by HotNoob on Fri Dec 03, 2010 8:54 am
ok.
get a piece of paper, and pen
boot your computer in safe mode(press f8 when starting your computer).
write down ALL of the process names and descriptions (priority to writing the names)
then, write down all of the process names that you know are not viruses, such as firefox.
---
go through the processes and write down all of the ones that are not on the list.
google them to determine if the process is a virus or not.
if it is, go to the process and get the exe path.
try to end the process, and if it restarts, boot your computer into safe mode again, and then delete it.
then boot in normal mode, and if it shows up again, it means there is another process calling it.
if the virus is in a temp folder, delete your entire temp folder, unless it's your use application data folder. then restart.
and if you still have it...
go to run, and type in msconfig and press open.
go to the start up tab, and uncheck all of the programs that you are sure are not it.
then 1 by uncheck, restart your computer, delete the process, and try again.
finally, if the virus doesnt start up, or you can end it without it comming back, copy the command of the last startup item that you closed in the msconfig panel, and find the program in explorer. then delete it.
---
Also, to make sure you got it, open cmd.exe and enter in netstat -b and netstat -a
to make sure you have no unauthorized connections. since keyloggers will have to connect to another server for them to do something.
---
but for the most part, if you have windows firewall properly enabled it should find the keylogger and block it for you.
