Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Can't Get Rid Of New Variant On Wintective That's Hidden Better

  • Please log in to reply
1 reply to this topic

#1 aresgotme122005


  • Members
  • 2 posts
  • Location:Midwestern USA
  • Local time:07:34 PM

Posted 29 December 2005 - 05:16 AM

Somehow, someone figured out how to install Wintective Keylogger on my machine via the Internet. This is a very, very bad thing because I am a medical transcriptionist who works for a company over the Internet. I cannot afford to have screen captures and keystroke reports taken and e-mailed to an unknown person.

I have updated AVG, Avast, AdAware, and Spybot, and none are finding this keylogger on my machine. However, Webroot Spysweeper finds it consistently.

My friend Mike, who built my desktop computer (I'm on my laptop right now), went through several steps over the space of several hours with me to try to find this little bugger. We looked for the wintective folder in the Program Files. Nothing. We did a search for wintec*.* in My Computer. Nothing. We searched the registry for wintective.exe and setup1.exe. Nothing.

Now, we *did* find in the registry the two keys consisting of very long numbers between brackets. (I'm sorry, but I can't remember what part of the registry they were in. I only remember we were in a folder under the Windows directory. I think.)

Unfortunately, after restarting the computer, Spysweeper still found the keylogger on my machine. We cannot find any trace of it in the usual places, but Spysweeper is reading it on there somewhere.

Anyone know how to get rid of this bugger for free? I'm a poor, part-time independent contractor who only just got a contract just before discovering this security breach on her machine, so now I can't make any money until this darned thing is off my machine! HELP! PLEASE! :thumbsup:

Edited by aresgotme122005, 29 December 2005 - 05:29 AM.

Hippo Holly Days
from Carol

BC AdBot (Login to Remove)


#2 tg1911


    Lord Spam Magnet

  • Members
  • 19,274 posts
  • Gender:Male
  • Location:SW Louisiana
  • Local time:06:34 PM

Posted 29 December 2005 - 10:36 AM

I suggest you post a HijackThis log for examination.

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HijackThis forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users