Tech Support Forum banner
Status
Not open for further replies.

Windows 64bit - Virus.Win32.FileInfector.gen / Trojan.KeyLogger.origin

2K views 4 replies 3 participants last post by  tetonbob 
#1 ·
My thread was closed and I was told to follow the new instructions which I had read already. I am using Windows Vista 64bit and DDS is not compatible with this OS. I did a GMER scan only being able to select the three default options and results turned up with zero results and no log.

Here is the original message for review unless there is another set of instructions for 64bit users.

I have been testing a small application called Alpha Blender which enables me to set windows transparency case to case. I originally did a single file scan on Bit Defender and Kaspersky and both came up with clean results. However, I just used TotalVirus file scanner and it came up with the results below:

http://www.virustotal.com/analisis/...79bd4e6c818cf8062dc70845b4238e2994-1243064377

Do these results mean that I do in fact have a keylogger on my system tracking my strokes? I am using BlackViper tweaks minimum config so I know it may have helped. Just need insight on weather or not my passwords may be compromised.

I have attached an HT log for review. If any more information is needed I can help.
 

Attachments

See less See more
#2 ·
Hi,
Do these results mean that I do in fact have a keylogger on my system
No, not necessarily.

Programs, often do not produce the desired results on 64 bit systems.

Lets do a couple of scans to make sure you are clean.


Please do the following:


As a Vista user I will require that all the programs I ask you to run, be run by right clicking the icon and selecting Run as Administrator. Otherwise some programs may fail to operate correctly


Download OTS**to your Desktop
  • Close ALL OTHER PROGRAMS.
  • Double-click on OTS.exe to start the program.
  • Check the box that says Scan All Users
  • Check the box that says 64 bit
  • Under Additional Scans check the following:
    • File - Lop Check
    • File - Purity Scan
    • Evnt - EvtViewer (last 10)
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Please attach the log in your next post.


NEXT

Please download Malwarebytes' Anti-Malware
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
 
#4 ·
Hi,

Nothing suspicious in your logs at all.

Please do the following:

  • Make sure you have an Internet Connection.
  • Double-click OTS.exe to run it. (Vista users, please right click on OTS.exe and select "Run as an Administrator")
  • Click on the CleanUp! button
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTS to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You should be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.


NEXT

Set correct settings for files that should be hidden in Windows Vista
  • Click Start.
  • Open My Computer.
  • Select Folder and Search Options
  • Select the View Tab.
  • Under the Hidden files and folders heading select Hide hidden files and folders.
  • Check Hide file extensions for known file types
  • Check the Hide protected operating system files (recommended) option.
  • Click Yes to confirm.
  • Click OK.


NEXT

Go here to run an online scanner from ESET.
  • Note: You will need to use Internet explorer for this scan
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic and also let me know how things are now.
 
#5 ·
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top