Jump to content

PC hacked last night? Trojans and Rogue Agents!


Recommended Posts

Hi,

Any help appreciated on the following.

It looks like I had my PC hacked last night, not sure how but walked back into my office and Paypal had opened up on my PC and my account had sent someone money to themselves calling themselves ronocftw@live.com. Done some searching its apparently a guy called Conor W Terry with this email addy. Inform PP and my bank so that covered but...

It seems I have various trojans and rogue.agents on my PC picked up by MBAM. So taking advice I've installed both MBAM and SAS.

Q: Are MBAM and SAS the same company BTW, the forums are identical?

Q: Also I now have 2 small white squares top left of my desktop, any ideas what these are and how to get rid?

But here are my concerns:

c:\Users\Ian\AppData\Roaming\windefender.exe (Spyware.Spyeyes) -> No action taken.

c:\Users\Ian\AppData\Local\Temp\vxgjnpjdzjfivlg9.exe (Spyware.Spyeyes) -> No action taken.

c:\Users\Ian\local settings\temporary internet files\Content.IE5\BGPJKHPB\nb1[2].exe (Spyware.Spyeyes) -> No action taken.

c:\Users\Ian\AppData\Roaming\local.exe (Trojan.Agent) -> No action taken.

c:\Users\Ian\AppData\Roaming\microsoft\System\Services\csrss.exe (Trojan.Agent) -> No action taken.

c:\Users\Ian\AppData\Roaming\data.dat (Stolen.Data) -> No action taken.

c:\Users\Ian\AppData\Roaming\35320.exe (Rogue.Agent.Gen) -> No action taken.

c:\Users\Ian\AppData\Roaming\54401.exe (Rogue.Agent.Gen) -> No action taken.

c:\Users\Ian\AppData\Roaming\Program.exe (Trojan.Agent.Gen) -> No action taken.

Thanks for your input

Ian

Link to post
Share on other sites

Hi, and Welcome to Malwarebytes!

To answer your question, MBAM and SuperAntiSpyware are NOT the same company....

Since you are infected you need to seek help from the experts to get your computer cleaned up. In the meantime, I would get on a computer that is not infected and change all your passwords to any online sites that you visit.

Please read the following so that you can begin the cleaning process:

As we don't deal with malware removal in the General Malwarebytes' Anti-Malware Forum, you need to start a topic in the Malware Removal forum so a qualified helper can help you fix any malware related problems/infections you may have.

  • Please read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.
  • After posting your new post, make sure under options, you select Track this topic and choose Immediate Email Notification, so that you're alerted when someone has replied to your post.
  • One of the expert helpers there will give you one-on-one assistance when one becomes available.
  • Please refrain from making any further changes to your computer (Install/Uninstall programs, use special fix tools, delete files, edit the registry, etc...) unless advised by a malware removal helper. Doing so can result in system changes which may hinder the attempts by a helper to clean your machine.

NOTE: Please DO NOT post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies. If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
      Or
    • You may send a Private Message to a Moderator asking for assistance.

Alternatively, as a paying customer, you can contact the help desk at support@malwarebytes.org or here.

Please be patient, someone will assist you as soon as it is possible.

PS: Please use the "ADDREPLY" t_reply.gif button instead of other ones when you start replying. :)

Link to post
Share on other sites

Ian,

I have Malwarebytes on my computer, but I also have a software called Kaspersky. I really love this software. They offer two different versons of their software, one is a standard Anti-virus software as well as one that offers the anti-virus software AND Internet protection. They offer a 30 day free trial and their software is free to download. When I got a worm on my computer a few years back, my previous anti-virus software could detect it, but it could not remove it. I found kaspersky in a search and was hapy to see that they offered a 30 day free trial. It allowed me to experience it to see if I would like it. Check out the software for yourself at their website of the same name. :) It worked for me and most importantly, windows accepts it and it works with malewarebytes giving you double protection.

Link to post
Share on other sites

Hi and thanks for the responses.

Quick Q RE changing online passwords. Is this required if they are in LastPass or is it required even more if they are in Lastpass? I guess this makes it easier for a hacker to use my details as all of my sites are automated logins effectively?

Any thoughts on this?

Thanks

Ian

Link to post
Share on other sites

As for changing your passwords, If I were you and I thought my computer was compromised, I would change them.... better safe than sorry in my book.

To unsubscribe....

Click on My Controls (located on top Right of Forum)

Look for:

Subscriptions

View Topics

View Forums

Click on View Forums and you can unsubscribe there.....

Link to post
Share on other sites

As for changing your passwords, If I were you and I thought my computer was compromised, I would change them.... better safe than sorry in my book.

To unsubscribe....

Click on My Controls (located on top Right of Forum)

Look for:

Subscriptions

View Topics

View Forums

Click on View Forums and you can unsubscribe there.....

Sorted.

Thanks A Lot Firefox.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.