Sniff out keyloggers before you do your TAXES!

Print
Email
|

by Ken Colburn, Data Doctors

GMAZ interview by Tess Rafols

Posted on February 8, 2013 at 3:46 PM

Updated Saturday, Mar 2 at 8:46 AM

Is there an easy way to see if I have a hidden keylogger on my Windows 7 computer before I start doing my taxes? - Don

Tax season is what we refer to as ‘Christmas for Hackers’ because they know that lots of us will be typing very sensitive information on our computers to prepare our returns.

There are a number of threats that can compromise your computer, but few are as disconcerting as a keylogger.

If a malicious keylogger can sneak its way into your computer, it sits silently in the background recording every keystroke you make and can send the daily ‘transcript’ to a remote hacker.

Grabbing your valuable data, such as bank credentials, social security numbers and e-mail passwords takes seconds with an automated script.

Keyloggers tend to be fairly sophisticated programs that can masquerade as typical operating system processes, so detecting them can be a little tricky.

A sign that you should have your computer looked at by a knowledgeable person starts with how long it takes your computer to start up.  If it’s substantially longer than when it was new, you likely have extra processes running that could include malware.

A quick self-check can be run by opening the Windows Task Manager (right-click on the Taskbar at the bottom to start it) when you first turn your computer on and reviewing the number of processes running.

A well maintained computer will have between 40-50 processes running.  If the number is 60, 70 or 80+, for a variety of reasons, you should have your computer looked at soon.

Not only will it uncover any potentially hazardous malware, your computer will run significantly better without the extra load.

While you have the Task Manager open, click on the Processes tab and click on the ‘Image Name’ column header to sort the processes alphabetically.  Scroll down towards the bottom and look for the ‘winlogon.exe’ process.

There should only be one, so if you see more than one instance of winlogon.exe you should stop using your computer immediately and have it examined.

Unfortunately, many of today’s keyloggers are written to hide from this quick check, so just because you don’t see more than one instance of winlogon.exe, it doesn’t mean that you don’t have a keylogger installed.

Another indication that you should be concerned is if your CPU usage meter (click on the Performance tab) is showing a lot of activity even though you just started your computer and you haven’t opened any programs yet.

Your CPU should be idling in the 2-3% range with no programs (other than Task Manager) open.

While you are reviewing the performance charts, take a look at the Physical memory usage to see if you need more memory (RAM).  If the blue line in the Usage History is half way up or higher, adding more RAM should provide you with a noticeable improvement in speed.

Ignorance is not bliss when it comes to computer security, so if you have any indications that your computer isn’t quite right, make sure you have it looked at before you start your tax preparation.

============================================================

Ken Colburn, President
Data Doctors Computer Services - www.datadoctors.com
Data Doctors Data Recovery Labs - www.datadoctors.com/recovery
Data Doctors Franchise Systems, Inc.- www.datadoctorsfranchising.com

Host of the award-winning Data Doctors Radio Program (www.datadoctors.com/radio)

Follow me on Twitter at www.twitter.com/TheDataDoc

Real-time updates & threat warnings via our Facebook Fan Page: www.facebook.com/DataDoctors

 

 

Print
Email
|