Yesterday my bank sent me a text message notifying me the lock of internet banking services due to suspicious behaviour in order to steal the access codes.
I’ve then called them to ask for further information and they answered they found an attempt to steal the access codes by the so-called trojan Zeus that, according to them, would have infected my system.
They suggested me change the codes using the phone or a safe pc and format my pc which is no more safe.
I use Avast Internet Security 7 on a Win 7 Sp 1 system, and I’ve changed the codes via Avast Safe Zone Browser.
Then I ran a complete startup scan with Avast that found nothing, I’ve also run a complete scan with Microsoft Security Essentials that also found nothing.
Now the question is: should I trust my system or seen what happened should I format?
I’ve read that it’s also difficult for antiviruses to find this threat on systems as it’s stealthy.
Is Avast Internet Security capable to protect against this threat?
Could be the malicious activity could have come from another computer on your provider’s IP range. What you could do is change your main mail account password as that is the password that you use to log in to your provider. Check your IP address here: http://www.projecthoneypot.org/search_ip.php and establish if there are mailcious activities from IP’s in that neighbourhood (spammers and dictionairy attackers). They could be the course of the warning or did they specify your IP?
To log in to my provider I actually use the default username and password of the provider, I don’t use mine. When I had set the router for the very first time I’ve wondered wheter that might have caused trouble but the internet connection worked so I have never cared about and thought to change with my own. I’ve checked my IP address as suggested and found that in the neighbourhood there are 4 IPs with SD and 2 with S.
I can’t fully understand the meaning of this question: They could be the course of the warning or did they specify your IP? Who should have specified my IP? my bank?
As requested I’ve attached the logs of the scans.
aswMBR keeps crashing and can’t do the scan. It appears a windows notice that says avast! Antirootkit stopped working
In the next post I attach the Malwarebytes Anti-Malware log and the screenshot that appears when aswMBR stops working
[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.
[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Allow AVP to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threats report from the left and press Save button
Save it to your desktop and attach to your next post
Now the Analysis
Rerun AVP and select the Manual Disinfection tab and press Start Gathering System Information