Backdoor Agent help?

[Pleasehelpmelol]

Okay, im sorry if this doesn't go under the right topic, its the closest to my problem.

I accidently  downloaded a backdoor agent by accident & it infected my pc with a bunch of other crap. I used Malwarebytes & its in quarantine for 2 years now. Everything has been back to normal. 6 months ago my Facebook was hacked advertising glasses, I changed my password & logged out of all devices which solved the problem. Is this the Backdoor agent key logging & someone used my account? I ran a quick scan & found PUPs that are harmless. Please forgive me but Im honestly paranoid. Im only 16 & im sorry if im in the wrong topic. Please help its my fault i know. 

Edited November 7, 2017 by Pleasehelpmelol

[Pleasehelpmelol]

Backdoor agent has been in quarantine for 2 years now. Meaning it cant do anything right?(I've been fine since then) If there was a keylogger malwarebytes would have detected that too right? Im honestly scared about my credit card being used as 8 months ago my facebook was hacked advertising raybans; i hadnt been on Facebook for days & hadn't clicked on anything. Is this backdoor related or something completely different?

 

[Aura]

Hi Pleasehelpmelol

Quote

Backdoor agent has been in quarantine for 2 years now. Meaning it cant do anything right?(I've been fine since then)

That's right. Files quarantined by Malwarebytes are moved in the quarantine location and encrypted as well, so they cannot be used (nor opened normally) anymore.

Quote

If there was a keylogger malwarebytes would have detected that too right?

Assuming you are infected with a keylogger that Malwarebytes detects, then yes.

Quote

as 8 months ago my facebook was hacked advertising raybans; i hadnt been on Facebook for days & hadn't clicked on anything. Is this backdoor related or something completely different?

Completely different. These kind of behaviors (your account posting stuff you didn't post, like Ray Beans scams) are caused by Facebook apps to which you gave the permission to post under your name (from your profile). You should review what apps you have in that list, and remove the one(s) you don't know/don't use anymore.

[Pleasehelpmelol]

18 hours ago, Aura said:

Hi Pleasehelpmelol

That's right. Files quarantined by Malwarebytes are moved in the quarantine location and encrypted as well, so they cannot be used (nor opened normally) anymore.

Assuming you are infected with a keylogger that Malwarebytes detects, then yes.

Completely different. These kind of behaviors (your account posting stuff you didn't post, like Ray Beans scams) are caused by Facebook apps to which you gave the permission to post under your name (from your profile). You should review what apps you have in that list, and remove the one(s) you don't know/don't use anymore.

I had a trojan & backdoor agent. Is the backdoor agent virus the one doing the key logging or does it download something else onto my system. Also, i heard that the ray ban scams could be due to malware? Is that malware related to key logging or with the backdoor agent in any way?

[Aura]

Quote

Is the backdoor agent virus the one doing the key logging or does it download something else onto my system.

Backdoor agent means that the flagged file had to ability to receive commands from an external system and run them on your system, effectively "backdooring" it.

Quote

Also, i heard that the ray ban scams could be due to malware?

It's possible in some cases.

Quote

Is that malware related to key logging or with the backdoor agent in any way?

We don't have enough information to assume anything regarding your situation.

[Pleasehelpmelol]

6 minutes ago, Aura said:

Backdoor agent means that the flagged file had to ability to receive commands from an external system and run them on your system, effectively "backdooring" it.

It's possible in some cases.

We don't have enough information to assume anything regarding your situation.

Okay so I've used quick scan a couple of times before so surely if i did have a keylogger it wouldve been detected? & in my case (backdoor.agent.WD) to double check, I SHOUDLNT have any malware &  that the ray ban scam has nothing to do with this backdoor or???

[Aura]

Like I said, there's alot of "if" here. What you're asking is basically a forensics investigation, which we don't really provide, as it's a different field than malware removal. Do you still have the Malwarebytes logs with the backdoor detections? If so, copy/paste it here so I can review it.

[Pleasehelpmelol]

3 minutes ago, Aura said:

Like I said, there's alot of "if" here. What you're asking is basically a forensics investigation, which we don't really provide, as it's a different field than malware removal. Do you still have the Malwarebytes logs with the backdoor detections? If so, copy/paste it here so I can review it.

Ahh i don't. All i can ask really is what type of malware would be ones that 'hack' into facebooks & posts on people walls. In this case, is it highly likely that its app permission more than malware?

Edited November 10, 2017 by Pleasehelpmelol

[Aura]

Quote

Ahh i don't. All i can ask really is what type of malware would be ones that 'hack' into facebooks & posts on people walls. In this case, is it highly likely that its app permission more than malware?

Then there's not much I can do. And yes, that's right.

https://www.welivesecurity.com/2016/04/06/buying-ray-bans-dont-fall-for-this-facebook-scam/

[Pleasehelpmelol]

4 hours ago, Aura said:

Then there's not much I can do. And yes, that's right.

https://www.welivesecurity.com/2016/04/06/buying-ray-bans-dont-fall-for-this-facebook-scam/

Wait first what did you say yes to? & is says to scan my pc; what im asking is if there was a virus, what virus would be detected? (E.g a trojan?)

[Aura]

I linked you the article for this bit:

Quote

1. Remove all suspicious Apps from your Facebook that can automatically post content on the Facebook wall without user knowledge (Settings -> Apps).

 

[Pleasehelpmelol]

On 11/11/2017 at 9:20 PM, Aura said:

I linked you the article for this bit

Edited November 13, 2017 by Pleasehelpmelol

[Pleasehelpmelol]

On 11/11/2017 at 9:20 PM, Aura said:

I linked you the article for this bit:

 

Please answer but what type of MALWARE uses Facebook accounts & what are the SYMPTOMS of a KEYLOGGER.

[Aura]

Quote

Please answer but what type of MALWARE uses Facebook accounts & what are the SYMPTOMS of a KEYLOGGER.

There are way too many type of malware that can uses Facebook accounts for their own ends. And if you are infected with a keylogger, you won't even notice it. All a keylogger does is record your keystrokes and send them somewhere (email, FTP, etc.). So unless you monitor your network for suspicious traffic, connections, etc. there are no obvious signs of being infected with a keylogger. It isn't like being infected with a miner, adware, ransomware, etc. Keyloggers are silent and discret.

[Pleasehelpmelol]

15 hours ago, Aura said:

There are way too many type of malware that can uses Facebook accounts for their own ends. And if you are infected with a keylogger, you won't even notice it. All a keylogger does is record your keystrokes and send them somewhere (email, FTP, etc.). So unless you monitor your network for suspicious traffic, connections, etc. there are no obvious signs of being infected with a keylogger. It isn't like being infected with a miner, adware, ransomware, etc. Keyloggers are silent and discret.

These are the things malwarebytes detected(all in 2017). Would any of these things be key log related? 

Cross rider
Calendertool
Search module
One system care
Privoxy
ProPCCleaner
Update admin
Downserve
Install Core
Optional.booking
Desk bar
Goobzo
Web Bar
APNToolbar.Gen
Search Protect

Also i heard that backdoor agents use key logging, so is the backdoor agent the one doing the key logging or is the key logging totally separate?

Edited November 14, 2017 by Pleasehelpmelol

[Aura]

None of these are keyloggers, nor backdoors. They are all adwares and PUPs.

The backdoor agent payload can be doing the keylogging, yes.

[Pleasehelpmelol]

47 minutes ago, Aura said:

None of these are keyloggers, nor backdoors. They are all adwares and PUPs.

The backdoor agent payload can be doing the keylogging, yes.

What do you mean by payload? (Sorry im dumb) & what i meant was would the key logging be a separate software from the backdoor or is it coming directly from the backdoor? 

[Aura]

The payload would be the actual "malicious" file (like, backdoor.exe). And no, the keylogging feature could be coming from the same payload as the backdoor (ie: backdoor.exe).

[Pleasehelpmelol]

21 hours ago, Aura said:

The payload would be the actual "malicious" file (like, backdoor.exe). And no, the keylogging feature could be coming from the same payload as the backdoor (ie: backdoor.exe).

So in theory, quarantining the backdoor means i cant be keylogged right?

[Aura]

Yes, that's right.

[Aura]

Hi Pleasehelpmelol,

Is there anything else?

[Aura]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!