Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Hidden Fiddler Install, Help Needed in Removal

  • Please log in to reply
1 reply to this topic

#1 atmos


  • Members
  • 1 posts
  • Local time:07:24 PM

Posted 27 August 2014 - 10:40 PM

Several days back a family member downloaded some suspicious torrents from a vauge site, and managed to catch an internet hijacker. It installed a number of trojans and a rat, all of which i was able to remove using Avast, Malwarebytes, and even superantispyware just for kickers. However, one peice of the software remains on my hardrive. A hidden install of Fiddler root, which was the first part of the program which intercepted https and sent the data to a remote server. My AV's dont detect Fiddler being that it isnt naturally maliscious because it is a legitmate program used by a good number of people apparently.  I desperatly need this program uninstalled, I'm unsure as to what could still be buired in the programs architecture so keeping in is out of the question.


I just dont know what to do, i cant uninstall the program manually because "windows add/remove a program" cand detect it, and my AV dont see it as being maliscious so they ignore it. I cant find out what ver. of the Fiddler the Hijacker was using because its hidden as well, so trying to find the version spec. registries wont work either.


to summarize up,

OS: Windows 7 64bit

Infection: Hidden Install dir of Fiddler Root

Actions taken: Ran a complete boot disk scan with Avast over the course of 33+ hours (1.85tb Hdd)

Edited by atmos, 27 August 2014 - 10:41 PM.

BC AdBot (Login to Remove)


#2 noknojon


  • Banned
  • 10,871 posts
  • Gender:Not Telling
  • Local time:12:24 PM

Posted 28 August 2014 - 06:48 AM

 R.A.T. - Short for Remote Access Trojan, a Trojan horse that provides the intruder, or hacker, with a backdoor into the infected system. This backdoor allows the hacker to snoop your system, use your infected system to launch a zombie (attacks on other systems), or even run malicious code.


Any person who claims to have been infected by a R.A.T. should post to Malware Removal area and not Am I Infected.

We are not able to handle these here -


Thank You -


Please follow the instructions in ==>This Prep Guide<== starting at Step 6.

Once the proper DDS logs are created, then make a NEW TOPIC and post it to ==>Malware Removal Area<==Not back here

NOTES : If you cannot produce any of the other logs, then please create the new topic anyway, include the information that you were unable to produce the other logs and why along with a description of your computer issues.
Please do not ever run ComboFix unless a Malware Response Team Member instructs you to do so.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users