Jump to content
Login new information ×
Login new information

TiltWheelMouse.exe

darko999

By darko999
in Security & Privacy Center

 Share

Recommended Posts

darko999

darko999

Posted
Posted

Hi all, in one of my desktop, which is a bit old its only 4gb ram 1333 quad core processor 2,1ghz .
I have EES installed on it, for performance balance. The deal is I downloaded a 700MB installation file for a game called city car driving. Its a driving simulator. While installing EES detected:

"30/05/2014 18:01:51 Real-time file system protection file C:\Users\Insano\AppData\Local\Temp\Microscft.exe a variant of MSIL/Kryptik.UF trojan cleaned by deleting - quarantined Insano-PC\Insano Event occurred on a file modified by the application: C:\Users\Insano\AppData\Local\Temp\GAME.exe"

The installation ended sucessfully tho.

After that, I notices some weird lags on my computer, so I decided to unistall this game. Most of the time it was firefox freezing for a few seconds, stuffs never happend before.

I run a smart scan and it detected a few leftover files in temp folder.

Now I was checking the startup files and I found this "TiltWheelMouse.exe", funny thing is this file was not there not in the past, not yesterday. It just appeared right now. Funny because I checked the registry entry and its just next to the EES entry:

4d80125f.png

I just want to delete this entry, but I don't know if it is a legit file or not, or if it is related with the last detections by EES.

Any advice? The file is rated with 33% securiry base on internet.

I guess this wouldn't happen in my main desktop with Kaspersky custom settings lol.

Link to comment
Share on other sites
  • Replies 5
  • Views 2.1k
  • Created
  • Last Reply

Top Posters In This Topic

  • darko999

    3

  • Sonar

    1

  • Dodel

    1

  • SnakeMasteR

    1

Popular Days

Top Posters In This Topic

Popular Days

SnakeMasteR

SnakeMasteR

Posted
Posted

Why don't you search for the file on your filesystem and actually check it in VirusTotal for example.

Delete this POS from your hard drive and everything related to it. There is no need for a game to install shit like that in autorun, or even copy the game executable in temp folder. It can be a keylogger, i'm pretty sure it is. :lol:

Link to comment
Share on other sites
darko999

darko999

Posted
  • Author
Posted (edited)

Why don't you search for the file on your filesystem and actually check it in VirusTotal for example.

Delete this POS from your hard drive and everything related to it. There is no need for a game to install shit like that in autorun, or even copy the game executable in temp folder. It can be a keylogger, i'm pretty sure it is. :lol:

Thank you for fast reply, I deleted the file, was infected. But this is getting stupidly insane. I have just lost audio on my computer. Found out by Malwarebytes anti malware 2 .exe set as "Hiden" in my download directory, undetected by EES. This was "InstallerRex, Trojan.Zbot".

¿What else like Malwarebytes Antimalware would you recommend to run?. After discovering these new infections, I still have no audio here. It will play songs and files with no error, but no audio as well.

Edited by darko999
Link to comment
Share on other sites
Sonar

Sonar

Posted
Posted (edited)

Hi all, in one of my desktop, which is a bit old its only 4gb ram 1333 quad core processor 2,1ghz .
I have EES installed on it, for performance balance. The deal is I downloaded a 700MB installation file for a game called city car driving. Its a driving simulator. While installing EES detected:

"30/05/2014 18:01:51 Real-time file system protection file C:\Users\Insano\AppData\Local\Temp\Microscft.exe a variant of MSIL/Kryptik.UF trojan cleaned by deleting - quarantined Insano-PC\Insano Event occurred on a file modified by the application: C:\Users\Insano\AppData\Local\Temp\GAME.exe"

The installation ended sucessfully tho.

After that, I notices some weird lags on my computer, so I decided to unistall this game. Most of the time it was firefox freezing for a few seconds, stuffs never happend before.

I run a smart scan and it detected a few leftover files in temp folder.

Now I was checking the startup files and I found this "TiltWheelMouse.exe", funny thing is this file was not there not in the past, not yesterday. It just appeared right now. Funny because I checked the registry entry and its just next to the EES entry:

4d80125f.png

I just want to delete this entry, but I don't know if it is a legit file or not, or if it is related with the last detections by EES.

Any advice? The file is rated with 33% securiry base on internet.

I guess this wouldn't happen in my main desktop with Kaspersky custom settings lol.

Malware Removal Guide
http://www.nsaneforums.com/topic/64224-malware-removal-guide/

Windows Repair (All In One)

http://www.nsaneforums.com/topic/220183-tweakingcom-windows-repair-all-in-one-272/

Edited by Sonar
Link to comment
Share on other sites
darko999

darko999

Posted
  • Author
Posted (edited)

Hi all, in one of my desktop, which is a bit old its only 4gb ram 1333 quad core processor 2,1ghz .

I have EES installed on it, for performance balance. The deal is I downloaded a 700MB installation file for a game called city car driving. Its a driving simulator. While installing EES detected:

"30/05/2014 18:01:51 Real-time file system protection file C:\Users\Insano\AppData\Local\Temp\Microscft.exe a variant of MSIL/Kryptik.UF trojan cleaned by deleting - quarantined Insano-PC\Insano Event occurred on a file modified by the application: C:\Users\Insano\AppData\Local\Temp\GAME.exe"

The installation ended sucessfully tho.

After that, I notices some weird lags on my computer, so I decided to unistall this game. Most of the time it was firefox freezing for a few seconds, stuffs never happend before.

I run a smart scan and it detected a few leftover files in temp folder.

Now I was checking the startup files and I found this "TiltWheelMouse.exe", funny thing is this file was not there not in the past, not yesterday. It just appeared right now. Funny because I checked the registry entry and its just next to the EES entry:

4d80125f.png

I just want to delete this entry, but I don't know if it is a legit file or not, or if it is related with the last detections by EES.

Any advice? The file is rated with 33% securiry base on internet.

I guess this wouldn't happen in my main desktop with Kaspersky custom settings lol.

Malware Removal Guide

http://www.nsaneforums.com/topic/64224-malware-removal-guide/

Windows Repair (All In One)

http://www.nsaneforums.com/topic/220183-tweakingcom-windows-repair-all-in-one-272/

Thank for the links! I think i got rid of all infections. Audio is back as well as stability and windows performance. Thank you all :D

PD: I installed HerdProtect and it did good.

Edited by darko999
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...