Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

OK guys, help me out please.

Started by Social_Outcast , Dec 23 2005 05:27 PM

  • Please log in to reply

#1
Social_Outcast
Posted 23 December 2005 - 05:27 PM

Social_Outcast

    New Member

  • Member
  • Pip
  • 1 posts
Hi, a new kid on the block here.

Right, let's get the show on the road.... Trend Micro antispyware keeps picking up this on my system: Spyware_KEYL_PCAgent.40

I delete it an run another spyware scan straight away, and it's still there on my system. Delete it, run another scan and it comes up again. So on and so forth. It says it's located in: HKLM/SOFTWARE/Classes/.pca/, where-ever that is on my rig, the standard Windows search feature can't find the file or where it's located.

Interesting thing is, Trend Micro Anti-Spyware says that it is a low risk threat, yet it's a keylogger. Surely it would be higher risk being the fact it's a keylogger.

I ran a full NAV scan too, but NAV didn't pick up anything. I ran another anti-spyware program, Ad-Aware, and that too did not pick up Spyware_KEYL_PCAgent.40

I'd just like to point out that the Trend Micro anti-spyware program I've got is the trial version.

Anyway, this was yesterday, and I have used regedit since to try to find the file. I typed in "Spyware_KEYL_PCAgent.40" and it found four entries: that file itself, RP333, Paltalk and HKLM/SOFTWARE/Classes/.pca/.

I've now actually manually deleted those files. I shutdown and restart, run regedit again, search for those files.... and nothing comes up in the search.... So I'm thinking I've done it. I run Trend Micro anti-spyware again and.... It detects Spyware_KEYL_PCAgent.40 again. So I go back into regedit and search for the file again. Regedit turn up nothing again.

So it's evident that regedit is now saying those all of malware files have gone, but Trend Micro anti-spyware is still detecting Spyware_KEYL_PCAgent.40. Why?

Further to this, I have litterally just discovered two new registy keys in my My Documents folder that weren't there prior to this incident. One of them is blank (well almost, all it says is: Windows Registry Editor Version 5.00), the other one has in it all the software installed and all the software I've uninstalled etc. What I'd like to know is, is it OK to delete these new registry keys? They weren't there before this incident and my system worked just fine back then.


So guys, what's the verdict?


Many thanks in advance for reading this and helping me out.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP