|
-
July 31st, 2003, 04:39 AM
#1
Help stop child abuse
OK...one of my children (in their infinite wisdom) downloaded a "keygen" for a demo game that they downloaded...I got to give them credit for the effort, but the "keygen" was actually a KEYLOGGER (spector)...which I have gotten rid of. HOWEVER, the original executable absolutely refuses to delete....I've tried everything I can remember except dynamite (and formatting) to get it off the hard drive. Any suggestions??
MAJOR GREENIES for the first correct answer that gets rid of it.
Al
It isn't paranoia when you KNOW they're out to get you...
-
July 31st, 2003, 04:47 AM
#2
ok, is it still running? why can't you delete the EXE?
make a boot disk (from DOS or whatever) then delete the file that way...
is it starting with windows, what's going on?
yeah, I\'m gonna need that by friday...
-
July 31st, 2003, 04:48 AM
#3
You dont happen to have the name of the keylogger or the keygen it was hidden in would you. That could help a little bit. Also have you checked out the registry? you might be able to find something about it in there. Alot of the times keyloggers will stay hidden and you will be able to get it to pop up with a set of keys (one i had opened up with CTRL+SHIFT+F11) If that is the case you might be able to find that.
PeacE
-BoB
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
-
July 31st, 2003, 05:06 AM
#4
I have been looking and so far I have only found Stubborn File Remover 1.1 for Mac X, but I am guessing that you are running a Windows box sooo, still looking  . Ok, here it goes.
-Complete Cleanup 4.63 (For All Windows)
-Antiy Ghostbusters Professional Edition 3.7 (For All Windows)\
-Your Uninstaller 2003 Pro 3.9.3
I really hope that helps you even if I do not know a lot.
-
July 31st, 2003, 05:13 AM
#5
And the winner is...TAMPABAY420!!!
It was still running and I'm embarrassed that I didn't think of that one but eternally grateful to have my oversight pointed out. Thanks guys!
FYI..it was midnight_club_2_keygen.exe
Al
It isn't paranoia when you KNOW they're out to get you...
-
July 31st, 2003, 05:24 AM
#6
Glad you got that all sorted out and off the system. Yeah those little things can be stubborn (the programs not the kids lol). You always have to be a little wary on getting those proggies.
PeacE
-BoB
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
-
July 31st, 2003, 02:08 PM
#7
darn too late.. My recomadation was .. restart in "Safe Mode".. but some keyloggers can prevent normal entry into safemode.. so i was still wrong.. shite.. some like some virii prevent taskmanager from running..
Oh well
We do need some good techno Questions for noobs to OS probs (noobs regardless of site status that is)..
Cheers
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
