 |
 |
LogKext
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2005
Status:
Offline
|
|
Hey everyone, first post.
I need tech help: I know there is a keylogging client in this computer called LogKext, and I want to remove it. The other night I used the instructions from this site: http://braden.machacking.net/LogKextReadme.html to locate it and open it, but now those instructions don't work. Thing is, I may have deleted it and forgotten but I can't remember! I need to find it in the computer (Mac PowerBook G4), or find the history of me deleting it somehow.
Anyone got any ideas about how to go about doing this? Thanks in advance!
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
I took the liberty of downloading this thing and examining its package installer. It contains four files that you'll need to remove. Unfortunately, three of them are in /System, which is fairly retarded because the filesystem plug-in and the launch daemon could have easily gone in /Library. Also, the command line tool was in /usr/bin when it should have been in /usr/local/bin. Oh well, what do you expect from a tool that's probably intended for not-quite-legitimate purposes...
Anyway, here's what you need to remove:
/System/Library/Extensions/logKext.kext
/System/Library/Filesystems/logKextDaemon
/System/Library/LaunchDaemons/logKext.plist
/usr/bin/logKextClient
|
|
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2005
Status:
Offline
|
|
Thank you so much for that. This is embarrassing, though. How do I actually locate those files? (Very new to Mac, and embarrassed I have to ask).
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
The ones in /System can simply be found using the Finder. /usr is invisible, though, so you'll have to double-click your hard disk, type Command-Shift-G, and type 'usr' without the quotes.
It goes without saying that you need to make sure you don't remove or modify any system files other than the ones I listed, because /System typically stores important system files that should not be messed with. It was really inappropriate for that program to dump all that stuff in /System, because that's what /Library is supposed to be for.
|
|
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2005
Status:
Offline
|
|
OK, thanks again! I have been trying to open System, however, but it says it can't open it because OSX is using it. Do I have to shut down OSX to get to it? I thought the finder was part of OSX? How does one even shut down OSX anyway?!?!
Thank you. I know I sound like a retard.
|
|
|
| |
|
|
|
|
|
|
|
Posting Junkie
Join Date: Dec 2000
Status:
Offline
|
|
Um, what?
Are you sure you're starting with the /System folder at the root of the drive? Not the System file in the Classic System Folder.
|
|
|
| |
|
|
|
|
|
|
|
Fresh-Faced Recruit
Join Date: Jun 2005
Status:
Offline
|
|
I have no idea what the root of the drive even is 
The two things I have tried to do are the instructions on the link in my first post (ie through the terminal), trying to open the System folder via the finder and getting the message "Item "System" is used by OSX and cannot be opened".
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
|
Top
