stubborn Keylogger !

Giganews Newsgroups
Subject: stubborn Keylogger !
Posted by:  RJK (notatospam@hotmail.com)
Date: Tue, 25 Mar 2008

Hi,

I've got a XP Pro SP2 machine on the bench that has/had/or maybe still has a
keylogger in it.
  AVG / Ewido scan found it and seemed to remove it, but, I'm sure there's
something quite nasty still in there.
AVG anti-virus wouldn't install - it's as though something is blocking it
from being installed.
Adaware didn't really find anything, and seems to be not functioning
properly in Safe Mode - it becomes unresponsive.

....and Multi-av - which I copied across in Safe mode from a USB pen-drive =
press 1 for the Sophos sweep and multi-av just vanishes.  Press (2) for
Trend, and apparantly psapi.dll  is missing (it's not - it is present in
system32).
....anyhow  (1) Sophos and (2) Trend scans will not run.
Several previous attempts to start multi-AV sweeps 1 and 2, in Normal and
Safe Mode caused XP to shut down !

.....Mcafee (3) in multi-av is running in Windows "Diagnostic startup - basic
services etc"  mode ...is that any good ?

This machine was built and configured by a real PC clever clogs, who built
it for his girlfriend, ...long story ...relationship broke up, ...PC has
been a nightmare ever since, ...I'm told by the young ladys' father !!!  I
have a strong suspicion that this keylogger was installed by him and not
picked up on the web, ...though of course that could be complete rubbish.

.....where do I start ?

Mcafee just found  "Generic Pup.a.Temp\DealioKit1-stub-0.exe  ... "
....I'll Google on that in a minute....
.....interesting Google results....

any tips appreciated,

regards, Richard

Replies