TechSpot

Info on Keyloggers...

By racer_x_090
Aug 18, 2006
  1. I have just recently got a keylogger and it forced me to reformat My computer. In that porocess i lost ALOT of important stuff including taxing information, resumes, and spread sheets for my work. I have a couple questions on keylogers...

    One: How are they made
    Two: How is the information sent back to the source
    Three: What are they most commonly used for
    Four: What is the best way to get rid of a keylogger other than reformatting

    Thank in advance for the help. Any information would help greatly.

    -X
     
  2. Vigilante

    Vigilante TechSpot Paladin Posts: 2,120

    One: They are just regular programs just like any other program that is installed on a PC. Nothing special. The trick is in how it GETS installed, and the techniques in which it conceals itself.
    They use a special driver to be able to read every key pressed on the keyboard, BEFORE Windows responds to it. So when you press "B" on the keyboard, it goes over the wire, reaches the system, reaches the software keyboard driver, and is first passed through the key-logger driver, and then to whatever program is active.
    These types of drivers are quite common, and have many good purposes, but like most things, they can also be used for evil.

    Two: The second part of the program, if successfully installed, simply uses your Internet connection and sends the data to someplace that was programmed into it. They call this "phoning home", and is no different then, say, Winamp sending usage info back to them, or Windows checking validation every so many days. The program just becomes active, and uses your connection without you knowing it. Unless you are tightly watching a heavy firewall program, you won't know it's taking place.

    Three: A "bad" key-logger would be used mainly to collect user names and passwords to things. And if they happen to catch a credit card number being typed, or any other such data. If the data is successfully collected, somebody could possible log in to your PC remotely, or your bank's website, or use your credentials for something without you knowing. Basically they could steal your identity.
    A "good" key-logger might be used as a security feature. Or similar technology could be use to remap keyboard keys, or map "special" keys on the keyboard.

    Four: Well, simply, removing it! If it's a bad key-logger, it will quite likely be labeled as spyware or a virus. And should then be picked up by a good "anti" tool. Such as Ad-Aware, Spybot, Ewido, TrendMicro, MS Defender, etc...
    Even Hijackthis can detect them.
    You also find them by looking for it's "startup" entry. The tricky place where it put itself into your startup. Which may be anywhere from right in the open, say, in your start menu startup. Or more hidden like a service, or notify key, or a shared DLL.
    Once you identify the key-logger, you can find out what file it is, and then search for the file in the registry and so forth.

    Obviously some program TOLD you you have a key-logger? If it gave info about the file itself or where it's located, or any other info you can research. You could have removed it.
    A key-logger is not the worst of Internet enemies. They are usually not destructive to your PC like viruses can be. They don't chew up your resources and Internet bandwidth like some adware and spyware can. But like ANY malware, they can be tricky to find and remove.

    Next time you have problems, post the issue here at Techspot, and the friendly GENIUSES here can help track it down :)
     
  3. Nodsu

    Nodsu TS Rookie Posts: 9,431

    You know, you can always copy your important documents to a safe location before formatting :)

    There is a difference between programs and data. Your spreadsheets are data, and usually they don't have any active content that could be harmful in any way.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.