1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

keylogger detection

Discussion in 'Virus & Other Malware Removal' started by tressermckay, Oct 2, 2003.

Thread Status:
Not open for further replies.
  1. tressermckay

    tressermckay Thread Starter

    Joined:
    May 29, 2003
    Messages:
    63
    I've seen that keyloggers advertize a complete cloak and are difficult if not impossible for an average user to detect. My question is, when they are running do they show up in the process list?

    I am currently running on an XP system that belonged to my old company. I am curious if any illict wares were installed and want to naturally get rid of them. I figured the best place to start was in the process list...find each item running and google it to see what i's supposed to do. Im trying to strip the system down to bare essentials ( read: getting rid of documents, games, files i had to have...basiclly everything i would want in order to turn around and sell it...i don't want to end up like the guy who sold his Blackberry on ebay and left it full of his contacts).

    what's the surest way to wipe my drive clean...but still have control over what is cleaned ( i.e. financereports and the like )...as well as make sure it's clean from any recording and or transmittal programs not needing to be there?
     
  2. buddhafabio

    buddhafabio

    Joined:
    Aug 5, 2002
    Messages:
    2,246
    to answer the first part, yess most if not all keyloggers show up in the processes list as to the rest i do not know
     
  3. starwaves77

    starwaves77

    Joined:
    Feb 16, 2002
    Messages:
    540
    Hi,
    You can look for suspicious entries and Google but it may not return any results so your left in a fog, just assume those entries are undesirable or trojans, scan with the best trojan detectors and see if they synchronize on those files. They will in turn delete the ones they find, you can delete any others from the registry.

    The keyloggers will change their names, you can see that if your watching your Hijack log, they will also leave .txt files behind that are going to be modified on a regular basis, so you can search in find for .txt files that have been recently modified, select DATE, then "find all files" then "between" and choose those dates, make them a week apart, look for the mother program based on a positively confirmed .txt file entrie. ----Rollin Rog > thanks for that one...

    But your best chance to finding them and other trojans is running detector programs for them, and then cleaning up what they find:

    Here are some of the best to try, don't limit yourself to just one, use 3 or 4,

    This one is awesome,
    TDS-3 Trojan Detector
    Detects more trojans than any other anti-trojan system

    This site has two programs you need, download both.
    Trojan Detectors

    TROJAN HUNTER uses powerful scanning techniques such as file, memory, registry, port and ini-file scanning to locate trojans on your system.

    AUTOSTART EXPLORER
    Autostart Explorer is the most comprehensive autostart viewer available on the market. It will show you all autostarted files on your system, no matter from where they are started.

    More Trojan Hunters here>
    Wilders Trojan Clean


    HERE'S A SIGNATURE LIST OF TROJANS:
    Trojan Names

    KEYLOGGERS:
    Detect Keylogger 2.1

    Who's Watching Me

    Keylogger Hunter
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - keylogger detection
  1. prome
    Replies:
    0
    Views:
    266
  2. deaddrop
    Replies:
    8
    Views:
    638
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/168996

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice