Potential virus, but scans show up nothing. False positive?

michael123

New member
Local time
6:09 PM
Messages
29
Hi all.

I wonder if anyone could shed a bit of light on a slight dilemma I'm having. The other day my bank phoned me up and said the software they tell all customers to download (called "Trusteer Rapport") had flagged up my computer as infected with Malware, namely "CerberusNG" and "SpyEye". Apparently this had detected the virus and somehow protected me from a keylogging attempt, but they suggested I run a scan anyway.

This surprised me a bit, because I've got firewalls up and I'm generally quite diligent with my virus-scanning. However, I decided to be thorough, so I ran scans with MSE, Malwarebytes, Avast, Kapersky, and Bitdefender. The Avast was a boot-time scan, but I got bored halfway through and gave up (it was taking ages and I'd already run the four other programs).

None of these threw anything up whatsoever. But I logged into my internet banking again today, and Rapport again said there was a keylogging attempt. This time, when I looked in the console, above the logged events it said:

This does not necessarily mean you have keyloggers on your PC. However, if any of the applications on your PC tried to log keystrokes while you were entering information to the websites below it failed.

However, to the best of my knowledge I have no applications which might try to log keystrokes. In normal circumstances I would be inclined to ignore this, but the virus warning has made me a bit jumpy.

Does anyone have any suggestions? Thanks for any help.
 

My Computer My Computer

At a glance

Windows 7 x64
OS
Windows 7 x64
IF it was your bank, you have done the things most advised to find and cure such things. If none of those shows a problem, chances are it's them that need to sort their software. I would feel very inclined to ignore it, after all the log does say if there was any attempt, it failed.!
 

My Computer My Computer

At a glance

Windows 7 home premium x64AMD FX-4100 AM3+ 3.6GHz 12MB Black EditionCrsair vengeance 12Gb DDR3 1600MHz CL9Asus GTX 560 1GB
Computer Manufacturer/Model Number
DIY
OS
Windows 7 home premium x64
CPU
AMD FX-4100 AM3+ 3.6GHz 12MB Black Edition
Motherboard
Asus M5A97 Pro
Memory
Crsair vengeance 12Gb DDR3 1600MHz CL9
Graphics Card(s)
Asus GTX 560 1GB
Sound Card
Realtek onboard
Monitor(s) Displays
Hanns G 1680x1050 native
Hard Drives
OCZ 128Gb Petrol ssd
2x500 Gb Samsung
PSU
OCZ StealthXstream II 500W
Internet Speed
8Mb or better

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
IF it was your bank, you have done the things most advised to find and cure such things. If none of those shows a problem, chances are it's them that need to sort their software. I would feel very inclined to ignore it, after all the log does say if there was any attempt, it failed.!

Thanks for the advice. I am certain that it was genuinely my bank. As you point out, the attack does seem to have been blocked; my only worry is that SpyEye looks like a pretty nasty virus, so it's making me a bit paranoid :confused:


:huh: Looks pretty clever. My bank is quite high up that list...
 

My Computer My Computer

At a glance

Windows 7 x64
OS
Windows 7 x64

My Computer My Computer

At a glance

Windows 7 Home Premium x64 SP1Intel Core i7 2720QM @ 2.20GHz8.00 GB Dual-Channel DDR3 @ 665MHz
OS
Windows 7 Home Premium x64 SP1
CPU
Intel Core i7 2720QM @ 2.20GHz
Memory
8.00 GB Dual-Channel DDR3 @ 665MHz
Might be worthwhile to spend a little time scanning your system with some apps that are specifically designed to weed out rootkits. If you did get infected, say for instance, the day before your AV software was actually updated to identify that brand new particular infection, it may have already been able to burrow itself into your system and remove all detectable traces of its entry point before your now updated AV software has a chance to spot it. Rootkits are designed to do their dirty work at a lower layer of the system than AV software can typically detect.

Were you able to check any MD5 or SHA1 checksums or anything to verify that software you downloaded was genuine?
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64
OS
Windows 7 Ultimate x64
Back
Top