How to Find Out if Your PC is Infected by a Keylogger

November 22, 2015 Tips



Hackers use a number of tools to snoop on their victims. Among the most sinister tools in their arsenal are keyloggers.  A keylogger is a form of malware that records the victim’s keystrokes, which allows the hacker to capture passwords, credit card numbers and other sensitive data. Most keyloggers are software programs, but some are USBs or other pieces of hardware.


Keyloggers pose a serious security threat. In 2013, a group of hackers used the Pony keylogger program to steal passwords from over two million people. Some experts believe that up to 70% of the world’s computers are infected by them.

You need to recognize the telltale signs of a keylogger and have it removed right away.



Signs that You May Have a Keylogger on Your Machine

 Keyloggers are very stealthy malware applications, but they can be detected if you know what to look for. Here are some signs that your PC or smartphone may be infected.


Odd Images and Popups


Most keyloggers don’t leave obvious red flags, but some will cause popups or odd images to appear in your browser windows. While these can be symptoms of other forms of malware, you will want to investigate carefully, because they are sometimes caused by keylogger applications. If you are using Kaspersky, then it may identify the suspicious activity as a keylogger. However, it is difficult to know for sure without further evaluation, so always run a keylogger detection tool as listed below.


Sluggish Performance

The memory and bandwidth that keyloggers consume varies by developer. Some use about 16 megabytes of memory, while others over 10 times that. Depending on the memory they consume, they cause slow system performance. Of course, slow processing speeds could be caused by any type of malware. However, if it is caused by a keylogger then your passwords and other sensitive data could already be compromised. You will want to investigate and change your passwords if a keylogger is discovered.


Keylogger Processes Listed in Your Task Manager

Some keyloggers can be identified in Windows Task Manager. You may be able to end the keylogger by terminating the process, but most keyloggers are more difficult to get rid of than that. Most won’t show up in the Task Manager at all, but it is at least a good place to start.

It can be difficult to tell if a program is a keylogger if you don’t know what to look for. You will want to compare some of the running processes to those listed on Liutilities. Here is a partial list of processes of known keyloggers that can show up in Task Manager:

  • k2admin.exe
  • k7tsmngr.exe
  • keytool.exe
  • k7tsecurity.exe

If you identify any of these programs, then you’ll need to clean your registry and have them removed.


Run Keylogger Detection Software

The most advanced keyloggers are undetectable by most anti-malware tools. You may need  to run a specialized application to detect keyloggers, such as Keylogger Detector by Blazing Tools. You can purchase a license for a single machine for less than $20 and usually get discounts for buying additional licenses. These applications are easy to run and can detect almost all known keyloggers. However, it is important to regularly check for new updates in case new keyloggers were developed since your keylogger detector was installed.


Suspicious Hardware Devices

Most keyloggers are software applications, but some are actually pieces of hardware. They are genuinely USBs, so you will need to remove any unusual devices that are plugged into your machine. These aren’t detectable by any malware detection tool since they are hardware devices, so you’ll to carefully look for them around your keyboard or the back of your machine. 



Be Diligent About Looking for Keyloggers


Keyloggers are very dangerous applications that allow hackers to steal your most private information. They have infected millions of people’s machines in recent years, which has led to social media accounts being hacked and credit card fraud. Monitor your devices carefully and change your passwords immediately if you think that you have been infected.   


Photo Credit Robbert van der Steeg

Leave a Reply


You must be logged in to post a comment.