May 12th, 2006, 12:10 AM
Keylogger Questions and Advice
Hi everybody, this is my first post here. Well I have a few questions that i need answered. First of all is it possible to detect if have a keylogger on your computer? If yes, then how do i go about checking to see if there is one? Second, if the logger was remotely installed can i trace it back to the person who did it? i read that the keyloggers email logs to users, so maybe there is a way to trace back. on the wikipedia insert about keystroke loggers, it mentions being able to trace them back. If yes, can you tell me how or point me to someone who can? Thanks! Also, how do i protect myself from keystroke loggers in the future?
May 12th, 2006, 01:14 AM
Why do you think you have a keylogger on your machine???
What OS are you running??
Are you admin of the machine??
Do you have a firewall?
Do you regularly download files....programs???
Who else has access to your machine....physically?
How people treat you is their karma- how you react is yours-Wayne Dyer
May 12th, 2006, 01:15 AM
Welcome to AO! Usually these questions that may seem common have already been answered. You can search for them using the search box on the top right part of this websites home page!
May 12th, 2006, 03:14 AM
umm i have my reasons lets just say that. i do regularly download music and such. but im sure that the person that sent me the keylogger knows me and lives near me. i am in college right now. nobody really has had direct access to my pc. You know i could be wrong but i have strong feelings and part of the reason for my questions is to figure out if my feelings are warranted. if i do have something iwould really like to know who put it on my computer. i am running windows xp pro. i guess i am the adminstrator as i am the only user. no firewall that i know of. also i did do a search but none of my questions were specifically answered. thanks for all the help, i appreciate it
May 12th, 2006, 03:43 AM
Which Service Pack you running?
If you've run all the Windows Updates, you're running SP2 which usually sets up a firewall for you. Check the "Security Center" in the "Control Panel" on the "Start" menu (I think that's the combo).
My experience with keyloggers is that a good, updated AV (antivirus) program will pick up 95% of them. I always liked AntiVir for keyloggers. Programs like SpyBot and Ewido will pick them up, too.
Relax...it's too easy to be paranoid.
“Everybody is ignorant, only on different subjects.” — Will Rogers
May 12th, 2006, 05:25 AM
How do you typically use the computer? This will suggest how
it got there, and perhaps who did it, especially if you already
have your suspicions. Do you open email attachments that turn
out to be programs? Do friends send software to you? Do you
get cracked or pirated software and install it? Do you go to porn sites,
and see a dialog box telling you you need to install a "codec" in
order to view a movie? All typical ways to get viruses trojans
and keyloggers, not to mention spyware.
I came in to the world with nothing. I still have most of it.
May 12th, 2006, 06:45 AM
If i'm correct keylogger needs to be started when the computer is startingup.
You can check out the startup folder for suspicious programs, or check out registerentries
HKEY_LOCAL_MACHINE -> SOFTWARE -> MICROSOFT -> WINDOWS -> CURRENTVERSION -> RUN
You can also check out your windows taskmanager for suspicious Programs.
May 12th, 2006, 08:17 AM
1. Please boot into safe mode before running your scans.
2. A-Squared is a good tool as well. http://www.emsisoft.com/en/software/free/
You have to register, but it is free for private use. It is good for catching diallers that are frequently associated with remote keyloggers.
3. Please turn off your computer when you are not using it.
4. Only connect to the internet when you need to, until you have resolved this issue.
May 17th, 2006, 01:19 AM
How exactly do i check register entries? the hkey_local stuff? thanks
May 17th, 2006, 05:49 AM
sherlock old chap,
Please do not mess with the Registry unless you really know what you are doing.
Please download the tools that have been suggested, update them, then run them in safe mode.
Then come back to us............