Tilted Forum Project Discussion Community  

Go Back   Tilted Forum Project Discussion Community > Interests > Tilted Technology


 
 
LinkBack Thread Tools
Old 09-26-2006, 12:11 PM   #1 (permalink)
Pissing in the cornflakes
 
Ustwo's Avatar
 
How to detect a keylogger?

I have reason to believe I have a keylogger installed on one of my computers. Unlike spyware detectors I'm having a hard time finding a good free removal/detection tool. Does anyone know of any good ones, or a good way to search your system for a keylogger?
__________________
Agents of the enemies who hold office in our own government, who attempt to eliminate our "freedoms" and our "right to know" are posting among us, I fear.....on this very forum. - host

Obama - Know a Man by the friends he keeps.
Ustwo is offline  
Old 09-26-2006, 12:56 PM   #2 (permalink)
Junkie
 
filtherton's Avatar
 
Location: In the land of ice and snow.
Look at the interface between your keyboard keys and the inside of your computer. As far as i know, most keyloggers are physical objects that are placed somewhere on the data path between your keyboard and your cpu. Look for something that doesn't seem like it needs to be there attached to your keyboard cord, inside your keyboard or inside your computer.
filtherton is offline  
Old 09-26-2006, 01:00 PM   #3 (permalink)
Adequate
 
cyrnel's Avatar
 
Location: In my angry-dome.
Ditto on the hardware but definitely scan for soft loggers. The big suites find some but are often coded around.

Ewido finds a few and can be tried for free. grisoft.com
Anti-Keylogger finds many. The free download will run for a few hours. http://www.anti-keyloggers.com/download.html
Snoopfree is completely free. http://www.snoopfree.com/download.htm

There are others. Many of the commercial versions are written by the same guys who write the loggers.
__________________
There are a vast number of people who are uninformed and heavily propagandized, but fundamentally decent. The propaganda that inundates them is effective when unchallenged, but much of it goes only skin deep. If they can be brought to raise questions and apply their decent instincts and basic intelligence, many people quickly escape the confines of the doctrinal system and are willing to do something to help others who are really suffering and oppressed." -Manufacturing Consent: Noam Chomsky and the Media, p. 195
cyrnel is offline  
Old 09-26-2006, 01:16 PM   #4 (permalink)
I want a Plaid crayon
 
Plaid13's Avatar
 
As far as the software keyloggers go you can always check your running processes. hit control alt delete and see what everything is thats running and look each one up on google. should be between 26-50 running processes depending on what all you have autostarting on your computer. Takes a little time but its worth while if your really worried about it.
Plaid13 is offline  
Old 09-26-2006, 01:31 PM   #5 (permalink)
Pissing in the cornflakes
 
Ustwo's Avatar
 
This would be a software logger, and I know it would be hidden from running processes. I'll try the downloads in a bit.
__________________
Agents of the enemies who hold office in our own government, who attempt to eliminate our "freedoms" and our "right to know" are posting among us, I fear.....on this very forum. - host

Obama - Know a Man by the friends he keeps.
Ustwo is offline  
Old 09-26-2006, 02:08 PM   #6 (permalink)
Free Mars!
 
feelgood's Avatar
 
Location: I dunno, there's white people around me saying "eh" all the time
Run -> msconfig

Check out Services and Startup, uncheck anything that doesn't seem to be a valid source.
__________________
Looking out the window, that's an act of war. Staring at my shoes, that's an act of war. Committing an act of war? Oh you better believe that's an act of war
feelgood is offline  
Old 09-26-2006, 03:01 PM   #7 (permalink)
Psycho
 
keyshawn's Avatar
 
For software loggers,
I'd definitely check out Hijackthis - http://www.spywareinfo.com/~merijn/programs.php

Then run it and see if there's anything suspicious looking. If you have software to fight adware on your computer, run that first, it might pick up the keylogger.

Good luck,
keyshawn
__________________
currently reading:

currently playing :
keyshawn is offline  
Old 09-26-2006, 03:11 PM   #8 (permalink)
Sauce Puppet
 
kurty[B]'s Avatar
 
Quote:
Originally Posted by feelgood
Run -> msconfig

Check out Services and Startup, uncheck anything that doesn't seem to be a valid source.
I concur with this approach.
kurty[B] is offline  
Old 09-26-2006, 05:29 PM   #9 (permalink)
Adequate
 
cyrnel's Avatar
 
Location: In my angry-dome.
Some loggers are visible as processes, but those are the school project variety. The agressive loggers are either disguised as valid system services or patch into the kernel. They're essentially rootkits and tough to notice. Hopefully one or more scanners will either notice the fingerprint or provide some confidence the system is clean.

Best is to attach a suspect drive as a slave to a known clean box. Reduces chances of something getting under the radar. When someone is truly concerned (and it's sometimes warranted) I suggest reverting to a known safe image backup or reinstall. Depends on time vs. concern. If you reinstall that would be a great time to start making quickly restorable images for situations like this.

BTW, if you have trouble getting rid of any of the scanners boot in safe mode and try again. Some aren't the cleanest code you'll run into.
__________________
There are a vast number of people who are uninformed and heavily propagandized, but fundamentally decent. The propaganda that inundates them is effective when unchallenged, but much of it goes only skin deep. If they can be brought to raise questions and apply their decent instincts and basic intelligence, many people quickly escape the confines of the doctrinal system and are willing to do something to help others who are really suffering and oppressed." -Manufacturing Consent: Noam Chomsky and the Media, p. 195
cyrnel is offline  
Old 09-26-2006, 09:10 PM   #10 (permalink)
Free Mars!
 
feelgood's Avatar
 
Location: I dunno, there's white people around me saying "eh" all the time
Just out of the curiousity, is this computer a work computer or home computer?
__________________
Looking out the window, that's an act of war. Staring at my shoes, that's an act of war. Committing an act of war? Oh you better believe that's an act of war
feelgood is offline  
Old 09-26-2006, 09:21 PM   #11 (permalink)
Devils Cabana Boy
 
Dilbert1234567's Avatar
 
Location: Central Coast CA
I second cyrnel, slave and scan. If you’re truly paranoid, just backup and reinstall windows. When ever I work on a client system I have questions about, I yank the hard drive and slave it in mine for a full scan, if I find anything, I make an image of the drive, then remove the problems, if it boots after, great, if not, I boot the system and try to remove it under the real system, if that fails I reinstall and restore the files from the image.
__________________
Donate Blood!

"Love is not finding the perfect person, but learning to see an imperfect person perfectly." -Sam Keen
Dilbert1234567 is offline  
 

Tags
detect, keylogger

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -8. The time now is 11:16 AM.

Tilted Forum Project

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360