me_ntal
04-28-2007, 02:59 AM
SO you got a keylogger
Ok, there is several ways to get rid of a keylogger. The main key loggers that are used at the moment are Ardamax Keyloggers so there will be a section on that type of keylogger.
Using Virus/Spyware Programs.
This will vary from program to program so the basics are.
After you downloaded the file that may be a keylogger, scan it. Most of the time to scan a file you just right click the file and then click “Scan This File With -AntiVirus/Spyware Program-” then just let it scan. If you have a good program you it should pick it up programs don’t pick everything up.
If you have already run the keylogger they best way to remove it is to do it in safe mode. To do this restart your computer and as it is starting up again push F8 and then select Safe Mode. It will say safe mode in all corners of the screen. Run your virus program and do a virus scan then a spyware scan. It should pick it up now if there was something bad on your computer, such as a keylogger. Then run trough the options and delete the malicious stuff.
After removing the keylogger, reboot and then complete another scan to be sure it’s gone for good. Once it is, start changing all of your passwords - those associated with email accounts, online banking, instant messaging programs, online auction Web sites, and so on. While the person(s) responsible for installing the keylogger may have only been interested in spying on your computer activities, there’s an equal chance that user account details were what they were after. With access to enough information, stealing your identity (not to mention your money) is a relatively simple affair.
SpyHunter.
Download SpyHunter HERE. TRIAL SOFTWARE (http://www.spywareremove.com/SpywareScanner93462p2s2.exe)
Run and install. Then run the program and click “Start Scan”
http://i80.photobucket.com/albums/j164/rivalzone/spyhunter1.jpg
Wait until it scans your registry, memory, cookies and files for any keyloggers and similar programs. Then click “Remove” and “Remove Selected” or “Remove All”.
http://i80.photobucket.com/albums/j164/rivalzone/spyhunter2.jpg
Now, you need a key to remove them, I have no idea where to get one. I looked but couldn’t find. Sounds useless BUT if you DO have a keylogger on your computer it will still tell you.
So you did all the above and it says you don’t have a keylogger but your still paranoid that you might. What do you do?
KeyScrambler
This is a FireFox extension
KeyScrambler Personal encrypts your keystrokes at the kernel driver level to protect your login information from keyloggers.
When you type on your keyboard, the keys travel along a path within the operating system before it arrives at your browser. Keyloggers plant themselves along this path and observe and record your keystrokes. The collected information is then sent to the criminals who will use it to steal from you.
KeyScrambler defeats keyloggers by encrypting your keystrokes at the keyboard driver level, deep within the operating system. When the encrypted keystrokes reach your browser, KeyScrambler then decrypts them so you see exactly the keys you’ve typed. Keyloggers can only record the encrypted keys, which are completely indecipherable.
Unlike anti-virus and anti-spyware programs that depend on recognition to remove keyloggers that they know about, KeyScrambler will protect you from both known and unknown keyloggers. What’s more, KeyScrambler provides protection without getting in your way. You don’t have anything to learn about the program and you don’t have to do anything differently, but with KeyScrambler your important personal information will be a whole lot safer.
That will protect you from most keyloggers.
Download Here (https://addons.mozilla.org/firefox/3383/)
On Screen Keyboard
This little feature will stop keyloggers, just enter all your passwords using this and you should be fine. It is located on your computer already. Click “Start”, “All Porgrams”, “Accessories”, “Accessibility” then “On Screen Keyboard”.
http://i80.photobucket.com/albums/j164/rivalzone/onscreenkeyboard.jpg
Other Programs For Keyloggers
This is a very good list of Anti Keyloggers programs. (http://www.surfpack.com/software/removingkeyloggers/)
Universal anti-Keylogger (http://styopkin.com/keylogger_hunter.html)
Eradicating Ardamax Keyloggers Manually
As I said before the majority of keyloggers on used are Ardamax keyloggers. Your best defense to remove Ardamax Keylogger, or any other spyware, is to quickly detect and delete Ardamax Keylogger processes, registry keys, DLL files, and other hazardous Ardamax Keylogger files from your computer.
Quote:
Ardamax Keylogger is a commercial computer surveillance tool that tracks user activity and records all keystrokes. It sends the log to a configurable e-mail address or uploads it to a predefined FTP server. Ardamax Keylogger is able to hide its running processes and therefore avoid a detection. The threat must be manually installed. It runs on every Windows startup.
Remove the following items from your PC:
Remove Processes:
-akl.exe
-akv.exe
-nsk.exe
Unregister DLL Files:
-il.dll
-kh.dll
Remove Registry Values
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionRunArdamaxKeylogger
-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionRunNSK
-HKEY_CURRENT_USERSoftwareArdamaxKeyloggerLite
-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsAppPaths akl.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionUninstallArdamaxKeylogger
Detect and Remove Files
-akl.exe
-akv.exe
-nsk.exe
-il.dll
-kh.dll
-akv.ini
-settings.ini
Follow those steps and you should be fine. If you did have a keylogger make sure it is gone by checking multiple times and then change passwords for all accounts with any value to yourself. But scan a file that you don’t trust BEFORE you open it and don’t be stupid.
Remember protection is the best idea.
Ok, there is several ways to get rid of a keylogger. The main key loggers that are used at the moment are Ardamax Keyloggers so there will be a section on that type of keylogger.
Using Virus/Spyware Programs.
This will vary from program to program so the basics are.
After you downloaded the file that may be a keylogger, scan it. Most of the time to scan a file you just right click the file and then click “Scan This File With -AntiVirus/Spyware Program-” then just let it scan. If you have a good program you it should pick it up programs don’t pick everything up.
If you have already run the keylogger they best way to remove it is to do it in safe mode. To do this restart your computer and as it is starting up again push F8 and then select Safe Mode. It will say safe mode in all corners of the screen. Run your virus program and do a virus scan then a spyware scan. It should pick it up now if there was something bad on your computer, such as a keylogger. Then run trough the options and delete the malicious stuff.
After removing the keylogger, reboot and then complete another scan to be sure it’s gone for good. Once it is, start changing all of your passwords - those associated with email accounts, online banking, instant messaging programs, online auction Web sites, and so on. While the person(s) responsible for installing the keylogger may have only been interested in spying on your computer activities, there’s an equal chance that user account details were what they were after. With access to enough information, stealing your identity (not to mention your money) is a relatively simple affair.
SpyHunter.
Download SpyHunter HERE. TRIAL SOFTWARE (http://www.spywareremove.com/SpywareScanner93462p2s2.exe)
Run and install. Then run the program and click “Start Scan”
http://i80.photobucket.com/albums/j164/rivalzone/spyhunter1.jpg
Wait until it scans your registry, memory, cookies and files for any keyloggers and similar programs. Then click “Remove” and “Remove Selected” or “Remove All”.
http://i80.photobucket.com/albums/j164/rivalzone/spyhunter2.jpg
Now, you need a key to remove them, I have no idea where to get one. I looked but couldn’t find. Sounds useless BUT if you DO have a keylogger on your computer it will still tell you.
So you did all the above and it says you don’t have a keylogger but your still paranoid that you might. What do you do?
KeyScrambler
This is a FireFox extension
KeyScrambler Personal encrypts your keystrokes at the kernel driver level to protect your login information from keyloggers.
When you type on your keyboard, the keys travel along a path within the operating system before it arrives at your browser. Keyloggers plant themselves along this path and observe and record your keystrokes. The collected information is then sent to the criminals who will use it to steal from you.
KeyScrambler defeats keyloggers by encrypting your keystrokes at the keyboard driver level, deep within the operating system. When the encrypted keystrokes reach your browser, KeyScrambler then decrypts them so you see exactly the keys you’ve typed. Keyloggers can only record the encrypted keys, which are completely indecipherable.
Unlike anti-virus and anti-spyware programs that depend on recognition to remove keyloggers that they know about, KeyScrambler will protect you from both known and unknown keyloggers. What’s more, KeyScrambler provides protection without getting in your way. You don’t have anything to learn about the program and you don’t have to do anything differently, but with KeyScrambler your important personal information will be a whole lot safer.
That will protect you from most keyloggers.
Download Here (https://addons.mozilla.org/firefox/3383/)
On Screen Keyboard
This little feature will stop keyloggers, just enter all your passwords using this and you should be fine. It is located on your computer already. Click “Start”, “All Porgrams”, “Accessories”, “Accessibility” then “On Screen Keyboard”.
http://i80.photobucket.com/albums/j164/rivalzone/onscreenkeyboard.jpg
Other Programs For Keyloggers
This is a very good list of Anti Keyloggers programs. (http://www.surfpack.com/software/removingkeyloggers/)
Universal anti-Keylogger (http://styopkin.com/keylogger_hunter.html)
Eradicating Ardamax Keyloggers Manually
As I said before the majority of keyloggers on used are Ardamax keyloggers. Your best defense to remove Ardamax Keylogger, or any other spyware, is to quickly detect and delete Ardamax Keylogger processes, registry keys, DLL files, and other hazardous Ardamax Keylogger files from your computer.
Quote:
Ardamax Keylogger is a commercial computer surveillance tool that tracks user activity and records all keystrokes. It sends the log to a configurable e-mail address or uploads it to a predefined FTP server. Ardamax Keylogger is able to hide its running processes and therefore avoid a detection. The threat must be manually installed. It runs on every Windows startup.
Remove the following items from your PC:
Remove Processes:
-akl.exe
-akv.exe
-nsk.exe
Unregister DLL Files:
-il.dll
-kh.dll
Remove Registry Values
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionRunArdamaxKeylogger
-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionRunNSK
-HKEY_CURRENT_USERSoftwareArdamaxKeyloggerLite
-HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsAppPaths akl.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentV ersionUninstallArdamaxKeylogger
Detect and Remove Files
-akl.exe
-akv.exe
-nsk.exe
-il.dll
-kh.dll
-akv.ini
-settings.ini
Follow those steps and you should be fine. If you did have a keylogger make sure it is gone by checking multiple times and then change passwords for all accounts with any value to yourself. But scan a file that you don’t trust BEFORE you open it and don’t be stupid.
Remember protection is the best idea.