A friend of mine has the BossEverywhere keylogger on his XP Pro laptop. Although he uses AVG as his main AV app, he's been running TrendMicro's online scanner which finds the BossEverywhere . Supposedly, TM removes it, but it keeps reappearing.

He's his own boss in a husband/wife business, so it's not like he has someone legitmately watching what he does on his PC and where he goes on the internet (naw - his wife didn't install it).

How does one contract BossEverywhere and how does one permanently bury the beast so it can't dig out of its grave?

Thanks
EdP

Can you expand on what actuality is found ... exact path or registry entry?

-{ Quote: "A friend of mine has the BossEverywhere keylogger on his XP Pro laptop. Although he uses AVG as his main AV app, he's been running TrendMicro's online scanner which finds the BossEverywhere . Supposedly, TM removes it, but it keeps reappearing.

He's his own boss in a husband/wife business, so it's not like he has someone legitmately watching what he does on his PC and where he goes on the internet (naw - his wife didn't install it).

How does one contract BossEverywhere and how does one permanently bury the beast so it can't dig out of its grave?

Thanks
EdP" }-
You could try this:http://www.safer-networking.com/removeBossEverywhere.php.:)

Thanks for the quick responses.

dog ...
TrendMicro provides squat in details. All it says is that it detected grayware/spyware SPYWARE_KEYL_BOSSEVERYWHERE with the aliases PAK:
PEData; Trojan-Spy.Win32.BewLoader.b

Don ...
That page you referenced must be someone's idea of bad humor. There are instructions on how to delete registry keys, but not which keys to delete and instructions on how to unregister DLLs, but not which DLLs. Apparently this web page can be used as instructions on how to remove ANY spyware/malware, etc.

However, to their credit, there was one item specific to this keylogger, to wit, "Delete File Entries: bewrep.exe". Although I'm not sure this will prevent the bugger from returning, let's see what happens.

Thanks again for responding,
EdP

BossEverywhere seems to be more legit than malware. try finding its entry in Add/Remove Programs (if it has one). otherwise just delete bewrep.exe

Thanks, WS ... that's what I plan to tell him.

Because this is an application installed on corporate PCs to monitor employee surfing habits and what-not, I can't imagine it being easy to uninstall. We'll see.

As soon as I get a chance to visit him, we'll delete that file and see if there's an entry in the Add/Remove list

You could also try spyware doctor or a trial of anti-keylogger

http://www.anti-keyloggers.com/

controler