About Keyloggers presence

Discussion in 'ESET Smart Security' started by ONT, Dec 14, 2012.

Thread Status:
Not open for further replies.
  1. ONT

    ONT Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    17
    How can I assure that my system has no keylogger installed hiddenly by anyone. Actually my system is on network in office and I am suspecting that someone might installed keylogger on my system. So how can I assure that my system is keylogger free?
     
  2. er34

    er34 Guest


    Hardware keyloggers (example here) might be present and they can't be detected by software. Depending on the rights you have on your account, you can see Windows start-ups, use antivirus software that detect keyloggers (e.g. in ESET they are detected as potentially unsafe programs), see hidden files and so on. But when you use 3rd party computer and 3rd party network that is not yours, you can expect they do everything with the information there and no matter what, you should never use and enter too personal information about you, your life, family, etc.
     
  3. ONT

    ONT Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    17
    Thanks for sharing your views, but I already know that. No hardware keylogger is installed, its Administrator Account in Windows, I also configure Eset to Strict Protection and also enable detection of potentially unsafe programs. And I don't have any personal information about me, family on that office PC.

    But still I want to get assurance of my keylogger free system. How can I do that using Eset?
     
  4. er34

    er34 Guest

    You have done the maximum ESET products can to help you about that. If they detect a software keylogger, they will notify you.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    If we were to be paranoid, we could say that even if you scanned your system with all available security scanners, you would never be 100% sure that it's completely clean.
     
  6. ONT

    ONT Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    17
    Yeah I know about no antivirus provides 100 % protection.

    Any logs should I send for analysis to ensure keylogger free system?
     
  7. ONT

    ONT Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    17
    Any body help me.
     
  8. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    You can scan your disk with a bunch of online scanners. If no malware is found, you can be 99% sure your system is clean.
     
  9. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    I don't know if your machine is private or not...if is it from your company it can be reason that you can have some key-logger installed...just to monitor your activity. It can be key-logger or screen-logger and probaly it will be not so simply to detect and remove such logger.
    Your security app (ESET as I consider) perhaps trust that logger and only some other standalone app can detect it...so try Emsisoft Emergency Kit to scan on demand or in other way - try to install SpyShelter Free (if your system is not 64-bit) to observe how action it detect and then to allow it or deny...be careful of course :)
     
  10. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Can you tell us more about the specific situation? Is this a purely hypothetical situation, or do you have reason to believe someone is actively monitoring your communications?

    Regards,

    Aryeh Goretsky
     
  11. Niels

    Niels Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    466
    Location:
    Belgium
    Most companies uses webproxy to filter and monitor the websites that you visit, some part you can see as parental control that you will find in customer security suites. A system administrator can always verify which programs you are running and even take over the screen. But only for troubleshooting or an investigation purposes. A web proxy isn't a keylogger. Normally when you signed your contract, you agreed that you will follow the ICT guidelines. A webproxy is a tool for a system administrator to monitor to which sites is surfed during the working hours. In your case the chance is very high that you are also behind a proxy.
     
  12. ONT

    ONT Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    17
    Here is integrated Sysinspector log attached. The log file in.xml format is packed in RAR format and renamed it .txt for uploading here.

    Actually my system hangs frequently for 5-10 secs and then it becomes OK. The situation is somewhat similar to hidden screen/key logger capturing, so suspect its presence. Kindly analyze the logs and tell me whether my system is keylogger free or not.
     

    Attached Files:

    Last edited: Dec 21, 2012
  13. ONT

    ONT Registered Member

    Joined:
    Mar 30, 2010
    Posts:
    17
    any help will be appreciated.
     
  14. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    I did not see anything that I recognize as a keylogger, per se, but there were a few drivers I did not recognize, (but were not running) as well as a scheduled task that showed up in the ESET SysInspector log file that I am not familiar with:
    "Task" = "c:\windows\system32\tasks\AutoKMS" ( 5: Unknown ) ;
    You might want to look into whatever created that task—it could be that has something to do with the problem you are experiencing with the system.

    Regards,

    Aryeh Goretsky
     
  15. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,486
    Location:
    Poland - Cracow
    I think this page can be useful in connection to AutoKMS
    -http://systemexplorer.net/file-database/file/autokms-exe
     
Thread Status:
Not open for further replies.