What are keyloggers?
Keyloggers are used in IT organizations to troubleshoot technical
problems with computers and business networks. Keyloggers can also be
used by a family (or business) to monitor the network usage of people
without their direct knowledge. Finally, malicious individuals may use
keyloggers on public computers to steal passwords or credit card
information.
Keyloggers are sometimes part of malware
packages downloaded onto computers without the owners' knowledge.
Detecting the presence of a keylogger on a computer can be difficult.
Here is a simple way to detect and remove keylogger
1. Download the Forensic investigation tool OPENFILESVIEW and Install it.
2. Now open openfilesview and you will
see a complete list of all processes and temporary files currently being
used by your system or PC along with their full path from which they
have been running. Here is the snapshot:
3. Now in above snapshot you can clearly identify the keylogger and system files. Check the Program name and then check its corresponding location in full path. Also you can verify with time at which keylogger file has been created.
4. Now we have find the location of Keylogger or spyware. Go to that location and open the File with bintext or any binary debugger and search for @ or ftp in that. This will help you to get the email ID or FTP address at which keylogger is sending logs.
You can also use Wireshark and capture the packets for 20-30 minutes and filter ftp and smtp packets
>>>OPENFILESVIEW
If there is a keylogger like this key logger which is installed as a normal program on your PC not a trojan or virus, you'd better to uninstall it as a normal program; if there is a keylogger which is trojan or virus (installed secretly by itself) , you'd better use a anti-keylogger or antivirus to uninstall it compulsively.
ReplyDelete