Spybot found keylogger

[jamper]

Hello, here are the reports-

MBR

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
__________________________________________________________________________________________________________________________________Maltwarebytes-

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4540

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/3/2010 9:29:27 PM
mbam-log-2010-09-03 (21-29-27).txt

Scan type: Quick scan
Objects scanned: 131678
Time elapsed: 9 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
__________________________________________________________________________________________________________________________________
Kaspersky-

No infected objects found, no report generated.

[Blottedisk]

Hi jamper


Thanks for performing those scans. We´re almost done, please follow these steps:


Step 1 | Let´s remove older versions of Java.

• Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and select (highlight) the following version of Java:
  
  • Java 2 Runtime Environment, SE v1.4.2_03
• Click the Remove or Change/Remove button.

Step 2 | Go into the Control Panel (classic view) and double-click the Java Icon (looks like a coffee cup).

• On the General tab, under Temporary Internet Files, click the Settings button.
• Next, click on the Delete Files button
• There are two options in the window to clear the cache - Leave BOTH Checked
  
  • Applications and Applets
  • Trace and Log Files
• Click OK on Delete Temporary Files Window (Note: This deletes ALL the Downloaded Applications and Applets from the CACHE).
• Click OK to leave the Temporary Files Window.
• Click OK to leave the Java Control Panel.

Step 3 | Double click on MBRCheck.exe to run it,

• type in Y and press Enter when asked if you wish to see more options
• Type in 1 to "Dump the MBR of a physical disk to file" and press Enter
• Type in 0 to select your disk and press Enter
• Type in dump.txt as the file name and press Enter
• Type in -1 to exit and press Enter.

Please attach dump.txt to your next reply for me.

[jamper]

um, i hope this is right, i accidentally skipped the step where you said type in dump.txt and instead typed -1 as the one to dump and it said it was dumped successfully, then i realized what i did closed it down and did it again and this is what the dump text says-

ú¸ ŽÐ¼ |ûŽØü¹€ ‹ô¿ ŽÀóf¥ê/ 
 °ùúæpë äq¨° ë æpû¿UuTèÉ ¿F´ÍtH= ‰uC´Í3ÛƇ¾ €¿ÂÛtƒÃƒû@rì¾bé� Ƈ¾€Æ‡Â.Ç# ¸C †Ä²€¾ÍrÛ
äu×3Û3ÉŠ‡¾< t<€t¾”ëXA‹ëƒÃƒû@r侟 €ù
uC¾s‹ÅÁè Dÿ×f‹†Æf.£'.Ç# |´B²€¾Í¾‹r
äu¾„ÿ×¾ª�>þ}Uªuéùt¿Fÿ×´ Í͸ ͸ ¸ŽÀ3ÿ¸ ¹P ó«±¾V¿D ¬«âü´· º Í´†¹ º€„Íì< t ´» ÍëòÃÃwww.dell.comCannot restore
Loading PBR 1... done
failed
Bad flag
0 active
Bad PBR
ŒsôÐ

Þþ?? Éõ
€
þÿÿö
šƒÙ ÁÿÛþÿÿ¢yÛku

[Blottedisk]

Hi there,


The log is ok. Your computer seems to be clean. We've found no infections on your machine, which is consecuence of the good security measures you are taking


Please download OTC by OldTimer to your desktop and run it

• Click Yes to beginning the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Also delete the following files in your desktop (move the files to the bin or right-click the files and choose "Send to recycle bin"):

• mbr.exe
• MBRCheck.exe
• mbrlogfix.txt
• The logfiles genereted by MBRCheck (MBRCheck_mm.dd.yy_hh.mm.ss.txt)
• attach 1.txt
• attach 1.zip

Regarding to the false positive, I would suggest you to open a new thread at the False Positive Subforum, where an expert will give you a hand with that. Be sure to include all the neccesary information, as described in the following thread: How to report possible False Positives. You can also include a link to this thread, as the expert may found additional information in order to help you.


Thank you for your patience, and performing all of the procedures requested

Do you have any questions?

[jamper]

Thanks for all of your help, I really appreciate everything you did and how fast you returned all of my posts.

jamper

[Blottedisk]

You are welcome jamper

We can close and shelve this thread then.

Good luck, stay safe