how to find a keylogger or Trojan or spyware
in your PC or Laptop. There are several ways to find them but using
this method you will know the exact path of the keylogger and where its
saving the log file. Also once you have the keylogger server now you can
reverse engineer the server and hack the hackers account password which he used in keylogger server. Lets first start with keyloggers introduction..
What is Keylogger and How it actually works?
Keylogger as the name suggests somethings that logs keystrokes. Yup its right, keylogger is a password hacking tool which is used to steal victims passwords, logging the keystrokes pressed by victim and also some advanced keyloggers are even used to retrieve stored confidential data. Based on internet scope keyloggers are of two types:
1. Physical Keylogger:
These keyloggers are installed if hacker has physical access to your
system. User has to install this type of keylogger manually on your PC
or system. These types of keyloggers are hard to find but i will show
you today how to find that also.
2. Remote Keylogger:
Remote keyloggers are new generation keyboard hook hacking software's
which does not require a physical access to the system that means they
can be installed remotely. These usually comes into your PC through
torrents, porn websites, hacking tools(software's like Facebook
hack tool, Gmail hack tool, Hotmail hacker) and cracks, keygens and
patches. As most users usually ignore these files as antivirus usually
shows virus in these files. So hackers exploit this loophole and attach
their keyloggers and keyboard hook programs with such things like
keygens, patches, cracks and torrents etc.
Remote
keyloggers logs the data into a file and send these logs to hackers FTP
or his email. So friends, always try to avoid above mentioned things as
far as possible.
How to detect or find keylogger or any spyware in your system:
1. Download the Forensic investigation tool OPENFILESVIEW and Install it.
2.
Now open openfilesview and you will see a complete list of all
processes and temporary files currently being used by your system or PC
along with their full path from which they have been running. Here is
the snapshot:
3.
Now in above snapshot you can clearly identify the keylogger and system
files. Check the Program name and then check its corresponding location
in full path. Also you can verify with time at which keylogger file has
been created.
4. Now we have find the location of Keylogger
or spyware. Go to that location and open the File with bintext or any
binary debugger and search for @ or ftp in that. This will help you to
get the email ID or FTP address at which keylogger is sending logs.
You
can also use Wireshark and capture the packets for 20-30 minutes and
filter ftp and smtp packets. By this methods you can will get email and
password of hacker. I will explain this in my coming tutorials.
Warning: Do Not Copy The Content. http://www.hackdonor.com/2011/08/how-to-find-keylogger-or-any-spyware-in.html#ixzz2BjqMhZJa
No comments:
Post a Comment