Help on Security Issue on PC (Backdoor.bot)

[mn072065]

Ok here is my story. My credit card was used for items bought in the internet without my authorization. I have caled the card the first time, and yesterday it happened again. Waiting for the new card. I did a clean on my PC and found backdoor.bot. After reading about it, i see that that could have been the culprit on my security problem. So bank sending me my new debit card. I'm in a panic. I used malwarebytes + now using superantispyware. I cleaned it thoroughly so far so good. But i'm in a panic. I went to my kids PC and since i cleaned it and no viruses, i used that to change my bank login password. Working slowly on everything to change password. I have questions:
Do I change password + logins, or just passwords?
I use roboform, do I change the password on that, if so, how? Disconnect from internet before i change all passwords or it it safe to change while i'm connected.
I'm using Windows 7 Ultimate, NOD32 4.0.467, plus malwarebytes + superantispyware. What else can I use. My firewall is on.

Is this enough for protection. Thanks all.

[MOVIEGEEK]

I know how you feel because this happened to me a couple of years ago.
1.Do NOT get a VISA card that is linked to your savings/checking account, get a separate ATM card from your bank. The reason is thiefs can clean out your savings/checking account with an ATM card but by law credit cards are limited to a $50 loss or sometimes nothing at all.
2.Do not use Roboform,AutoComplete,etc because it stores confidential info on your PC which can be hacked, write down all confidential info and enter it manually on websites. AutoComplete can be disabled in Internet Options->Content.
3.Change your passwords on banking websites regularly and don't use your children/spouse names as passwords.

[mn072065]

Thanks for the quick response, i have a bank debit card, mastercard, dont know if i can get that unlinked, also i have used roboform for at least a year, i really thought they were safe. i dont store bank stuff, but i do store all passwords. i changed bank password and used a strong password now.

[MOVIEGEEK]

Call your bank and see if you can get just an ATM card with no logo, they push the logo cards because they get a kickback from VISA and MasterCard.

[mn072065]

Thanks for the feedback, will reformating help me, or do you think i'm clean since all 3 software have not detected anything now.

[mn072065]

How can I find out if my PC is clean?

[MOVIEGEEK]

You should disable System Restore and delete restore points also delete quaranteened files from Malwarebytes and SAS. Reboot then enable System Restore.
http://www.howtogeek.com/howto/3187/disable-system-restore-in-windows-7/

[mn072065]

i actually did not have system restore on, i always have it off, shall i still do that? Thanks

[jagabo]

You should check with your bank, but generally: By law, your liability for stolen credit cards is limited to $50 and most banks will waive even that unless you blatantly admit you lost the card last month and didn't bother to inform them. Debit cards have much higher limits and it may take quite a while to settle disputes -- during which time you may simply have no money.

http://www.pirg.org/consumer/banks/debit/debitcards1.htm

You should never use a debit card for online purchases. Actually, you shouldn't use a debit card for anything. Use a credit card and just pay it off every month.

[mn072065]

Unfortunately because of health problems & debts, i cannot get a credit card, all i have is my debit card. I did another cleaning and nothing shows up, but i think i should reformat and do a clean install since i'm paranoid now. If there is a bug that should kill it correct?

[MOVIEGEEK]

Yes a clean install will get rid of any malware if you reformat but I think it's unnecessary.

[mn072065]

Thanks alot all, i'm going to reformat since i'm paranoid now and hope everything turns ok.

[jagabo]

Unfortunately because of health problems & debts, i cannot get a credit card, all i have is my debit card.

You should be able to get a secured credit card. Even people in bankruptcy can get them.

[deadrats]

Ok here is my story. My credit card was used for items bought in the internet without my authorization. I have caled the card the first time, and yesterday it happened again. Waiting for the new card. I did a clean on my PC and found backdoor.bot. After reading about it, i see that that could have been the culprit on my security problem. So bank sending me my new debit card. I'm in a panic. I used malwarebytes + now using superantispyware. I cleaned it thoroughly so far so good. But i'm in a panic. I went to my kids PC and since i cleaned it and no viruses, i used that to change my bank login password. Working slowly on everything to change password. I have questions:
Do I change password + logins, or just passwords?
I use roboform, do I change the password on that, if so, how? Disconnect from internet before i change all passwords or it it safe to change while i'm connected.
I'm using Windows 7 Ultimate, NOD32 4.0.467, plus malwarebytes + superantispyware. What else can I use. My firewall is on.

Is this enough for protection. Thanks all.

for future reference whenever you wish to make a purchase online walk into your local pathmark or similar large chain and buy a mastercard/visa/amex gift card, they work just like a regular credit card only they are limited by how much you put in them at activation time (i think the upper limit per card is like $500).

also i i'm fairly sure that you can get the money that was stolen back, as you probably know all bank accounts are FDIC insured:

http://www.fdic.gov/deposit/deposits/index.html

i'm almost 100 percent positive you will be covered fully for the amount of your lose.

when you get the new debit card change the password at an atm or inside the bank (a manager can assist you).

since you did a clean install, you are using a robust OS (Win 7 Ult is solid), you have the firewall turned on, i would also install the following, keep them up to date and let them run in the tray (i.e. they load at startup):

avg free
clam anti virus
spybot
ad aware

http://www.spywareremove.com/removeBackdoorBot.html

turn off the following services:

remote access
remote registry
routing and remote access
remote desktop services
remote access connection manager
remote access auto connection manager

set the following to manual

secondary logon

in the future if you plan on doing online banking i recommend a hardened browser and use that browser only for banking, specifically use a 64 bit browser, your only options on windows are ie and firefox, and the latest versions of either will be fine.

[jagabo]

also i i'm fairly sure that you can get the money that was stolen back, as you probably know all bank accounts are FDIC insured

FDIC insurance does not cover theft from your account. It covers your account in case the back goes bankrupt.