Keylogger Virus named image2872


  1. Posts : 1
    windows 7 Home Premium 64bit
       #1

    Keylogger Virus named image2872


    Unfortunately I have a virus/keylogger on my computer it goes under the name I have given in the title. When I come to delete it in my appdata folder it keeps reappearing. I have used malwarebytes and other anti virus programs and some help would be much appreciated to remove this annoying thing.
      My Computer


  2. Posts : 10,485
    W7 Pro SP1 64bit
       #2

    Welcome to the Seven Forums.

    One of the trained security experts should be along to help you. In the mean time, you might want to scan your computer using WDO: What is Windows Defender Offline?
      My Computer


  3. Posts : 2,470
    Windows 7 Home Premium
       #3

    PeanutsPo,

    Just curious...can you tell us how you arrived at the conclusion that a Keylogger is installed on the system by the name image2872?


    Please start the computer, and tap the F8 key before the Windows logo appears.
    When you get the Advanced Boot Options screen, use the arrow keys to highlight Safe Mode with Networking, and then press: Enter


    Next, please use RKill.exe to terminate malware processes: http://download.bleepingcomputer.com/grinler/rkill.exe
    Save to the Desktop.

    If RKill.exe does not run, then download and try to run RKill.com:
    http://download.bleepingcomputer.com/grinler/rkill.com

    You only need to get one of the versions of RKill to run.

    There are additional versions:
    RKill.scr: http://download.bleepingcomputer.com/grinler/rkill.scr

    Also, RKill, renamed, can be downloaded from the following links:
    iExplore.exe: http://download.bleepingcomputer.com...r/iExplore.exe
    uSeRiNiT.exe: http://download.bleepingcomputer.com...r/uSeRiNiT.exe
    WiNlOgOn.exe: http://download.bleepingcomputer.com...r/WiNlOgOn.exe

    If your AntiVirus warns you about this tool, ignore the warning, or temporarily disable your AntiVirus.

    Right-click on the downloaded RKill file and select: Run as Administrator

    A black DOS box briefly flashes and then disappear. This is normal and indicates the tool ran successfully.
    After running the tool, do not reboot.

    When the scan is done Notepad opens with the RKill report.

    Please post the RKill report in your reply.


    Without a reboot, please Download RogueKiller (Official website)
    Select the x64 version download.
    Save to the Desktop.

    Close all windows and browsers.
    Right-click and select: Run as Administrator

    At the program console, wait for the prescan to finish. (Under Status, it says: Prescan finished.)

    Press: SCAN

    When done, a report opens on the Desktop: RKreport.txt
    Please provide the RKreport.txt (Mode: Scan) in your reply.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:50.
Find Us