trojan virus

sissle

Hi there,
I've had some debit card fraud & when I downloaded different anti-virus & malware programs one of them found this....
Trojan.Win32.Generic!BT
could this have enable someone to access my financial info?
thanks in advance
sissle x

Anselm

ww.spywareremove (dot) com/removeTrojanWin32GenericBT.html

Seems to be spyware I'd run malwarebytes if you have it

(I can't post links sorry)

robmar0se

Hi, in short - yes.

Depending on the anti-virus system these trojans have different names - if you read here you will see that it may send keystokes to a remote computer

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Trojan%3AWin32%2FDelf.GL

Check yr bank details and change passwords for all financial systems

Anselm

Only change your details after you've completely scanned your computer so you're not leaking your details again

sissle

Thinking back it was ad-aware that found it but it wouldn't delete it, which is why I now have malwarebytes which deleted it (at least I hope it did!)
I also now have kaspersky, it's free with barclays online banking (funnily enough I wasn't aware of this freebie from them until I googled for best anti-virus!! they really should promote that better!!!!!)
I'm always scanning with one or the other everyday...& so far neither of those have found it still on my system!
Is there anything else I can use/do to double check?
Also do I only use Kaspersky's firewall or do I need windows firewall turned on too (read somewhere that 2 firewalls might conflict with each other?)

thanks,Sissle

robmar0se

Only one firewall please!

If you are very risk averse there are a couple of things you could do to put yr mind at rest.

1. Go to the Kaspersky website and run the TDSS killer - http://support.kaspersky.com/faq/?qid=208280684

2. Run Combofix - but it is something you need to be very careful with, hence I give you the link to the tutorial site:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

after running it you can post the log here if you wish (probably not necessary if it reports nothing), and then in the run box, enter: combofix /uninstall .....to remove the program from your system.

Anselm

Kasperkey should be fine by itself as like you say, two firewalls may conflict and cause problems.
If it's been deleted by malware anti-bytes then it shouldn't come back. If you're unsure, do another scan (a full one).

waddler_8

It'd be good if you can give the filename and path of the detected file, eg:

C:\directory\folder\sub folder\filename.ext

Or post the mbam log that shows it (although I have to say that doesn't look like an mbam detection name). Generic detections are prone to false positives as it's a detection for code that characterises malicious behaviour.

http://www.f-secure.com/v-descs/other_w32_generic.shtml

Anselm wrote: »

ww.spywareremove (dot) com/removeTrojanWin32GenericBT.html

Pushes Enigma software's SpyHunter - absolute rubbish.

sissle

I've run a full scan with Kaspersky & Malwarebytes & they've found nothing, I've also run TDSS killer & that's found nothing, but I daren't try the Combo-fix as it looks & sounds too complicated for me!!
thanks for the links robmarOse