BossEverywhere Keylogger

Discussion in 'other anti-malware software' started by EdP, Jul 18, 2006.

Thread Status:
Not open for further replies.
  1. EdP

    EdP Registered Member

    Joined:
    Mar 18, 2004
    Posts:
    83
    A friend of mine has the BossEverywhere keylogger on his XP Pro laptop. Although he uses AVG as his main AV app, he's been running TrendMicro's online scanner which finds the BossEverywhere . Supposedly, TM removes it, but it keeps reappearing.

    He's his own boss in a husband/wife business, so it's not like he has someone legitmately watching what he does on his PC and where he goes on the internet (naw - his wife didn't install it).

    How does one contract BossEverywhere and how does one permanently bury the beast so it can't dig out of its grave?

    Thanks
    EdP
     
  2. dog

    dog Guest

    Can you expand on what actuality is found ... exact path or registry entry?
     
  3. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    You could try this:http://www.safer-networking.com/removeBossEverywhere.php.:)
     
  4. EdP

    EdP Registered Member

    Joined:
    Mar 18, 2004
    Posts:
    83
    Thanks for the quick responses.

    dog ...
    TrendMicro provides squat in details. All it says is that it detected grayware/spyware SPYWARE_KEYL_BOSSEVERYWHERE with the aliases PAK:
    PEData; Trojan-Spy.Win32.BewLoader.b

    Don ...
    That page you referenced must be someone's idea of bad humor. There are instructions on how to delete registry keys, but not which keys to delete and instructions on how to unregister DLLs, but not which DLLs. Apparently this web page can be used as instructions on how to remove ANY spyware/malware, etc.

    However, to their credit, there was one item specific to this keylogger, to wit, "Delete File Entries: bewrep.exe". Although I'm not sure this will prevent the bugger from returning, let's see what happens.

    Thanks again for responding,
    EdP
     
  5. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    BossEverywhere seems to be more legit than malware. try finding its entry in Add/Remove Programs (if it has one). otherwise just delete bewrep.exe
     
  6. EdP

    EdP Registered Member

    Joined:
    Mar 18, 2004
    Posts:
    83
    Thanks, WS ... that's what I plan to tell him.

    Because this is an application installed on corporate PCs to monitor employee surfing habits and what-not, I can't imagine it being easy to uninstall. We'll see.

    As soon as I get a chance to visit him, we'll delete that file and see if there's an entry in the Add/Remove list
     
  7. controler

    controler Guest

Thread Status:
Not open for further replies.