Yikes, if you have a recent Samsung laptop, you may want to check out this story from today's edition of Network World (http://www.networkworld.com/news/2011/033011-samsung-investigating-report-of-keylogger.html).
This turned out (http://www.samsungtomorrow.com/1071) to be yet another FALSE POSITIVE by a lazy antivirus company.
Samsung Electronics is investigating allegations that some models of its R Series laptops contain keylogging software that could be used to record anything typed on the laptop computers.
Mohamed Hassan said he became aware of the issue last month, when he purchased a Samsung R525 at a Best Buy in Toronto. The laptop had keylogging software on it, which he deleted immediately. Two weeks later, Hassan decided he wanted a more powerful machine, so he returned the R525 and bought a new model -- the R540, at a local FutureShop. To his surprise, the keylogger was there too, Hassan said in an interview Wednesday.
"These were new systems. They weren't used for anything," he said. "I could give them the benefit of the doubt on the first one. But then when I got a second model, a different model from a different store, that tells me that Samsung is aware of the problem."
Hassan, an IT consultant based in Toronto, said that Samsung tech support told him: "We just put it there to find out how the computer is being used."
http://www.networkworld.com/news/2011/033011-samsung-investigating-report-of-keylogger.html
[ You are not allowed to view attachments ]
(http://www.networkworld.com/news/2011/033011-samsung-investigating-report-of-keylogger.html)
Samsung's response: http://www.samsungtomorrow.com/1071
The statements that Samsung installs keylogger on R525 and R540 laptop computers are false.
Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan.
-http://www.samsungtomorrow.com/1071
And from an anonymous posting (that I haven't verified - if someone out there has VIPRE or Spyware Dr., it would be interesting to see if this is true):
Go try this... create a windows\sl directory then run spyware doctor or vipre... run a scan.. they will report you are infected with the same keylogger... they are simply triggering on the existance of an "sl" directory and the author of original post didn't do ANY research on this.. he just assumed Spyware Dr. was correct and then wrote about it.-http://www.networkworld.com/community/node/72622?page=3