Logging Keystrokes?

[Kroma]

Hi,

I have Cyberhawk installed and it has just informed me that utorrent is logging keystrokes.

What could have caused this - should I be wary?

Thanks,

Kroma

[DreadWingKnight]

What proof do they offer?

[Kroma]

The log file just says:

Keystrokes logged (Denied)

Triggered by Utorrent.exe

No more info other than the time and who was logged on (me).

[kurahashi]

Thats not too much, you know.

What exact version of utorrent do you have?

Are you sure you get it from this site, not from scams?

How big is your utorrent.exe file. A CRC of it would be welcomed too.

[Kroma]

It's v1.6 build 474

It originally came from this site and has been updated since.

It's 171kb according to windows explorer.

Maybe it's just a false positive. I've been using Cyberhawk for several weeks alongside utorrent without any problems.

Kroma

[Ultima]

Eh are you using the boss key?

[Kroma]

No, the boss key wasn't in use. I've just tried the boss key and there were no warnings.

[Falcon4]

We could use a CRC to verify your uTorrent is for reals. An MD5 would be better. Hell, even getting the filesize like we asked for (in bytes, not KB - accuracy helps identify the file) would be a plus.

The long, do-it-yourself way would be to install hashtab and get properties on the file, then go to the "file hashes" tab and copy/paste the MD5.

The short way (and to learn about a new site) would be to go to hostfile.org, sign up, and upload the file. The MD5 will be displayed on the file information page.

But IMO this all sounds like more false positives from overly paranoid but utterly useless "security" software... any program that listens for keystrokes and inputs could be a "keylogger". Drat! Any program that actually DOES something is evil!

[Kroma]

I'm starting to think 'False positive' too!

How do I find the CRC?

[Ultima]

Falcon4 just told you: use HashTab. It's very useful, yet unobtrusive, and I always keep around for stuff like this (you'll never know when you need to know the hash of a certain file).

[christiansk]

i use that same utorrent version and cyberhawk too, and just got that warning for the second time (in a couple of weeks). i'm thinking false positive too...

just in case, here's the file info:

Size: 174163 bytes

MD5: 501A7993D267174D87B8533C3A80DD7B

SHA1: E9177873CF0A8216EA4B015544286068B4DDDD28

CRC32: CE1982FF

(btw, i use the program named hash from this site: http://keir.net/hash.html; it generates the checksums i posted above, supports drag and drop, and is as clean as utorrent - just one .exe file, no installation needed, no registry/files junk with it.. just thought i'd share that, hehe)

can someone check the hashes for us?

thanks,

christian

[Ultima]

Ooh, looks nice (Hash, that is). The hashes are indeed correct, so it probably is a false positive.

[christiansk]

yeah, there are other good programs at that site as well. =)

thanks, i'll just allow it in cyberhawk then.

christian