Post by jsh20910 on Nov 22, 2014 13:13:48 GMT -8
I noticed a poweliks infection in early November. Thanks to Quads and the team, I am in the process of being assisted by Qmalwareremove to clean the affected machine. (Still working on that -- it's a long grocery store line).
After figuring out what was going on with poweliks and establishing a removal request thread, I have left my computer disconnected from the internet, except when I need to download or upload repair information for the removalists.
For a day or two my computer was probably online with poweliks before I realized it was there. I thereafter changed all passwords to bank accounts immediately, but of course, there is a ton of info in my computer.
What I wanted to post/ask about are the statements I see in online research that Poweliks opens a back door and invites in all sorts of other malware - scariest of which seems to be the Ransomware. I'm wondering what other experiences the many other people in this Poweliks checkout line have been having?
It may be just a coincidence, but since discovering Poweliks (a) two weeks later I had a credit card fraud attempted on my credit card - someone ordered a MacBook for pickup at a NY area Apple store (I was called by Apple security, who thought it looked suspicious). Cancelled the card of course. Couldn't get Apple security, my bank card security, the Apple store or the police in the area of the Apple store to be at all interested in nabbing the thief when he/she came to pick up the MacBook. Not much else to be done about that I suppose.
Then today, I got a call on my landline from "Microsoft support" (with a thick Indian accent) telling me that my computer was sending out a signal that there was some sort of problem and they needed to check it out. So I recorded the call and played them for a good while. They got around to asking me to download TeamViewer so they could access my computer. (Gee - I had such a problem down loading that . . .) Ultimately, perhaps since I seemed cooperative, they gave me a number so I could have my IT support call back to clarify the situation. 315-636-4820. Tried #57 to do a call trace, but "call not in the area covered" (so what is that good for?).
Of course, this is the long running Microsoft support scam. See blog.malwarebytes.org/tech-support-scams/#begins. Also see blog.malwarebytes.org/fraud-scam/2013/04/phone-scammers-call-the-wrong-guy-get-mad-and-trash-pc/
Neither of these events alone are unusual, but the coincidence of both of these following shortly after my Poweliks infection is worrisome. Perhaps someone already grabbed files from my computer and is mining it for data to use? So I was wondering:
Is anyone else experiencing a coincident uptick in collateral fraud activity after a Poweliks infection?
Is there a way to know if there remains an exploitable open backdoor on my computer after Poweliks itself is removed?
Would Norton 360 (which I have) or some other active AV system effectively deal with any malware that did come in an open back door?
Can back door access to my computer have also been used to disable my AV program?