Hello all. I have an HP Deskjet printer which starts its programs upon my computer booting up. Today I decided to give snoopfree privacy shield a try as I had heard some good things about its ability to detect spyware, especially keyloggers. After installing and rebooting I had a pop-up message that left me feeling like I had been Dawn Kawamoto'd. The pop-up warned of KBD.EXE and stated "The program named above is trying to read your screen. This may be a spy program trying to take a snapshot of your screen..."

I blocked KBD.EXE and looked it up on google but most of the search results were for something to do with logitech. Snoopfree clearly associated KBD.EXE with Hewlett-Packard, though. Then I decided to remove the exe from snoopfree's block list and try to reboot again. On reboot I allowed KBD.EXE and then got another warning of OSD.DLL with the same message as KBD.EXE, "The program...trying to take a snapshot of your screen..." And OSD.DLL was also associated with Hewlett-Packard. At this time I have them both blocked.

Has anyone else had similar issues with HP products? Also, I have had trouble with not allowing the HP printer from loading at start-up. Is there some way around this?

Thanks.

Interesting. I'd also be interested to hear any new info.

KBD.exe sort of sounds like the name of a KeyBoarD program. Ages ago I remember there was something underhanded that some computer manufacturers were doing with keyboard drivers for keyboards with extra programmable keys - You know - those buttons that are typically added for music player volume control and launching email and browser and so on. I don't remember the manufacturer implicated, however, I was sufficiently disillusioned that I no longer use those keys at all, even though my keyboard was not implicated. I just realized that, as usual, the use of an extra program to do something that you can already do just doesn't make sense.

Ah Ha! I just ran a check on KBD.EXE and came up with the following result:

kbd.exe - Logitech Multimedia

Description
kbd.exe isa process from Logitech which allowsyou to configure
the additionakeys on theirmultimediakeyboard products.This isa
non-essentialprocess. Disablingorenabling itisdown to user

preference.

Author: Logitech
Part Of: Logitech Multimedia
Security Risk: 0
Keywords: Background,Hardware


Sorry about my memory. They say the security risk is zero, but I stand by my previously mentioned preference not to load it. I don't think there should be any reason not to uninstall it, and then set up your keyboard with XP's own keyboard driver.


-HandsOff

-{ Quote: "Has anyone else had similar issues with HP products? " }-
Hi acr1965, KBD.EXE, C:\HP\KBD\KBD.EXE, is the multimedia keyboard/button manager, required if you use multimedia keys on HP products say for example volume control buttons, internet, email etc on their keyboards or on HP peripherals.

IMO, there are no security issues with the kbd.exe and osd.dll files. From anything I can find, they're legit.

That said, it never hurts to question these kinds of things. A few years back, there was an "issue" with one HP keyboard related executable. It emitted a ping that created a bunch of useless network traffic. I had 3 PCs with this driver and it was quite a chatterbox (which is how I found it.) Here are a couple of links that go over it.
http://www.spywareinfoforum.com/articles/hp_netropa/
http://h10025.www1.hp.com/ewfrf/wc/genericSoftwareDownloadIndex?lc=en&cc=us&softwareitem=pv-10327-3

Just to add to the intrigue, I have had some real programs with HP products performing some spyware-like activities. Personally, I don't trust the HP programs that are always trying to phone home behind your back. There was one particular instance with my father-in-law's computer where an HP printer installation also installed what I would call a "browser hijacker" along with it. I posted about the incident at Castlecops forum around a year ago. You might want to take a look at it just for entertainment's sake:

http://www.castlecops.com/postlite141601-.html

Personally, while the .exe file might be necessary for the program, I would have some real concerns about allowing it to phone home. I don't trust these companies that feel the need to know all about your surfing habits and/or product use by going behind your back. My father-in-law didn't even realize his software was phoning home as he hadn't been running a firewall. I installed a firewall on his computer and he discovered all his Logitech, HP and Compaq programs were fighting for air time contacting the mother-ship. If you can't already tell, this is one of those sore point that sets me off. While this KBD.exe might be a legitimate program, it wouldn't surprise me in the least if it also doubled its duties by taking a snapshot of what software you're using and sending it back home so all the marketing gurus can plan their next advertising campaign. At any rate, if an installed app, legit or not, changes your IE homepage without your permission, in my opinion that is no different than spyware. Either way, it an act stealthily done behind your back and, IMHO, less than ethical.

i agree that it is the same as spyware.
i also dont like it when you install isp software from e.g. bt and they change the bar in internet explorer and it says "internet explorer provided by bt broadband" same with outlook express.
thats why i want to get a wireless router that doesnt need anysoftware like the bt voyager 2110 which you connect to it using your wireless dongle and then put in isp username and password. if the usb connection to the router dont work no more i will just buy a usb dongle rather than having to install all the crap software btyahoo force on you by using the install cd
most isp software you install does change browser homepage and or internet explorer top bar.
lodore

Perhaps if functionality is not lost on keyboards (incidently KBD.EXE is safe to disable from startup with HP/Compaq keyboards, necessity depends on the user with multimedia keys) and other peripherals, Snoopfree is ideal if a threat is perceived.
-{ Quote: "I have had trouble with not allowing the HP printer from loading at start-up." }-
How so?

-{ Quote: "

How so?" }-


I have tried to block HP Imaging Monitor from start-up by many programs and for whatever reason it always starts anyway.

-{ Quote: "I have tried to block HP Imaging Monitor from start-up by many programs and for whatever reason it always starts anyway." }-
Strange, I can disable hpqtra08.exe with autoruns no problem. Can't think of a reason why it comes back for you. edit : apart from maybe Updates.
-{ Quote: "hpqtra08.exe is installed alongside the drivers for Hewlett Packard Imaging devices and installs an easy-to-use traybar icon for quick access to diagnostics. This is a non-essential process. Disabling or enabling it is down to user preference. - liutilities" }-
- the director can be launched manually.

At the risk of repeating myself, you don't need to have kbd.exe installed. My speakers have the volume knob there, but even if they didn't you can go to the control panel and choose to have the volume control in the taskbar's system tray.

If the program can't be uninstalled from add and remove programs then you might want to download a free autostart monitor. DCS (Diamond Computer Sys) has a pretty good one. Hijack this might be able to fix it. I don't really think it is meant to be difficult to uninstall. It's just something that they figure people won't go to the trouble of fixing.

I can't say for sure it is a spying, but it is seeming to do a bunch of stuff without the consent of the user, so I don't like it.

-HandsOff

I downloaded sysinternals' autoruns and that seems to do the trick.

-{ Quote: "I downloaded sysinternals' autoruns and that seems to do the trick." }-
...and that is fine is you dont want to have something extra starting up or can do without certain functions which can be done manually but there are alot of applications that perform these reads because its a function of the program which are not actually spying on you. Then there are programs like the Event Monitor from Realtek alcmtr.exe which is 'spyware' or spying with your consent that monitors customers actions gathering data for the company - not a sinister one or remote control program but otherwise a resource hog.

-{ Quote: "I downloaded sysinternals' autoruns and that seems to do the trick." }-

Yes, I've found that to be a good one too! There are several good free ones available. It really helps you get familiar with what is always running and what just dropped in out of nowhere!


-HandsOff