How to detect the presence of a keylogger and eliminate it?

How to detect the presence of a keylogger and eliminate

You may have implemented drastic security measures, but if someone has managed to place a keylogger on your computer, it is easy for them to recover your passwords because such a tool retransmits to them what you type on the keyboard . It is therefore essential to know how to spot if such an intruder has been introduced into the computer system in order to eliminate it. A detection task that is not always easy.

You may also be interested


[EN VIDÉO] Kézako: how is data encrypted on the Internet?
Cryptography is the oldest form of encryption. There are traces of its use until 2,000 BC. This technique still used today, especially on the Web, reveals its mysteries on video thanks to the Kézako program from Unisciel and the University of Lille 1.

Detect the presence of a keylogger (keylogger) on its computer is not always easy. Here are the signs that could alert you:

  1. A net slowdown when launching the system: a keylogger runs at computer startupit needs to initialize and prepare a hidden capture environment of what you hit on the keyboard. Therefore, a strong startup slowdown should be considered suspicious.
  2. There seems to be a slight delay between when you type a letter and when it appears on screen. In fact, as the keylogger intercepts each keystroke, there may be a small lag in the display or a somewhat jerky or erratic appearance of the text.
  3. When you move the mouse, the cursor movement seems to lag or even disappears.
  4. the Navigator Web is slow to respond to your requests.
  5. The light from Hard disk lights up intermittently as you type. Or the network connection device will flash as you type.
  6. More rarely, unusual wiring has been placed on your computer.

If such manifestations are observed, it is good to check what is going on. Also be aware that particularly well-programmed keyloggers may not reveal such symptoms.

What to do in case of doubt?

If in doubt, disconnect all connections to Internet to stop sending data. Disconnect from your network. If the problem is on a company computer, notify your administrator, who will try to analyze the problem. On restart, use a software analysis such as Malwarebytes (see below).

Windows Task Manager

A simple check consists of checking which are the apps loaded into memory via Windows Task Manager. To do this, activate “Ctrl – Alt – Del”, then open this application.

Inspect the list of applications currently running on your computer, and if necessary, processes. If you see the name of an application that consumes a lot of power from the processor, and if this application is unknown to you, do a search on its name. If in doubt, right-click and select “End Process”.

Then do an analysis followed by an elimination of the intruder using one of the programs listed below.

Programs present at Windows startup

Do the following: “Startup, All Programs, Accessories”, then “Run” and type “msconfig”.

The “Startup” tab shows all the programs launched when Windows starts. If you detect the name of a suspicious program, check the web and disable it by clicking the check mark on the left. Again, care must be taken to eliminate this program from the computer.

Protect yourself against hacking of your information via a keylogger

If you work in a place where there are many computers and want to prevent someone from placing a keylogger on your machine, the first precaution to take when you leave your post is to lock your computer screen, using a session password – long and complex – known only to you. To lock your device, it’s simple: “Ctl Alt Del – Lock this computer”.

Also remember to protect access to your computer with a complex password. You thus avoid that another can use your computer in your absence.

Outside, do not use a public computer such as that of a cybercafé to access personal and confidential data: email, online bank account… You cannot know if the person who used the same computer before you did not install a keylogger in order to spy on your activity. Similarly, in an access Wireless public, avoid using any application that requires you to type your codes of access. If you urgently need to access a site such as your online bankan alternative can be to display a virtual keyboard on the screen and click on the keys via the screen rather than typing on the keyboard. To do this, under Windows 10 : “Settings, Ease of Access, Keyboard”, activate the “On-screen keyboard”. Under Windows 7“Control Panel, Ease of Access”, and “Enable On-Screen Keyboard”.

Consider activating two-factor authentication (2FA) on all “sensitive” sites. So, even if a pirate could hack your Passwords via a keylogger, he would not have access to the codes sent to your phone mobile and therefore will not be able to access sites protected by 2FA.

In general, avoid installing any software from a site that seems suspicious to you. Official publisher sites or sites with a high reputation are much preferable.

If you are using a password manager such as LastPass Where Dashlaneyou will never have to type a password to access a given site and therefore, it will be impossible to hack access, even if a keylogger was active.

How to remove a keylogger?

Eliminating a keylogger is not always easy because they sometimes escape the surveillance of certain antivirus software. In contrast, keyloggers are usually detected by malware scanners such as Malwarebytes Where MalwareFox. It is recommended to scan the system by such a tool on a regular basis.

Dedicated real-time protection tools

Anti-keylogging tools, such as KeyScrambler, have an essential action: they encrypt what you type on the keyboard. Whoever monitors your activity will not see anything appear that is decipherable. Some tools like SpyShelter Free Anti-Keylogger Where Zemana Antilogger go further and protect access to various sensitive areas of the computer in real time.

Dedicated analysis tools from antivirus vendors

It is also good to know that a large number of antivirus vendors offer dedicated services for detecting and removing keyloggers, offered free of charge for occasional use. This is particularly the case of Norton Power Eraser Where Avast One.

Interested in what you just read?

fs2