installed both on your own computer and on the computer of employees. The report will contain the following data: which websites were visited; start and end time of work; the ability to watch in real time at the PC desktop; viewing applications that the user has launched, etc. (screenshots and examples can be found below in the article) .
In addition to its main direction (control of subordinates), it can be used for some other purposes: for example, to watch what you are doing yourself, to evaluate the effectiveness of the time spent at the PC, which sites you opened, etc. In general, increase your efficiency of the time spent at the computer.
What else captivates the program is its focus on an unprepared user. Those. if you even just sat down at the computer yesterday, you will not be able to install and configure its operation (below, I will show in detail how this is done).
An important point: in order to be able to control, computers must be connected to the Internet (and preferably high-speed).
By the way, all data and statistics of work are stored on the program server, and you can find out at any time, from any computer: who is doing what. In general, it is convenient!
2. Getting started (registering an account and downloading the program)
Let's get down to business 🙂
First, go to the official website of the program (I gave the link to the site above) and click the " Connect and download for free"(Screenshot below).
Starting to use CleverControl (clickable)
Next, you will need to enter your E-mail and password (remember them, they will be needed to install applications on computers and view the results) , after which you should open Personal Area... There you can download the program (the screenshot is shown below).
The downloaded application is best written to a USB flash drive. And then, with this flash drive, go one by one to the computers that you are going to control and install the program.
3. Installing the application
Actually, as I wrote above, just install the downloaded program on the computers that you want to control (you can also install it on your PC to make it clearer how everything works and compare your indicators, with the indicators of employees - to derive some kind of benchmark) .
An important point: the installation takes place in standard mode (time required for installation is 2-3 minutes) except for one step. You will need to correctly enter the E-mail and password that you created in the previous step. If you enter an incorrect E-mail, then you will not wait for the report, or in general, the installation will not continue, the program will return an error that the data is incorrect.
Actually, after the installation was completed, the program started working! Everything, she began to track what was happening on this computer, who was behind it and how it was working, etc. You can configure what to control and how through the account that we registered in the 2nd step of this article.
4. Setting the main control parameters: what, how, how much, and how often ...
Remote configuration (clickable)
What can you control?
- what characters were printed;
- what characters have been removed.
Screenshots:
- when changing windows;
- when changing the web page;
- when changing the clipboard;
- the ability to take pictures from a webcam (useful if you want to know if the employee is working at the PC, and if someone is replacing him).
Keyboard events, screenshot, quality (clickable)
In addition, you can control all popular social networks. (Facebook, Myspace, Twitter, VK, etc.), shoot video from webcam, control Internet pagers (ICQ, Skype, AIM, etc.), record (speakers, microphone, etc. devices).
And one more nice function for blocking unnecessary actions for employees:
- you can prohibit social. networks, torrents, video hosting and other entertainment sites;
- you can also manually set the sites to which you want to deny access;
- you can even set stop words to block (however, you need to be more careful with this, because if a similar word is found on the right site for work, an employee simply will not be able to go to it :)).
Add. blocking parameters (clickable)
5. Reports, what's interesting?
Reports are generated not immediately, but after 10-15 minutes after installing the application on the computer. To see the results of the program: just open the link "Dashboard" (main control panel, if translated into Russian).
Online broadcast (reports) - clickable
You will also have access to dozens of reports on all sorts of criteria (which we asked in the 4th step of this article). For example, the statistics of my last 2 hours of work: it was even interesting to see the efficiency of my work :).
Websites and programs that were launched (reports) - clickable
By the way, there are quite a lot of reports, you just need to click on various sections and links on the panel on the left: keyboard events, screenshots, visited web pages, requests to search engines, Skype, social. networks, sound recording, webcam recording, activity in various applications, etc. (screenshot below).
Report options
An important point!
You can only install such software to control PCs that you own (or those to which you have legal rights). Failure to comply with these conditions may result in a violation of the law. You should consult with your lawyer about the legality of using CleverControl software in your area of responsibility. CleverControl software is intended only for employee control (employees in most cases, by the way, must give written consent to this).
That's all for this, I will round off. For additions on the topic - thanks in advance. Good luck to all!
Keyloggers or keynote spies have been around since the early days of computers. They are used in a wide variety of areas. From office use, when the director wants to know everything his employees are doing, to large-scale spyware programs that are organized by the American NSA.
Tracking programs allow you to perform a very wide range of tasks: take screenshots, monitor through a webcam, record sound from a microphone, determine the geolocation of a laptop, send reports along with files of the specified type, duplicate browser history in case it is deleted, and many other things.
The word keylogger itself is a familiar but not entirely correct name. The first utilities to track the PC user actually logged only keystrokes and behaved almost like regular programs. As they developed, they learned to hide their activity better and to collect much more data about the actions of the computer user.
The possibility of hidden launch allowed them to be classified as "potentially malicious", to the delight of antivirus vendors. With the spread of the accessible Internet in keyloggers, functions for sending logs and remote control... This gave rise to classifying them as trojans and backdoors, which is why some authors abandoned the release of updates, while others accepted the challenge and began to look for methods to bypass antiviruses.
The first keylogger was installed by the KGB in 1976 on IBM Selectric typewriters
at the American Embassy and Consulate. It was discovered only 8 years later.
Today, spyware has to be hidden not only from the user, but also from antivirus scanners. Improving camouflage techniques has become a must and ongoing process. Even true hackers rarely had enough patience for it, since they wrote keyloggers mainly for fun. For example, Ghost Spy, the best keylogger of its time, has lost its relevance.
Most other developers began to sell under the guise of cool keyloggers for more simple programs for "parental control". They weakly mask their presence in the system, and for normal work usually you need to add them to antivirus exceptions and create permissive firewall rules.
Of course, parental control, intercepting passwords and tracking the user is far from the only purpose of these programs. There can be many use cases: some keyloggers allow you to search for stolen laptops, along the way collecting evidence of guilt and logging all the actions of thieves, and remote listening and connecting to a webcam are excellent security functions.
So let's move on to our review:
THE RAT!
The Rat program, written by a man with the pseudonym HandyCat, is an example of real assembly language. This is a whole series of keyloggers, some versions even provide for remote installation. According to the author, The RatKid fork was originally conceived as a simplified version. However, it soon turned into a separate utility, which temporarily became even
more powerful than her progenitor. Internal competition has now been eliminated: The Rat and The RatKid are almost identical. Separately, there is only the old The Rat v.10, optimized for Windows XP. The latest release, The Rat v.13 Lucille, was created in May of this year. You can download both full and demo versions.
This is how TheRat control panel looks like
Each distribution of The Rat is an archive in an archive. Inside the .zip is a self-extracting WinRAR module, protected by a password. In the demo, he says: TheRatKlg. To find out the password for full version, you need to contact HandyCat at the address indicated on the website. After unpacking the archive, you will receive two executable files: RatCenter.exe - control center and RatExtractor.exe - log viewer. There is also detailed help and a license file.
The entire fileset is 1.6 MB, but most of this is in the Control Center GUI. Due to the packer, the keylogger itself fits into 20 KB of code, and the unpacked version - in 50 KB. It works with any keyboard layout, including Arabic and Japanese. Compatibility has been tested on all versions of Windows from XP to 8.1. It has not been tested on the top ten yet, but it should work.
By default, the option to notify the user about spying on him is checked in the settings. In the demo version, it is not disabled, and each time you restart Windows, the corresponding program window appears on the screen with a single OK button. Unmasking can be disabled in the full version. In addition, it has another unique component - a program for combining multiple files, FileConnector. It can attach a keylogger to any executable or multimedia file. The result of FileConnector's work will always be a new executable containing the source program code and The Rat.
True, this is only relevant for spying on inexperienced users who will not be confused by the sudden appearance of the .exe extension. Restrictions: the source and destination file must contain only Latin letters and numbers in the name.
The main purpose of FileConnector is to facilitate social engineering remote installations. For example, you can send the user a cool game or a self-extracting archive with important documents to which a keylogger is attached. The full version of The Rat also uses an executable file wrapper / encryptor to reduce the size of the "appendage" and make it harder to detect.
TheRat can also be a sniffer
In addition to all the traditional functions of keyloggers, The Rat is able to track actions in windows of pre-selected applications and respond to keywords, take screenshots at a specified time interval or each time you press the Enter key. This significantly reduces the amount of garbage in the logs and simplifies their transfer. Fully functional
the version additionally performs the tasks of a sniffer: it logs all work on the Internet in as much detail as possible and local network... Unlike other keyloggers, The Rat can intercept saved password substitution and auto-complete form data.
Also, The Rat has an interesting local search feature. He can secretly find one or several files using a pre-set mask, and then send copies of them along with the log by mail or to FTP specified in the Rat (Kid) Center settings. How to search FTP from anonymous login and the possibility of recording, I will describe below.
The shadow internet search engine Shodan will help us get a fresh list of FTP servers. Anonymous FTP list is generated upon request 230 Anonymous access granted ... Choose the first one you like and try to upload a file to it. If it works, then share with a friend the link or check the next one. During the test, two suitable servers were found in two minutes, and through a free account in Shodan.
Many of the old keyloggers are no longer relevant due to the transition of SMTP servers to secure connections. The Rat supports the TLS protocol, and therefore it is able to send logs through modern mail services. If the user of the keylogger has physical access to the monitored computer, then another non-trivial method of obtaining a log will be useful to him - autocopying. Starting from the eleventh version, Rat (Kid) Center can create a USB flash drive, when inserted into USB, the keylogger log will be automatically recorded.
Key feature of all latest versions TheRat - work on the principle of incorporeal viruses. When starting The RatKid, as well as The Rat v.11 and higher, no separate executable files are created. It is launched once from the control center or a modified executable, and then completely hides the traces of stay and exists only in random access memory... Any
regular shutdown and even reboot by short pressing Reset leaves it in the system. You can remove The Rat (Kid) with a separate Rat (Kid) Finder utility from the complete version of the corresponding full version. It detects the keylogger itself, searches for the log created by it, allows you to change the settings and find out the hotkeys for disabling the keylogger.
An alternative option for unloading it is to instantly de-energize the computer. It is valid only if no attempt was made to install the keylogger. additional measures protection. On desktop systems, this requires you to unplug the power cord, and on laptops, the battery.
A simple shutdown with a button is useless. A fifty kilobyte "rat" can be easily stored not only in RAM, but also in the cache of the processor, drive, CMOS and any other available memory that will not be reset if there is a standby power supply.
If The Rat was attached to any executable file from the autorun list, then in order to remove the keyboard interceptor after the computer is turned off, you will first have to load another OS and find the modified executable. This is best done by disk auditors (for example, AVZ has such a function) and programs that can calculate hash functions.
For example, Autoruns will verify not only them, but also the digital signatures of startup objects, and send all suspicious files to the VirusTotal online verification service. However, this is not a panacea. A small keylogger file does not have to be embedded in another. It can exist as a satellite - for example, in NTFS alternate streams.
The advantages of The Rat also include its invisibility in the list of processes for all known viewers, the complete absence of entries in the registry, the ability to bypass some software firewalls (including checking the checksums of files) and the ability to self-destruct at a specified time, at which there is no traces and no reboot required.
The keylogger has one drawback - predictable and significant: at present, its files are detected by most antiviruses. Therefore, before using them on the target computer, they will have to be modified with packers with the function of encryption or code obfuscation.
SPYGO
SpyGo is a fundamentally different keylogger for Windows (from XP to 8.1, 64-bit version is also supported). It uses much less aggressive behavior. Because of this, it is relatively easy to detect, but it is considered completely legal. Its author does not even hide behind a nickname - it is a programmer Anton Kartashov from the city of Berdsk, Novosibirsk region. He is trying to develop the project not so much as a hacker software for espionage, but as a legal means of monitoring. 
The developer does everything possible to avoid getting SpyGo into the anti-virus databases. Although the distribution is encrypted using Enigma Protector, it has a digital signature from Spygo Software, certified by a Comodo certification authority. So far, only two of the fifty scanners swear at SpyGo (more precisely, the packer), and even then at the level of paranoid heuristics.
This keyboard interceptor is available in Lite, Home and Ultima Editions. The last release (3.6 build 50315) came out in June this year. The differences between the versions relate mainly to advanced features. In Lite and Home, remote listening through a microphone and determining the location of the monitored laptop are not available. Also, all remote functions do not work in these versions: remote viewing logs, broadcast over the network displayed on the screen
images, monitoring through a webcam, managing the program itself and uninstalling it. The Lite version also lacks the function of delivering reports (by email or FTP) and instant notification by e-mail about visits to websites marked as "unwanted".
We tested the Ultima Edition, which can do almost everything. Of course, among implemented functions there is a record of keystrokes and copying of text from the clipboard. SpyGo also logs general statistics of work at the computer: the time it was turned on and off, the launch of certain programs and actions in them. The keylogger monitors the browser especially closely: it collects statistics of visited sites and tracks search queries. Among additional opportunities there is the creation of screenshots (it also works in games and when watching movies), receiving photos from a webcam, creating a log of all operations with files in a selected directory or on the entire disk, as well as connecting removable media. 
Among ordinary users, such opportunities are now most in demand as monitoring the actions of their household members on social networks and reading their correspondence in various messengers. SpyGo is able to do all this and writes it to the log in a row or by catching only individual phrases by keywords.
This is what SpyGo logs look like
SpyGo is also interesting in that it can launch at a certain time and perform selective monitoring - this helps to reduce the size of the log. All logs are encrypted. It is assumed that they can only be viewed from SpyGo. Recorded events are grouped in the report by tabs. They provide a fairly accurate picture of the user experience, but there are also discrepancies. For example, in the AVZ utility, we just performed a quick scan, and in the "Pressed keys" section of the log file, a strange text "euyyyu ..." was displayed on two lines. In other programs, the confirmation of the action by clicking the mouse corresponded to the entry "y", which fits into the console logic of work.
Antivirus finds SpyGo easily
Initially, the program acts explicitly. The installation wizard even creates a shortcut on the desktop, and in the settings there is a separate option "Notify the user of this computer about monitoring." If checked, a warning text will be displayed when the computer is turned on. This is done in order to avoid accusations of illegal surveillance. For example, everyone is already accustomed to the stickers "Video surveillance is in progress" and the phrases of the autoinformer "All conversations are recorded." It's the same here: corporate politics and the struggle for discipline.
The "quiet" mode, which is natural for a keylogger, is switched on manually after the first launch. It removes the program window, hides it from the taskbar, list installed programs and in every possible way masks activity. You can return the SpyGo window by pressing a predefined key combination (by default, this is
Adding a library when installing the program
Hiding running program acts both in the system process manager and in its advanced counterparts like Process Explorer. Popular antiviruses also ignore the keylogger, but it is instantly detected by the AVZ analyzer as a masking process.
V file system the keylogger is not particularly hiding at all. It just sets the "hidden" attribute to its directory so it won't be visible in the default explorer. Naturally, he remains visible to others. file managers at the standard address C: ProgramDataSGOsgo.exe. The installation path can be set differently, but it does not help much - the executable is always the same, otherwise it would be defined as a polymorphic virus.
Comparison of the autorun sections before and after installing SpyGo shows the addition of the RTDLib32.dll library. Antiviruses let it pass, but it sticks out quite clearly in the system.
You can find many different keyloggers, and each of them is interesting to study. Ultimately, however, any of them will be analogous to the toothy The Rat or the cute SpyGo. These two different approaches to writing dual-use utilities will always coexist. If you need to secure your laptop, keep an eye on a child or a careless employee, feel free to install SpyGo and control all actions through a user-friendly interface. If you need complete secrecy, take the assembler "Rat" as a basis and hide it from antiviruses during installation, as best you can. Then she will run herself, gnawing holes even in a powerful defense. The Rat is extremely difficult to detect on a live system, and this keylogger is well worth the effort. Most likely, you will be able to write your own by the time you fully understand it.
Last updated by at November 18, 2016.
In this article, the chorus will tell and put on the site spyware for various purposes. This article will add Keyloggers, various monitoring systems and others. Who does not know what a Keylogger is, then this program records (steals) all pressed buttons on the keyboard. Ask why is he? Then with the help of it you can read correspondence, track e-mail mail, as well as passwords. All these programs are installed hidden and are not visible to those who work at the computer.
Actual Spy - Computer Surveillance 
Actual Spy — this program is designed to covertly monitor your computer and find out what other users are doing there during your absence. What does this program do? It intercepts all keystrokes on the keyboard, and can also remember the launch and closure of programs, can monitor the Internet connection, intercept visited sites, and can take screenshots. 
Video Client - video surveillance 
Video Klien- this program is designed for video surveillance with a motion sensor and image recording. Recording can be carried out both over the local network and using the Internet. Video surveillance can be done with a webcam or home camcorder, the program is easy to use.
Mipko Employee Monitor - employee tracking in the office 
Mipko Employee Monitor- this program was created specifically for tracking employees in the office. Having installed on your computer, you can get information about that. with whom your employee is chatting and with whom, and you can also see what programs it runs on the PC and what sites it visits. We can say an analogue of the program indicated above.
Modem Spy - recording phone calls and conversations indoors 
