How do I edit the registry to remove Boss Everywhere keylogger?
Ad-aware and Spybot don't detect it but Spyware Doctor does.
Any ideas on how to remove it?
How do I edit the registry to remove Boss Everywhere keylogger?
Ad-aware and Spybot don't detect it but Spyware Doctor does.
Any ideas on how to remove it?
X-Block removes it, I'm still trying to find some free advice.
New Sig on the Way...
http://securityresponse.symantec.com...verywhere.html
http://securityresponse.symantec.com...rywhere.b.html
Thats information on how to remove both the original and B strain of the spyware.
Glad I could help.
New Sig on the Way...
Thanks for taking the time to look into this X.
Problem is, I can't see anything?
(BTW it was Spy Doctor that said it was Boss Everywhere - I also also have Norton 2003 which doesn't detect it).
I also found this link but there don't appear to be any solutions:-
http://www.wilderssecurity.com/showthread.php?t=61984
??
This is a pretty serious keylogger. Now, my personal solution to everything that goes wrong is to reinstall windows, because I have all my files on an external drive or partition. I realise it isn't that easy for everyone though, but if you aim to get your registry back without infection and corruption after removing the keylogger, it ain't gonna happen.
Sorry to be the bearer of bad news, but the best bet is to reinstall Windows.
Last edited by Xaneden; 15-02-2005 at 08:14 PM.
New Sig on the Way...
check in HKCU, more often than not viruses and adware crap use that branch instead of HKLM since only admins can write to HKLM.
Ooo, Gd point.
That might work (probably will), but if not, you probs have another 'strain' of the keylogger. Bearing that in mind, reinstallation of Windows is your best bet. You don't need to wipe the disk, a reformat will do.
New Sig on the Way...
wiping the disk is good for performance thou (why i used to keep a 2nd partition for data before i got a file server.)
I thought I was swish having an external hdd, but a file server....
I want one!
New Sig on the Way...
What is HKCU, and how to I navigate to it?Originally Posted by aidanjt
HKey_Current_User as aposed to HKey_Local_Machine
I've now runs scans of the following:-
1. Ad-Aware
2. Spybot S&D
3. Norton online scan (in reference to the link above).
4. Spy Sweeper
5. Kaspersky
6. Trend
and none of them detect anything.
The only sweep program thats shows this is Spyware Doctor with the location as HCKR/.dsv
Now because it is trial version, it wont show me the full location or allow me to remove it (Unless I play $30).
Is it likely that this could be a false postive?
I have looked at HKCR which I assume is HKEY_CLASSES_ROOT which lists all file extensions of which .dsv is one - within that path the only .dsv is to something called "VCDEasy.Project" which I am happy to delete as it dosen't sound like anything important. http://www.videohelp.com/tools?tool=39 Also, .dsv looks like a file extension used by that program:
"Trying to reload a videocd.dsv project by dragging and dropping it in the list of picture files caused the list to go blank until VCDEasy restarted. "
http://www.videohelp.com/forum/archive/t150417.html
Any further thoughts?
Last edited by Hobart Paving; 17-02-2005 at 12:23 AM.
*** UPDATE ****
Well, I deleted the .dsv registry entry and also uninstalled VCDEasy.
Lo and behold Spyware Doctor no longer comes up with anything! Whoohoooo!
Gd Gd. Glad we could help.
New Sig on the Way...
Yes, thanks to both of you. Those links were useful otherwise I wouldn't have known what registry path to look down. Cheers.
My work here is done..........
*Walks away, turns translucent and diappears..........
There are currently 1 users browsing this thread. (0 members and 1 guests)