[SOLVED] Perfect keylogger :(

[018]

Hey guys!

I'm having a problem with the PC that I "gave" to my mom to use while she is visiting. I've installed a couple of games from a cd she had with her (someone made it for her) and everything was fine.
Some days ago, when she was done playing a window popped up:



I got confused since I didn't download something like that (mom is not using the net and no one else uses the pc) so I closed it and forgot about it.
Today, when I started the pc – the window popped up immediately. I was curious so I ran Task manager to see what kind of a process that is that is starting automatically and didn't see anything "new" (I kinda know all of my processes since I check them from time to time ),
except
I saw explerer.exe running two times.
One was using a small amount of memory so I terminated it and Keylogger's window closed. So I ran explorer.exe and surprise surprise – Keylogger's window popped up again!
I guess a program that goes under explorer's name can't be a nice one

I ran scan with Kaspersky and it turnes out that I have a lot of Keylogger's files that are password protected? And all of them are located in Spybot's folder. I've uninstalled Spybot, ran Kaspersky's scan again and again the same thing – files are still there.



I've browsed the net to see what kind of program/process/problem this is but all I found were a lot of sites recommending to buy some new programs to uninstall Keylogger. Yeah…
I've also read somewhere that this is something that either comes from exe files (coming from my mom's cd?) or someone sending it to you trough mails?
All games I installed I checked with Kaspersky and they were all clean so I wonder if the program was somehow hidden or did I got it trough mails?

Anyway, my mom is here for another month so I don't want to reinstall Windows (what is usually my solution to bigger problems ) if there is a way of getting rid of this. If there's not I'll leave it as it is and terminate Keylooger every time it shows up, and eventually reinstall the system. But it's annoying and I am really curious about the ways I could get it?

I'v read the instructions concerning posting a topic like this but when I downloaded DDS I only got DDS.EXE (no dds.scr?) and it gave me one report.
I've ran GMER and I'm attaching both text files in hope I've saved them right.

I'm sorry for such a long topic but I just wanted to explain everything the best way I could.
Hope someone will take time and try to help me :)

[tetonbob]

Hello -

I know it's been several days since you first posted, but this forum is very busy and it can take a while to receive a reply.

I see you've marked this as solved, but I wanted to be sure of a couple things...that it is in fact solved, and that you delete Deckard's System Scanner from your machine. dss.exe has been retired, and should not be run.

Here's why:

http://www.techsupportforum.com/secu...r-dss-exe.html

Do not confuse this with DDS which is a non-intrusive scanner we now use, and have for quite some time. Not sure where you got the link for Deckard's System Scanner, but it's not in our current pre-posting instructions.


If you still require assistance, please do this:


Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds to run the tool.

• When done, DDS will open two (2) logs:
  1. DDS.txt
  2. Attach.txt
• Save both reports to your desktop.

-----------------------------------------------------

Please include the following logs in your thread:

• Contents of the DDS.txt posted as text in your reply
• Attach the Attach.txt to your post by clicking the Manage Attachments button under Additonal Options>Attach Files on the composition page. Browse to where you saved the file, and click Upload.

[018]

Yes, the problem is solved :)

How I ended up with the dss.exe instead of the "right" one I have no idea but I'll scan the computer to see if I still have it.

Thank you for your reply!