[BiPolar_Nut]

[ QUOTE ]
will they pick up the clipboard traffic?

[/ QUOTE ]

A flat-out single-purpose keylogger that *only* logs keystrokes wouldn't catch the clipboard, but any keylogger could trivially add this functionality.

I have a U.exe in my root dir....NOT! I don't think I'd trust *any* app that put something like that in my root dir even if I knew the software that did it was trustable. That to me is offensive and an intrusion.

FWIW, I didn't find any legit uses for U.exe in a search. What do you mean by PAHud free version? The trial? If it's some free version that *isn't* the trial then it's almost certainly a trojan'd version (unless you got it from the PAHud site and it was free for signing up someplace using his affiliate link but I don't remember if he did that or not, I bought both PAHud and PT at regular retail).

Theoretically, anything installed can be removed, but if you didn't notice it getting in there in the first place, chances are good you wouldn't be able to get a clean machine w/ certainty. In fact, no matter who you are you can never be 100% certain any compromised machine is ever fully cleansed (although depending on your system guts prowess, going through the registry in safe and normal modes, using known, clean copies of process, file, and traffic/port monitoring software, and checking tcpdump/ethereal traffic logs on your router may be able to give enough piece of mind if you're confident enough in your search and remove rampage).

What do spyware and virus scans turn up and what engines are you using for the scans? Also, what does "semi-expired" mean? (/me shudders at the mention of McCrappy...not in a good way.)