Overclockers Australia Forums

OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > General Topics > Troubleshooting Help

Notices


Sign up for a free OCAU account and this ad will go away!
Search our forums with Google:
Reply
 
Thread Tools
Old 10th May 2017, 11:52 AM   #1
peteed1985 Thread Starter
Member
 
peteed1985's Avatar
 
Join Date: Feb 2009
Posts: 721
Default I have malware but I don't have malware?

Ok so twice in 3 weeks the Commonwealth bank has locked my account because somehow they detected malware on my PC but their program called stinger says I have no malware.

I also have Malwarebytes premium saying no malware. I also used to have Avast which said no malware and I just changed to a trial of Bitdefender since I hear it's king right now and it finds nothing.

How is the bank able to via a browser window find malware that no malware scanner can seem to find? Also the bank said I have alot of things running on my PC so somehow they can see how many programs i'm running from what I can tell.

Might it be a false positive they can detect? If so what type of programs show signs of being malware without being malware?
peteed1985 is offline   Reply With Quote

Join OCAU to remove this ad!
Old 10th May 2017, 11:56 AM   #2
Marshy919
Member
 
Marshy919's Avatar
 
Join Date: Dec 2008
Posts: 1,636
Default

Try using UVKportable.
There's a antivirus section in there.
Runs and updates all the popular scanners automatically.
Including rougekiller and adwcleaner. Those 2 seem to always get everything that the rest miss.
Marshy919 is online now   Reply With Quote
Old 10th May 2017, 11:56 AM   #3
ginger_nuts
Member
 
ginger_nuts's Avatar
 
Join Date: Sep 2011
Location: Morphett Vale, SA
Posts: 1,133
Default

Restart the pc in safe mode with networking. Manually type the address in, and see what it says.

It sounds to me your not on CommBank's page. Or you have something new on it no scanner will find.
__________________
The world will keep turning
HWBot Profile = Ginger_Nuts81 Member of Australia OC team.
ginger_nuts is offline   Reply With Quote
Old 10th May 2017, 11:57 AM   #4
power
Member
 
power's Avatar
 
Join Date: Apr 2002
Location: brisbane
Posts: 49,152
Default

get a new bank and tell them to stick it up their arse.

If you want to detect what they are detecting Stinger is made by McAfee.
__________________
this is who we are.
power is offline   Reply With Quote
Old 10th May 2017, 11:59 AM   #5
Bold Eagle
Member
 
Bold Eagle's Avatar
 
Join Date: Jun 2008
Location: Brisbane
Posts: 5,692
Default

Is it a phising attempt from a Comm Bank 'lookalike' portal?

How did you get to the 'Commonwealth bank' portal (browser and method)?

How often are you accessing their portal?

Are you accessing the portal via a single client only? That is via a single PC only or from multiple PCs and or devices?

Have you logged into the system in Safe Mode and then undertaken a Malwarebytes scan?
__________________
PC3: Cardboard Box, peanut dispenser, highly conc caffine intravenous drip, little monkey w "electro El Shocko rectal probe", 3DMarkVantage=276818768
Bold Eagle is online now   Reply With Quote
Old 10th May 2017, 12:32 PM   #6
peteed1985 Thread Starter
Member
 
peteed1985's Avatar
 
Join Date: Feb 2009
Posts: 721
Default

Quote:
Originally Posted by power View Post
get a new bank and tell them to stick it up their arse.

If you want to detect what they are detecting Stinger is made by McAfee.
As I said stinger says I haven't got malware.

Quote:
Originally Posted by Bold Eagle View Post
Is it a phising attempt from a Comm Bank 'lookalike' portal?

How did you get to the 'Commonwealth bank' portal (browser and method)?

How often are you accessing their portal?

Are you accessing the portal via a single client only? That is via a single PC only or from multiple PCs and or devices?

Have you logged into the system in Safe Mode and then undertaken a Malwarebytes scan?
I log in at least once or twice a week by typing in the URL myself into google chrome so unless typing in www.commbank.com.au can take me to a different website than that and still show that in the URL bar i'm on their site.

I do also use the commbank app on my phone but they say the malware is being detected on a windows 10 PC using google chrome.
peteed1985 is offline   Reply With Quote
Old 10th May 2017, 12:38 PM   #7
power
Member
 
power's Avatar
 
Join Date: Apr 2002
Location: brisbane
Posts: 49,152
Default

you aren't using any plugins like VPN's are you?
__________________
this is who we are.
power is offline   Reply With Quote
Old 10th May 2017, 12:42 PM   #8
MR CHILLED
D'oh!
 
MR CHILLED's Avatar
 
Join Date: Jan 2002
Location: Canadia
Posts: 124,615
Default

Can the bank tell you what the malware is that they have detected? That way you can actually use a package that tests for that malware, it may not be being picked up by what you're using. Unlikely but possible I guess.
__________________
Malcolm Turnbull on the Libs.."we are not run by factions, nor are we run by big business or by deals in back rooms"
MR CHILLED is offline   Reply With Quote
Old 10th May 2017, 12:53 PM   #9
peteed1985 Thread Starter
Member
 
peteed1985's Avatar
 
Join Date: Feb 2009
Posts: 721
Default

Quote:
Originally Posted by power View Post
you aren't using any plugins like VPN's are you?
Na, popup blockers and adblock plus and the great suspender.

Quote:
Originally Posted by MR CHILLED View Post
Can the bank tell you what the malware is that they have detected? That way you can actually use a package that tests for that malware, it may not be being picked up by what you're using. Unlikely but possible I guess.
Apparently not because that'd actually help >_> according to them telling their trade secrets like that would let me find a way to code malware to fool what they use to scan for it.

They repeatedly assure me a false positive isn't possible so I do have malware but they also assure me that if stinger says I have none then i'm fine and have none.
peteed1985 is offline   Reply With Quote
Old 10th May 2017, 12:56 PM   #10
Xenon
Shīrāzī
 
Xenon's Avatar
 
Join Date: Jun 2001
Location: Perth, 6105
Posts: 272
Default

I've seen this before from Commonwealth and ANZ bank systems within the past year.

If both instances the systems were infected by a Trojan, which wasn't picked up by McAfee or Norton for a few weeks.

The banks use more sophisticated mechanisms to monitor IP traffic to their systems, so from what I've seen can more accurately pickup newly released Trojan's.

Now, this could just be false positive but going by past experience, I would copy documents off the system, and wipe/reinstall it.

Interestingly, both users I saw with the same bank behavior had recently logged on to and purchased items (one had bought some cheapie 'smart' watch, whilst the other had bought one of the many cheap Android phones) from the Chinese re-sale sites. Can't recall exactly which it was as it was a year or so ago, and I don't generally touch them.

Last edited by Xenon; 10th May 2017 at 12:58 PM.
Xenon is offline   Reply With Quote
Old 10th May 2017, 12:57 PM   #11
Xenon
Shīrāzī
 
Xenon's Avatar
 
Join Date: Jun 2001
Location: Perth, 6105
Posts: 272
Default

Quote:
Originally Posted by MR CHILLED View Post
Can the bank tell you what the malware is that they have detected? That way you can actually use a package that tests for that malware, it may not be being picked up by what you're using. Unlikely but possible I guess.
They won't give out any such info as it would potentially give away info on the mechanisms they use for the identification.
Xenon is offline   Reply With Quote
Old 10th May 2017, 1:03 PM   #12
whatdoesthisdo
Member
 
whatdoesthisdo's Avatar
 
Join Date: Jan 2011
Location: Brisbane
Posts: 6,015
Default

Try a different browser?
__________________
Quote:
Fox News viewers tend to be less informed about current affairs than people who obtain their news from other news sources and are even less informed than people “who don’t watch any news at all.”
whatdoesthisdo is offline   Reply With Quote
Old 10th May 2017, 1:04 PM   #13
MR CHILLED
D'oh!
 
MR CHILLED's Avatar
 
Join Date: Jan 2002
Location: Canadia
Posts: 124,615
Default

Quote:
Originally Posted by Xenon View Post
They won't give out any such info as it would potentially give away info on the mechanisms they use for the identification.
This is what they have told you or you work for a bank?
__________________
Malcolm Turnbull on the Libs.."we are not run by factions, nor are we run by big business or by deals in back rooms"
MR CHILLED is offline   Reply With Quote
Old 10th May 2017, 1:13 PM   #14
cvidler
Member
 
cvidler's Avatar
 
Join Date: Jun 2001
Location: Canberra
Posts: 10,400
Default

Quote:
Originally Posted by Xenon View Post
They won't give out any such info as it would potentially give away info on the mechanisms they use for the identification.
And they don't want you to know, because honestly it's a joke.

I wouldn't trust their shit, you've got multiple other scanners telling you nothing is there. their shit is broken.

1. they're a bank, not a anti-malware developer.
2. you can only do so much from the confines of a browser sandbox - they can't properly scan your system anyway.
3. tell them to stick to banking and not IT security.
__________________
We might eviscerate your arguments, but we won't hurt you. Honest! - Lucifers Mentor
⠠⠵
[#]
cvidler is offline   Reply With Quote
Old 10th May 2017, 1:17 PM   #15
elvis
Old school old fool
 
elvis's Avatar
 
Join Date: Jun 2001
Location: Brisbane
Posts: 28,701
Default

Quote:
Originally Posted by cvidler View Post
3. tell them to stick to banking and not IT security.
I'm not normally one to defend banks (quite frankly, they're a bunch of arseholes), but we're here because banks get blamed for people not taking their own information security seriously, and blaming the banks for it.

You can't blame banks for erring on the side of caution when they're constantly having fingers pointing at them for not doing so. We're in this situation because of our own collective stupidity.
__________________
Play old games with me!
elvis is online now   Reply With Quote
Reply

Bookmarks

Sign up for a free OCAU account and this ad will go away!

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 5:59 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Micron21!