Keyloggers are tools to record the activities of computer users. They are mostly used for the purpose of stealing passwords and private information, but there are some legitimate uses also. For instance, an employer may be wanting to know about how its newly recruited employees are using their office time. Or a concerned father may be willing to keep track of the activities of their growing children while he is away in office.
Whatever be the case, the target person will always like to find, if there are hidden keyloggers installed in his computer recording his activities. But how to do that? How to find keyloggers in computers.
Microsoft Process Explorer – Useful Tool for Finding Keyloggers in Computers
Keyloggers are like any other software applications, which launch Windows Processes to let them function. If you can find the processes associated with the keyloggers, you can easily find out, whether any keylogger is installed on your computer or not.
The problem is not of finding the processes. But the problem is hoe to decipher the culprit windows process. There are tools, which can find all the running processes but you your self are expected to find the recognize the process associated with the keylogger application.
Microsoft Process Explorer is a useful utility, which makes your task a bit easier. It is an advanced version of the Windows Task Manager, with which you might already have worked. It may not look to be very attractive in its user interface, but it is very powerful security tool, and the best part is part is that it is a freeware application. You do not have to pay a dime to get it.
How to Use Microsoft Process Explorer to Find Keyloggers in Computers
The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you’ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you’ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.
If you choose the appropriate columns in the View menu, you’ll be able to see any working executables’ path, its publisher’s name, and important program descriptions; together, this should give you sufficient information about the authenticity of any running applications to determine its legitimacy. Some of Process Explorer’s most useful info is hidden by default. To see it, right-click a column name and then choose Select Columns. Both ‘Process Name’ and ‘Description’ should be checked already, but make sure to check Company Name and Command Line as well.
Once you identify the processes associated with the keyloggers in your computer, then you can Google them to know more about them. There are lots of resources on the net to dig deeper. Let me list some of them.
Here is a nice YouTube video on the use of Process Explorer for the finding keyloggers, spyware and malware in your computer.
[Download Process Explorer]
You can follow us on Google+.