Keylogger is a dangerous software that executes almost invisibly as a low level system process. It is usually started up in invisibility mode when the computer is booted, so there is no way that the user can detect it. This program logs all the key strokes typed on the keyboard and then transmits the logged information to the intruder who infected the computer with the keylogger program.
Keyloggers are extremely dangerous and can be used to steal personal information such as social security numbers, credit card numbers, and passwords. This may lead to identity theft or theft in general. Keyloggers are especially dangerous to anyone who uses online banking or online cash sites such as PayPal.
When the user suspects that he/she is infected with a keylogger, he/she should NOT type any personal information. Even when typing in a normal word document, the keylogger still keeps track of everything typed.
In order to log into Email or somewhere secure and password protected, there is one way to get around the keylogger:
Click on Start -> Go to All Programs -> Click on Accessories -> Select Accessibility ->Click on On-Screen Keyboard
Executing the above steps opens a keyboard on the screen so that the user can click whatever letter he/she would like to type. Since a keylogger does not track where and what the user clicks, this helps to get around it in times of urgency. Typing with the onscreen keylogger is a great hassle. The only alternative is to eradicate the keylogger program from the computer completely.
The user has to detect a keylogger in order to eradicate it. Detecting a keylogger is not simple. It can be installed in over a 100 places on the computer, usually in one of the system files. However, there is a much easier way to detect if a keylogger is running. Right click the desktop’s task bar and click Task Manager. Alternately, press Ctrl + Alt + Del simultaneously to open the Task Manager. Task Manager displays a list of all the applications currently running on the computer. Click the tab that says Processes. This gives information about all the programs, hidden and visible, that the computer is currently running.
The name of each process is under Image Name. The keylogger will show up on the list of processes as well as many other programs and background processes. However, it may be difficult to distinguish between the different processes.
There are many sites on the Internet that provide a vast amount of information on each and every process. One of these sites is Liutilities. This site provides some background information on each process as well as specifies the author and the program it is part of. One of this site’s best features is that it recommends what to do with each process. Most of the time, the process is harmful and simply part of the operating system or another program that is running.
Another fantastic site for information on processes is Neuber. Like Liutilities, Neuber gives background information on each process. A special feature they have is user created comments. Anyone can rate a process in terms of its security and leave a comment about how to deal with the process. Generally, these comments are very accurate. Neuber also provides a ‘security rating’ for each process based on the users’ average rating.
However, some find it hard to research each process individually. Thankfully, there is a program called Security Task Manager that is free to download. It displays information about each process that is currently running and specifies whether they are dangerous or not. The user is immediately notified if anything harmful comes up. This Neuber program also shows the security rating and a random user’s comment for each process. Processes that the program has never encountered are not given a security rating or comment. It is therefore advised that each process is researched individually.
Once the harmful process is found in the Task Manager, click the process then click the ‘End Process’ button. The process selected should be terminated immediately.
Once this is complete, the computer is safe until rebooted. If the keylogger was not deleted, it will start up again upon being rebooted.
Once the keylogger is stopped, run anti-virus and spyware checks on the entire computer. Some free virus scan utilities that are recommended are A2, Dr. Web, and AVG. However, highly advanced keyloggers such as TypeAgent, KGB, and SpyOutside can often slip through these scans and remain undetected.
If the anti-virus scans fail to show any result, manually detect and delete the keylogger. Keyloggers are usually located in the system files, so do not delete anything that is not definitely keylogger. Doing so may lead to errors in other areas of the computer. Go to 411-spyware and search for the type of keylogger that has infected the system. If it is listed, there should be instructions about how to manually remove it.
A great way to check if the keylogger has been completely removed from the system is to reboot. Remember the name of the keylogger’s process and reboot the computer. If the process is not there when the computer has rebooted, then the keylogger has been removed.
No related posts.
as salam o alikum
how are you all . i like this site this is site is very nice.
Suddenly i find readme.exe files on all my drives including the zipped ones, > keyloggervirus2