I am using Wachovia for banking. For last 2 weeks, I keep getting a phishing site when logging in. I have run Avast free in boot mode and found Trojans, but it keeps returning. Any ideas? I can send you more info if that will help.
use malwarebytes
Should I run this in safe mode?
There was a phishing Email sent to Wachovia cardholders/bankers which claimed you no longer had access to their website unless you updated info. This might be how you got infected.
hundred percent sure the legit site itself hasn’t been infected ? just wondering…
I can log in fine from other computers, including my wife’s. Since running malwarebytes, it found some likely causes and removed them. Now, I could log in the first time I tried with IE7, but now FireFox wont start…may need to reinstall. I don’t recall receiving any such phishing email. And when the phishing site came up, I did not respond. However, it could have installed itself just be clicking on the link, I suppose. I am almost ready to reinstall Windows XPPro. or change to W7. Hate to reformat my C drive and lose all the updated drivers, programs, etc! >:(
Here is what the site looks like and the source code…any ideas?
Just in case someone actually wants to fill in the info, the phone # is also fake. Wachovia’s real phone is 1-800-WACHOVIA. Your infection is Gozi Trojan. Spyware Doctor and others can remove. The malware comes from where else, Russia.
Thanks! I will see if I can use spyware doctor or something else I google to remove it! Thanks! PS: should I run it in safe mode?
You can use firefox, which has anti-phishing built in as I believe does IE8 and possibly others. There is also using OpenDNS for your DNS provider as that too has anti-phishing (and less prone to DNS hacking). It also has other forms of protection that you cam configure in the Dashboard function,
Yes, IE8 has built-in anti-phishing which drbob01 should have already been using since IE8 is much more secure than previous versions.
PS :
Run MBAM in normal mode. Be sure to update it first and then run a quick scan.
Thanks! I am going to update to IE8. I need to manually remove IE7, since it doesn’t update properly without removing with control panel. Also read that I need to turn-off system restore prior to running Avast and malwarebytes, etc. so that virus doesn’t return. That seems to be happening now, as I find that Firefox & IE work fine once, then phish site returns on next try to log in. >:( Very frustrating! I have spend WAY too much time trying to remove this! I only wish I could find the person who writes this and put a few 40cal holes in his head!