If you downloaded Maximos' keylogger, read here(no noob bullshit)

[Remorse]

ok, first, type with the on-screen keyboard. it can't see what you type.

second, this IS a keylogger, so don't download anything if it's not according to the instructions for posting hacks.

third, do a system restore. i'm pretty sure everyone has it. if you don't know how, ask your dad kiddies. if you're older, pm me and i'll help you.

fourth, someone NEEDS to give me the name of the file or process. then, i will tell you how to PERMANENTLY remove it. it'll different for different types.
if your antivirus tells you it's there, tell me the name it gives you.

also, go to task manager(ctrl-alt-delete) and end the keylogger process if you know what it is. do NOT end any unknown processes.

and do NOT go in your win32 folder and delete ANYTHING. you will quite possibly kill your computer.

DELETE ALL THESE REGISTRY ENTRIES IF THEY ARE THERE:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\BPK
HKEY_CURRENT_USER\Software\Blazing Tools\Perfect Keylogger
HKEY_CURRENT_USER\SS.SS
HKEY_CURRENT_USER\SS.SS.1[/COLOR]
HKEY_CURRENT_USER\CLSID\{1D1B2879-99FF-11E3-8D96-D7ACAC95952A}
HKEY_CURRENT_USER\Interface\{1D1B2878-99FF-11E3-8D96-D7ACAC95952A}
HKEY_CURRENT_USER\TypeLib\{1D1B286C-99FF-11E3-8D96-D7ACAC95952A}
HKEY_LOCAL_MACHINE\SOFTWARE\Blazing Tools\Perfect Keylogger
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Perfect Keylogger [XVS]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper


one person has posted that it is the Blazing Tools Perfect Keylogger. i need confirmation.

[OniSystem]

good just change "it can't see what you type." to "it can see what you type"
process is hidden but it's called WinHelper.exe.exe (no i didnt put 2 .exe's on purpose, that is the process and file name) and the other file is the .dat file that holds everything the host typed and opened and such.

And don't fucking start flaming in a thread that says NO FLAMING.

[VuDo0]

It uses a winhelper.exe.exe
and 2 win32 reg entries (one in local machine and the other in the one with mostly #s but w/o classes at the end
software/microsoftdows/currentversion/run

run updated spybot search and destroy and it will give exact address in registry

sys restore seems to work on it tho.

[MXfreestyle28]

It uses a winhelper.exe.exe
and 2 win32 reg entries (one in local machine and the other in the one with mostly #s but w/o classes at the end
software/microsoftdows/currentversion/run

well done, but there are still 2 more places where it auto starts from

good luck on your search you are halfway there

[Remorse]

good just change "it can't see what you type." to "it can see what you type"
process is hidden but it's called WinHelper.exe.exe (no i didnt put 2 .exe's on purpose, that is the process and file name) and the other file is the .dat file that holds everything the host typed and opened and such.

And don't fucking start flaming in a thread that says NO FLAMING.

please, don't post if you don't know what you're talking about.

It uses a winhelper.exe.exe
and 2 win32 reg entries (one in local machine and the other in the one with mostly #s but w/o classes at the end
software/microsoftdows/currentversion/run

when it reappears, does it do so in the same place? and what is it named after it reappears?

[VuDo0]

when it reappears, does it do so in the same place? and what is it named after it reappears?

I dont think I can be much help. After restore there is no trace of it.
I just wanted to leave what little info i did remember just in case it helps.

[kentonyu]

well i think it turned off my system restore...permanantly

[Remorse]

well i think it turned off my system restore...permanantly

that's the point of system restore. only worms can do that.

[OniSystem]

well i think it turned off my system restore...permanantly

you can't do that, go to you start menu>programfiles>accessories>systemtools>systemre store.

You can disable it but you can re-enable it. When you do that it will tell you how to re-enable it, or it will re-enable it self. Hope i helped.

WEE KOREAN CHARACTERS!!!
ㅇㅁㅈㄷㅇ마ㅓ임너린머머럼니렂ㅁ댜ㅐ더ㅐㅑㅁ어ㅐ조벼우ㅐㅑ무

EDIT:
Worms can disable it that is true.
If you do think it's disabled and you can enable it again, just download https://www.malwarebytes.org/mbam.php
and do a quick scan. I guarentee you will find at least something if you've never used this program. It's great for tracking down malware, trojans, worms. etc... Just don't forget to update it.

[kentonyu]

rofl how do you system restore if it turns your system restore off

[kentonyu]

i click yes, turn on system restore and yet nothing happens, the process for system restore doesnt show up in task manager and if i click system restore again, i get the same message

[Legify]

I can upload my version of pirated windows, I have it on a disk, and I can just put all my data on other disks and delete windows manually, then shove the disk in.

Just tell me if you want me to upload it.

If you did not run maximo's hack, you will not have the keylogger.

[poild]

haha thank's man, mine was in here

HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\BPK

it was called windows update though, but it said mudkiep

[kentonyu]

if it helps, my antivirus found a dialer shortly after i started my computer in:
hkey_localmachine\software\microsft\windows\curren tversion\run\explorer32