Result of AVG Scan

Terry C · 05-01-2007, 07:30 AM

"Andy Walker" <awalker@nspank.invalid> wrote in message
news:463671d4.578703@news.webtv.com...
> Terry C wrote:
>
>>Hi all,
>>
>>Can any one advise if the following AVG result is a high risk item please
>>for friend.
>>
>>Showing as: Trojan Horse PSW.Banker3.jpx
>>
>>The pc has not been online since the previous AVG scan a couple of days
>>ago.
>>Any advice would be really appreciated.
>>
>>Terry :O)
>
> You didn't say whether or not AVG removed/quarentined the trojan? If
> neither, then you will need to remove it manually.
>
> Here's what McAfee says about it:
>
> Characteristics -
>
> When executed, this Trojan drops a copy of itself in the %System%
> folder as "torm.dll".
>
> The dropped dll file installs itself as a Browser Helper Object (BHO)
> and creates the following registry entry:
>
> HKEY_CLASSES_ROOT\CLSID\{60FD4F58-4748-48f6-B661-5FCE71B0D907} The
> Trojan then steals the user's login credentials, when the following
> banking related websites are accessed:
>
> akbank.com (Turkish Bank) yapikredi.com.tr (Turkish Bank)
> bankofamerica.comThis captured information, is then transmitted back
> to the following website using "HTTP POST" method:
>
> fcrrent.info (Attackers site)
> http://vil.nai.com/vil/content/v_142103.htm
>
> If you go to the link I provided, you will also find that this trojan
> is NOT self replicating and was either placed on the system by another
> trojan or loaded by a user through a social engineering trick. Either
> way, there appears to be a serious lack of security on your "friends"
> pc.
>
> You should run a thorough scan using the latest AVG updates. You
> should also run "Complete" scans with Spybot Search & Destroy,
> Adaware, and I also recommend SuperAntiSpyware. Once you are
> reasonable certain the PC is clean, your friend should change all
> his/her online passwords as a precaution.
>

Hi lads,

Thanks for all the replies. Really much appreciated. Sorry for the delay
in replying, been working nightshift. I didn't get a chance to update that
AVG deleted it automatically at the end of the scan. And she has just done
another AVG scan with the latest updates in the past few minutes and has not
shown anything this time.

She's going to change all passwords as a matter of course and will advise
the bank in order that accounts can be monitored.

Thanks again,

Terry :O)

Thread: Result of AVG Scan

Thread Tools

Display

Threaded View

Re: Result of AVG Scan

Thread Information

Users Browsing this Thread

Posting Permissions