Can I tell if a keylogger has been installed on the machine I share?

Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.

One very easy way is to check if there are hardware loggers. You find them on the keyboard cable. Very simple to connect a small device between the pc and the cable connector.

Also, look into Roboform to Go. Per their website:
"Fights "phishing" and "keyloggers" by filling passwords only on matching websites, and not using a keyboard."

I'm afraid I have to agree 100% with Leo. Most of the spyware & keyloggers that are caught by anti-spyware scanners are the kind that are either deposited by malicious web sites or not very well written freeware.

I have a client that asked me to install monitoring software they purchased onto all of their employee's (company owned) systems. To be sure it wouldn't be detected, we tried scanning with their anti-virus software (Norton), AdAware, SuperAntiSpyware and Malwarebyte's Anti-Malware. None of these well known products detected a trace of the monitoring software, which includes a keylogger.

As you can see, this well-written commercial product was able to successfully defeat several reliable scanners, so, it can be done.

The only way to secure your computing experience is to use your own system with a userid/password combination known only to you.

Keep in mind, as Leo has mentioned countless times before, it's best to also limit physical access to the system as there are many password crackers readily available that can be used to access your system without your knowledge.

A simple stop-gap solution would be to first check for the hardware keylogger, as AguilaFan suggests, and, if it's not there, create a CD that contains the ubuntu operating system. Doing this, each time you use the computer you can boot into a pristine OS where you won't have to worry about what he's installed under Windows. Plus, since data can't be saved to the CD, each time you run it it'll be like it's reset back to the factory standard settings (good for security, not so good for ease of use). Your friend also won't be able to tell that you're doing this (as far as I know).

This method is secure, easy, and free, assuming you have a disc burner and a blank CD or DVD. The only technical know-how required is being able to download a file and burn it to a CD. If you're not sure how to do that, well, there's plenty of sites that can show you how to make an Ubuntu disc.

Hi,
1) I will advise you to use portable browser (run from USB pen drive) and configure it with use auto fill option using another computer. Then plug it to your computer and when any website ask for login & password then use predefined dropdown login and password.
2) Use keyPass software

Hello
there is a programmer that writes in VB and she has a whole bunch of apps one of them is called proccess running -- this might determine whats running in the back ground -- do a google for "karens ware"
cheers

Personally, I'd forget all the advivce here and get a new friend/housemate. If he's messing with your digital privacy, you can bet he won't/hasn't stopped there.

Don't forget about Firefox with Key Scrambler add-on. Also works with IE8.

I'm not sure if this has been suggested:
First confront the person(assuming he/she is a person you trusted) and ask about this.
Declare you are taking your computer back and rightfully do so. REMOVE all (Web, Net...)internet connections on this computer.
Back up your documents onto media which you believe is not tainted(Optical disks have an advantage here over UFD's, HD's, or re-writable crap optical disks).
Consider a fresh install of your OS and apps.
Also consider how you have 'kept track of' your passwords/log-in credentials. Any patterns you have might need to be changed. Any paper (or digital document) trail can be traced. Try to avoid this unless ONLY you have access and knowledge - - and even deciphering ability ^^ -- to.
Depending upon the nature of this(suspected?) attack, perhaps software was used which is beyond the scope of conventional search methods.

Check all your internet AND browser options to make sure no passwords/credentials - - or even history -- are saved/remembered(logged).
Restrict access to the Internet to applications which you use and which might save personal information about you(registration, credentials, familiar data/info), all of which may clue someone in to your possible access codes to, say, Facebook.
Good luck.

Also, consider contacting any on-line associations you know have been made by/through your name/identity via phone or e-mail to ask for any strange activity, and if necessary restrict your account(s), monitor or investigate(they're doing it anyway^^) or lock out your account or change your credentials and/or account numbers/names.

If your using Windows XP,try Kaspersky Internet Security,it has proactive defense,which detects running programs at startup,if you dont know the program,put it in blacklist,or dont allow this program...or you can also use the virtual keyboard from that Kaspersky software.

To post a comment on "Can I tell if a keylogger has been installed on the machine I share?", please return to that article's main page.