Matessim

ehm, heres a tool which finds google chrome passes http://www.nirsoft.net/utils/chromepass.html its not command line based im pretty sure, so maybe someone here with some techie savvy skills can reverse engineer it? i'd love to, cant find the time mates. also, i suggest leaving an Empty U3 in there, so when it plugs in, it will look okay, because i always look at my PC load Led, and when its working when im idle, i know something's wrong, i suggest putting the U3 in, could do a little cover up in that matter

leapo, when thats done will ye pls upload? :P

Yeah, you read my pm's i hope, (replyed to some) anyway, about the big G hosting, i told you its not good idea, contact me and ill help you find a better place

X3N, if you want discression with the source code, which is what i suggest before you post it , pick some private beta testers, i would love to join in, i can test the sourcecode on a handful of computers, versions, anythings. i would love to participate in beta testing you're code if you want, just post the code or if you want keep it private,i guess pm me a link or so? thanks. matan

ffs dude, you're version spits even more version then the original one, a huge mass of parse errors mainly

i said it infected myself, but i think im mastiken, it seems i might have confused the crcss with the csrss which is a vital computer component, but still, for some reason it DID execute not well, my AV gone mad, it started infecting me with wierd things, maybe my AV is mad, but something is wrong with it,Seriously.

still all it does is spit errors, and its automatically detected by antivirus from 2003 that wasent updated once, (cant get rid of it, symantec script blocking) heres logfile ----------------------------------------------------------------------------------------------------------------------------- Leapos Payload [Time Started: Sat 09/20/2008 10:06:13.57] ------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [system info] + +----------------------------------+ Windows IP Configuration Host Name . . . . . . . . . . . . : MatanLaptop Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Ethernet adapter Wireless Network Connection: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Intel® PRO/Wireless 3945BG Network Connection Physical Address. . . . . . . . . : 00-18-DE-9E-12-45 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.0.0.2 Subnet Mask . . . . . . . . . . . : 255.0.0.0 Default Gateway . . . . . . . . . : 10.0.0.138 DHCP Server . . . . . . . . . . . : 10.0.0.138 DNS Servers . . . . . . . . . . . : 10.0.0.138 Lease Obtained. . . . . . . . . . : Saturday, September 20, 2008 10:05:52 AM Lease Expires . . . . . . . . . . : Saturday, September 20, 2008 11:05:52 AM ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [External IP] + +----------------------------------+ ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Wifi Hex] + +----------------------------------+ '.\wifike.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump SAM PWDUMP] + +----------------------------------+ '.\pwdump' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump SAM FGDUMP] + +----------------------------------+ '.\fgdump.exe' is not recognized as an internal or external command, operable program or batch file. -----Hashes----- ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Network PW] + +----------------------------------+ '.\netpass.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Mail PW] + +----------------------------------+ '.\mailpv.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Firefox PW] + +----------------------------------+ '".\"\FirePassword.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump IE PW] + +----------------------------------+ '.\iepv.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Messenger PW] + +----------------------------------+ '.\mspass.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Cache] + +----------------------------------+ '".\"\cachedump.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump LSA secrets] + +----------------------------------+ '.\pspv.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Product Keys] + +----------------------------------+ '".\"\produkey.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump URL History] + +----------------------------------+ Input Error: Can not find script file "F:\DUH.vbs". ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Dump Updates-List] + +----------------------------------+ '".\"\wul.exe' is not recognized as an internal or external command, operable program or batch file. ----------------------------------------------------------------------------------------------------------------------------- +----------------------------------+ + [Network Services] + +----------------------------------+ Active Connections Proto Local Address Foreign Address State PID TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1224 ^C as you can see, it still does 2059503 errors, mostly parse, and cant find logfile temp thingy. i ran it thew the menu, cant anyway else

leapo, mind uploading the new payload?. and pls fix the AV kill thing and detectability edit: soz for double, forgot i posted.

first time arround symantec script detector which is from 2003 and i thought i uninstalled my symantec still pops up. and it wasen't updated ever. script is way to detectable, then i ran the script from menu this time, but it does mess any way i do it

Snipped

gives about a trillion errors right now:/ edit: i found the issue well 2 first off, the U3 version doesn't have the csrss.exe in folder at all, also its hidden, which somehow didn't let it read it anyway. so what you should do, just pass it from non U3 to you're system. then flash it. also still does some issues for me edit2: noticed another thing, before it spits like 1000 lines of errors, i notice its aimed on E:(being my U3 Partition)//system/somewhere, 2 slashes, 2 frikkin slashes causing all this crap, so how can i fix this?

FYI, steam is a platform developed by valve

spore is actually offically already the most pirated game, because of the DRM 3 install policy probally, check piratebay. it got 10x more Seeders then any game behiend it.(2x place has about :10+ the seeders) more then sims 2 since it was launch baby. hah eat that ea shits

Lmao, its like saying if you dont hack the site it wont get hacked!. its disabling everything good :P

i dont wanna talk about it

Kudos for cleaning the dust on this. this works for firefox 3.01 and 3.1? (im using minefield FF beta.) anyway. gonna try this at home l8r. i need buy a new usb, last one got taken by school :/

Somehow a few days ago when i left my laptop at the classroom (university) seems someone fiddled arround with it, after looking arround and googling it seems i reached here and it seems it was a application called pocket knife, now i know you guys built it and i know your not held liable for anything but if anyone here could please help me... i downloaded it earlyer and looked i found the antidote folder, i think i solved everything BUT the keylogger didnt have an antidote, please how can i remove it? thank you.