Saturday, November 12, 2011

Webroot scan shows a Kelogger for Chrome; not sure if false positive yet

Today, Webroot Spysweeper quarantined a “commercial system monitor” that it called “Gumshoe Keylogger  for Chrome,” with Sophos research report here  (code AF770ECL). A commercial system monitor installed by an attacked on a home computer could steal passwords and personal or banking information.

In April, 2011, Google wrote an answer to a similar question about this (and another warning just called “Keylogger for Chrome” which it says are Webroot false positives.  It’s not clear from the answer if this refers to the “Gumshoe”. McAfee is also discussed as having flagged warnings.   The link is here.

A legitimate keylogger will exist in any browser that supports Search Auto Complete in Google.  This topic requires more research. I'll have to notice whether future Webroot scans find the same item.

Update: Nov. 26

Webroot, under the latest release of Mozilla (but not Chrome) continues to warn about sites that all other site safety services accept, particularly some movie official sites and some overseas blogs about protests and detentions. 




1 comment:

wyntech solutions said...

This blog is awesome full of useful information that i was in dire need of.
Vancouver Internet Marketing