The worm plants itself in PCs via pop-up ads when a user closes the window.
The programme, named PWSteal.refest, then waits for the user to enter banking details, records them and sends them to the worm author.
Anti-virus firm Symantec has advised to do take the following steps:
1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Close all Internet Explorer windows.
4. Run a full system scan and delete all the files detected as PWSteal.Refest.
5. Optional: delete the value that was added to the registry.
_(22).jpg&h=140&w=231&c=1&s=0)
_(20).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
