Jump to content

Backdoor.Cycbot.Gen


Recommended Posts

Late last night I posted an image in an open conversation on Skype, this followed by someone telling me my IP address and threatening to "launch" a DoS/DDoS attack against me. They then showed a picture of my IP address loaded up in LOIC and proceeded to ask me if my internet was "running smooth".

I wasn't too bothered at the time as nothing appeared wrong, surely if he was successful I'd have no connection at all, so all I did was switch my router off and went to bed, woke up this morning and turned my router back on in hope that I would have been assigned a new IP. (which I was)

Like I said, had no problems at the time, but today I've noticed a couple of DNS errors when trying to load websites and my whole system seems more sluggish than usual.

I ran a quick scan on Malwarebytes but nothing came back, so proceeded in running a full scan (results below in a handy spoiler tag) and it came back with 2 casino spyware things (wasn't too worried) and "Backdoor.Cycbot.Gen". I quarantined all, deleted all, restarted computer, and for some reason had to re-install Malwarebytes (found rather peculiar).

I then ran another quick scan, to which nothing came back. But am still experiencing things rather sluggishness.

Other things to note:

Couple of months ago had a "xp security 2012" virus, assumed it was fully removed.

Last week my mother answared the phone to one of them scam artists claiming to be working with Microsoft and that they would help her remove some malware (she isn't very tech savy, the had got her to install the remote access software before she could tell me what was going on, I quickly took the phone off her, told them "politely" I knew what they were doing and hung up. I then restored her laptop to factory settings (as it was pritty new anyway) and re-installed Malwarebytes on her system, scans came back clean, ran scans on my laptop and the two other computers on the network and they were all clean. (all were off at the time off the phone call so i assumed they would be)

Logs as required in sticky post attached and full scan results.

Full scan results:

Malwarebytes Anti-Malware 1.60.0.1800

www.malwarebytes.org

Database version: v2012.01.31.08

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 8.0.6001.19170

luke :: LUKE-PC [administrator]

Protection: Enabled

31/01/2012 20:32:01

mbam-log-2012-01-31 (20-32-01).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 418443

Time elapsed: 4 hour(s), 39 minute(s), 9 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CelebPoker (PUP.Casino) -> Quarantined and deleted successfully.

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Poker\CelebPoker\_SetupPoker_ef1d26.exe (PUP.Casino) -> Quarantined and deleted successfully.

C:\Users\luke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\560d5e64-5899d630 (Backdoor.Cycbot.Gen) -> Quarantined and deleted successfully.

(end)

Any help would be much appreciated. Thank you in advance.

Attach.txt

DDS.txt

Link to post
Share on other sites

  • 2 months later...

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.