keylogger

[tatemodern]

i recently installed kaspersky and on the first run it told me that i had a suspected keylogger. it wouldn't give me the option to terminate it, the only active button was "allow". kaspersky also wanted to update, so i did that and then did a full scan, but no mention of a keylogger. i checked my trusted zones and there's no mention of it. was the initial thing a false warning? do i have a keylogger?

also, if i do have a keylogger and i'm signing into something. if i cut and paste each individual letter of the password from a different page will this bypass the keylogger?

thank you.

[BiPolar_Nut]

[ QUOTE ]
if i cut and paste each individual letter of the password from a different page will this bypass the keylogger?

[/ QUOTE ]

Depends on how elaborate the keylogger is but basically no, using a clipboard won't ensure bypassing an unknown keylogger.

I haven't upgraded to the latest Kaspersky yet, still using 4.x and 5.x on a few VM's here. Not sure what's different in the user interface on 6.x or whatever the current version is, but you should check inside the Kaspersky application for where your allow/deny list is and "un-allow" whatever it was you approved. Also, I'm confused as to why you scanned before grabbing updates. For future reference, you should always update your definitions before running any scans.

W/ Kaspersky, I also set it to use extended internet definitions and have it check for updates every hour. (default is standard definitions off the internet and check every 3 hours). Grab the extended defs and scan again after "un-allowing" that one app you allowed.

It is possible either you had a false alarm or it picked up keylogging traits from poker client software (some poker clients like Party basically have a lot of malware-esque code to take screenshots, log keystrokes, check running processes, etc...read their terms of service that you agreed to to see just how much of a blank check you gave them on your system).

It's also possible you have an evil key logger running amok.

I can't offer further advice about how much you should be concerned because I make those decisions bassed on many factors while sitting in front of a suspected infected machine using several utilities, some run from other computers. Basically, without seeing the comp myself all I can say is I suspect there's between a 5 and 95% chance you've got a keylogger, and a 20-90% chance it's something to worry about if you do have one (many suck, are broken, or log stuff fine but get blocked on phoning home thus rendering them useless to the attacker).

[tatemodern]

by "first run" i meant literally the initial startup of the program. it automatically flashed the warning about the keylogger before scanning. i then updated and ran a scan.

anyway, there's nothing in my allow list. so, i'll just hope it's ok.

thanks.