Cable Forum
Page 2 of 2 1 2
Show 100 post(s) from this thread on one page

Cable Forum (https://www.cableforum.uk/board/index.php)
-   Security & Virus Discussion (https://www.cableforum.uk/board/forumdisplay.php?f=38)
-   -   tspy - Trojan keylogger (https://www.cableforum.uk/board/showthread.php?t=51882)

Bullfrog 20-10-2006 13:34
Re: tspy - Trojan keylogger
 
There are reports of this infection being picked up all over the net, but only by Trend Micro which is consistently finding these two all over the place and astounding people with secure systems.

TSPY_CIMUZ
TSPY_AGENT.TQ

I think the idea that Trend have a false positive makes a lot of sense to me at this stage but I have not proved it yet and of course it does not feel safe to gamble that it is the case. I cannot ignore the fact that scared punters make eager customers so there is little incentive to debunk a false positive for any of the antivirus companies.

oddjob 20-10-2006 16:18
Re: tspy - Trojan keylogger
 
Quote:
Originally Posted by basa (Post 34109939)
HijackThis found nothing so I assume I am clear.
Well, providing your computer is not displaying any odd signs then you are probably right.

However, always remember that HJT doesn't see everything. Not by a long way. Activescan, Kapersky, Housecall, SilentRunners, FindIt ... these, and others, see much deeper and reveal things HJT won't show ("false positives" notwithstanding ;) ).


OJ

Chrysalis 22-10-2006 02:01
Re: tspy - Trojan keylogger
 
if you had a active keylogger and no outbound traffic and no established connection to it as well as no listening ports I would suspect it is a false positive considering the above found in google.

Although I may have done the same and done a format.

Bullfrog 22-10-2006 13:34
Re: tspy - Trojan keylogger
 
OK I have got to own up ! After doing a thorough scan with Kaspersky online scanner I found two potential viruses culprites buried deep in my email folders.

One was a phishing link for a paypal scam which I had reported and the other an unknown attachment which I had never opened on principle. Since I backup my email to independant partitions and IDE I had three copies of each on the same rig.

They were not active but I think they were triggering Trend so not a false positive exactly but I think the phishing link must have been recognised as a component of the key logger even though I was not infected due its inclusion in Trend's recognition data.

So not false positives IMHO but not necessarily an active infection.

oddjob 22-10-2006 17:56
Re: tspy - Trojan keylogger
 
Fair enough, Bullfrog. Glad you got it fixed whateveer it was.


OJ


All times are GMT +1. The time now is 01:31.
Page 2 of 2 1 2
Show 100 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum