[Hemul14]

HELPHELPHELP anyone please, i was running spybot (search and destroy) which discovered that i have perfect keylogger installed. i have looked online for a solution and even programs to unistall it but its still there. i followed instructions online to delete registry strings but it keeps coming back!!!

please anyone with any knowledge on this matter your help will be very much appreciated.

[evilfantasy]

This is a commercial keylogger and hard to remove. Have you downloaded anything lately like a p2p program? Limewire for example.

[evilfantasy]

Also
Download HijackThis . http://www.trendsecure.com/portal/en...hijackthis.php
Once you have it downloaded install/save it to it's own folder.
For example C:\program files\hijackthis
Once installed open the program and select Do a system scan and save logfile.
Save the log as a .txt file.
In the next post click Go Advanced.
Scroll down to manage attachments and add the log as an attachment.

[Hemul14]

i hope that i have done everything right, the file should be attached. i did download from a p2p site i downloaded Nero Smartsuite from mininova.

many thx

[evilfantasy]

You got the log OK but didn't install HijackThis to it's own folder. If you run it from the desktop it will not create the proper backups when doing repairs. Please do this and run a new scan.

[Hemul14]

I have made a folder in C:\program files called hijackthis and then downloaded the program again to this folder and run it. attached is the log file that it created.

thx

[Hemul14]

I dont know if it helps but when i was looking online for a way to deleted or unistall this there where instruction on deleting registry strings and ending processes but none of the mentioned process or registry strings existed. spybot found other registry strings and two files in C:\windows\system32, one called bpk.dat and the other pk.bin i have deleted these files but the keep reappearing.

[evilfantasy]

Your log is fairly clean. You can remove the online scanners if you choose.
And this entry. O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Like I stated earlier this is a particularly hard keylogger to remove.
I will assume your copy of Nero is legit.
If not then whatever warez/keygen you used is now turned on you.

You can try this as it may remove the problem.
http://free.grisoft.com/doc/download.../frt/0?prd=asf

Let us know and I will look for more information.

[evilfantasy]

Since you removed registry entries and files already you may have removed the un-installer.
Check your add/remove programs to make sure it isn't there. You may have to look for BPK to identify it.
The sorce file is C:\WINDOWS\system32\bpk.exe make sure this is deleted also.

[Hemul14]

i currently scanning the system with the avg antispyware i will post a report for you to look at when it is finished

[Hemul14]

no the file C:\windows\system32\bpk.exe does not exist i only have two files in the sytem32 folder that spybot picks up and says are to do with perfect keylogger and they are bpk.dat and pk.bin

[evilfantasy]

OK, lets try this. Go to this link and download the FREE lite version.
Perfect Keylogger Lite
http://www.blazingtools.com/downloads.html#bpklite
This will install the un-installer. Then locate the un-installer in add/remove. It may have to be found in the program files.

Let us know how it works.

[Hemul14]

ok i have downloaded this and installed it. the avg spyware would not allow me to open it at first so i shut it down. do i now uninstall? there is a uninstaller in C:\program files\perfect keylogger lite\unistall.exe

[evilfantasy]

Thats what you need to do is open that.

[Hemul14]

nothing happens when i double click the unistall.exe