poild (05-05-2009)
ok, first, type with the on-screen keyboard. it can't see what you type.
second, this IS a keylogger, so don't download anything if it's not according to the instructions for posting hacks.
third, do a system restore. i'm pretty sure everyone has it. if you don't know how, ask your dad kiddies. if you're older, pm me and i'll help you.
fourth, someone NEEDS to give me the name of the file or process. then, i will tell you how to PERMANENTLY remove it. it'll different for different types.
if your antivirus tells you it's there, tell me the name it gives you.
also, go to task manager(ctrl-alt-delete) and end the keylogger process if you know what it is. do NOT end any unknown processes.
and do NOT go in your win32 folder and delete ANYTHING. you will quite possibly kill your computer.
DELETE ALL THESE REGISTRY ENTRIES IF THEY ARE THERE:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\BPK
HKEY_CURRENT_USER\Software\Blazing Tools\Perfect Keylogger
HKEY_CURRENT_USER\SS.SS
HKEY_CURRENT_USER\SS.SS.1[/COLOR]
HKEY_CURRENT_USER\CLSID\{1D1B2879-99FF-11E3-8D96-D7ACAC95952A}
HKEY_CURRENT_USER\Interface\{1D1B2878-99FF-11E3-8D96-D7ACAC95952A}
HKEY_CURRENT_USER\TypeLib\{1D1B286C-99FF-11E3-8D96-D7ACAC95952A}
HKEY_LOCAL_MACHINE\SOFTWARE\Blazing Tools\Perfect Keylogger
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Perfect Keylogger [XVS]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper
one person has posted that it is the Blazing Tools Perfect Keylogger. i need confirmation.
Last edited by Remorse; 05-05-2009 at 03:24 PM.
Time to start cycling through old sigs.
[IMG]https://i381.photobucke*****m/albums/oo259/darkstar9540/5infection.png[/IMG]__________________________________________________
Well that is that and this is this,
You tell me what you want and I'll tell you what you get,
You get away from me.
You get away from me.__________________________________________________Modest Mouse
Ocean Breathes Salty
Float On
poild (05-05-2009)
good just change "it can't see what you type." to "it can see what you type"
process is hidden but it's called WinHelper.exe.exe (no i didnt put 2 .exe's on purpose, that is the process and file name) and the other file is the .dat file that holds everything the host typed and opened and such.
And don't fucking start flaming in a thread that says NO FLAMING.
It uses a winhelper.exe.exe
and 2 win32 reg entries (one in local machine and the other in the one with mostly #s but w/o classes at the end
software/microsoftdows/currentversion/run
run updated spybot search and destroy and it will give exact address in registry
sys restore seems to work on it tho.
Last edited by VuDo0; 05-05-2009 at 02:39 PM.
Time to start cycling through old sigs.
[IMG]https://i381.photobucke*****m/albums/oo259/darkstar9540/5infection.png[/IMG]__________________________________________________
Well that is that and this is this,
You tell me what you want and I'll tell you what you get,
You get away from me.
You get away from me.__________________________________________________Modest Mouse
Ocean Breathes Salty
Float On
well i think it turned off my system restore...permanantly
Time to start cycling through old sigs.
[IMG]https://i381.photobucke*****m/albums/oo259/darkstar9540/5infection.png[/IMG]__________________________________________________
Well that is that and this is this,
You tell me what you want and I'll tell you what you get,
You get away from me.
You get away from me.__________________________________________________Modest Mouse
Ocean Breathes Salty
Float On
you can't do that, go to you start menu>programfiles>accessories>systemtools>systemre store.
You can disable it but you can re-enable it. When you do that it will tell you how to re-enable it, or it will re-enable it self. Hope i helped.
WEE KOREAN CHARACTERS!!!
ㅇㅁㅈㄷㅇ마ㅓ임너린머머럼니렂ㅁ댜ㅐ더ㅐㅑㅁ어ㅐ조벼우ㅐㅑ무
EDIT:
Worms can disable it that is true.
If you do think it's disabled and you can enable it again, just download https://www.malwarebytes.org/mbam.php
and do a quick scan. I guarentee you will find at least something if you've never used this program. It's great for tracking down malware, trojans, worms. etc... Just don't forget to update it.
Last edited by OniSystem; 05-05-2009 at 02:59 PM.
rofl how do you system restore if it turns your system restore off
i click yes, turn on system restore and yet nothing happens, the process for system restore doesnt show up in task manager and if i click system restore again, i get the same message
I can upload my version of pirated windows, I have it on a disk, and I can just put all my data on other disks and delete windows manually, then shove the disk in.
Just tell me if you want me to upload it.
If you did not run maximo's hack, you will not have the keylogger.
haha thank's man, mine was in here
HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run\BPK
it was called windows update though, but it said mudkiep
if it helps, my antivirus found a dialer shortly after i started my computer in:
hkey_localmachine\software\microsft\windows\curren tversion\run\explorer32