Apparently I, or one my children, managed to download a piece of spyware called the BPK keylogger. I searched around the web and got the basic instructions to manually remove it. AD-AWARE hit it but wouldn't clean it. Norton Anti-Virus hit it and partially cleaned it. I manually deleted as much as I could find, and removed the entries manually from the registry as instructed in what I found. AD-AWARE nows shows clean, as does Norton Anti-Virus. Unfortunately, everytime I boot my system, I get a small box with the caption "Blazing Perfect Keylogger (or something to that effect) and a message in the middle that says "hook dll failed to load." I click ok and the system runs just fine. Any ideas on how to remove this annoyance?
Assistance Needed
- Thread starter Easyone
- Start date
big_gie
1
The "dll hook failed" should mean that their is an entry somewhere, surely in the registry, that try to load the dll to log the keys, but since you delete the dll, it failes to load...
Open the registry editor (Start/Run and then enter "regedit" without quotes and press enter)
Search for hook.dll (ctrl+f, enter hook.dll). You could post the result of the search here before deleting, just to be sure you don't delete anything important... Export the reg key for backup purpose too, just to be sure...
Good luck
Open the registry editor (Start/Run and then enter "regedit" without quotes and press enter)
Search for hook.dll (ctrl+f, enter hook.dll). You could post the result of the search here before deleting, just to be sure you don't delete anything important... Export the reg key for backup purpose too, just to be sure...
Good luck
Thanks for the replies guys. I did some more research at Symantec and found all of the entries that I needed to delete. I edited the registry per the instructions and got rid of all of them. I no longer get the error message as first reported, but now I get a nice professional looking box titled Perfect Keylogger telling me that I have three days left on my trial version to register. I can find no identified running processes in the Task Manager to turn off, and I can't find anymore of the identified keys in the registry to delete. This is about weird, so I guess I'll wait three days and see if the box goes away. I downloaded the spyware blaster as recommended, and have run AD-AWARE again with no hits.
big_gie
1
Try to run the taskmanager when the window pup-ups.
I recommend using Process Explorer from Systernal's as its free and you can see process by three (so you can see wich process started wich one...)
When the popups appears, run it and get information from it...
I recommend using Process Explorer from Systernal's as its free and you can see process by three (so you can see wich process started wich one...)
When the popups appears, run it and get information from it...
I ran task manager repeatedly and could never see what it was. I dl'd the program recommended and after several attempts, I finally noticed one program that would disappear from the process list after I had closed the box. This file was placed in the System32 directory with the name Windows Media Player.exe. I have deleted this file and the startup problem has resolved. Windows Media Player works fine so it was obviously not a real media player file. AD-AWARE and Norton Anti-Virus both declare my system as clean. I also downloaded the SpywareBlaster recommended. I couldn't get it to scan my system, but a read of the help file indicates it's a prevention program. Hopefully it'll keep me problem free in the future.
For anybody who needs to know, the program was called Blazing Perfect Keylogger. Norton identified it as Spyware.Perfect. They have a full write-up about it on their net based definitions page.
Thanks again......
For anybody who needs to know, the program was called Blazing Perfect Keylogger. Norton identified it as Spyware.Perfect. They have a full write-up about it on their net based definitions page.
Thanks again......
Johnny™
1
blazing perfect keylogger is a program of its own, not a spyware, however many of these programs have spyware attached to them that install along with the program. the window you're seeing is likely a part of the program that doesnt uninstall with the uninstaller in the program, also a registry editor will find uneeded registry keys (keys left behind from an uninstall) and allow you to delete them. you can also run msconfig and find any processes that start with windows, if there is anything there for the keylogger uncheck it so it doesnt run then search for that file and remove it