New to KeePass, should I be concerned?

I thought I would try one of the password managers. After looking at some of the features, I decided to try KeePass.

I run LUA and SRP with surun, and while setting up KeePass (but after the install), two things happened which cause me some concern.

1. When saving the initial password database, it tried to run surun, which to me says it was asking to elevate its own privs. I denied and it seemed to save ok.

2. I tried to use a password I had added via URL so KeePass should redirect my browser to the particular URL I added with that entry. When I did this my HIPS popped up saying that KeePass was trying to control Prevx. I denied this also.

So is there any point in continuing this exercise, or should I just remove it and stop here? Is there a good reason why I should see this suspicious behavior from KeePass?

FYI: I'm using Prevx SafeOnline, facebook version, and the HIPS is Comodo Defence+ v 3.14 (or something).

 

Short of asking the developer (and KeePass does have a forum), you may not get the best/right answers you're looking for here.

I use the older 1.x branch of KeePass (mainly because it doesn't need .NET Framework.) I know that by default, it uses the clipboard and encrypts the data file. Encryption shouldn't raise any flags but something using the clipboard could definitely do so.

As I noted, the newer 2.x branch uses .NET Framework. Since that is an environment KeePass runs inside of, who knows all the interactions that may be triggered. Without more explicit knowledge, the addition of this other platform makes things very tough to figure out.

As for whether or not to trust it, that is always a personal decision. I have been happy with it and have never read any negative comments on it's safety and trustworthiness. But that is just one man's opinion... mine.

 

The reason I don't ask at their forums, is that if there were some malicious reason behind it, they would hardly tell me

I'll try to ask in the Prevx section here. I see they have had some interaction with it. With that in mind, I guess this thread should be closed.