Keylogger: AMECISCO

Discussion in 'privacy problems' started by eljay376, Aug 26, 2004.

Thread Status:
Not open for further replies.
  1. pollux

    pollux Registered Member

    Joined:
    Jan 6, 2004
    Posts:
    84
    Location:
    Grenoble, France
    Thanks, Gianni.

    Keep us posted :)

    pollux
     
  2. Gianni

    Gianni Registered Member

    Joined:
    Nov 16, 2003
    Posts:
    45
    Webroot's 'Reply' (!!!): :rolleyes:


    1. My [simple...] question:

    2. Their [useless...] automated answer:

    :eek:
     
  3. pollux

    pollux Registered Member

    Joined:
    Jan 6, 2004
    Posts:
    84
    Location:
    Grenoble, France
    I agree, that email didn't help clarify things one bit.

    If you want to keep pursuing this, you might try emailing them again (including the original as requested), this time putting in links to the threads here, at DSLR/BBR and at SpywareInfo. Maybe if they realize that a series of people is experiencing the problem, there will be more of an answer forthcoming.

    Really, this confirms my appreciation for the anti-spyware programs that have user support boards: Spybot Search & Destroy and Ad-Aware (Lavasoft) in particular. Although things can sometimes be a little chaotic with Spybot S&D support (i.e., many people posting about the same false positives in different threads at Net-Integration and at other boards such as this one), I've generally found that the developers are responsive and that issues get cleared up quickly.

    Gianni, have you looked at other information about Amecsico Keylogger, for example at Pest Patrol? Do you find any of the other files and registry entries associated with the program? If you do not, that would be another thing to include in a future email to Webroot.

    I'd be interested in hearing about the response if you decide to try writing to support again.

    pollux
     
  4. Gianni

    Gianni Registered Member

    Joined:
    Nov 16, 2003
    Posts:
    45
    @ pollux:

    i don't have any other file such as those listed in the Pest Patrol article:
    http://www.pestpatrol.com/pestinfo/a/amecisco_invisible_keylogger_stealth_1_2.asp

    btw i don't think i'll waste more time with Webroot's Support...i'm now trying to learn more about these 3 files:

    - tmpdelis.bat
    - tmpcpyis.bat
    - winstart.bat

    they seems to be legitimate Windows 9x files... o_O

    http://support.microsoft.com/defaul...port/kb/articles/Q245/5/60.ASP&NoWebContent=1

    but still searching Google for more info... :doubt:
     
  5. mephisto

    mephisto Guest

    any follow up on this one ? I ran into the same strange lot. Spysweeper alert, but none of the files @ pestpatrol present.
     
  6. Gianni

    Gianni Registered Member

    Joined:
    Nov 16, 2003
    Posts:
    45
    i removed from SS quarantine and restored the tmpdelis.bat file since I suspect that might be part of InstallShield's method of installation/de-installation and i'm now almost sure it has nothing to do with Amecisco keylogger... :rolleyes:

    Moreover i installed SpyCop running a Complete System Scan...results: NO suspicious files found!

    btw u may wish to try the Webroot Support too, submitting a new trouble ticket, just in case...2 or 3 or 4 or... is better than 1! ;)
    https://supportcenteronline.com/ics/support/default.asp?deptID=776
     
  7. Stormblade

    Stormblade Guest

    The files in question are indeed standard windows files. they are used to delete files that were in use on the next reboot. (such as when uninstalling programs) If you happen to run any other spyware removers before spysweeper, then this false positive is likely to show up if there were files that could not be deleted normally. I hope Webroot realizes their mistake and fixes it quickly, as it is actually detrimental to spyware removal (causing files to not be deleted when they should be).

    I work at a local computer shop, and my standard routine is to run Ad-Aware then SpySweeper, so I see this false positive quite often.
     
  8. Gianni

    Gianni Registered Member

    Joined:
    Nov 16, 2003
    Posts:
    45
    NEW OFFICIAL REPLY from Webroot Support Center!

    At last...better late than never! :)
     
  9. SpyCopFan

    SpyCopFan Guest

    l2bs - "SpyCop has seen its day", eh? lol! Better check that dslr thread again.
     
  10. How do I turn off system restore please?
     
  11. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.