You are viewing our Forum Archives. To view or take place in current topics click here.
Did this help?
Yes
69.44% (25 votes)
69.44% (25 votes)
No
30.56% (11 votes)
30.56% (11 votes)
Total Votes: 36
How to stay free from keyloggers and RAT's
Posted:
How to stay free from keyloggers and RAT'sPosted:
Status: Offline
Joined: Aug 11, 201112Year Member
Posts: 612
Reputation Power: 30
Welcome to my guide! I hope this helps, if it does. Please thank the thread. Just to keep track of people it helped
Table of contents:
1.0 Explanation
This is a basic tutorial on how to keep your computer clean. As this is TTG I guess most people know already, but it might be of use. I'm sure something like this might have been posted before, but is only to be expected on a long standing forum.
what does a keylogger do?
Basically exactly what the name suggests. It will record all your keystrokes and put it in a log. Most people think it cant do much damage, but they are wrong.
What does a R.A.T do?
A remote administration tool (Will be referred to as R.A.T from here.) is a tool which makes someone else able to control your computer. A legal example of a R.A.T is Team viewer. Of course, Team viewer is safer since you can control access with the password provided. However, with most R.A.Ts you will have no idea you have them.
2.0 How can a PC get infected?
The answer to this is pretty simple, you download it. Usually you will get infected by downloading things from the wrong places.
[ Register or Signin to view external links. ]
These wrong places include:
- Torrent sites
- YouTube
- Random sites on the internet
- Java drive by
From all these things, a Java drive by is probably a thing you dont know. If you load a java applet on the internet, you get asked if you trust the publisher and all the files that the applet will run. However, these java applets can download a file to your computer which might harm it.
3.0 Prevention
Preventing this is necessary. It can read anything you type, either it is Runescape details, bank account details or MSN addresses. So, how do you do it?
The best thing to do is get a virus scanner and a program designed against malware and spyware. I made a small list of programs you can use. All downloads are from the official site and you can check it.
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
These are only a handful virus scanners that can protect your computer. There probably are more then 30 others. These are given as they are well known. However, this does not cover the Anti-Malware / Anti-Spyware. You can download these programs here:
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
To ensure the best protection you will also need a Firewall. You can either use the windows standard or use one of these:
[ Register or Signin to view external links. ]
4.0 Recognizing a key logger/R.A.T
There isnt much on this subject. The obvious things about a file make it suspicious; you should always double-check if you download from an unknown source. However, there are a few things that will reveal the key logger or R.A.Ts identity.
For one, most key loggers are small. Of course, there are key loggers that can be even 100GB big. Most of the time if you are downloading either a game or another file and you dont really trust it, just check it.
There are more things you can do to check your file. Most of the time, there are lazy people trying to get some quick loot for Runescape or other game. Most people do not check their key logger for mistakes and thats where we can profit from.
Might be a bad example picture, but I will replace it with a better one soon. This is from a well-known key logger which a lot of people use. Of course, there are many more of them.
[ Register or Signin to view external links. ]
As you see, the file details and such are pretty much the standard things you expect from a file. However, why did they change the name? Of course, you cant see the original file in that picture.
[ Register or Signin to view external links. ]
This was the file, but the original file name was changed a lot. A further look in the file revealed this code:
Even if you are not that good at understanding those computer terms, you most likely will know what it says. The Me.Send.Email and New infection part tells enough about the file, it is a key logger.
This file has been virus scanned using [ Register or Signin to view external links. ] and the results are:
[ Register or Signin to view external links. ]
5.0 Deleting
Deleting a key logger or R.A.T can be tricky. The best thing to try first is to scan your computer using an Anti-Virus and anti-Malware program. These programs are listed at prevention but I will put them here as well.
Anti-Virus:
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
Anti-Malware:
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
If your virus scan or anti-malware cannot find anything, you will have to do it manually. This can be done by checking your downloads. Another good thing to do is to check your start-up files. You can use these programs to easily check what you have running each time your computer starts up. Just as a reminder, watch out with what you disable. Do not disable anything important, to check if your computer needs it, please Google it.
Some links to Start-Up managers:
[ Register or Signin to view external links. ]
Alternative:
Either open MSConfig using CMD in the start bar, if you do not know how to do this you can make a simple batch file to open MSconfig.
(Make a new text file, put the text in, save as msconfig.bat and select all files.)
this is how above program will look like if you open it.
[ Register or Signin to view external links. ]
If you still need more help, feel free to ask it on this thread or via a personal message, I would rather not do this using visitor messages. I hope this has helped you and feel free to reply and vote on the poll. Also feel free to ask any questions that are related.
Frequently asked questions:
Q. Question
A. Answer
Last edited by -John ; edited 2 times in total
Table of contents:
- Explaination
- How can a PC get infected?
- Prevention
- Recognizing a key logger / R.A.T
- Deleting
1.0 Explanation
This is a basic tutorial on how to keep your computer clean. As this is TTG I guess most people know already, but it might be of use. I'm sure something like this might have been posted before, but is only to be expected on a long standing forum.
what does a keylogger do?
Basically exactly what the name suggests. It will record all your keystrokes and put it in a log. Most people think it cant do much damage, but they are wrong.
What does a R.A.T do?
A remote administration tool (Will be referred to as R.A.T from here.) is a tool which makes someone else able to control your computer. A legal example of a R.A.T is Team viewer. Of course, Team viewer is safer since you can control access with the password provided. However, with most R.A.Ts you will have no idea you have them.
2.0 How can a PC get infected?
The answer to this is pretty simple, you download it. Usually you will get infected by downloading things from the wrong places.
[ Register or Signin to view external links. ]
These wrong places include:
- Torrent sites
- YouTube
- Random sites on the internet
- Java drive by
From all these things, a Java drive by is probably a thing you dont know. If you load a java applet on the internet, you get asked if you trust the publisher and all the files that the applet will run. However, these java applets can download a file to your computer which might harm it.
3.0 Prevention
Preventing this is necessary. It can read anything you type, either it is Runescape details, bank account details or MSN addresses. So, how do you do it?
The best thing to do is get a virus scanner and a program designed against malware and spyware. I made a small list of programs you can use. All downloads are from the official site and you can check it.
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
These are only a handful virus scanners that can protect your computer. There probably are more then 30 others. These are given as they are well known. However, this does not cover the Anti-Malware / Anti-Spyware. You can download these programs here:
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
To ensure the best protection you will also need a Firewall. You can either use the windows standard or use one of these:
[ Register or Signin to view external links. ]
4.0 Recognizing a key logger/R.A.T
There isnt much on this subject. The obvious things about a file make it suspicious; you should always double-check if you download from an unknown source. However, there are a few things that will reveal the key logger or R.A.Ts identity.
For one, most key loggers are small. Of course, there are key loggers that can be even 100GB big. Most of the time if you are downloading either a game or another file and you dont really trust it, just check it.
There are more things you can do to check your file. Most of the time, there are lazy people trying to get some quick loot for Runescape or other game. Most people do not check their key logger for mistakes and thats where we can profit from.
Might be a bad example picture, but I will replace it with a better one soon. This is from a well-known key logger which a lot of people use. Of course, there are many more of them.
[ Register or Signin to view external links. ]
As you see, the file details and such are pretty much the standard things you expect from a file. However, why did they change the name? Of course, you cant see the original file in that picture.
[ Register or Signin to view external links. ]
This was the file, but the original file name was changed a lot. A further look in the file revealed this code:
Me.Send_Email(("New infection from Clinet Id: " & Me.client_id & " Ip Address " & Me.IPMATCH.ToString), String.Concat(New String() { "New Infection from Client Id: ", Me.client_id, " Computer Name: ", Environment.UserName, " infected at ", Conversions.ToString(DateAndTime.Now) })) Even if you are not that good at understanding those computer terms, you most likely will know what it says. The Me.Send.Email and New infection part tells enough about the file, it is a key logger.
This file has been virus scanned using [ Register or Signin to view external links. ] and the results are:
[ Register or Signin to view external links. ]
5.0 Deleting
Deleting a key logger or R.A.T can be tricky. The best thing to try first is to scan your computer using an Anti-Virus and anti-Malware program. These programs are listed at prevention but I will put them here as well.
Anti-Virus:
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
Anti-Malware:
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
[ Register or Signin to view external links. ]
If your virus scan or anti-malware cannot find anything, you will have to do it manually. This can be done by checking your downloads. Another good thing to do is to check your start-up files. You can use these programs to easily check what you have running each time your computer starts up. Just as a reminder, watch out with what you disable. Do not disable anything important, to check if your computer needs it, please Google it.
Some links to Start-Up managers:
[ Register or Signin to view external links. ]
Alternative:
Either open MSConfig using CMD in the start bar, if you do not know how to do this you can make a simple batch file to open MSconfig.
(Make a new text file, put the text in, save as msconfig.bat and select all files.)
@echo off
START MSCONFIG.exe
this is how above program will look like if you open it.
[ Register or Signin to view external links. ]
If you still need more help, feel free to ask it on this thread or via a personal message, I would rather not do this using visitor messages. I hope this has helped you and feel free to reply and vote on the poll. Also feel free to ask any questions that are related.
Frequently asked questions:
Q. Question
A. Answer
Last edited by -John ; edited 2 times in total
The following 12 users thanked -John for this useful post:
Xe-Tu7 (08-16-2012), bradiztank (08-09-2012), Im_a_Killer (05-25-2012), TTGSAMSUNG (12-31-2011), Beneath (11-30-2011), Circle (10-25-2011), Explosivez (10-18-2011), Imagine (09-06-2011), Secrets (08-31-2011), iTzzzDan (08-20-2011), TTG_SamuelUK (08-16-2011), Taco-Bell (08-16-2011)
#2. Posted:
Status: Offline
Joined: Dec 19, 201013Year Member
Posts: 1,121
Reputation Power: 50
SHOULD BE STICKIED!
GREAT POST!
GREAT POST!
- 5useful
- 0not useful
#3. Posted:
Status: Offline
Joined: Apr 29, 201113Year Member
Posts: 430
Reputation Power: 16
no sh1t dude ^^^^^^^
- 0useful
- 6not useful
#4. Posted:
Status: Offline
Joined: Dec 03, 201013Year Member
Posts: 2,651
Reputation Power: 104
Status: Offline
Joined: Dec 03, 201013Year Member
Posts: 2,651
Reputation Power: 104
should be a sticky how ever i use avg 2018 and its quite good thanks for the post will help a lot of people that don't understand what they are downloading.
- 0useful
- 0not useful
#5. Posted:
Status: Offline
Joined: Aug 11, 201112Year Member
Posts: 612
Reputation Power: 30
Thanks guys , hope it helps
- 0useful
- 0not useful
#6. Posted:
Status: Offline
Joined: May 30, 201112Year Member
Posts: 1,082
Reputation Power: 44
Status: Offline
Joined: May 30, 201112Year Member
Posts: 1,082
Reputation Power: 44
This should be stickied, now all the newbs that want to download RS gold gens will finally see what they are.
- 0useful
- 0not useful
#7. Posted:
Status: Offline
Joined: Aug 11, 201112Year Member
Posts: 612
Reputation Power: 30
Once again, thanks for the replies lads (:
- 0useful
- 0not useful
#8. Posted:
Status: Offline
Joined: Sep 14, 201013Year Member
Posts: 3,495
Reputation Power: 167
Status: Offline
Joined: Sep 14, 201013Year Member
Posts: 3,495
Reputation Power: 167
lol good post this should be stickied how long did it take
- 0useful
- 0not useful
#9. Posted:
Status: Offline
Joined: Aug 11, 201112Year Member
Posts: 612
Reputation Power: 30
-Sad- wrote lol good post this should be stickied how long did it take
About an hour to make I think, this version that is. Previous version I used to post on forums took me like 2 hours, mostly correcting sentences and my spelling.
- 0useful
- 0not useful
#10. Posted:
Status: Offline
Joined: Sep 14, 201013Year Member
Posts: 3,495
Reputation Power: 167
Status: Offline
Joined: Sep 14, 201013Year Member
Posts: 3,495
Reputation Power: 167
well all im gonna say is good luck on getting a sticky u got my vote for 1
- 0useful
- 0not useful
You are viewing our Forum Archives. To view or take place in current topics click here.