I think I probably got that wrong – an apology to Samsung
Oops. I might need to offer Samsung an apology…
It sort of struck me that it’s a bit silly trying to install a known keylogger and expect to get away with it. So I started to ask a few AV companies if their software would detect the ‘Samsung keylogger’. First to reply was Kaspersky:
Yes, it detects it. But there’s no certainty at this stage that it has been pre-installed by Samsung.
Kaspersky referred me to the Samsung statement:
The statements that Samsung installs keylogger on R525 and R540 laptop computers are false.
Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan.
The confusion arose because VIPRE mistook Microsoft’s Live Application multi-language support folder, “SL” folder, as StarLogger.
That actually makes sense. A genuine false positive is a far more likely culprit than an incompetent conspiracy.
Just to demonstrate:
Firstly, the false positive from VIPRE
And now AVG2011 correctly recognising the StarLogger keylogger: