Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 fynloski.a?


  • Please log in to reply
7 replies to this topic

#1 calebryan95

calebryan95

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 01 February 2014 - 09:04 PM

Sorry I have basic Microsoft Security Essentials but it detected fynloski.a in opera nexts installation folder. Did it come from opera next or did it just spread to there? Anyways, is there anyways I can find out their ip that they are connecting to me from and possibly send something back? Thanks


Edited by hamluis, 02 February 2014 - 12:01 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:06:19 AM

Posted 01 February 2014 - 10:47 PM

you can detect the IP, but it will be a server paid for with stolen credit card details... or someone elses hacked machine or something similar. It won't be a hacker. If you make any serious threat against a malware server you are likely to experience retaliation attacks on your own machine also.

 

There's little chance of discovering the vector once a malware is installed on your machine these days, they pretty much just take over.

 

You should definitely be starting a new topic in the 'malware removal' forum.



#3 Greg62702

Greg62702

  • Banned
  • 717 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 01 February 2014 - 11:02 PM

Someone has been visiting sites that they should not be.

Backdoor:Win32/Fynloski.A

This trojan can give a hacker access to your PC. They can then control your PC and steal sensitive information.

http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Backdoor%3aWin32%2fFynloski.A



#4 calebryan95

calebryan95
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 01 February 2014 - 11:03 PM

you can detect the IP, but it will be a server paid for with stolen credit card details... or someone elses hacked machine or something similar. It won't be a hacker. If you make any serious threat against a malware server you are likely to experience retaliation attacks on your own machine also.

 

There's little chance of discovering the vector once a malware is installed on your machine these days, they pretty much just take over.

 

You should definitely be starting a new topic in the 'malware removal' forum.

Haha ya, I removed it but Im pretty sure the origional is on here somewhere, but I will take care of it. And who said anything about attacking them back, I mean haha that was the plan and If I find the origional guy who started it Im giving him a few virusses of my own as well as a loop. Ya, mine dont just start up at boot, if they pay me I remove it but it was installs into some other places making it irremovable hehe

 


Someone has been visiting sites that they should not be.

Backdoor:Win32/Fynloski.A

This trojan can give a hacker access to your PC. They can then control your PC and steal sensitive information.

http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Backdoor%3aWin32%2fFynloski.A

I already knew they were



#5 calebryan95

calebryan95
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 01 February 2014 - 11:04 PM

All I didnt know about these is if I could trace back the ip , and etc etc. I use installed these before giving computers to friends I bought them and before giving it to "employees" if you want to call them that



#6 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:06:19 AM

Posted 01 February 2014 - 11:07 PM

Someone has been visiting sites that they should not be.

80% of malware is served by trusted sites, that have been hacked.



#7 calebryan95

calebryan95
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:19 PM

Posted 02 February 2014 - 02:45 AM

 

Someone has been visiting sites that they should not be.

80% of malware is served by trusted sites, that have been hacked.

 

The only site I have visited on this coputer or internet connection would be an accidental clicking on a spam message and opening its link, and downloading a crack/patch which I deleted, Else Im always on "trusted" websites which is true arent safe they have been hacked. Now as for my bro, ya he uh ya been on some sites to say in the least if you know what im saying;)



#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:19 AM

Posted 02 February 2014 - 03:43 AM

Full Microsoft details from their site -

 

Microsoft security software detects and removes this threat.
This trojan can give a hacker access to your PC. They can then control your PC and steal sensitive information.
Fynloski.A is a repackaged version of a remote access tool (RAT) and might come in a variety of installer types.

It has different file names. It creates an entry in the Windows registry to make sure it runs every time Windows starts, and that you're not aware that it's running.

 

This area is Am I Infected, and as you have been infected by a RAT Trojan, the Experts should now handle this.

 

As you are badly infected, please Fully read and follow the instructions in the Preparation Guide starting at Step #6.

 

NOTE : If you are unable to complete any step, still post the topic and leave a full description of your problems

 

When you have done that, start a new topic and post the required logs to  Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.

 

 Please Use Copy and Paste for your responses, and Do Not Attach them unless your helper requests this.

 

 If Help Bot responds to your topic, please follow his Step #1 so the team will be notified.

 

 After doing this, please reply back in this thread with a link to the new topic so we can close this one.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users