Kill My Traces

Discussion in 'Software' started by Mr.Cheeks, Dec 18, 2006.

  1. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    Chaps,

    i have installed some dodgy software on my lappie since having it, but now i have to remove traces of it...

    when installing, the target has always been e:\ (mem pen) unless i can use it for work (e.g. virtual pc)...

    so what's the recommended free software to remove the traces from the registrry of these dodgy software?

    i know its late, but i just realised my last day at work is Thursday, if poss, need suggestions/solutions by Wed afternoon.

    i will delete my local profile anyway...

    i use ccraper, msublaster and disk cleaner... i think ccleaner should remove the reg keys...

    Cheers for your help.
     
  2. BosonMichael
    Honorary Member Highly Decorated Member Award 500 Likes Award

    BosonMichael Yottabyte Poster

    19,183
    500
    414
    Wipe-and-Reinstallation, for the win. :)

    Be advised that many companies have software that automatically scans computers on the network to itemize installed software... including "dodgy" software. You might want to start out on the right foot at the next place of employment, ya know? :)
     
    Certifications: CISSP, MCSE+I, MCSE: Security, MCSE: Messaging, MCDST, MCDBA, MCTS, OCP, CCNP, CCDP, CCNA Security, CCNA Voice, CNE, SCSA, Security+, Linux+, Server+, Network+, A+
    WIP: Just about everything!
  3. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364
    Depends what the policy is like at the company you work at.

    They might just fire in a system restore disk, reconfigure the laptop, and then hand it onto the next user. 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs
  4. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    i will try and get the image disk, but i also have to load few additonally programs aswell which requires knowledge of sql and whats knots... the chap that does this is off on leave, which is a pain...

    but i know what you mean, i only found out recently about a piece of software they use for auditing...

    its too late for me, but not for others...
     
  5. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    Why didn't you install the dodgy stuff in a virtual PC, that way you could just delete the virtual operating system file and all traces ie MRU lists etc would be gone?
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  6. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    This sounds like a perfect time to (ahem) 'accidentally' stick this little puppy in your drive...


    Or even just this:

    Code:
    "del /F /S /Q *"
    from a command prompt...

    :twisted: :twisted: :twisted:

    EDIT - Just in case you can't figure out what either of them do - then don't use them - it was a bit of light-hearted humour and, if you have to give the craptop back in a working state... you won't be very popular when you walk in there with the O/S (and, in Killdisk's case, the filesystem) utterly erased!
     
    Certifications: A few
    WIP: None - f*** 'em
  7. BosonMichael
    Honorary Member Highly Decorated Member Award 500 Likes Award

    BosonMichael Yottabyte Poster

    19,183
    500
    414
    THIS is what we became techs for, my friend! :twisted: 8)
     
    Certifications: CISSP, MCSE+I, MCSE: Security, MCSE: Messaging, MCDST, MCDBA, MCTS, OCP, CCNP, CCDP, CCNA Security, CCNA Voice, CNE, SCSA, Security+, Linux+, Server+, Network+, A+
    WIP: Just about everything!
  8. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,878
    181
    256
    True :oops:
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  9. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    it was Zeb's fault - got me all exciting about WEP cracking... the dodgy software only really relate to wireless hacking and password hacking... it all can still be *justified* but i rather not.

    i dont wanna kill the disk - just wanna remove traces and from the registry, unless there is a hdd scrubber where you can select the data (if you know what i mean)...
     
  10. C_Eagle

    C_Eagle Byte Poster

    147
    0
    38
    Be very careful depending on how hot your company is on illegal software. (or hacking tools)

    The company I work for uses Perigrine asset tool to scan users machines periodically to add the asset register. I have back end access and believe me it scans everything! I was shocked! (Panic deleting followed a hasty rescan!)

    We have quite a few people who when they leave the company hand back formatted laptops etc saying "oh it crashed, etc etc"

    Trouble is that just make the guys I work with more determined to find something dodgy! (usually vids, ahem)

    Make sure you run a low-level format or something powerful!

    As someone else said they will probably just re-build it anyway.
     
    Certifications: A+, MCP, MCDST, 70-270
    WIP: MCSA 70-290
  11. nugget
    Honorary Member

    nugget Junior toady

    7,796
    71
    224
    What is the IT guy that you work with like (the one that will have to repair/reinstall)? If he's an easy going guy you might just want to tell him and let him decide. Of coures you only tell him that it was for learning etc.
     
    Certifications: A+ | Network+ | Security+ | MCP (270,271,272,290,620) | MCDST | MCTS:Vista
    WIP: MCSA, 70-622,680,685
  12. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    the Guy is off on leave until New Years' and im off on Thursday. I guess i'll just delete my local account and leave it as is. if they have any questions they'll have to catch me if they can.

    Im gonna run a recovery software tonight to see what they can pick up and see if there is an option to scrub the data off it. (at least i'll know what they can find).

    Cheeks (Packing his bags)
     
  13. Baba O'Riley

    Baba O'Riley Gigabyte Poster

    1,760
    23
    99
    Dude, you're leaving so what's the problem? Owning hacking software is not, I believe, illegal in itself so if you've only been using it on your own equipment there's no worry. (I think).
     
    Certifications: A+, Network+
    WIP: 70-270
  14. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    come up chaps! time is running out for me...
     
  15. drum_dude

    drum_dude Gigabyte Poster

    1,664
    92
    135
    Re-install the OS!
     
    Certifications: MCP, MCSA 2000 , N+, A+ ,ITIL V2, MCTS, MCITP Lync 2010 & MCSA 2008, Sonus SATP SBC 1k/2k
    WIP: Hopefully Skype for Business and some Exchange stuff...
  16. C_Eagle

    C_Eagle Byte Poster

    147
    0
    38
    Low-level format it and give it back like that.

    If they ask say it crashed. I've seen that loads of times....

    Job done.
     
    Certifications: A+, MCP, MCDST, 70-270
    WIP: MCSA 70-290
  17. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    mate - if it crashes, i have to fix it.

    i ran a recovery prog and found two very naughty files (it wasn't me), of course i never recovered them.

    the i ran some disk scrubbing utils, one was meant to do 7 passes (whatever that mean, i read its FBI standard of data scrubbing or something), then this morning, i ran the same recov prog and it still picked up.

    either my recov prog is bad ass or the data scrubber is a waste of time.
     
  18. Raffaz

    Raffaz Kebab Lover Gold Member

    2,976
    56
    184
    jv16 power tools might do it. It allows you to search by keywords and then delete references to that program. But if they wanna know what ya have been running then im sure they will be to find out.
     
    Certifications: A+, MCP, MCDST, AutoCAD
    WIP: Rennovating my house
  19. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    Cheeks,

    Does your company use RIS to install XP? If so, I would use Killdisk to do the most secure option and then boot to the network- time allowing.

    You say you have already nuked it and the software picked it straight back up? Did you use something like Norton to just securely remove the necessary? If so, this is not enough.

    Good luck.

    Si
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  20. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    I think i might i sussed it out.

    IIRC when deleting a file, its still stored on the hdd and just removed the entries from the OS until that sector of the hdd is replaced by another file;

    therefore;

    if i fill the hdd up with data, scandisk and defrag, then delete the contents (what i have just dumped on the hdd), then scandisk, defrag, the recovery software should not be able to pick the data up (from before the dumping), as the references have been replaced?

    Is that correct???
     

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.