Hi,
I'm interested in Microsoft Antispy and it's detection of
kbhook.dll as a netspy keylogger / spyware and documented
as such in net searches

My problem / question is this .......... I have recently
recently fitted a Genuius wireless twintouch 16e combo
keybord and mouse

Twice now Antispy has detected this kbhook.dll and I have
let Antispy remove it. The effect of cleaning this up is
that the operation of my wireless mouse is damaged and XP
wants to send an error report to Microsoft.

The first time it happened I put it down to a software
problem and reinstalled the software to cure it

Now the same has happened again with a scan and clean

I'm satisfied that this dll file is required for my
wireless mouse but my question is .... Is this file really
what Antispy claims it to be in my case or am I getting a
false positive on what 'may' be a harmless file required
for the operation of my mouse ?

Any thoughts or ideas would be most appreciated

Thanks,

Ken

Although I cannot be sure about this I think in this case
it may be a false positive, netspy is a commercial
keylogger that has to be manually installed so if you
know its not on your system I think it may be safe to
leave that in place.

For netspy you can check in the system32 folder

C:\Winnt\System32 (Windows NT/2000)
C:\Windows\System (Windows 95/98/Me)
C:\Windows\System32 (Windows XP)

for a file called Nsutil.exe if found double click then
choose Remove NetSpy.

You can read more about them from here

http://ic.net/~kusluski/

To be sure of this there is a couple of things you can do

First is contact the producers of the keyboard & mouse
and ask them if they include kbhook.dll and for what
reason.

http://www.geniusnet.com.tw/support/account.htm

Second is to find the kbhook.dll file on your system and
upload it at a virus scan site and see if that gives a
infected reading after the scan

You can upload them at many sites but here's 2 of the
main ones that use various scanners

http://virusscan.jotti.org/

http://www.virustotal.com


Regards Andy