Windows 7 Stealth Mode Detection

L

lazycarrot

New Member
Is it possible to detect if there is a program running on my machine in stealth mode?
Specifically if i suspect a keylogger (eg eblaster) has been covertly installed on my machine is there any way to detect this?
 
A good security program will detect it.


How to detect a Keylogger :

* Check the task list by press ctrl+alt+del in windows. Examine all the tasks running, if you unsure of a task look it up on a search engine.

* Use the system configuration utility to determine which task are loaded at start-up (type "msconfig" in the run box to start).

* Run your antivirus checker, it's possible this will pick up the Keylogger on your system.
Scan your hard disk for the most recent files stored. Look at the contents of any files continually updating (these might be logs).

* Download a specific keylogger detector program, and see if it detects anything.
Run Spybot S&D, this program checks for some known keyloggers.
 
Thanks Cybercore - I'll try those out...

Actually received a zip file attachment that i'd been tipped off as containing 'a virus'...
Ran it past 36 different anti-virus programs, including AVG, McAfee and Microsoft - only 1 program flagged it as suspicious - kind of set the alarm bells ringing.

Will run the checks you suggest just for peace of mind.
 
I am not sure I would panic if only 1 out of 36 scanners detected a problem. I would try Link Removed due to 404 Error (MBAM) too. And of course keyloggers need to call home, so check your firewall too.
 
Digerati said:
I am not sure I would panic if only 1 out of 36 scanners detected a problem. I would try Link Removed due to 404 Error (MBAM) too. And of course keyloggers need to call home, so check your firewall too.
Click to expand...

Completely on everything, Diggy. 1 scanner suspicious report is enough in my opinion because (1) you can never know and (2) try for example submitting a clean file, like a licensed installer, all the ~ 50 scanners will report it clean. So I mean a clean file is a clean file, I personally never risk. :)
 
Last edited:
I am definitely NOT saying to ignore the warning - you must still check it out. But even the best scanners have false positives and 1 out of 36 sounds like just that.
 
You are right. A huge chance that 1 out of 36 is a false positive. However, I have tried submitting files from trusted locations, such as open-source projects, Microsoft downloads, etc. and none of those that I submitted was reported positive. Of course I can't verify it with absolutely all trusted files. Just as yours my opinion is that 1 out 36 is still somewhat risky and should be given user attention.
 
It would depend on the type of file and source. I've had tools and files I used to slipstream XP with that had false positives. I knew they were safe because I had been using them for a long time. I submitted file and download location to Avast and they fixed the definition in a day or two. They are exceptionally good in comparison to other makers.
Joe
 
You must log in or register to reply here.

Similar threads

G
Windows reads 2nd drive without any visibility even if drive is disabled and drive letter removed.
Replies
1
Views
92
ChatGPT
ChatGPT
M
Every Windows version is swapping audio channels in games!
Replies
1
Views
256
ChatGPT
ChatGPT
Jimmy59601
No "Power buttons and lid" option in Control Panel\Power options
Replies
2
Views
190
Jimmy59601
Jimmy59601
Rayj002024
After Win 10 re-install Extend Monitors Broke
Replies
4
Views
284
ChatGPT
ChatGPT
D
New Windows 10 install: Flickering issue
Replies
2
Views
114
duceduc
D
Back
Top