Invisible KeyLogger Stealth for
Windows Vista/XP/2000
Frequently Asked Questions (FAQ)
1. What is IKS and how does it work?
2. What's good about IKS and why
should I use it instead of other competing software?
3. Why sometimes it takes a while for the binary log to be updated?
4. How "stealthy" is IKS?
5. How do I get rid of the eyes icon from the desktop after I
installed it with the automatic installer?
6. How do I view the log with the Stealth Install?
7. How do I delete the old keystroke log?
8. How do I remotely install IKS and how do I
write a script to install IKS?
9. How do I remotely retrieve the log?
1. What is IKS for Windows and how does it work?
IKS is a Windows Vista/2000/XP kernel-mode WDM driver that runs at the lowest level of Windows
operating system. It captures keystrokes before Windows even "sees" it.
That's why even the trust path "alt-ctrl-del" logon is captured. IKS has received favorable reviews from some of the largest security consulting groups
in the United States.
2. What's good about IKS and why should I use it instead of other competing
software?
There are a lot of unique features of IKS that we think
are important to you. The software is light-weight, extremely
"stealthy" and very flexible to configure. You may want
to take a look at here to see why ours is
better.
3. Why sometimes it takes a while for the binary log to be
updated?
IKS has an internal memory buffer of 100 keystrokes. In order to increase
performance of the system, the program won't dump the buffer to the disk until it is full
or if the keyboard is idle for about 3 minutes with keystrokes in the buffer. When the
system is shutting down, however, the program will dump the buffer immediately if there is
any keystrokes in it.
4. How "stealthy" is IKS?
Very. As a matter of fact, after the log file and the program file are renamed, it's
VERY difficult, if not impossible, to find out that it's running.
And if you have a Custom Compiled
Edition, it's virtually impossible
to detect even with a "signature-scanning" software.
5. How do I get rid of the eyes icon from the desktop after I
installed it with Standard Install?
The eyes icon is placed on the desktop for your convenience by the installer.
You can simply left click once on the icon and press the "Delete" key on your
keyboard to delete it. Later, you can run datview directly by
clicking on it. By default, datview.exe is in c:\program files\iks
directory.
6. How do I view the log with the
Stealth Install?
The Stealth Install does not create an icon on the desktop (or any
directory or identifying registry keys), so you will run datview
directly to view the log. And you will need to tell datview where
you saved the log file to and under which name.
The datview.exe is included in the zipp'ed version or you can
choose to copy datview.exe over during Stealth Installation with
the automatic installer. You can even copy datview.exe to a floppy
diskette, the log viewer does not need to be present for the IKS
to log keystrokes. You only need it when you need to view the log.
7. How do I delete the old keystroke log?
Check the "Delete Binary Log Upon Exit" in your Datview viewer, then exit.
8. How do I remotely install IKS and how do I
write a script to install IKS?
We have a sample script for this. Due to security reasons, we don't publish
it here. Please
email support@amecisco.com
if you are interested.
9. How do I remotely retrieve the log?
Thru A Network Connection:
If you have file access to the target computer thru a network
connection, you can simply copy the binary log file over and
decode it on your own machine.
Thru Email:
You can retrieve the log via our free StealthMail
utility. StealthMail will periodically send you an email with any
file attachment (in this case, set up StealthMail to send the
iks.dat). StealthMail can also be set to remain invisible on the
target machine. And you can set up StealthMail to reset the binary
log file periodically after successfully sending the file.
|
