BrandonTools

I have installed Start++ but my copy of PC Tools Spyware Doctor now pops up an error advising that Start++.exe is recording my keystrokes. Spyware Doctor then block Start++.exe from running. Is this behaviour correct and should I be concerned about the recorded keystrokes?

Running Vista Business, Start++ 08.1.0, Spyware Doctor 5.10.273.

Any responses welcomed.

I have scanned all of the files included with Start++, including the installer itself, for viruses before uploading them and never encountered any problems.  I did encounter a false positive against the "runnonadmin.exe" component a couple of days ago from eTrust (CA anti-virus) and they are looking into that.  Apparently they are setting off false positives against a lot of executables with their latest update.

 However, this spyware notification is news to me.  I wonder if they're flagging anything that uses windows hooks?  Start++ does not record any keystrokes, but it does redirect them when you are typing into the start menu (so that it knows whether you've typed a shortcut that it needs to handle and such).  It's possible this is setting off a false alarm in Spyware Doctor.  I'll make a note to look at that product and see if they have any workarounds or exception processes that I can look into.

The keyboard hook that Start++ uses is only installed while the start menu is visible - does Spyware Doctor flag the program when it starts?  Or only after you've opened the start menu? (I'm just curious about how exactly they even know what Start++ is doing).

Thanks for the fast reply. I'm struggling to see a pattern in Spyware Doctor's recognition of the Keylogging from Start++. It is difficult to tell what action triggers the block but it does not appear to be directly from typing in the start menu - unless of course there is a delay between typing and the notification.

I will try various scenarios monitor it for a while and post again if I can see a link.

Guy 

It is difficult to see a pattern here but I can report that if I select Microsoft Word from its position pinned on the Start Menu then Spyware Doctor displays three Malicious Program reports which are listed in the log as Keylogger attempts by Start++.exe. However this only happens when starting Word in this way the first time after booting up the PC. It is not normally repeated by again restarting Word from the Start menu.

Opening Internet Explorer which is also pinned to the Start menu does not cause a Spyware Doctor report.

I hope this helps but if any other information would assist please let me know.