Hello guys!

I was wondering, after seeing wonderfull generic detection for the spybot family, Vb family, ardamax, etc…

Maybe could I dream with generic detection for Trojan bankers??? Please?? ;D

These trojan bankers are turning into hell the internet in Brazil, spreading fast, with tons of variants everyday… It is making everybody crazy…!! Sometimes is hard to Avast follows all the news variants created everyday… :-\

Thanks for your time,

Elminster

I believe these trojans place files in the system folders and create registry entries ?

If so then the only reason thay can do that is because they have administrator privileges (win2k, NT, XP) they inherit those privileges from you.

Whilst browsing or collecting email, etc. if you get infected then the malware by default inherits the same permissions that you have for your user account. So if the user account has administrator rights, the malware has administrator rights and can reap havoc. With limited rights the malware can’t put files in the system folders, create registry entries, etc. This greatly reduces the potential harm that can be done by an undetected or first day virus, etc.

Check out the link to DropMyRights (in my signature below) - Browsing the Web and Reading E-mail Safely as an Administrator. This obviously applies to those NT based OSes that have administrator settings, winNT, win2k, winXP.

If you have not done so, I would add an anti-trojan, such as Ewido, to compliment the protection provided by Avast. Layering is always an advantage with any security set up.

Jerry

There’re another malware that have lots of variants…

I sent some Zlob variant to AVG and avast! on June 12, 2006 (at that time there’re a very fews AV that can detect it, based on VirusTotal) and AVG detected it on June 13, 2006 but avast! still not.