How To:

[GypsyLovergirl]

How do I detect keyloggers on my computer?
Will my anti-virus pick up on them, or should I look manually?

I just read someone's post and they said that there is a way for a person to send programs through email and install them on computers.

Got the willies from that one!!

Thank you!

 

[A_Kefka]

Don't really know much about keyloggers, but I would think most good antispyware programs shoudl catch them.

 

[niv78]

There are a few things you can do to help yourself stay safe from keyloggers.

Dont click on email links unless you know the sender. If you do not know the sender and there is a link do not click it. Send a reply email and ask them who they are and what the link is about. If it's a keylogger you wont get a response since they use mail spamming using a mail spam server.

Be careful of the websites you visit and dont click on links in forums unless you know the link is safe, if you see a link make sure the website is spelled correctly. I have seen keylogger links that look like this: www.lierotica.com well a lot of people would click on it thinking it's lit but not notice it's mis-spelled.

Finally make sure you have up to date anti-virus, I recommend Nod32, a good antivirus program will keep the great majority of keyloggers/virus's away. Also scan your computer with both your AV (antivirus) and Anti-Spyware software weekly.

Hope this helps.

 

[Kikori]

Well, niv, that covers not getting them.

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
^^ Microsoft's Process Explorer. Process Monitor was Task Manager (ctrl-alt-delete) on steroids, and Explorer is Monitor on steroids and crack. This thing will tell you every process and task running, as well as (if you do some properties digging) every file and handle associated. It's color coded to match what's going on (colors for recently opened, recently closed, system processes, etc), so it just takes a bit of knowing what each color means to figure out.

Get Process Explorer and watch for anything that looks awkward. Check the properties on anything that isn't Microsoft branded in some way, or anything you know doesn't belong.

As per your question, a good anti-virus program will detect the files automatically and nail them, usually by alerting you on the spot. Avast! is very loud about this, and a pretty dang good anti-virus for it. AVG and McAfee are good, but so popular that people often write little viruses just to mess with any AVG / McAfee users.

Searching manually won't work well unless you know exactly what to look for; anti-virus programs tend to scan the actual code and contents of files for common bits and pieces of code (signatures) that are found within viruses... Good luck doing that on your own. ^_^;

 

[GypsyLovergirl]

Thanks everyone!!

I definitely don't know enough about computers to do it manually.
So that is good that the anti-virus and anti-spyware do the trick.

I run AVG Free and Spybot. Hopefully that will keep me safe and sound.

Happy Holidays everyone!

 

[morepleasin]

I've disinfected several friends and have some recommendations of simple things you can do. Bottom line on this is:
1. Don't use an "administrator" account on a routine basis; it offers you more chances to inadvertently let bad guys mess with your system. Set up and use a regular user account instead. Save "administrator" only for Microsoft updates every second Tuesday of each month, or when that is the only way to install a new application. Once those are done, log out and go back to a normal account for all that you do.
2. Don't click on, open, read, or do anyting but DELETE IMMEDIATELY any unexpected mail.
3. Even if an e-mail comes from a known friend, beware simple social engineering tricks to get you to click on the e-mail and open it up. Check to see if your friend really intended to send it, and if they didn't, they might already have been infected, and their computer is using their address list to spread the infection all around.
4. Most infections are now spread by websites, not by e-mail, using a variety of very clever techniques that are invisible to all but techie-types actually looking for these well-hidden tricks. You could get infected just by loading a bad webpage. Your best bet is to install a really good anti-virus/firewall/intrusion protection tool. I use "Blink Personal" as just one example of a great product that works very well (No, I don't own stock or anything, it just works). There are many others that can stop an infection before it crosses into your system (think condom), which is better than scanning for an infection that has already invaded.
5. Get and install a router to shield your home network from a lot of intruders trying to hack their way in. Best $60 you ever spent on computer equipment. Think of it as a doorman that only let's in good things, keeping the riffraff out. Reduces your chances of an intruder getting in by 99%.
6. NEVER use your laptop with a public WiFi access point, PERIOD!
7. If you use wireless, make sure you are using WPA encryption. WEP encryption is crackable inside of a minute, and is thus no better than unencrypted.

If all else fails, and you have to clean up, or want to be absolutely sure you are clean, the best way is to re-install your system. Back up your data first, or better yet, find a techie to give you a NEW system disk, making your old system disk a slave disk. With a clean new system disk installed and booted, you can mount the old disk, sweep it clean with a good virus removal tool without it re-infecting you (get your techie to help), and then you still have all your data plus more space to back things up (You are backing up regularly right???!!!)

 

[silverwhisper]

morepleasin: i'm surprised you didn't suggest changing the default router password.

ed

 

[jtf71961]

You can also try SuperAnti-spyware Free Edition. This is what I use and it is the best program for it. You can get it for free at download.com. Another one you can also get from that site is Ad-Aware Free Edition. I would use more than one, because they each can pick out differnt kinds. AVG as mentioned before, doesnt catch some spyware.