Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
What are these ? What do they do ?
Trojan Horse mmsvc32,exe
Trojan Horse PSW.Banker4.GMJ

Re: Trojans says...
Quoted text here. Click to load it

Early Google hit is for the info below from Sophos. Of course, other trojans may
use that filename.
Google has no hits for the other trojan you mention. I suggest you ask the AV
company who gave it
that name.
Don't do any internet banking! Change your online banking passwords. Check the
account status.

W32/Nanpy-A is a worm for the Windows platform. It may spread to vulnerable
computers via the
RPC-DCOM exploit, and attempt to redirect access to various banking websites.

When first run W32/Nanpy-A copies itself to <System>\mmsvc32.exe.

The following registry entry is created to run mmsvc32.exe on startup:

Microsoft Network Services Controller

W32/Nanpy-A modifies the HOSTS file, mapping the URLs of banking websites to a
remote IP. At the
time of writing, this IP address is not functional.

Snob? Were I a snob, I wouldn't be talking to you.

Site Timeline