1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

anitvirus and Banker trojan

Collapse
X
1 to 7 of 7 Previous template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
1 to 7 of 7 Previous template Next
    #1

    anitvirus and Banker trojan

    Ran Panda Software free online antivirus on PC (looking for Downadup virus, which I didn't find). By chance I had a USB stick in in, and it found Banker.SW in a program cdvd.exe. I had downloaded that at some time, I think, to play DVDs.

    Curious that I had missed it before, when I use AVG and Avast!, I downloaded both of those onto this PC: neither found it (although AVG found an adware in it, and deleted the file because of that).

    So I ask: does anyone have experience of a Banker trojan? And (Yet Again I suppose) comments on AV programs?

    This little bugger apparently sends back banking logins, and since I do a lot of online banking, I am concerned.
    Tags: None
    #2
    Troj/Banker-SW is a Trojan for the Windows platform which attempts to capture confidential information related to Internet Banking, such as usernames and logon passwords.
    Troj/Banker-SW includes functionality to send notification messages to remote locations.
    When first run Troj/Banker-SW copies itself to:
    <Windows startup folder>\system32.exe
    <Windows system folder>\system32.exe
    and creates the file <Windows system folder>\Netaps.txt.
    The following registry entry is created to run system32.exe on startup:
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    system32
    <Windows system folder>\system32.exe
    I would check the locations listed above and if you have the relevant files there then worry about it.


    I know Sophos AV gets rid of it, but then you would have to pay for that

    Comment

      #3
      Originally posted by Ardesco View Post
      I would check the locations listed above and if you have the relevant files there then worry about it.


      I know Sophos AV gets rid of it, but then you would have to pay for that
      Yeah, that's exactly what I found. Didn't find them on work PC but I would't have run the contaminated program there, so I have to wait till I get home.

      Equally, you would think that the AV that finds the contamination would also find the installed Trojan itself, if present. No?

      But I am somewhat shocked that AVG and Avast! found nothing

      Comment

        #4
        Depends, if the contamination is already installed it won't pick it up until the next full system scan. I would suggest having your AV scan your machine daily at some silly time in the morning to be sure.

        My machine is set to do a full virus scan at 4am, and then defrag at 5am every day. Keeps it nice and snappy

        Comment

          #5
          Looks like a re-install for you, got your XP CD?

          Comment

            #6
            Originally posted by dinker View Post
            Looks like a re-install for you, got your XP CD?
            Yes. Looks like it, just to be sure.

            On the old laptop that is: main laptop is a Mac now anyway

            Comment

              #7
              Originally posted by Ardesco View Post
              Depends, if the contamination is already installed it won't pick it up until the next full system scan. I would suggest having your AV scan your machine daily at some silly time in the morning to be sure.

              My machine is set to do a full virus scan at 4am, and then defrag at 5am every day. Keeps it nice and snappy
              Good in theory. Add circumstances and it won't work:
              1. Weekend: partner is rabid about not leaving anything switched on unnecessarily. I just accept that.
              2. Week: I couldn't sleep with a disk thrashing in the hotel room.

              I would bring back hanging for virus writers

              Comment

              Reply to Thread
              1 to 7 of 7 Previous template Next

              Advertisers

              1. Contracting
                1. General
                  1. Brexit
                2. Business / Contracts
                  1. Coronavirus Assistance
                3. Accounting / Legal
                  1. Umbrella Companies
                  2. HMRC Scheme Enquiries
                  3. The Future of Contracting
                  4. IR35 Reform
                4. Technical
                5. Welcome / FAQs
              2. Social
                1. Light Relief
                2. Social / Events
              Working...
              X