Bank account hacked, advice please?

Back up the system, reformat, and scan in 6 months when the AV companies have figured out how to detect the virus. Also, freeze the accounts.

Hello Will172;

The best way to scan is to use a bootable CD or USB thumb drive.
That way you avoid running your (possibly infected) installed OS. Some of the nastier rootkit packages can defend themselves and hide from the most popular AV/Malware products.

Have you tried scanning with one the free cloud based AV's that will have the latest definitions.

http://housecall.trendmicro.com/

http://www.pandasecurity.com/homeu [...] ctivescan/

http://www.bitdefender.com/scanner/online/free.html

http://www.eset.com/us/online-scanner/

Use a bootable CD, the virus could infect the USB drive.

only if the Win7 OS is also running

Have you ruled out phishing? E.g. got any emails from your 'bank' and entered your password?

Have you ruled out it being a different computer?

Personally I would scan the computer. Backup everything then format, then scan the media used to backup said data again just to be sure... this is your bank account at risk and I would want to be VERY careful that it doesn't happen again

The biggest problem is that a Trojan is a backdoor to your system. It can give a hacker mob access and control of your system. And it can allow further payloads to be installed on your system like rootkits and keyloggers.

Okay so what can I do about the Trojan. Is this all just going to boil down to a reformat?

Yes, they sound like problems.
Look, if you want to make sure the PC is clean, you will need to nuke the HDD (formatting the HDD is NOT enough) then reinstall the OS. I know it is a pain in there, but I would not take any other chances if I were you. you could download the files you think you will need in the future, but keep in mind those files may harbor the infection as well. Hence, after you download them, isolate the backup disk from any PC connection for the time being.
Afterwards, you can proceed nuking the HDD by low-level formatting it using something like Killdisk, for instance. That will zero the HDD and render it to a factory-like state. Run that 2-3 times in a row, just to be sure (you can download Killdisk and burn a CD with the bootable program, then boot from that CD). Then you can proceed with OS installation.
After that, you can run a scan (using the latest updated AV program of your liking, running from a CD, as mentioned before by the others)of your backup disk to ensure no residual infection persists on these files; do NOT boot the OS while doing this. You could actually disconnect the system drive while booting from the AV disk, and run the AV on the backup disk. I know it sounds paranoid, but remember what just happened here and what brought you here to begin with.
Good luck with this project. You might choose to just run the AV as mentioned in above posts without going through this new install, but if it happens again the bank might get antsy about your accounts being hacked again. And you'll end up here again, anyways.
Do not ignore that Mac. It is possible that the hacking happened from that one, as well. They are not as secure as most people think; hackers' conferences remind us of that yearly.

Yes, you can do that without a problem; make sure you quarantine the backup after you do it, so it does not come in "contact" with any PC until you'll be able to confirm the disk is clean.

that came from this and see the program they collect from deleted i would try malware bytes safe mode without network and the antivirus also desactivate all restore point before cleacing so it wont come back reactivate after cleaning and test

Adware:Win32/OpenCandy is an adware program that may be bundled with certain third-party software installation programs. Some versions of this program may send user-specific information, including a unique machine code, operating system information, locale (country), and certain other information to a remote server without obtaining adequate user consent. These versions are detected by Microsoft’s anti-malware products.

Hi

Thats an ILLEGAL site and you posted a link to it.....in my reply you should notice I XXXX the link...

All the best Brett

@ area 51 reopened thank's

Hi

I fix viruses EVERY day at my company....

Here is what I would do for this particular one...

1, Boot into Safe Mode without networking

2, Install and run the LATEST version of Malwarebytes Anti-Malware 1.60.0.1800 (from a USB stick)

It MUST be that version as its definitions are only 20 days old and you do NOT want to be on the net yet...

3, KEEP running a Full SCAN (NOT QUICK) until it finds everything it can and removes it...
Then reboot back into safe mode and do it all again....until it finds Nothing...

4, Then connect your network cable...

5, Then boot to a Norton Internet Security 2012 disc (not 2011) and allow it to up date from the disc in dos... then run a FULL SCAN and keep doing that until it says nothing found...

6, Reboot back into Windows, update Malwarebytes run ANOTHER FULL SCAN then update NIS12 and do the same...

That WILL WORK....

All the best Brett

I'd be interested in knowing if the OP can even get into Safe Mode.

Dont assume that it didn't happen on the Mac. Macs are just as vunerable these days as PCs. Mac has been gaining more and more market share. The more popular they get, the more viruses you will start to see.

Hi

I realise that but take my word it works even better in safe mode plus its quicker... average full scan (safe mode) 20 mins...average full scan in normal windows assuming someone can get into windows (1 hour 15 minutes)

Not that I use it a lot lol

All the best Brett

also contact your bank about getting your mony back!

Thanks davedurg09 I have done a malwarebytes scan and it came up with a few more nasty things, so I decided I am just going to nuke the HDD which was a recommendation a few posts back. I have a problem though. I am using Active KillDisk for windows, and I have seleted what HDD to nuke and how etc. But it is asking me to confirm the action and type in Erase-All-Data.. and my keyboard won't work. I tried a USB one and a Old school purple ended one and I can't type anything. I can't get the onscreen keyboard either. Any idea's?

So far I have run two cloud AV's they came up with similar results. I have run my own Avast AV, and that came up empty. And I have run Malwarebytes 3 times last two it came up empty after deleting the nasties found the first time.

Now I have backed up everything on to my external HD and scanned that a couple times it found nothing both times.

Now I have made a boot USB with Active Kill Disk on it and I am currently Nuking both of the HDD's, using the One Pass Zeros method. Although if anyone things I should use any other of the methods let me know!

(Network cable has been out through all of this) After that has all completed, I plan to reload back on Win 7 Ultimate 64bit, and install all of my drivers from the old CD's to get it back up and running. Then I will install the anti virus and firewall etc and just do another system scan to be sure. Then load up the external HD scan that once more. Then start to load up the stuff I backed up. Il prob set a backup point or something here, but is that pointless if I get another virus?

After all that Network cable back in and start to download programs I need etc.

Any gaps?

Also, I have some online storage that I put work on to so that I can access it from my mac and stuff at uni. Do I need to clear all that out too or?

Haha no of course not, I had a look at something that someone posted, and I am going to use Avira AV and comodo firewall. I might buy Malwarebytes too since it seems like a great bit of kit. I have a VPN too, although I have no idea if that help for viruses etc...

Also another thought. My Mac. I know a lot more about PC's then Mac's even though my knowledge isn't great. What am I going to do about it? I didn't see anything on the MBAM's website about it working on Mac's.

OK, sounds like you are on the right track. I don't think that your online backed-up files are infected, one because you probably loaded them up one by one after personally working on them, and two because the similar back-ups on your HDD came out clean (if I understand correctly from your posts). As a precaution, after re-loading the AV on the PC re-scan the back-up HDD one more time, then if you want to check the files saved online you could download them and scan them locally. I am pretty sure they'll be clean.
Setting up a restore point is useful when stubborn programs mess up with your settings or you run into a "dirty" install/uninstall. For viruses, I don't think they're helpful. Does not hurt to have one as a clean system image.
The one-pass killdisk should work fine for you, that is what the free version gives you. I don't believe any trojan can survive this, but if you want to make sure you could run it again after it's done. I never encountered any instance where any data (including viruses) survived the first pass.