 |
| Register | Login | |||||
 |
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
|
| | ||
|
| Register | Login | |||||
|
Main
| Memberlist
| Active users
| ACS
| Commons
| Calendar
| Online users Ranks | FAQ | Color Chart | Photo album | IRC Chat |
|
| | ||
| 0 user currently in Hardware/Software. |
| Acmlm's Board - I2 Archive - Hardware/Software - Perfect Keylogger |
 |  |  |
| Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
| User | Post | ||
|
Squash Monster New Age Retro Hippie Togateiru Fohku Kohgeki!! GRUNGE no HAMSTER otona bite Peace love and turnpike! Level: 40 Posts: 138/677 EXP: 430507 For next: 10802 Since: 03-15-04 From: Maryland (of the Country Between Canada and Mexico) Since last post: 5 hours Last activity: 5 hours |
| ||
| After I restarted my box today, I stumbled upon something very disturbing. A program called "Perfect Keylogger" opened a nag screen asking to be registered (3 Trial days left). I never installed such a program, and am not enthusiastic about having it here. So far, I've tried Ad-Aware (which only found three tracking cookies and something called NewDotNet), Search (no results for keylogger), and a Google search on the program. I downloaded the installer that came with it and saw what it named files by default, but after removing everything that search turned up, but that nag screen still popped up (I still have it up on my screen but can't find a process in taskmanager). I didn't find anything while searching for uninstall support on that program. Could anyone tell me how to remove the thing? (Preferably in a manner where I can leave a suprise for whoever put it there). (edited by Squash Monster on 06-23-04 04:30 PM) |
|||
Prier Archangel Administrative Priestess. NUCLEAR SUB WEEEOOOO Level: 119  Posts: 1451/8392 EXP: 18790939 For next: 138352 Since: 03-15-04 From: Nerima Dist. - Tokyo, Japan Since last post: 1 day Last activity: 1 day |
| ||
| As per what I looked on for Google...I didn't find anything very fun. Go here for info about it. It seems that it is, in fact, spyware. So Ad-Aware 6 SHOULD have taken care of it. If you don't have an updated reference-file (which is updated quite a bit, actually), I would update it and run it again and check all drives that you have for this...so it might take a while but at least you're making sure it gets off. If not that, then it seems like it's memory-resident, so I would wonder if by chance you don't have something in your registry about it (use either Regedit and/or right-click My Computer/Manage/Services and check for the software in there and try to disable it, advanced tactics though...so don't delete or modify anything that could blow a hole in your sys). |
|||
|
HyperLamer <||bass> and this was the soloution i thought of that was guarinteed to piss off the greatest amount of people Sesshomaru Tamaranian Level: 118 Posts: 1102/8210 EXP: 18171887 For next: 211027 Since: 03-15-04 From: Canada, w00t! LOL FAD Since last post: 2 hours Last activity: 2 hours |
| ||
| Is this the program in question? | |||
|
Squash Monster New Age Retro Hippie Togateiru Fohku Kohgeki!! GRUNGE no HAMSTER otona bite Peace love and turnpike! Level: 40 Posts: 140/677 EXP: 430507 For next: 10802 Since: 03-15-04 From: Maryland (of the Country Between Canada and Mexico) Since last post: 5 hours Last activity: 5 hours |
| ||
| Hiryuu: I saw the page you linked, but I thought Ad-aware Might not catch it since it's commercial. I've updated my references, though it has been quite some time since trying to update had an effect. I don't feel like doing a registry edit, but I will tommorow if I must. HyperHacker: Yes, to the best of my knowlage, it is. I also thought it could be some program pretending to be that, which would explain why none of my family seems to know where it came from. Any idea how to get rid of it? |
|||
|
Prier Archangel Administrative Priestess. NUCLEAR SUB WEEEOOOO Level: 119 Posts: 1462/8392 EXP: 18790939 For next: 138352 Since: 03-15-04 From: Nerima Dist. - Tokyo, Japan Since last post: 1 day Last activity: 1 day |
| ||
| You said there's no uninstall whatsoever...is that the same for Add/Remove Programs in Windows Control Panel? And yea...you might be right about the whole commercial thing...I was just wondering if it was worth a shot at least. |
|||
|
HyperLamer <||bass> and this was the soloution i thought of that was guarinteed to piss off the greatest amount of people Sesshomaru Tamaranian Level: 118 Posts: 1127/8210 EXP: 18171887 For next: 211027 Since: 03-15-04 From: Canada, w00t! LOL FAD Since last post: 2 hours Last activity: 2 hours |
| ||
| Well, AVs won't detect a lot of RATs, even freeware, if they're not designed to be malicious, so I can imagine it'd be the same with a keylogger. Try running msconfig to see if you can find the culprit. ...Of course, you could just wait 3 days, then it should uninstall itself.  |
|||
|
Squash Monster New Age Retro Hippie Togateiru Fohku Kohgeki!! GRUNGE no HAMSTER otona bite Peace love and turnpike! Level: 40 Posts: 143/677 EXP: 430507 For next: 10802 Since: 03-15-04 From: Maryland (of the Country Between Canada and Mexico) Since last post: 5 hours Last activity: 5 hours |
| ||
| Alright, tried msconfig, found something suspiciously named hkjhk in Win.ini. Tried to disable it, came back afterwards. Reinstalled ad-aware, got new data, didn't help. Friend who uses the program gave me the uninstaller, didn't work. 2 days left, apparently. |
|||
Alaric Paragoomba Level: 15 Posts: 42/72 EXP: 14932 For next: 1452 Since: 03-15-04 Since last post: 108 days Last activity: 5 hours |
| ||
| That Win.ini item may need to be removed while you're not in windows.... Now, i'm supposing you're not using XP (I don't think XP Uses win.ini for anything useful but compatibility).. You'd need to use a DOS boot disk (If windows ME, use the specialized one you can create), to use the "EDIT" program on the file, remove the line (or alter it) and start it up -- if you feel that's the suspicious line. While you're in DOS, you could also scan your Windows directory for programs that don't have the date 6/08/2000 (If you have windows ME) with "dir /oD *.exe" .. er.. If you don't have ME, the dates you're looking for should be the ones that show up most (like in ME, 6/08/2000 shows up on >90% of the EXE files).. Yeah, i'm rambling, though it may help.. Don't delete any of them unless they're EXTREMELY suspicious, or you can tell us about them... |
| Add to favorites | "RSS" Feed | Next newer thread | Next older thread |
| Acmlm's Board - I2 Archive - Hardware/Software - Perfect Keylogger |
| | |
