Removing Perfect Keylogger

the_site

New Member
Messages
159
Reaction score
1
Points
0
Help Removing Perfect Keylogger

I got a Dell PC from an old friend last summer for helping them out.
I never really used it too much just only for Photoshop, Web design, and Internet.

So I finally Found why my Hard drive is so full, Perfect Keylogger was the culprit.
I removed the "dt" folder in system32\dt to help free up my harddrive. Im scanning the hell out of my computer.

Can you guys lend a helping hand share some links to remove Perfect Keylogger from my computer, registry, etc..

also I am wondering what is bpkch.DAT in my system32
 
Last edited:

Fearghal

Member
Messages
286
Reaction score
0
Points
16
I would recommend going to msconfig and disabling all startup items except your anti-virus. That way, the keylogger should remain inactive to allow an easier removal.
 

the_site

New Member
Messages
159
Reaction score
1
Points
0
@Fearghal: Thanks for your help, but I already did that.
@Alex Mac: Thanks for giving me a little mental note to not use windows, and giving me useless help
 

Fearghal

Member
Messages
286
Reaction score
0
Points
16
Have you tried to locate the file in task manager? Then go to view, set columns and check the command line box. Go to the process and copy the command line, thats the pathway to the file. Either delete it or create a deny all ACE.
 

the_site

New Member
Messages
159
Reaction score
1
Points
0
Checked the Task Manager, I haven't found anything unusual about it. Ill double check.
 

Fearghal

Member
Messages
286
Reaction score
0
Points
16
Actually thats a good point, if it was coded by a pro then it will most likely use a negative PID and will not appear in taskmgr.exe.

Use the command line "tasklist".

Actually - New Idea.
Why don't you copy your user profile to an external disk and reinstall the OS? This is the only way to be sure your system is secure after having a breech like that. Its possible that some sort of BDC has now been installed.

One more thing... in cmd type "Net users" to make sure there are no extra user accounts on your system. This is a popular way to keep access to a system, and the account will be marked as "special" in the registry to hide it from all other users.
 
Last edited:

Fearghal

Member
Messages
286
Reaction score
0
Points
16
So the best bet is to reinstall my OS?

I would strongly recommend it. Its the only way to guarantee your security.

Just copy C:\users\YOURUSERNAME to an external disk and once you create a user account with the same username, copy the profile back and merge.

Before you do though, make sure you can read the key from the OS key label. I made the mistake just yesterday of wiping a friends laptop and when I looked to find the key it was unreadable.

If you can't read it, get the magicaljellybean program that reads the key for you :)
 

the_site

New Member
Messages
159
Reaction score
1
Points
0
What can you say, I got this spare computer for free... I see it had some viruses and keylogger on it. I believe I killed the keylogger because when I first got it, I just scannned scanned and scanned. I went through msconfig to disabling it, and looking up how to clean up the registry. Lastly, I still found the keylogger files with it holding screencap files, bc it was holding gigs of space. Ironically the computer worked fine when the keylogger was eating up its resources.

Once again thanks.
 
Top