Stealth Keylogger / Registry back-up issue

[drragostea]

Well, let me clarify. What I was saying was that it does not mean the backup is infected. I would say it would be considered "infected" if you had a bunch of malware and more malware was being downloaded at that time, then your registry is definitely in a bad state.

...it sounds like you're saying that it's not necessarily clean either.

Oh, no. It would be clean, except you have the "trace" of this stealth rootkit.

My opinion: It might be a coincidence that this trace was found. Even if Spybot were to reuse the original copy of your registry, who said you cannot remove that registry key again with a scan? ; ]

For the time being, if Spybot is not picking anything up in it's scans it is a good sign.

I'm glad I was able to help.

[NotaViking]

Ok, that's clearer to me now. Thanks for your help, it's really appreciated.

[msstatedawg]

Sonnenblumen, I seriously doubt keyloggers (especially the stealth ones) would be deliberately installed on new machines. Especially if you have purchased it from retailers such as the one that primarily serve the electronics (Best Buy, PC Richards, etc.).

How did you find out that a keylogger was hiding on your machine?

There is a discussion going on right now in the CISSP group on LinkedIn about this very subject. A guy using Vipre Antivirus was able to detect a keylogger preinstalled on a Samsung machine straight out of the box. Samsung, after repeated denials, has admitted to him that the keylogger is installed to monitor system performance and user behavior.