How to detect if a keylogger has been installed on your machine

A keystroke logger is the worst kind of malicious software (malware) you could possibly hope to be infected with. Why? Because it could be recording each key you type and sending it to a central server, which would include your messages and username passwords!

This is why in some cases a password manager can make your machine more secure: because you are typing your passwords less, if somehow you could an infection it would have less impact.

That point is debatable however, since one needs to be root to install one it's a good reason to have a guest account enabled on your computer if you ever plan to let a bad-ass criminal use it for 5 minutes while your making a cup of tea or similar.

How To Not Get Virus Infection

  • Before double-clicking, check you trust the source of the executable
    • Check the domain name, the person who sent etc
  • Provide to guest users a regular low-privilege user account
    • If a stranger needs to use your machine when you are not around, this will prevent them most badness if it's not an admin account
    • Saved my ass at least once, I know this much
    • Helpfully, this also logs all your web sessions out

How To Detect Keystroke Logger Installation

It's actually quite difficult. I'm going to look into it and update this blog later when I find out more. If you want to take a snapshot of all your system kexts try running Syntella (macOS only presently) then you can search through the report with a text editor to try to find anything that is amiss.

If you're on windows you could try checking this link: