Home » FORUMS » Computers, Networking & other technologies » Software (General) » Anti-MalWare Software

keylogger removal


Posted on: Tue, 12/26/2006 - 10:19am
keylogger removal
does anyone know how to find a keylogger on a computer and how to remove it?

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Posted on: Mon, 02/19/2007 - 2:53pm #1
Re: keylogger removal
i also have something in my registry called "adware.ISTbar" or something other. i've tried removing it, and i can't seem to do so. it keeps bypassing the firewall i think and allowing more adware to get on my computer. any help wold be nice.
Posted on: Mon, 02/19/2007 - 3:52pm #2
Re: keylogger removal
http://www.majorgeeks.com/Symantec_Adware.IstbarTrojan.ISTsvc_Removal_Tool_d4784.html
Posted on: Sat, 01/06/2007 - 10:14am #3
Re: keylogger removal
Yes if its Local, no if its remote.
Posted on: Sun, 01/21/2007 - 9:07am #4
Re: keylogger removal
remote keyloggers still require a local component.
Posted on: Tue, 01/02/2007 - 1:30am #5
Re: keylogger removal
Or for the beastly way...reformat your computer. It is the only true way to get rid of that keylogger. My Antivirus states it removes the keylogger but each time I turn my computer on, it tells me I have a keylogger. These loggers maybe very stealthy or not.
Posted on: Sun, 01/21/2007 - 9:05am #6
Re: keylogger removal
keyloggers are spyware; anti-virus is typically unable to deal with spyware. You need an anti-spyware program to deal with spyware (and an anti-adware program to deal with adware!)
Posted on: Sun, 01/21/2007 - 10:18am #7
Re: keylogger removal
I use Ad-Aware for spyware and adware. It removes keyloggers easily.
Posted on: Wed, 01/03/2007 - 9:02am #8
itisme1760
Can you contact me privately regarding keyloggers.  Thanks.
Posted on: Tue, 12/26/2006 - 2:56pm #9
One possible way...
...is to bring up Task manager (Ctrl-Alt-Delete), click on Processes tab. Google each entry (name.exe) that you don't recognize. When found, you can Google the name along with the word "remove" or "removal" and follow the removal directions. The removal procedure may have you search your computer for various files. When doing system searches on your own PC make sure and choose the search option to include both System and Hidden files. Some keyloggers may not install to an obvious folder but instead, its files can be scattered to avoid detection. The .exe can reside in the Windows\System32 folder while the .dll's can be elsewhere. If you just delete the .exe without removing the registry command to have it start on bootup, you will have an error message to look at everytime Windows starts. This is why you need to follow a tried and true removal procedure for that specific program.
Posted on: Sun, 01/21/2007 - 9:40am #10
Re: One possible way...
if it's just a registry entry that is causing it to start up it can be stopped simply be deleting the registry entry and rebooting the computer. and this is registry usage that is actually SAFE for beginers (note, though this is a good exercise for getting you comfortable "under the hood", chances are the spyware program is booted by a .dll called upon by svchost.exe, which is not something for a beginer to mess with. It's something I'd only mess with when I'm planning on reinstalling my system soon anyway and already have everything backed up) goto the start menu, click on "run"; enter "regedit" and press enter, expand the registry tree with the [+] and [-] boxes so that you have the folders: HKEY_Current_User/Software/Microsoft/Windows/CurrentVersion/Run and HKEY_Local_Machine/SOFTWARE/Microsoft/Windows/CurrentVersion/Run between these two registry folders, you should have most of your start up programs Other sources of start up programs are C:\Documents and Settings\All Users\Start Menu\Programs\Startup and C:\Documents and Settings\%Current User%\Start Menu\Programs\Startup and finally, in the .dll's executed by svchost.exe if it's the final case, as I would suspect, you need to get a good ol'Anti-spyware software program. (though, exercising some caution; you might be able to just play around with msconfig, opening it from the run line)
Posted on: Mon, 02/19/2007 - 4:32pm #11
Re: One possible way...

Good stuff, Isaac;-)

Sure has been a day for updates, viruses, and other malicious stuff. I'm currently looking for a decent rootkit scanner as some of the computers in our LAN have been compromised through not updating to Firefox 2.0.0.1

I've tried two of them, but haven't seen anything impressive.

It would be nice for a suggestion on rootkit scanners that work as well as keylogger scanners that work...I haven't had the oppurtunity to try them out.

You cannot perceive beauty but with a serene mind. -Henry David Thoreau