Joined: Oct 11, 2006 Posts: 608 Location: Fort Worth, Texas Status: Offline
Posted: Mon Jun 06, 2011 11:34 am Post subject: Keylogger scare.
One of my sisters computers she thinks has been compromised by the use of a keylogger. There is no proof of this however and I was wondering if anyone could tell me if there is a way I can find out if there is indeed a keylogger on her computer.
Without going into too much detail, the computer is the one she uses mostly for her banking and social networking, so understandably she is concerned by this potential breech of her security.
The person in question that she suspects of installing such a device has also lifted her OS installation and drivers software, so at the moment a system nuke isn't an option.
Thanks for any advice that is given, it is greatly appreciated.
Hey Nouc, key loggers can be bad news, but generally they have to be installed on a computer via an admin account. They can record everything from passwords to every website and every e-mail you send and receive, not to mention every keystroke and the time they were made. From what I know they are very rarely installed via a website or e-mail and are generally installed via an admin account on the computer. If you can not access some other admin account on the computer your dealing with you can not do much about it, and they may be able to log in via the internet if the computer is connected. I would first look for any other admin/user accounts. Log into any banking accounts from another computer and change passwords first off. Notify your credit card carriers for suspicious activity. _________________
I use 'whats running' to see every program that is currently running on my computer. This will show everything including network activity. Anything that looks odd or suspicious I do a Google search to see what it is and if it's safe. The program is user friendly.
The last time I downloaded it , it was a free program although they appreciate donations of course.
I download mine directly from the source page at whatsrunning.net
The current version is 3.0 and was updated to be compatible with Win 7, etc in April of this year.
In addition to the above, I also use AVG antivirus free edition 2011 which found a bunch of stuff on my computer and fixed it for free. It also checks for malware and adware in addition to the keyloggers, viruses , etc
Also try the trial of their PC tuneup which did a pretty good job of taking some of the kinks out of my registry and defragged my memory.
Joined: May 02, 2007 Posts: 25 Location: Palm Bay, Florida Status: Offline
Posted: Sat Jun 11, 2011 8:10 am Post subject: Keylogger
As somebody who helps people with this often- here are a few suggestions.
1. She should (obviously) stop using banking/social networks until she's certain her machine is safe.
2. If she absolutely must log in somewhere, tell her to go to Accessibility in Windows and use the on-screen keyboard. It's something most malware makers didn't think of when they created keylogging.
3. Keyloggers are (un)fortunately more common than you think. This is both a good and bad thing. It's bad because- well- who wants to deal with identity theft? It's good because-- the good guys are getting better and better at detecting and stopping it.
4. http://www.malwarebytes.orgGo here and download this. You don't need the paid version, but if they save her butt-- consider it. Start with a "Quick Scan" If it finds a lot of stuff- you might want to do the full scan, but pack a tent and sleeping bag.
5. http://www.comodo.comGo here and download THIS, too. Get "Internet Security." It's free and awesome. What I like about this antivirus software is that it uses technology called "sandboxing." In essence, It creates a fake windows registry that unrecognized programs install to.... If one of them turns out to be evil . . *SCOOP* It's out of the computer in heartbeat. It's going to clue you in to all the hidden stuff running- trying to connect to the web.
6. Once she's certain her computer is clean- she needs to change her passwords. I suggest using an addon for Firefox/Chrome called "Lastpass." She should create one complex password like "1reallyl0veMyP@ssword5" See how it looks like a sentence? I've substituted a few numbers for letters-- nothing in that password could be found in a dictionary, but with a bit of practice- it's easier to remember than 5ad32^1ejg35 ... and just as safe. Basically- keep a secure, big password in Lastpass-- and let IT create/manage her passwords for other sites. There's an extra advantage here, too: It fills in password forms FOR YOU-- So-- if infected with a keylogger-- you technically didn't press any keys. (Save, of course, for your lastpass master password- which can be entered with their on-screen keyboard through their web site). Seriously, she needs a different password for each site.... If I got a username and password . . if I were a bad guy- the next thing I'd do is just start guessing sites to type that into. Hmmm. Did it work on Bank of America? How about Wachovia? Maybe Gmail? On and on-- because I know most people use the same username and password for each site they go to.... I'd hit the most popular sites and go from there. . . PLUS ... If they can get into her email- they can see where she does business-- because companies email you promotions and crap ALL the time.
7. Call a good-looking computer tech if you have questions and/or need help. I happen to be one of those. AND ... You're BBA, so- don't hesitate to ask for anything. I'll always help my BBA brothers for free.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum