Keyloggers - how do you know?
Posted 12 September 2007 - 12:18 PM
I have performed some computer cleaning for a client of mine and she informed me that her ex-husband put a keylogger on her desktop. She was approached by someone with knowledge of this and given many copies of generated emails sent to her husband showing information that she had typed on her desktop (apparently it emailed the data to him). She approached the FBI about since it had been going on for over 4 years.
While I used the normal methods of finding and removing any spyware or viruses on her computer a year ago - I was unable to detect the keylogger. When I came back to clean her computer again (a yr later) and with the knowledge a keylogger was present - I ended up wiping her computer HD clean and re-installing her OS. The FBI computer expert she talked to had mentioned this was the best way to remove a keylogger.
While I am not disagreeing with the FBI agent, surely there is an easier way to detect and remove keyloggers without wiping a HD clean? The agent mentioned to her something along the lines of **blaster for the keylogger name. She couldn't remember.
Any ideas how to detect if a keylogger is present on future computers I come across? Also, is it normal for keyloggers to behidden from detection common programs such as Task Mgr or Hijackthis, or popular AV programs, etc?
Posted 23 January 2008 - 10:59 PM
note that some programs like that do not show up in the MS version of the processor list so use HiJackThis to see whats hidden..
Edited by Rob in NH, 23 January 2008 - 11:00 PM.