I'e been keylogged...

[Black_Apalachi]

Did they shout out your actual password? I don't see why they wouldn't just go straight on your account (especially after you declined their bribe). Anyway, do you remember trying to download anything or going on any unusual websites recently?

When he stalked me, shouted my pass out in the room, and then he told me... lol. He says pay him a t for my own keylogging site and to remove it... He'd probably lying anyway. Storing all on a friends account

Even people you think are your friends can scam you. You would have been better off storing your stuff on your clone.

Dont type any passwords with your keyboard, use the onscreen keyboard

This is good advice. To find it (on Vista) go to; Start / All Programs / Accessories / Ease of Access / On-Screen Keyboard

In the meantime, if your anti-virus scanner can't find anything, try downloading one called McAfee (free trial here although I'm sure there's a full free version elsewhere). I was advised to use this when I thought I had a key-logger once.

[LoveToStack]

He said that dont work

Why are you putting your faith in someone who's already went out of their way to hack you?
Anyway sounds like he's got you convinced when there's no threat at all. You say he shouted your password but then blackmails you in attempt to get a T out of you? If the first was true, why wouldn't he just take it for himself?

Anyway, practical solutions. Turn off trading for a start and if you're convinced that you are keylogged just get yourself banned (easy way is to post a random string of numbers in a GB and call it a phone number, then report it. That's a 30 day ban). Also get some antivirus software. :rolleyes:

[Nightcrawler]

Depending on the keylogger it might show up with ALT + CRTL + SHIFT + G all at the same time thats with most pre built ones, however if hes made it himself then press CRTL + ALT + DELETE and screen shot the processes section of the window that will open and post here and ill tell you which one it could be a simple end process will kill it intil reboot, however once you know the name then it wont be hard to remove it.

If hes hidden it from the processes menu and it doesnt fit into the cat above then a better AV might be needed what anti-virus are you currently using and operating system?

As for IP logged there's no such thing, hes storing your keystrokers via a FTP or email depending on the set up, it all of the above fails then scan your PC using a packetsniffer and it will tell you all outgoing connections and where to once you've determinded the IP its sending it to then you can choose to block all connections to it or even go further into finding the FTP/email username and login and taking it over and changing so he cant access.

Software
http://www.etherdetect.com/

[skooledmepls]

Did they shout out your actual password? I don't see why they wouldn't just go straight on your account (especially after you declined their bribe). Anyway, do you remember trying to download anything or going on any unusual websites recently?



Even people you think are your friends can scam you. You would have been better off storing your stuff on your clone.



This is good advice. To find it (on Vista) go to; Start / All Programs / Accessories / Ease of Access / On-Screen Keyboard

In the meantime, if your anti-virus scanner can't find anything, try downloading one called McAfee (free trial here although I'm sure there's a full free version elsewhere). I was advised to use this when I thought I had a key-logger once.

I am alreadu using McAfee full version. Also using OS Keyboard.And I trust my friend enough.

Why are you putting your faith in someone who's already went out of their way to hack you?
Anyway sounds like he's got you convinced when there's no threat at all. You say he shouted your password but then blackmails you in attempt to get a T out of you? If the first was true, why wouldn't he just take it for himself?

Anyway, practical solutions. Turn off trading for a start and if you're convinced that you are keylogged just get yourself banned (easy way is to post a random string of numbers in a GB and call it a phone number, then report it. That's a 30 day ban). Also get some antivirus software. :rolleyes:

I changed pass on another PC + turned off trade pass, thats why he dint take the T

Depending on the keylogger it might show up with ALT + CRTL + SHIFT + G all at the same time thats with most pre built ones, however if hes made it himself then press CRTL + ALT + DELETE and screen shot the processes section of the window that will open and post here and ill tell you which one it could be a simple end process will kill it intil reboot, however once you know the name then it wont be hard to remove it.

If hes hidden it from the processes menu and it doesnt fit into the cat above then a better AV might be needed what anti-virus are you currently using and operating system?

As for IP logged there's no such thing, hes storing your keystrokers via a FTP or email depending on the set up, it all of the above fails then scan your PC using a packetsniffer and it will tell you all outgoing connections and where to once you've determinded the IP its sending it to then you can choose to block all connections to it or even go further into finding the FTP/email username and login and taking it over and changing so he cant access.

Software
http://www.etherdetect.com/

Thanks for the detail, using McAfee atm.

[Nightcrawler]

McAfee isnt the best in all fairness i would opt for something like ESET even though you might have to pay for it.

Depending on the persons actually knowledge of cryptography and the ability then it might appear undected to most AV's for a while intil a update of the AV with a new database of virus' to look for etc.

at the most a simple change of AV might actually be better then using McAfee and rescan your harddrive/s. If all then still fails then system restore might be the problem, and also a revision of how you could of been keylogged by backtracking your steps and the files you've accepted in recent times.

if you dont know what cryptography is then read the spoiler

Show Hide

By definition cryptography is the process of converting recognisable data into an encrypted code for transmitting it over a network (either trusted or untrusted). Data is encrypted at the source, i.e. sender's end and decrypted at the destination, i.e. receiver's end.

In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext using different encryption algorithms.


The Purpose :-
* Authentication : The process of proving one's identity.
* Privacy/confidentiality : Ensuring that no one can read the message except the intended receiver.
* Integrity : Assuring the receiver that the received message has not been altered in any way from the original.
* Non-repudiation : A mechanism to prove that the sender really sent this message.

In general cryptographic algorithms are classified into three categories as follows :

1) Secret Key Cryptography (SKC) : Uses a single key for both encryption and decryption.
2) Public Key Cryptography (PKC) : Uses one key for encryption and another for decryption.
3) Hash Functions : Uses a mathematical transformation to irreversibly "encrypt" information.

Secret Key Cryptography :- With secret key cryptography, a single key is used for both encryption and decryption. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.

Secret key cryptography algorithms that are in use today include :

1) Data Encryption Standard (DES) : DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES uses a key of only 56 bits, and thus it is now susceptible to "brute force" attacks.
Triple-DES (3DES) and DESX are the two important variants that strengthen DES.

2) Advanced Encryption Standard (AES ) : The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits.

3 ) International Data Encryption Algorithm (IDEA) : Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally.

4) Rivest Ciphers : Named for Ron Rivest, a series of SKC algorithms.

RC1 : Designed on paper but never implemented.
RC2 : A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268.
RC3 : Found to be breakable during development.
RC4 : A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length.
RC5 : A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040.
RC6 : An improvement over RC5, RC6 was one of the AES Round 2 algorithms.

5) Blowfish : A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products.

credit to carb0n @ HH

[skooledmepls]

McAfee isnt the best in all fairness i would opt for something like ESET even though you might have to pay for it.

Depending on the persons actually knowledge of cryptography and the ability then it might appear undected to most AV's for a while intil a update of the AV with a new database of virus' to look for etc.

at the most a simple change of AV might actually be better then using McAfee and rescan your harddrive/s. If all then still fails then system restore might be the problem, and also a revision of how you could of been keylogged by backtracking your steps and the files you've accepted in recent times.

if you dont know what cryptography is then read the spoiler

Show Hide

By definition cryptography is the process of converting recognisable data into an encrypted code for transmitting it over a network (either trusted or untrusted). Data is encrypted at the source, i.e. sender's end and decrypted at the destination, i.e. receiver's end.

In all cases, the initial unencrypted data is referred to as plaintext. It is encrypted into ciphertext, which will in turn (usually) be decrypted into usable plaintext using different encryption algorithms.


The Purpose :-
* Authentication : The process of proving one's identity.
* Privacy/confidentiality : Ensuring that no one can read the message except the intended receiver.
* Integrity : Assuring the receiver that the received message has not been altered in any way from the original.
* Non-repudiation : A mechanism to prove that the sender really sent this message.

In general cryptographic algorithms are classified into three categories as follows :

1) Secret Key Cryptography (SKC) : Uses a single key for both encryption and decryption.
2) Public Key Cryptography (PKC) : Uses one key for encryption and another for decryption.
3) Hash Functions : Uses a mathematical transformation to irreversibly "encrypt" information.

Secret Key Cryptography :- With secret key cryptography, a single key is used for both encryption and decryption. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption.

Secret key cryptography algorithms that are in use today include :

1) Data Encryption Standard (DES) : DES is a block-cipher employing a 56-bit key that operates on 64-bit blocks. DES uses a key of only 56 bits, and thus it is now susceptible to "brute force" attacks.
Triple-DES (3DES) and DESX are the two important variants that strengthen DES.

2) Advanced Encryption Standard (AES ) : The algorithm can use a variable block length and key length; the latest specification allowed any combination of keys lengths of 128, 192, or 256 bits and blocks of length 128, 192, or 256 bits.

3 ) International Data Encryption Algorithm (IDEA) : Secret-key cryptosystem written by Xuejia Lai and James Massey, in 1992 and patented by Ascom; a 64-bit SKC block cipher using a 128-bit key. Also available internationally.

4) Rivest Ciphers : Named for Ron Rivest, a series of SKC algorithms.

RC1 : Designed on paper but never implemented.
RC2 : A 64-bit block cipher using variable-sized keys designed to replace DES. It's code has not been made public although many companies have licensed RC2 for use in their products. Described in RFC 2268.
RC3 : Found to be breakable during development.
RC4 : A stream cipher using variable-sized keys; it is widely used in commercial cryptography products, although it can only be exported using keys that are 40 bits or less in length.
RC5 : A block-cipher supporting a variety of block sizes, key sizes, and number of encryption passes over the data. Described in RFC 2040.
RC6 : An improvement over RC5, RC6 was one of the AES Round 2 algorithms.

5) Blowfish : A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPC-class machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products.

credit to carb0n @ HH

So you recommend I get ESET?

[skooledmepls]

He says he can break my computer from his house? Lol, and he says it's a RAT not a keylogger?

Edited by Nicola (Forum Moderator): Please do not multiple post within the 15 minute edit time.

[Nightcrawler]

So you recommend I get ESET?

from my experiance of using it then its the best i've came across however im not promising that it will remove your "keylogger" however i can say its better then McAfee
http://www.eset.co.uk/Products/Antivirus

opt for that one as its cheaper, im sure other people will soon but in this thread and say use AVG, use Kaspersky etc but everyone has there own opinions on what to use but ESET one of the best to spot "incorrect" outgoing connections.

However if its coded out of Visual Basic and sends via an email then its not gonna show up on your Anti Virus software and your gonna have to packetsniff to find the outgoing connection.

[skooledmepls]

from my experiance of using it then its the best i've came across however im not promising that it will remove your "keylogger" however i can say its better then McAfee
http://www.eset.co.uk/Products/Antivirus

opt for that one as its cheaper, im sure other people will soon but in this thread and say use AVG, use Kaspersky etc but everyone has there own opinions on what to use but ESET one of the best to spot "incorrect" outgoing connections.

However if its coded out of Visual Basic and sends via an email then its not gonna show up on your Anti Virus software and your gonna have to packetsniff to find the outgoing connection.

whats a RAT?

[Sad3k..]

Go to an interent cafe, change the pass there. then reboot your system wipe everything off and then come back it should be cleared.