Posted 30 September 2006 - 09:17 PM
FYI: this thing is nasty. My computer was infected with the Trojan bancos virus. It key-logged my online bank account info and the SOB's successfully got into my bank account.
It seems to be hiding itself in the imgpaint.exe file in my system32 registry (XP), and I have tried to get rid of it with Avast, Ad-aware, Spybot, F-secure, and Windows defender. Only Avast found it, on a deep scan, but can't seem to delete it. If anybody knows, my questions are:
1) Is imgpaint.exe a valid windows process or program? Or can I just zap it with killbox?
2) Will killbox get rid of the whole thing?
3) Is anybody aware of how this thing gets into my registry, and what programs to prevent it in the future?
4) Any other places where this thing might be hiding?