Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

3 laptops, a desktop infected AND money stolen from us. Please help


  • Please log in to reply
2 replies to this topic

#1 bleedingcomputer

bleedingcomputer

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 08 November 2011 - 09:14 AM

Someone stole money from me by stealing my credit card, debit card and other sensitive details. Please help me get secured.
Laptops – Asus, HP, Dell.
Here's what happened.
About a month ago my ASUS laptop had its mouse hijacked when the mouse was in a vmware xp. I pulled the plug, went offline, deleted that vm xp and scanned the host win7 system with malwarebytes pro and comodo av and they found nothing. I also had comodo firewall installed and i didnt remember allowing any unsafe programs. My firewall settings are paranoid level btw.
But it seems I was careless to think that the virus was probably in vmware and forgot about it.
And then a few weeks later, my pc became slow and there were frequent “disruption” “distraction” “static sort-of” lines that appear when you are TeamViewing someone or taking a screenshot. I was a little busy with work then and mostly ignored them then. They distracted me for a few days and sometimes but i was busy and thought I will deal with it on the weekend, (I know it was foolish but since Mbytes and comodo didnt find anything, I wasnt too worried).
And then they went away and for the last few weeks I didnt experience any such problems or hijacking. Or so I thought. Yesterday, my friends laptop (we live in the same house) had his mouse hijacked as well on his HP laptop. He told me this today and while we were discussing it, my own ASUS laptop (which had been left unattended) had someone playing with it. We both got extremely scared. I pulled the plug on ASUS (once again after a month – again, scanned with updated mbytes pro and av – they found nothing. What a waste of time and money). So we have definitely been hacked. (Moreover, some money was stolen from me and we are talking to the bank about that).
The main aim here is to find what virus we are infected with and clean the machines.
The first thing we did was change the wifi password. And its now over 20 characters and wpa2.
Secondly, both the other two laptops have been offline since yesterday and I am posting here via a third laptop which another friend owns (we three live in a house share).
We think that since we use the same USB drives on all the laptops and a desktop, that could be the cause of such a spread, since we dont usually share any folders or apps or anything as we are all into things of our own. We just loan each other our USBs or share them, etc.
The plan is to
1. find whether this laptop, we are using to post now (Dell) is infected. Cos if its not, we can securely use this for now.
2. Then we plan to clean our 8gb and 16gb usb's and a couple 1TB external HDDs, so we can backup our documents in the laptops.
3. Then we actually start cleaning the asus laptop and the hp laptop, which r definitely infected with something. (Hopefully its not a rootkit malware).
4. We will then all install linux in all laptops since we have had it with windows. And even with linux, we r planning to install linux antivirus, etc, just to be safe.

We are posting in the “Am I infected” section to find out what we are infected with and to find out whether our Dell laptop is infected as well.


We will be checking for reply and will be available to follow any advise for the next 24 hours. There will be at least one of us online for the next 24 hrs since we want to solve this and get back to our work and life asap.

BC AdBot (Login to Remove)

 


#2 bleedingcomputer

bleedingcomputer
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:09:28 AM

Posted 08 November 2011 - 09:18 AM

Also, we havent done a combo or hijackthis scan yet as we are awaiting advise on how to proceed. We have disabled the autoplay USB in all laptops. Scanned them all to no avail. and done a few things hardly worth mentioning. All while offline.

#3 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:28 AM

Posted 08 November 2011 - 08:50 PM

With the information you have provided I believe you will need help from the malware removal team.
Please make sure that you read the information about getting started first.
Then start a new thread HERE and include or required logs.
Including a link to this thread will be helpful.

Good luck and be patient. Help is on the way!

My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users