Threatfire Detecting A keyloger

Yes, I wish controls where a bit more granular in respect to the selection process...

 

Ahem.... (major troath clearing here)...

And for the real paranoid among us... here's another nice one from our friend with the AVG "FP" Keylogger.... A AVG component doing screen captures...

The more I dig my one remaining rotten tooth into this one, the stranger it becomes... Funny thing is, why would this scanner trigger so many alerts? I can understand the FP keylog since it might have a hot key config that need the driver hook into global keyboard privileges but the screen capture thingy eludes me... Perhaps, I'm missing something or has this ever been reported here before?

I hope you enjoy the nice picture:

 

In the past, I have seen such prompts from SnoopFree for quite a number of legit applicatiosns. I laways allowed for legit applications.

No more using SnoopFree.

 

I've never used Snoopfree but from the info I've found it appears it hasn't been updated in a couple years; is it possible this program is simply not able to recognize current safe programs and their activities?

 

Snoopfree has no black list, no white list. It,s just like a plain HIPS detecting some keylogging and screen reading functions and will report it whether it,s legit or malicious!

 

I realize that gentlemen, I am simply curious as to the purpose of a screen capture event as it relates to scanning for viruses with AVG...
Besides, I have removed SnoopFree from our test systems, not because of the detection but due to it's rather unstable behaviors...

To be fair to it among other things it detected everything that did put hooks either into the keyboard or screen quite effectively. It's assessment as you stated are rather generic in nature.