HTTP uses plain text, so it is susceptible to interception regardless of the OS used. But your bank should be using HTTPS, which is both encrypted and certified, preventing man in the middle attacks.
As for trojans, there are rootkits which can hide in the background and do nasty things. I run Rootkit Hunter
every day to make sure nothing has got onto my system.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)