What can I do when suspecting keylogger on computer?
Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: What can I do when suspecting keylogger on computer?

  1. #1
    Junior Member
    Join Date
    Sep 2004
    Posts
    13

    What can I do when suspecting keylogger on computer?

    I have a suspicion that a keylogger may be installed on the computer that I work on. However, I have heared that keyloggers don't show up in the Task Manager list under running processes.
    Is there any way, or anywhere else where I can look, where I may find evidence of a keylogger currently running in the background?

    Thank you

  2. #2
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126
    If you run XP or 98, try msconfig to see the program that run at start-up.

    If you use 2000, check your registry key for suspect program that run at start-up.
    -Simon \"SDK\"

  3. #3
    IT Specialist Ghost_25inf's Avatar
    Join Date
    Sep 2001
    Location
    Michigan
    Posts
    648
    Download a tool called security task manager

    this will find hidden processes, tell you what it is and what it is for, and allow you to kill it and delete the program.
    www.snapfiles.com/get/securitytask.html
    S25vd2xlZGdlIGlzIHBvd2VyIQ

  4. #4
    Junior Member
    Join Date
    Sep 2004
    Posts
    13
    Oh sorry, I run XP Pro. And thanks, I'll try stm.

  5. #5
    Go to sysinternals.com...

    Find the program called filemon, it will give you a realtime view of files being written to. Filter out the noise, you may be able to find a keylogger that is logging to a file. Also, sweep for Malware, try other process utilities that have been mentioned (maybe process explorer from sysinternals.com as well.) Don't forget to check the hardware / plug for anything physically on the wire. Regmon might help as well. Also a sniffer, tcpview, yadda yadda.

  6. #6
    Junior Member
    Join Date
    Jan 2004
    Posts
    19
    Also to add to the possiblities here, you can download Anti Key-Logger from my site.

    Sorry but you do have to register before getting access to the downloads. You could also search on the name and find it somewhere that don't require you to register if you don't want to. Even though it is spamming my site, it is in direct response to a post!

    If this is frowned upon, then I want do it no more.

    CyberSorcerer
    PCTech-Help - FREE computer help and ALL tutorials are VIDEO TUTORIALS. No hand written tutorials here.

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi Cyber~

    Direct answer to direct question..............doesn't look like spam to me

    OK:

    http://digilander.libero.it/zancart/winsonar/

    WinSonar...............it is free and monitors for programs starting in the background. You need to watch it, as it will block all sorts of stuff until you tell it that it is a good guy (works a bit like firewall rules there)

    Do you think that this is a remote attack or a local one?

    Cheers

  8. #8
    Junior Member
    Join Date
    Sep 2004
    Posts
    13
    Thanks, I installed some of those programs like Filemon and Security Task Manager, and from what I could gather, there doesn't seem to be a key-logger running in the background.

    Cyber, when I do search and type Anti key-logger I still get a message that I need to register first. Maybe I'll do that then, since there's no way round it I guess.

  9. #9
    Senior Member Falcon21's Avatar
    Join Date
    Dec 2002
    Location
    Singapore
    Posts
    252

  10. #10
    Junior Member
    Join Date
    Nov 2004
    Posts
    2

    Be Careful

    If you are at work or dealing with some one that knows about security they might be keeping close tabs on your network activity. If at my work place I had enough suspison about a person and needed to put a key logger on their computer then I would also keep tabs on their network activity to see if they go to download sites or fourm that would aid them on de-activating the key logger. If it were I and I had a suspicion I would use Knoppix or any other linux boot cd to get the registery or the config files then do an exaimination on another computer not the one that i suspected had a key logger installed.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •