Hi guys,

I need a bit of help. The other night someone has accessed my net bank account. The only thing that was done was they transferred $300 from one account to another of mine. I noticed this as it had said that I was last logged in at 2am in the morning.

That day I changed my password to my account and left it as that. Yesterday I tried to access it and I was locked out. I called the bank and they told me that they cancelled the net bank as they believed I have a trojan on my computer. I scanned my computer using Avast and nothing has come up. The bank want a print screen of the scan to make sure all is ok.

First question, is Avast good enough to spot it? Are there any other better programs out there to use?
Second, how the fuck did the bank know something was up?

Cheers

http://www.malwarebytes.org/

download that, use the free version. If there is anything suspect it will find it.

The bank monitors everything, if there is multiple ip address's trying to log into your account and failing, or multiple IP address connecting from different places across the globe, they will get alerted.

Will we expect to see g/f nudes soon ?

try this

http://housecall.trendmicro.com/au/

also banks can monitor ip addresses which logon to a bank session. If it comes from a foreign country they usually flag it

Will we expect to see g/f nudes soon ?

Corbs likes this....

I'm pretty sure you weren't the only one it happened to.
I logged into my netbank the other day and it mentioned an 'issue'.

http://www.malwarebytes.org/

download that, use the free version. If there is anything suspect it will find it.

The bank monitors everything, if there is multiple ip address's trying to log into your account and failing, or multiple IP address connecting from different places across the globe, they will get alerted.

Thank mate i will download once i get home.


Will we expect to see g/f nudes soon ?

Its my wife mate. They dont do that shit.


try this

http://housecall.trendmicro.com/au/

also banks can monitor ip addresses which logon to a bank session. If it comes from a foreign country they usually flag it

Thanks

just got of phone with commnwealth as i received an email saying it was from them telling me my netbak was locked out and to click a link and re enter login details ect.

It wasnt from them was some dodgey shit..

Yeah i get them emails alot. Never have filled that in though.

I also get heaps of requests to buy heavily discounted Viagra

http://www.malwarebytes.org/

download that, use the free version. If there is anything suspect it will find it.

The bank monitors everything, if there is multiple ip address's trying to log into your account and failing, or multiple IP address connecting from different places across the globe, they will get alerted.

do what he said. that is a very good app.

Will do.

I also get heaps of requests to buy heavily discounted Viagra

forward me some?

make sure avast is up-to-date, also use malwarebytes, spybot search & destroy, trend housecall, and install the new microsoft security home essentials. All programs will find 90% of problems, you have to try a few because quite often one will find nothing and another will find 45 issues.

update them fully, run them each seperately and make sure the others are turned off at the time so they don't crack the shits at each other. I've just recoverd from a fairly good virus :/

http://support.kaspersky.com/viruses/solutions?qid=208280684

also download that tdss killer thing and give it a run, make sure you aren't infected with the same shit i had

make sure avast is up-to-date, also use malwarebytes, spybot search & destroy, trend housecall, and install the new microsoft security home essentials. All programs will find 90% of problems, you have to try a few because quite often one will find nothing and another will find 45 issues.

update them fully, run them each seperately and make sure the others are turned off at the time so they don't crack the shits at each other. I've just recoverd from a fairly good virus :/

Do you have a link for the download?

trend housecall is this http://housecall.trendmicro.com/au/


online scanning tool, not a downloadable executable.

also download SuperAntiSpyware, stupid name, awesome program

just got of phone with commnwealth as i received an email saying it was from them telling me my netbak was locked out and to click a link and re enter login details ect.

It wasnt from them was some dodgey shit..

Got the same one too, noticed when the tab opened up it said www.skj/etcetc and then flicked over to Welcome to NetBank. Thought it was dodgy as all fuck.

For anyone handy with spam bombs feel free if you can make heads or tails of this cut n paste from the email header. Contemplated sending an email back that basically said eat a bowl full of dicks but fiancee talked me out of it :slap:


Return-Path: <info@commbank.com>Delivered-To: phizzle@iinet.net.auReceived: (qmail 22924 invoked from network); 19 May 2010 08:17:53 -0000Received: from unknown (HELO icp-qv1-irony-in5.iinet.net.au) ([203.59.1.159]) (envelope-sender <info@commbank.com>) by icp-qv1-smtp3.iinet.net.au (qmail-ldap-1.03) with SMTP for <phizzle@iinet.net.au>; 19 May 2010 08:17:53 -0000X-IronPort-Anti-Spam-Filtered: trueX-IronPort-Anti-Spam-Result: AhVHAJc780tDZFOdgWdsb2JhbACBPoUCi0AChDOGcQJ7AQEWIi K0UgIBB4hpglwaAQSCFQQX-IronPort-AV: E=Sophos;i="4.53,261,1272816000"; d="scan'208,217";a="588029677"Received: from ns.keypage.de (HELO keypage.de) ([62.141.48.33]) by inbound.icp-qv1-irony-in5.iinet.net.au with ESMTP; 19 May 2010 16:17:51 +0800Received: from commbank.com ([194.158.254.151]) (authenticated bits=0) by keypage.de (8.12.11.20060308/8.12.11) with ESMTP id o4J8Hj0a016517 for <phizzle@iinet.net.au>; Wed, 19 May 2010 10:17:46 +0200From: =?Windows-1252?B?Q29tbW9ud2VhbHRoIEJhbms=?=<info@commbank.com>To: phizzle@iinet.net.auSubject: =?Windows-1252?B?WW91ciBOZXRCYW5rIHBhc3N3b3JkIGhhcyBiZWVuIGx vY2tlZCB0ZW1wb3JhcmlseS4=?=Date: 19 May 2010 10:17:45 +0200Message-ID: <20100519101745.31F4DAD39320E1DC@commbank.com>MIME-Version: 1.0Content-Type: text/html; charset="iso-8859-1"Content-Transfer-Encoding: quoted-printable

there was an invisable trojan or other program hidden within the r34_chick zip file i think. was unable to delete the file until i have run a spyware scan thru it.

ok so i installed and ran the following:

-Housecall
-malwarebytes
-spybot
-avast (already had just ran it again)

Everything passed perfectly. So i guess i am clean on this computer. Will have to run all on my laptop next.

just checked my CBA netbank and there was a charge for $75 to my debit card that i didnt make to a melbourne based account.
Claimed it was for insurance and Underwritting. Something i would never do as Peta works fro an insurance company so she handles all that sorta stuff.
Either way i contacted CBA and a dispute has been lodged

Not meaning to hi-jack.. Mozilla just randomly closes when im doing whatever. im assuming this is a virus or is it like a java setting? Im scanning with malware just to check anyways.

just got of phone with commnwealth as i received an email saying it was from them telling me my netbak was locked out and to click a link and re enter login details ect.

It wasnt from them was some dodgey shit..

I got that too. Easiest way I figured out it was a hoax is because when you hover over the link in the bottom left it comes up with a dodgey website.

All you Netbank users activate your NetCode. I do this for a transaction higher than $30. Basically means no one can use my netbank even if they know my password, and 2 secret passwords, they also need my mobile phone because Comm bank texts me a code for every transaction I make.

I got that too. Easiest way I figured out it was a hoax is because when you hover over the link in the bottom left it comes up with a dodgey website.

All you Netbank users activate your NetCode. I do this for a transaction higher than $30. Basically means no one can use my netbank even if they know my password, and 2 secret passwords, they also need my mobile phone because Comm bank texts me a code for every transaction I make.

Spot on

Spot on

+2 have had this set up for years

I got that too. Easiest way I figured out it was a hoax is because when you hover over the link in the bottom left it comes up with a dodgey website.

All you Netbank users activate your NetCode. I do this for a transaction higher than $30. Basically means no one can use my netbank even if they know my password, and 2 secret passwords, they also need my mobile phone because Comm bank texts me a code for every transaction I make.

+1 on NetCode, allows me to transfer money between my accounts and trusted accounts (missus' account for instance) without the need for a code, but as soon as it goes to any other account it requires one.

Best. Feature. EVER!

not sure why no one has posted, but COMBOFIX is the ducks nuts...

follow what it says (requires rebooting in safe mode) but this thing gets rid of all the nasty stuff that you can't get rid of with anything else

warning: it does say that 1 in 100 computers may be stuffed by using it. I have used it on 2 different comps and no trouble.

combofix is good if you have a rootkit on your computer.

Got the same one too, noticed when the tab opened up it said www.skj/etcetc and then flicked over to Welcome to NetBank. Thought it was dodgy as all fuck.

For anyone handy with spam bombs feel free if you can make heads or tails of this cut n paste from the email header. Contemplated sending an email back that basically said eat a bowl full of dicks but fiancee talked me out of it :slap:

Return-Path: Delivered-To: phizzle@iinet.net.auReceived: (qmail 22924 invoked from network); 19 May 2010 08:17:53 -0000Received: from unknown (HELO icp-qv1-irony-in5.iinet.net.au) ([203.59.1.159]) (envelope-sender ) by icp-qv1-smtp3.iinet.net.au (qmail-ldap-1.03) with SMTP for ; 19 May 2010 08:17:53 -0000X-IronPort-Anti-Spam-Filtered: trueX-IronPort-Anti-Spam-Result: AhVHAJc780tDZFOdgWdsb2JhbACBPoUCi0AChDOGcQJ7AQEWIi K0UgIBB4hpglwaAQSCFQQX-IronPort-AV: E=Sophos;i="4.53,261,1272816000"; d="scan'208,217";a="588029677"Received: from ns.keypage.de (HELO keypage.de) ([62.141.48.33]) by inbound.icp-qv1-irony-in5.iinet.net.au with ESMTP; 19 May 2010 16:17:51 +0800Received: from commbank.com ([194.158.254.151]) (authenticated bits=0) by keypage.de (8.12.11.20060308/8.12.11) with ESMTP id o4J8Hj0a016517 for ; Wed, 19 May 2010 10:17:46 +0200From: =?Windows-1252?B?Q29tbW9ud2VhbHRoIEJhbms=?=To: phizzle@iinet.net.auSubject: =?Windows-1252?B?WW91ciBOZXRCYW5rIHBhc3N3b3JkIGhhcyBiZWVuIGx vY2tlZCB0ZW1wb3JhcmlseS4=?=Date: 19 May 2010 10:17:45 +0200Message-ID: <20100519101745.31F4DAD39320E1DC@commbank.com>MIME-Version: 1.0Content-Type: text/html; charset="iso-8859-1"Content-Transfer-Encoding: quoted-printable
As above, just been locked out of my NetBank by this fucking pingpingpingping. If anyone can trace this pingpingpingping down and give me some details I would be most obliged.

just with the malware scan, it's most efficient when run in safemode.. it doesn't say it on malwarebytes, but about 80 percent of the time if you have run malwarebytes running normal windows and haven't found anything, and your convince there is a virus, running it again in safemode will often find something.
hope this helps.