Perfect Keylogger Remote Installation Guide

Blazingtools Perfect Keylogger Stealth Guide
Installation

During the installation of the Perfect Keylogger, you may want to change the keyword, however it is important to choose a good keyword like “upgrade center”. Furthermore, you should choose “Stealth Installation” and uncheck the option “Create folder with shortcuts in the program menu”

Options

1 General check the following items:
- Run on Windows startup.
- Don’t show the program icon at startup.
- Choose a hotkey combination:
You may choose your own combination (example: Ctrl + Windows Key + Alt + R). Whatever hotkey you select, the LAST key pushed in the combination has to be the letter. Many people have a habit of pressing the Windows Key last. Before using the Windows Key, make sure your keyboard HAS a Windows key. It looks like a flag made up of four squares. If the remote computer doesn't have a Windows Key, then it is nearly impossible to access the keylogger. Not all keyboards have the Windows Key.. and almost nobody ever pushes it.
- Hide the program from Ctrl + Alt + Delete.
Do not check the option “Make the program invisible in the windows startup list”! Because after an incorrect shutdown Bpk won’t load! The only boxes you should see checked are both boxes at the top (run on windows startup...) and the first of the three boxes at the bottom.
All the other items in the general tab should be left unchecked. If you check the 3rd box at the bottom, it will convert the install from a "regular" install to a "stealth" install. It will then clear that box. If you check that box again, it will give you a warning that you have already done that.

2 Logging: check the following items:
- Set a password.
Keep in mind that you will have to enter that password yourself quite often.. so keep it as short as you feel comfortable with.
- Monitor only online activity. Most of us are only interested in online activity. Checking this option will increase safety.
- Enable chat logging (if needed).
- Use progressive method of keystroke interception. Most of the time this is not needed, but it won’t do any harm if you leave it checked. You may check all the other items in the logging tab, but most of them are not needed. Before you make a Remote Installation Package make sure you press the Clear Log button.

3 Screenshots: Be careful with screenshots in a remote install. Each screenshot is typically 100k which is relatively huge compared to any text log. If either your remote or local computer is a dialup computer (not broadband cable or DSL) then do not select screenshots. They will decrease safety when combined with FTP uploading and will also dramatically increase the logsize! A big logsize is not so nice because many webhosting service companies have set a monthly bandwith limit. A dialup computer might not be able to send those pictures out fast enough. Set the screenshots to auto-delete after a specified number of days so that if they do not get sent, they will not accumulate on the computer.

4 Email: Avoid sending your logs via e-mail if possible due to firewall and antivirus alerts. For instance Norton will give a popupmessage when scanning outgoing email. Use FTP instead if you know how to access FTP (almost nobody does unless they are familiar with creating a website).

5 FTP: check the following items:
- Try to upload logs by FTP every 30 minutes (you can adust the time interval here).
- Do not check Visual log.
- Log file format: choose unencrypted so you don't need the log viewer
- Upload only when logsize is more than ##Kb. 30 should be a nice value when Screenshots are disabled. It is always nice if you don’t have too many upload folders in your FTP account.
- Stealth uploading using Internet Explorer.
- Clear logs after successful uploading.

FTP server: Have a look in the original Bpk Help file for what to fill in these forms. Be sure to set a username that nobody knows. Bravepages.com is a good choise for a FTP account if you want to upload nasty stuff ;) Other companies may not tolerate Bpk uploads, so be careful! 0catch.com is a good choice as well.
If you are registering for an account, be sure that you don’t use your real personal information like address, phone number etc. This avoids any possibility of tracing back to you. Be sure to set a Remote directory that looks innocent like “/Favorites” and also check “Use passive mode” in the FTP server options menu.

1 Alerts: If you use FTP instead of email, you can’t use the Alert feature.

2 Targets: choose “enable logging in the following applications only”. The less applications are chosen here the more stealth Bpk will be. How to set the applications will speak for itself, but use “by application” and “by window title” together (as a backup).

3 Notification: Do not use this!
Now press the “Hide program icon” button and make sure that you won’t be asked again to hide it.

Remote installation
The following items should be chosen:

1 Install new or update existing keylogger on the remote computer.

2 DO NOT CHECK THE OPTION NOTIFY ME WHEN THE INSTALLATION PACKAGE WILL BE LAUNCHED! In many cases this will raise a firewall alert on your victims computer when he opened the package. This will cause suspicion and we don’t want that!

3 Specify the program to combine it with the keylogger. When you click on BROWSE, you will see a box that says "Files of Type" and the default is "Program Files". Change this to "All Files". Nice programs are funny exe files. Have a look at http://www.pms.no/fun/ for examples. But do not use this file! Advanced users may choose to make your own VBS file by opening Notepad and copy and pasting the following to it: msgbox "An unrecoverable application error!", vbOKOnly, "Error!" Now save it and name the file after the funny file you’ve just chosen from the website. Now you have a file that will generate “an unrecoverable application error!” message when your victim opens the package. This will (hopefully) prevent further spreading of the Remote Installation Package.

4 Install to the following folder on the remote computer. Leave this as it is by default. Don’t put anything in here.

SMTP mail services list (not verified):

Attention: we recommend using a paid e-mail or FTP service for your security. We had some problems with malicious usage of free e-mail servers. This list is just a sample of the many free e-mail servers that are available.

Amaze.net.au mail.amaze.net.au
Ameritech DSL mailhost.col.ameritech.net
America Online za.mx.aol.com
America Online zb.mx.aol.com
America Online zc.mx.aol.com
AT&T smtp1.attglobal.net
AT&T mailhost.worldnet.att.net
AT&T WorldNet mailhost.att.net
AT&T WorldNet mailhost.worldnet.att.net
Australink.net mail.australink.net
bellatlantic.net smtpout.bellatlantic.net
Bluelight.com smtp.mail.yahoo.com
BlueYonder smtp.blueyonder.co.uk
Bondinet.com mail1.oznet.net.au
Breathe mailhost.breathemail.net
bright.net mail.bright.net.
Bt Click mail.btclick.com
Bt Connect smtp.btconnect.com
BT Internet mail.btinternet.com
BT Openworld mail.btopenworld.com
BusinessServe smtp.businessserve.co.uk
BusinessServe (aap.businessserve.co.uk for advanced access)
Cableinet smtp.blueyonder.co.uk
Claranet relay.clara.net
Comcast smtp.comcast.net
CompuServe 2000 smtp.cs.com
CompuServe Classic mail.compuserve.com
CWCom smtp.ntlworld.com
DCAnet postoffice.dca.net
Demon post.demon.co.uk
Earthlink.net smtp.earthlink.net
Easynet smtp.easynet.co.uk
ee.net mail.ee.net
Freeinet.com mail.ma.freei.net
Freeserve smtp.freeserve.co.uk
Freeserve smtp.freeserve.net
Gateway smtp.gateway.net
Genie mail.genie.co.uk
Greenbank.net.au mail.greenbank.net.au
Hotkey.net.au mail.hotkey.net.au
ibm.net smtp1.ibm.net
IC24 smtp.ic24.net
icdc.com mailout.icdc.com
INFOLINK.com mail.nfolink.com
Interlink mail.your-net.com
Inweb Networks post.inweb.co.uk
IronNet mail.iron.net
iwayNET smtp.iwaynet.net
Jade Inc. mail.jadeinc.com
Lineone smtp.lineone.net
Log on America mail.loa.com
Logicworld.com.au mail.logicworld.com.au
Lycos smtp.lycos.co.uk
Madasafish smtp.madasafish.com
MegaNet smtp.meganet.net
Microsoft's MSN smtp.email.msn.com
MidOhio.net mail.midohio.net
MindSpring smtp.mindspring.com
MindSpring mail.mindspring.com
Mistral smtp.mistral.co.uk
MSN.com smtp.email.msn.com
MSN.DSL secure.smtp.email.msn.com
NamesToday smtp.namestoday.ws
netcom.com smtp.ix.netcom.com
netreach.net smtp.netreach.net
Netscapeonline mailhost.netscapeonline.co.uk
NetSet mail.netset.com
NetWalk.com mail.netwalk.com
netzero.net smtp.netzero.net
nextek.net mail.nextek.net
Nildram smtp.nildram.co.uk
nni.com nni.com
Northstar Data Systems mail.nn.net
NTL World smtp.ntlworld.com
OneTel mail.onetel.net.uk
On-Ramp mail.marion.net
Ozemail.com.au smtp.ozemail.com.au
peoplepc mail.peoplepc.com
Pipex smtp.dial.pipex.com
Prodigy smtp.prodigy.net
Prodigy smtp.prodigy.net
Purplenet smtp.purplenet.co.uk
rcn.com smtp.rcn.com
redbird.net mail.redbird.net
RichNet mail.richnet.net
Road Runner (Insight Communications) smtp-server.insight.rr.com
Road Runner (Time Warner) smtp-server.columbus.rr.com
Road Runner (Time Warner) smtp-server.nc.rr.com
Screaming.Net smtp.tiscali.co.uk
Spire mail.spire.com
Supanet smtp.supanet.com
Telewest smtp.blueyonder.co.uk
Telocity mail.telocity.com
Tesco smtp.tesco.net
Tesconet mail.tesco.net
Tiscali smtp.tiscali.co.uk
Totalise mail.totalise.co.uk
TPG.com.au mail.tpg.com.au
TTLC mail.ttlc.net
UKGateway smtp.ukgateway.net
uu.net uu.net
V 21 smtp.v21.co.uk
Verizon smtp.verizon.net
Virgin smtp.virgin.net
Vispa mail.vispa.com
voicenet.com mail.voicenet.com
Waitrose smtpmail.waitrose.com
Webcom smtp.webcom.com
Which Online mail.which.net
Wide Open West smtp.mail.wowway.com
Wide Open West (users with @wideopenwest.com) smtp.mail.wideopenwest.com
Worldonline smtp.tiscali.co.uk
Yahoo smtp.mail.yahoo.com