Exploit:SWF/CVE-2015-5119 on my computer

Jack
Jack Posts: 69 Active Engager

Got this keylogger trojan, found out because my ISP notified me.  It got past F Secure and I'm hoping it gets fixed.  My ISP directed me to the Microsoft Safety Scanner.  It can run with F Secure, no ned to disable it.  Go here for the free download http://www.microsoft.com/security/scanner/en-us/default.aspx     I ran the quick version and found nothing, then the long version, which takes hours to run found the virus.  I suggest you run this, maybe at night while you are sleeping to find out if you have one of these suckers on your computer.  It copies passwords and sends them to its master.

 

The name of the virus, according to Microsoft, is in the heading of this thread.

Comments

  • Jack
    Jack Posts: 69 Active Engager

    I hope F Secure reads this and fixes it.  I was asked in an email for a sample and told them I no longer have the virus, deleted it with Microsoft Safety Scanner Saturday.  F Secure should check with Microsoft using the Microsoft name for the keylogger, which is the title of this thread

  • gancal
    gancal Posts: 21 F-Secure Product Expert

    Hi Jack,


    Good day to you!

     

    Allow me to respond to your feedback. The detection you are seeing from Microsoft is related to Adobe Flash Player exploit files (SWF extension) and F-Secure detects similar exploit files as Exploit: SWF/Salama.T. We have investigated further upon seeing your post in Community and there are indeed a few undetected SWF files by us. We are currently working on getting those new files detected with the same detection.

     

    However as for your issue of Trojan keylogger, the detection from Microsoft does not seem to be related. The keylogger is most likely an executable file (EXE extension) while Microsoft is detecting the SWF flash file instead. We understand that you have deleted the detected file however if you still have the scanning logs from Microsoft tool, we would kindly request you to post up the log here for further investigation.

     

    Should you require further assitance, please do contact our support. Have a nice day!

     

    Best regards,

    Calvin Gan

    F-Secure Security Vulnerability Expert

  • Jack
    Jack Posts: 69 Active Engager

    Thank you Calvin.  My ISP informed me that the virus was communicating through my modem, which is how I discovered that I had the bug.  They are the ones who told me they thought it was most likely a keylogger since it was sending info from my computer to its master, according to them.

     

    I didn't see a scanning log from microsoft's scanner.  They just provided their name for the bug.  I was hoping you had a relationship with them and could get a sample from them based on their name for the bug

  • gancal
    gancal Posts: 21 F-Secure Product Expert

    Hi Jack,

     

    As mentioned in the previous reply, the Microsoft detection that you saw is detecting only flash files and is not related with the keylogging trojan that could possibly be in your machine.

     

    In order for us to help you troubleshoot further, can you kindly create a support request here with the FSDIAG attached? Instructions to generate FSDIAG can be found here.

     

    If you require assitance generating the logs, please do inform us. 

     

    Best regards,

    Calvin Gan

    F-Secure Security Vulnerability Expert

     

     

  • Jack
    Jack Posts: 69 Active Engager

    Calvin, since running the Microsoft program to detect the bug, I have run Malwarebytes, F-Secure and the Microsoft program again at night, several times, so would there be anything left for you to see if I were able to send you that?  I'm thinking I may have destroyed all

  • gancal
    gancal Posts: 21 F-Secure Product Expert
    Hi Jack,

    I believe upon running those additional programs, there are no longer malware detection appearing? If there is none, then that should be a good sign and we would not require any logs.

    However should you still require assistance, please do not hesitate to contact us. Have a great day!

    Best regards,
    Calvin Gan
    F-Secure Security Vulnerability Expert
This discussion has been closed.