Thursday, August 11, 2011

How to find keylogger or any spyware in PC


Hello friends, today i will explain share with a great method to find or detect a keylogger or any other spyware in your PC or system. As we all know nowadays keyloggers and spywares are big concern as hackers are trying their best to infect the victims to hack their accounts. Today i will teach you how to find a keylogger or Trojan or spyware in your PC or Laptop. There are several ways to find them but using this method you will know the exact path of the keylogger and where its saving the log file. Also once you have the keylogger server now you can reverse engineer the server and hack the hackers account password which he used in keylogger server. Lets first start with keyloggers introduction..

hack keyloggers, password hacking softwares
Find keylogger or spywares in your PC or system


What is Keylogger and How it actually works?
Keylogger as the name suggests somethings that logs keystrokes. Yup its right, keylogger is a password hacking tool which is used to steal victims passwords, logging the keystrokes pressed by victim and also some advanced keyloggers are even used to retrieve stored confidential data. Based on internet scope keyloggers are of two types:
1. Physical Keylogger: These keyloggers are installed if hacker has physical access to your system. User has to install this type of keylogger manually on your PC or system. These types of keyloggers are hard to find but i will show you today how to find that also.
2. Remote Keylogger: Remote keyloggers are new generation keyboard hook hacking software's which does not require a physical access to the system that means they can be installed remotely. These usually comes into your PC through torrents, porn websites, hacking tools(software's like Facebook hack tool, Gmail hack tool, Hotmail hacker) and cracks, keygens and patches. As most users usually ignore these files as antivirus usually shows virus in these files. So hackers exploit this loophole and attach their keyloggers and keyboard hook programs with such things like keygens, patches, cracks and torrents etc.
Remote keyloggers logs the data into a file and send these logs to hackers FTP or his email. So friends, always try to avoid above mentioned things as far as possible.

How to detect or find keylogger or any spyware in your system:
1. Download the Forensic investigation tool OPENFILESVIEW and Install it.
2. Now open openfilesview and you will see a complete list of all processes and temporary files currently being used by your system or PC along with their full path from which they have been running. Here is the snapshot:
find keyloggers in PC or detect viruses in PC
How to Find Keyloggers or Trojans in PC

3. Now in above snapshot you can clearly identify the keylogger and system files. Check the Program name and then check its corresponding location in full path. Also you can verify with time at which keylogger file has  been created.
4. Now we have find the location of Keylogger or spyware. Go to that location and open the File with bintext or any binary debugger and search for @ or ftp in that. This will help you to get the email ID or FTP address at which keylogger is sending logs. 
You can also use Wireshark and capture the packets for 20-30 minutes and filter ftp and smtp packets. By this methods you can will get email and password of hacker. I will explain this in my coming tutorials.

I hope you all found this article helpful and get a little deeper knowledge of computer forensics. If you like my article or have any queries please comment.

20 comments:

  1. wow !! nice post

    ReplyDelete
  2. rocking dude !! eagerly waiting for ur new post on this thing .. ill try this soon !


    krakoosso

    ReplyDelete
  3. gud but today there are many advance keyloggers are avialable which have the ability to bind themselves into another process so a user can not trace them by seeing processes and also these keylogger hav the feature to hide themselves from program files,add or remove program and also start menu so how we prevent our from these advance keyloggers

    ReplyDelete
  4. Its not working..Here getting some error after completion of its installation. wat to do?

    ReplyDelete
  5. @anonymous
    Its problem with ur system my fren..

    ReplyDelete
  6. wonderful tool thnks.Now a days key-logger binding in application.whether this tool able find the key-logger in application.please i m waiting for ur reply.

    ReplyDelete
  7. @anonymous
    Yes this tool will be able to detect that as it shows all temporary files opened also.. It will show the temporary log file in which logs are stored..

    ReplyDelete
  8. please tell me about getting the password of wifi using wireshark

    ReplyDelete
  9. how to find keylogger?whether it si keylogger or not? i am unable to find this in my fles with your software

    ReplyDelete
  10. wow nice post friend ,but to delete these all files>

    ReplyDelete
  11. @ Anonymous 10
    That you can find out using Wireshark, if its using your net and sending some data outside then its doubtful means either its spyware or its keylogger or RAT.

    From this tool you will be able to know where it has been located. Just go there and delete it.

    ReplyDelete
  12. @anonymous 11

    This tool will tell you the location of exe or dll of that virus. Just go to that locations and delete it.

    ReplyDelete
  13. iv downloaded the s\w m cnet..... its wrking 5n :)
    but how cn i find the exact keylogger file in the list....
    ther r many columns,,,, filename , path, read, write, share, handle,
    bla bla bla:)
    please tel me sir how to find it,,,, there is a PASSWD.LOG file tooo, is this a keylogger

    ReplyDelete
  14. Hi there, After installation, when I'm trying to open the application am getting an error message saying,Error in loading the open file list. Error code 100002.

    ReplyDelete
  15. Hi there, After installation, when I'm trying to open the application am getting an error message saying,Error in loading the open file list. Error code 100002.

    ReplyDelete
  16. Very useful tutorial.
    Keep good work

    ReplyDelete
  17. where can i get facebook phisher ??

    ReplyDelete
  18. Do I really need to download Openfilesview?
    Can I do that with a "tasklist" command on my prompt command (cmd.exe)?

    ReplyDelete
  19. same problem here... :(
    shows the error message while installing the file.
    saying,Error in loading the open file list. Error code 100002.

    I am using windows 8....
    please help....

    ReplyDelete

Please do not spam.

Designed by Hackingloops.