TechSpot

Malware

By bushwhacker
Nov 10, 2007
  1. I was wondering why my system freezes, slowdown...

    So I went to Trend Micro Housecall and full scan...

    McAfee detected 2 malwares ( inside zip) and 2 spywares. One of them are TSPY_Banker..

    I'm very worried right now.

    Nod32 roots up nothing

    Webroot SpySweepers picks up 48 spy cookies, including a trojan... Password something.


    So i decided to scan it again,

    List.

    1. Webroot Spysweeper (Fully updated, version 5.5.7)
    2. Eset Nod32
    3. Trend Micro Housecall [Detected 4 threats, 2 malwares/2 spywares]
    4. HJT is in c:\miranda32\crusty.exe

    no rootkit has been detected.


    I'm not surprised that AVG Anti-Spyware haven't detected anything.

    But i realized i used Webroot SpySweeper.

    I decided to save the log of that instead. I hope you are willing to bend a rule for this.

    Thank you.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Have HJT fix these entries.

    O1 - Hosts: 66.98.148.65 auto.search.msn.com
    O1 - Hosts: 66.98.148.65 auto.search.msn.es

    Other than that it`s clean.

    Your Combofix log is also clean.

    The malware inside the .zip folder is harmless as long as it remains in the .zip folder. deleting the .zip file will delete the malware.

    What files were detected as being infected with the TSPY_Banker?

    Regards Howard :)
     
  3. bushwhacker

    bushwhacker TechSpot Chancellor Topic Starter Posts: 783

    So after the fix, is it safe for me to use the banking again?

    Of course, i will have to change password just for safety.

    And few years ago ( Can't you believe it? )

    I collected all stardocks applications, including the keygen and zip it up to "StarDock 2005 Desktop.zip"

    Apparently, that time i uses Norton :D

    Norton
    Mcafee
    Kaspersky / Bitdefender

    Now I'm Nod32 users. :D

    So... any advice on the new antivirus? I'm willing to spring to any antivirus at any cost.
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    If you`re going to use kygens etc, then it doesn`t matter what AV you get, you`ll keep getting infected.

    Since you use your system for online banking, there`s no way I can guarantee it`s safe to use for such purposes, without being formatted first.

    TS doesn`t condone piracy as you well know.

    Regards Howard :)
     
  5. bushwhacker

    bushwhacker TechSpot Chancellor Topic Starter Posts: 783

    I'm not going for piracy anymore. I'm going for legit.

    Have any suggestion on the best antivirus ?

    My budget is not at any limit.

    :D

    Plus, i fixed the host things.

    What's up with that things anyway ?
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

  7. bushwhacker

    bushwhacker TechSpot Chancellor Topic Starter Posts: 783

    Any paided antivirus? :D
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    KASPERSKY is pretty good, as is NOD32.

    There are others, just Google.

    Regards Howard :)
     
  9. bushwhacker

    bushwhacker TechSpot Chancellor Topic Starter Posts: 783

    Great, thanks Howard.

    I'm surprised you haven't tell me about BitDefender ;D

    Anyway thanks for your help.
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

  11. bushwhacker

    bushwhacker TechSpot Chancellor Topic Starter Posts: 783

    All right :D

    You can close the topic.

    Thank you for your help.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...