Virus or malware?

Hi guy’s
I’m using windows XP SP3, and I don’t know am I infected or not, cause a few days ago my cousin friend download a zip file using my PC, and as soon as he run the program after the download, both Malwarebytes and Threatfire strongly give a warning about a dangerous malware, he decided to quarantine the “trouble” than delete it. Than through Threatfire request, he reboot the PC, at the moment this happens I was taking a shower so I didn’t really know what happen, I only look at the log file from threat fire log.

My question is, am I infected in anycase? Cause Avast didn’t detect it like Malwarebytes and Threatfire does, and even after I run a bootscan, nothing shows up with Avast, is that just a false alarm? From the PC tools web, the explanation for the infection was “a keylogger that runs silently in the background and monitors …”

I don’t know how to sent you a virus sample cause I’m not a computer techny, but here’s the address where my friend download the trouble maker :
http://rs269.rapidshare.com/files/316847013/WINDOWS7_Keygen.exe
Hope one or more Avast moderator read this and don’t mind to download the file to check it out,

I have already post this problem via e mail to Avast support, but from their reply I believe they misunderstand it with my previous e mail about the false positive from Avast update which crash my system and I have to re-install my PC, so I hope if I got infected with whatever malware or virus from that address link there, I really wish there a way to fix the problem without have to format my PC and re-install it again…

Thanks

note: I NEVER use crack or keygen and only use my home PC to check email, chat, playing facebook, friendster, paying bills or if I have to, I use my PC to finish the unfinished job from office work, but very rarely

Send the sample in a password-protected zip folder to virus@avast.com with “Undetected Malware” in subject and the password mentioned in the email body.

Hi Raphael,

Welcome to the forum,

After i checked it with these :

http://www.mywot.com/en/scorecard/rs269.rapidshare.com

http://www.browserdefender.com/site/rapidshare.com/

http://wepawet.cs.ucsb.edu/view.php?hash=373268462183c1bd3d037b07a1deec9c&t=1260246171&type=js

This website is not harmful to you, but if you are not sure please sent to us first for your infected file to : support@ppinfotek.com

with password protected, and then we’ll back to you soon.

If this file really harmful file, let us help you to submit to ALWIL team.

Thanks for replying, but honestly I really don’t know how to zip that file, and after what happen threatfire have quarantine the original .exe file, also MBAM… I’m confused how can two program quarantine the same exact file???

Hi Raphael,

What kind of ThreatFire or MBM that you using?
Whether both of them make your PC performance more slowly?

I am not recommended you to use more than 1 AV or AntiSpyware, because the engine will make your PC crash.

Are you able to restore again from ThreatFire or MBM?

I’m using Threatfire free and MBAM paid
Non of them Slows my PC performance and they are great program that I believe everyone should have for their PC

I try, but when I try to restore it either MBAM or Threatfire doesn’t allow it to do so

Anyway the reason I’m posting this problem cause I was hoping I could help my self to know was that threat was real or not, and if it turn out to be real what should I do about it.
While on the other hand if it turn out to be real, maybe it could help Avast to be able to protect it user better.

The malware threat from that download link that I previously posted turn out to be real, I posted this matter to other reasonable anti virus provider that my office use and they turn out to be kind enough to download the file from the link address that I gave them and tested, the result was it was a trojan that will install a keylogger and open some port of the infected pc (both MBAM and Threatfire also confirm that statement), and thankfully because both MBAM and Threatfire recognize itbefore it was able to run, it seems my PC are O.K

Thanks for your concerns, I really appreciate it. So know I think we can close this matter and hopefully it could help other who read this

Hi Raphael,

I am sorry if i didn’t give a clear contribution and support about your issues.

But at least, you know what is the problem causes your pc trouble and detected infected by a virus.
If you have the source file, then please zip and give password : virus then sent to : virus@avast.com
Or you can sent to : support@ppinfotek.com, since we have a contact to ALWIL Software.

Thanks again for your contribution in this forum and welcome to the forum.

HI Raphael,

I submit your referenced site to avast already, and just waiting for the result then.

Hi Raphael,

Here is the forum at avast which probably could answer your issues :

http://forum.avast.com/index.php?topic=52054.0