FFXI Keylogger or something else?

[Ciecle]

Hello, I'm in need of help...

My FFXI is being a real pain to me, I've uninstalled it 3 times and reinstalled it..

What is being a pain about it, is my macros, no matter what book i'm on or page, it flips to Book1 page1 every time i zone...

I have installed what i thought was good programs, Malwarebytes, Threatfire, and Bitdefender... and so far, its been a real pain... Malwarebytes today just caught 4 Backdoor.bot, and just the other day my Threatfire caught FFXI trying to change its registry files this started about 4 days before the last update, and i've uninstalled FFXI 3 times and reinstalled it. it worked fine, till i logged off.... As soon as i logged off then logged back in, i found what i tried to get rid of still there... I ran a deep scan on my computer with Bitdefender and nothing has shown up for a virus.... I uninstalled windower thinking it had something to do with it, and it didn't help. The only 3 sites i visited while on FFXI is Wiki, BG, and my linkshell forums...
I visit these sites daily and nothing has happened... untill recently...

Has anyone else had this problem? or is my computer infected with a Virus/keylogger... if so is there a way to get rid of it with out getting rid of FFXI all together... :\

What Malwarebytes had found: Files Infected:
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP240\A0145769.exe (Backdoor.Bot) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP242\A0152548.exe (Backdoor.Bot) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP243\A0152612.exe (Backdoor.Bot) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP255\A0163282.exe (Backdoor.Bot) -> No action taken.

What Threatfire found: Executable Modified(DENIED)
Triggered on 4/1/2009 at 6:27:08
Triggered by C:\Program Files\PlayOnline\SquareEnix\PlayOnlineViewer\polte mp

It just poped up again and this time:

An application has preformed an action that is potentially malicious.

Risk:High
Name: MMORPG-FFXIMain.dll
Path: C:\Program Files\PlayOnline\SquareEnix\FINAL FANTASY XI

Technical details

Description: Suspicious Activities Detected
Details: C:\PROGRAM FILES\PLAYONLINE\SQUAREENIX\PLAYONLINEVIEWER\POL.E XE
Count: 1
Time: 4/12/2009 3:16:18 PM

[Ciecle]

.... Ugh... I Decided it might be a false Positive, so I made the choice of deleting the Threatfire program from my computer... and now... everything is normal >.>... I'm going to do a system scan before its decided, but... if this works Threatfire can STFA. srsly.

edit: Confirmed. Threatfire is a hazard to FFXI. Everything is back to normal. If you are looking for Anti-Virus/malware software do not download Threatfire it will kill your FFXI account and annoy you.

[Tythera]

It's not much help, but the 4 files you found are in the system restore. If you don't plan on rolling back you could always turn it off and then back on to clear all the system restore points out. That would get rid of the 4 hits for the Backdoor.bot.