SpySweeper vs Defender: Round 2

  • Thread starter Thread starter Guest
  • Start date Start date
Not only did I check for those Symantec reported files on my PC, I also
submitted Rootkit Revealer and HJT logs to Webroot. No keylogger.
Definitely false positive. There are multiple reports coming in to Webroot.
They say it will be fixed with Definitions updates. Sounds familiar, doesn't
it my fellow Denfender fans!
 
Thanks, Dan and Bill, and all...I understand the possibility of a false
positive in this situation; however, I have been running twice daily Sweeps
with SpySweeper for about a month now. Why just yesterday did SpySweeper
identify this program if as you suggest Bill, it is something that Dell
installed when my Inspiron was built??? Could it be SpySweeper just updated
its defs to include this program? Hmm...and it has been lingering all this
time....???? Interesting.

Rick
 
Amen! Thanks to Dan and Webroot for their diligence and attention and indeed
as Old Rebel mentioned posting in our little family! I guess false positive
can be quite the scare! Time to say, Whew! Oh, I didn't find any of the files
on my system either.

Thanks again to all!!!

Rick
 
That's my feeling as well. You don't want to take any chances with a
keylogger, but you also don't want to be unnecessarily alarmed, or to remove
entries that are harmless. I think you've done the right kind of research
to think clearly about this--best of all would be word from the vendor of
the product which made the detection that this is indeed a false postive, of
course.

--
 
But be really certain that you are reporting the real thing. We've
definitely seen this, in these forums, I believe, over the year and a
quarter of this beta--but not many times--perhaps less than one hands worth
of fingers, I think.

--
 
Updated defs are the most likely trigger--that is exactly how such things
happen--Witness the recent McAfee false positive for a number of
executables, and an earlier one with Microsoft Antispyware, and an antivirus
vendor.

--
 
Excellent--sorry--I did see the webroot signature and didn't connect
properly--that was very good of them to post to this thread.

--
 
Definitely sounds familiar. I wouldn't hold a false positive against a
vendor--what counts is the response--and it sounds like they have both a
customer forum, and responsive support staff, and are getting this fixed.

--
 
Whoops--that reply was appropriate for Rick, but not for Webroot Support.

Thanks for posting this, Dan!
 
Hi Bill

Yes we have seen it and for sure more.

What I have noticed is that more and more users ask for them
within different forums and that it is obvious that the asker have no
legitimate needs for a keylogger.

A lot of users also seems to forget that it is an criminal act to plant
a keylogger.

Mitch Dembin, Asst. US Attorney, Southern District, California
explain this in ASCs movie:

http://www.antispywarecoalition.org/events/20060209finalsessionb.ram

All security vendors must come up to an conclusion about this soon and
perhaps the only way is to force it from example FBI/FTC.

Beacuse of sensitive nature with a keylogger and large user groups
which
stands up for the right to use them this is now "mission impossible".
I can compare it with another sensitive issue to carry
guns/weapons............

Especially for US based vendors, they cannot just start to detect them
beacuse of maybe embarrasing findings and scandals.

But they must be controlled and removed from Download.com, Snapfiles
and other download sites.......

I do knows that all security vendors have agreements about some
commercial keyloggers and that is enough.

IMHO

regards
plun
 
Not only did I check for those Symantec reported files on my PC, I also
submitted Rootkit Revealer and HJT logs to Webroot. No keylogger.
Definitely false positive. There are multiple reports coming in to Webroot.
They say it will be fixed with Definitions updates. Sounds familiar, doesn't
it my fellow Denfender fans!
Click to expand...

Hi Old Rebel

Which application was it ? Was it an Dell "monitoring" app ?
What purpose has it ? Probably then using "director.exe" as
some more apps.

Maybe important to know :)

regards
plun
 
Question: I currently have the full licensed version of Spysweeper on my pc.
And I love it BTW. Anyway MSN now has Spysweeper for MSN. What will that
do to my original spysweeper if I try to install the MSN one? I'm thinking I
probably don't need to load the MSN version but not sure.
 
Back
Top