Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Backdoor agent help


  • Please log in to reply
7 replies to this topic

#1 Oppaswagwanstyle

Oppaswagwanstyle

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 14 November 2017 - 12:06 PM

I quarantined a backdoor agent around 2 years ago & since then all the symptoms have been gone. Everythings back to normal, but around 8 months ago my fb was used for ray ban scams. I know backdoors can use keylogging. So now im wondering if the backdoor agent is the one that does keylogging or does that backdoor use something separate? Im honestly scared because around a year ago (a year after i quarantined the backdoor) i bought something online & im paranoid my credit card details could be in danger? Please help.

BC AdBot (Login to Remove)

 


#2 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:44 AM

Posted 14 November 2017 - 12:36 PM

G'day,

 

 

 

Could you please give some idea of what Operating System you're running and some details on your hardware?

 

I'm not a Qualified Malware Removal Expert so I'm very limited in what I can do for you. It will help if you could provide the requested details as it will help a Qualified Tech. to get started. They're very busy all the time, but extra busy at the moment.

 

If there's anything I can do to help, I will. I'm in Australia so it's getting close to sleep time. (04:00hrs.)

 

 

Thanks kindly.

 

 

Kilt.


PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 


#3 Oppaswagwanstyle

Oppaswagwanstyle
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 14 November 2017 - 01:23 PM

Well idk about the hardware & details but i can tell you the laptop it is an Acer Aspire E15 windows 10

#4 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:44 AM

Posted 14 November 2017 - 01:34 PM

No problem. That's a good start. 

 

Just one thing to keep in mind regarding your credit card:

 

1) If there are no unusual transactions on there, that is a good thing.

 

2) If you are seriously concerned about the credit card I suggest you contact your issuing financial institution and have the card cancelled and replaced. I know it can be a nuisance but it's worth it if it buys you some peace of mind.

 

Is there any reason you suspect you may still be infected? 

 

Have there been any unusual symptoms or activity on your computer?

 

Usually, in my experience, Anti-Virus software only keeps Quarantined threats for a limited period of time before deleting them. Have you checked to see if the Infector is still in Quarantine?

 

I would STRONGLY suggest you change you Facebook password to a new STRONG password. Facebook hacks are relatively common.


Edited by Unworn_Kilt, 14 November 2017 - 01:45 PM.

PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 


#5 Oppaswagwanstyle

Oppaswagwanstyle
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 14 November 2017 - 02:13 PM

Its my moms so it would be hella weird just asking her to change her pass:') & no everythings been fine for 2 years & could you give me symptoms & ill tell you what i have. Also i used malwarebytes which quarantine them until whenevr you wanna delete them. The only reason i think im infected is because of that fb hack that happened 8 months ago, which advertised raybans. These are all the infections i found this year too
Cross rider
Calendertool
Search module
One system care
Privoxy
ProPCCleaner
Update admin
Downserve
Install Core
Optional.booking
Desk bar
Goobzo
Web Bar
APNToolbar.Gen
Search Protect

#6 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:44 AM

Posted 14 November 2017 - 02:43 PM

Ok,

 

Let's try this.

 

Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

 

 

 

Download RKill (Courtesy of Bleeping Computer.com) Here:   RKill

 

Save it to your Desktop so you can find it easily.

 

Be patient as it can take a little while to finish.

 

When its finished it will open a report, it will also save a copy on your Desktop.

 

Copy and paste the results into your reply as plain text.

 

Don't restart your computer between running RKill and AdwCleaner!!

 

 

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.

 


-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

*****(Apologies to "BRONI" for "borrowing" your instructions here)*****

 

 

I'm going to have to grab some sleep but I'll check back as soon as I'm back up and running.

 

 

Be sure to let me know how you get on please.


PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 


#7 Oppaswagwanstyle

Oppaswagwanstyle
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  

Posted 14 November 2017 - 03:29 PM

Ill try it when i can cuz im hella busy:') but im telling you rn, i dont have any symptoms or anything.

#8 Unworn_Kilt

Unworn_Kilt

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:09:44 AM

Posted 14 November 2017 - 03:43 PM

Whenever you're ready is fine. If you need any help running the programs just let me know and I'll do what I can to help. Have a great day!

PLEASE NOTE

 

I am only a Standard Member,  NOT a Trained Malware Removal Expert. If you have ANY concerns regarding any advice I may give, please contact a Member of Staff before making changes.

 

Thanks!

 

 

** Walk Softly and Carry a Big Stick **

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users