I was using an earlier free version of Spybot which recently repeatedly was finding 3 instances of Win32Agent.pz. When I clicked to fix it stated this had been fixed but on scanning after rebooting was again found. I was aware there was a serious comprimise to my computer as which ever of my banks I was about to sign into the opening screen was clearly wrong as all security information was asked rather than the random information that a bonafide bank asks. Also curiously a bogus username appeared at startup (RDPuser18). I saught virus removal help from another Company and after lengthy online control of my computer they found it to be virus free despite my continued maleovalent bank site loading whenever I try to access. What was also worrying when I was discussing with the virus removal technician as they took online control of my computer I told of the bogus RDPuser18 username that had appeared and that when I had googled the RDPuser part had found somebody on these vatious highly technical forums was using that name. When I later googled RDPuser18 after our online conversation I found a single entry on a forum site that appeared possibly Greek but in English a single line of text claiming their name to be John and stating a bogus username RDPuser18 had mysteriously appeared on their computer some 52 minutes earlier (that would have coincided with the time I was online getting viris removal help. My fear is that over that period some hacker had infiltrated my computer and was aware of the conversation.
I have currently my free Spybot program removed and my Norton one disabled and would appretiate any advice from yourselves as to whether the updated Spybot program would be effective in removing the Win32Agent.pz infection and as to whether the symptons on my computer indicate any specific virus.

hi simonb,


you need to post a hjt log as starting reference point. some malware may show up in the log, some may not. its only a staring point:

HJT:

http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe

* Save HJTInstall.exe to your desktop.
* Doubleclick on the HJTInstall.exe icon on your desktop.
* By default it will install to C:\Program Files\Trend Micro\HijackThis .
* Click on Install.
* It will create a HijackThis icon on the desktop.
* Once installed, it will launch Hijackthis.
* Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
* Click on "Edit > Select All" then click on "Edit > Copy" and Paste the entire contents of the log (no attachments) into your (Click --> ) own new topic

* DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
* DO NOT have Hijackthis fix anything yet. Most of what HJT lists will be harmless or even required by your Operating System, a helper will guide you.


earlier free version of Spybot
all versions of spybot are free. you should uninstall the current version, reboot computer and download install and update to the latest version:

http://www.safer-networking.org/en/index.html

Many thanks for your instructions which I will keep for future reference. AS regards my recent problems I am intending refornatting my entire disk.

hi simonb,


I am intending refornatting my entire disk.

ok good luck. get the core components: antivirus, anti-malware and a software firewall after the reformat.

for your reference:

My Top Ten List
The Short Version:

1) Keep your OS, (Windows) browser (IE, FireFox) and other software up to date.
2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons. Do you trust the source?
3) Install and keep them all updated: one antivirus and two or three anti-malware applications.
4) Refrain from clicking on links or installing files you receive via E-Mail, IM, Chat Rooms or Social Sites, no matter how tempting or legitimate the message.
5) Don't click on ads/pop ups or offers from websites to install software to your computer.
6) Don't click on offers to "scan" your computer.
7) Set up and use limited accounts rather than administrator accounts.
8) Install and understand the limitations of a third party software firewall.
9) Consider using an alternate browser and E-mail client.
10) If your habits include visiting or downloading/installing files from: warez, crack sites or p2p (file sharing) networks: then you are much more likely to encounter malicious code. Do you trust the source?

longer version in link below

happy safe surfing out there