Here's some info though to help you know if you're being keylogged that a friend showed me recently. Apparently it's very effective at stopping rats/keyloggers Basically all keyloggers are a type of RAT, or Remote Access Trojan. These are little programs which can do all sorts of things and are very easy to create if you have the right tools. Each have varying levels of functionality but in general they all grant access to view the happenings of an infected computer, showing everything from keystrokes to what is displayed on the screen, to taking screenshots upon command when certain things occur on the computer. They can even turn on your webcam :pedo: One thing true to all RATs though is that they must be activated upon startup to be useful. They also tend to install themselves in the same locations on your computer regardless of the RAT you have. Some of course are more complex but here are some simple tools to find if you are RATed and promptly remove said RAT. DO ALL OF THIS AT YOUR OWN RISK. IF YOU DO IT WRONG YOU CAN EASILY DAMAGE YOUR COMPUTER. ONLY DO THIS IF YOU KNOW WHAT YOU ARE DOING AND ARE EXPERIENCED WITH COMPUTERS. -Keep your computer simple. Keep all your files organized. Keep files of similar types all in the same folder and don't mix them up. Keep photos with photos and videos with videos, applications with other applications, etc. -Uninstall unnecessary programs. This will make it easier to notice irregularities in your system. TRICK #1 (APPDATA) -First, open an explorer window. By this I mean a "my documents" or "my pictures" window or whatever. Next, type in the top address bar, character for character: %APPDATA% -Now, check for strange files. Specifically files with no folder. If it's a really old file you're typically safe. To see the age of a file right click the top info bar and place a check mark next to "Date Modified" and organize it in descending order from that category. On top should be the most recent file. -If there is some weird file in there, look it up. Find out what it is, and if you don't know what it is, investigate more. Don't delete if unless you're sure you don't need it. -Additionally you may want to check in individual program APPDATA folders. Specifically your internet browsers, Java, and other ones which store temporary information (more specific to individual computers) -Furthermore there have been reports of keylogger fragments infecting the LocalLow and Local directories in Vista and Windows 7 users, so search there if applicable. TRICK #2 (MSCONFIG) -Click the start menu and click "run" then type "msconfig" and hit enter -Check your startup entries for any programs which you don't know what they are. Check every entry online to check if it's necessary. Some ARE necessary for everything from the system itself to random programs on your computer. If there's something on there which you don't know what it is, specifically a name like IJER83I8384j5345JIHRRATBOOTER[Caution: Executable File], uncheck it from startup -If there is an entry which you suspect is a keylogger, hit "CTRL+ALT+DLT" to open a Task Manager. Order the processes by file name and then find one with the same name as the file you found. If you find a suspicious process look it up on Google to see what it is. Maybe it's just for a program you have running. The ONLY necessary processes while running no programs are... (all of which have a dot exe at the end, apparently this forum censors that): -System Idle Process -explorer -lsass -taskmgr -winlogon -spoolsv -csrss -smss -svchost – (There will be a few of these) -services TRICK #3 (NETSTAT -N) [last resort] -Open a command prompt. If you don't know what that is, click the startup menu, accessories, then command prompt -Type in "netstat -n" and it will open a list of all your computer's internet connections and some more info irrelevant for our purposes. {NOTE, if it's taking a LONG time to load and you want to just end it because there are too many entries, hold down control, minus, c and it will end the command} Type in each IP address into an IP locator to find what they are. If they are for some programs they will typically locate a domain. If they are a residential person hacking you they will maybe show no specific address but just a world location and maybe some coordinates. If they are using a VPN it may also show this, look up the services or company or whatever it says, it depends on the IP lookup website you use but I suggest http://whatismyipaddress.com/ip-lookup -If every IP address shows a domain name and none show up as residential IPs, you are probably safe. This is a last resort and is very inaccurate. Try it if all else fails I suppose and it's kind of interesting OTHER RANDOM TRICKS -Use the on-screen keyboard located in start > accessories > accessibility to type in your password if you suspect you are keylogged. This isn't a sure-fire way to avoid it as many foolishly believe but it could help in some circumstances. This will only work if the keylogger is hardware. With software keyloggers it will not work because there is no difference between a real keypress and an onscreen keypress. -Download CCleaner to fix registry errors and clean up temporary internet files -Always use another computer to change passwords on. I suggest using an iPod or some sort of smart-phone because they are virtually 100% safe from things like this -Install an Ubuntu OS partition on your computer to use if you suspect you are keylogged to log in and enter personal information. This is an entirely separate operating system which is 100% unrelated to your Windows OS assuming you don't mount your Windows partition to it to make it not so. Careful when installing though you can easily kill your old OS if you do it wrong. So there. A few helpful tips to prevent yourself from being keylogged and to check if you are if you have a suspicion. This isn't foolproof so don't rely 100% on it. There may be some technical inaccuracies but none of this can ever really hurt in checking for RATs and this guide will generally help.
