Attention: We have transitioned to a new AAD or
Microsoft Entra ID from the week of May 20, 2024. In case your tenant requires admin consent, please refer to this document located at
Overview of user and admin consent - Microsoft Entra ID | Microsoft Learn and grant access to App ID: 6ba09155-cb24-475b-b24f-b4e28fc74365 with graph permissions for Directory.Read.All and User.Read for continued access. While the app may appear unverified, you can confirm its legitimacy by verifying the App ID provided.
Provide feedback
Send us feedback
Tell us about your experience
Submit feedback
Thank you for your feedback
Published Jun 05, 2014
|
Updated Sep 15, 2017
TrojanDownloader:Win32/Banload.AWK
Summary
Windows Defender
This threat downloads and installs other programs onto your PC without your consent, including other malware.
What to do now
The following free Microsoft software detects and removes this threat:
Even if we've already detected and removed this particular threat, running a full scan might find other malware that is hiding on your PC .
Get more help
You can also see our advanced troubleshooting page for more help.
If you’re using Windows XP , see our Windows XP end of support page .
Technical information
Threat behavior
Installation TrojanDownloader:Win32/Banload.AWK creates the following files on your PC:
Payload Contacts remote host
TrojanDownloader:Win32/Banload.AWK might contact a remote host at 188.226.202.123 using port 80. Commonly, malware does this to:
Report a new infection to its author
Receive configuration or other data
Download and run files, including updates or other malware
Receive instructions from a remote hacker
Upload data taken from your PC
This malware description was produced and published using automated analysis of file SHA1 a46da63e2f69546ce869585caf4ee94d47d7a084 .
Prevention
Symptoms
System changes
The following could indicate that you have this threat on your PC:
You have these files:c:\documents and settings\administrator\application data\taskschd.exe
Debug Version = 1.0.0.0;
