Home > All, Security News > I think I probably got that wrong – an apology to Samsung

I think I probably got that wrong – an apology to Samsung

Oops. I might need to offer Samsung an apology…

It sort of struck me that it’s a bit silly trying to install a known keylogger and expect to get away with it. So I started to ask a few AV companies if their software would detect the ‘Samsung keylogger’. First to reply was Kaspersky:

Yes, it detects it. But there’s no certainty at this stage that it has been pre-installed by Samsung.

Kaspersky referred me to the Samsung statement:

The statements that Samsung installs keylogger on R525 and R540 laptop computers are false.

Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan.

The confusion arose because VIPRE mistook Microsoft’s Live Application multi-language support folder, “SL” folder, as StarLogger.

That actually makes sense. A genuine false positive is a far more likely culprit than an incompetent conspiracy.


Just to demonstrate:

Firstly, the false positive from VIPRE


VIPRE recognising Windows/SL as StarLogger

And now AVG2011 correctly recognising the StarLogger keylogger:

The confusion is between WINDOWS/SL and WINDOWS/SL/WINSL.EXE


Categories: All, Security News
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s