Detecting Keyloggers

NeutronTech · Apr 15, 2010

What methods do you use, or programs do you use to detect if a keylogger is installed on a system? I know the basics like looking at task lists and such. But some programs claim they are undetectable. Is this true? I have a customer who is concerned a keylogger has been installed on her system and would like to be able to give her an answer confidently.

iisjman07 · Apr 15, 2010

When people say that keyloggers are 'undetectable', they generally mean 'to antiviruses'; the tell-tale signs of a malware infection are still apparent. First scan the machine and then check the normal things like process', services, and registry startup locations. If the customer is still scared then install something like 'Keyscrambler', there's a free version and it works well (I use it).

NeutronTech · Apr 15, 2010

Ok, so there really is no way for a keylogger to be installed and be completely hidden then? I'll try the some rootkit methods and see if that works.

Galdorf · Apr 15, 2010

Yes there is a keylogger made by some ingenious Chinese that writes to and area in your bios that antivirus can't scan it has rootkit like properties and they use it to steal wow accounts.

I have seen a few i had to scrub the bios and reflash to get rid of it.

NeutronTech · Apr 15, 2010

Galdorf said:
Yes there is a keylogger made by some ingenious Chinese that writes to and area in your bios that antivirus can't scan it has rootkit like properties and they use it to steal wow accounts.

I have seen a few i had to scrub the bios and reflash to get rid of it.

Well, isn't that sneaky...... Any way to detect those types? And are those keyloogers like that readily available to download by a slightly above average user for the purposes of spying on a spouse?

Galdorf · Apr 16, 2010

NeutronTech said:
Well, isn't that sneaky...... Any way to detect those types? And are those keyloogers like that readily available to download by a slightly above average user for the purposes of spying on a spouse?

Its all in chinese don't know how to read it there are many sites in china with undetectable keyloggers if you can read chinese you should be able to find it.
Also we get new lg dvd burners that install software when you plug in the burner from built-in firmware called bluebird so it would be possible to embed a keylogger in hd or dvdburner firmware.
http://blogs.zdnet.com/BTL/?p=4590
And has happened someone hacked the Razor site and uploaded a keylogger into the code for the firmware for the razor mice copperhead ect.

hyfidel · Apr 16, 2010

If someone suspects keylogging, you can also check for HARDWARE keyloggers. Sometimes it will look like a ps/2 or usb extension plug or cable. These record every keystroke and can be accessed using a viewer program that comes with the plug.

Also, there are keyloggers built into the keyboard itself, these are not as obvious but you can ask if someone replaced the keyboard recently.

iisjman07 · Apr 16, 2010

^^

Yeah, the last time I went into my bank I noticed how all terminals have the keyboard encased in metal to prevent this

hondablaster · Apr 19, 2010

I asked the same question sometime ago here is the thread I started.

http://www.technibble.com/forums/showthread.php?p=97966

Detecting Keyloggers

NeutronTech

Active Member

iisjman07

Active Member

NeutronTech

Active Member

Galdorf

Well-Known Member

NeutronTech

Active Member

Galdorf

Well-Known Member

hyfidel

New Member

iisjman07

Active Member

hondablaster

Member

Similar threads