Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Windows Defender detects "kvimy.dll" module as keylogger. #2675

Open
mantarray opened this issue Aug 27, 2024 · 1 comment
Open

Windows Defender detects "kvimy.dll" module as keylogger. #2675

mantarray opened this issue Aug 27, 2024 · 1 comment

Comments

@mantarray
Copy link

Hello. I installed KVIrc Quasar today, and after trying to log onto a server, Windows Defender detected a Keylogger trojan in a file named kvimy.dll

Detected: TrojanSpy:Win32/Keylogger

Afected items:
C:\Program Files\KVIrc\modules\kvimy.dll

Windows Defender was able to delete the file. Should I be worried? Is this a false positive? I can't find any info on "kvimy.dll" and I'm a bit worried. Thanks!
@ctrlaltca
Copy link
Contributor

Hi, i can confirm this is a false positive, as this already happened in the past. Kvimy.dll is a kvirc module that exports a $my.idle() function that checks for user idle time. This is done by checking for user activity on the keyboard/mouse, and
this unfortunately resembles how some keylogger works.
I'll take a look if i can fix it in some way, thank you for reporting the issue.

@kvirc kvirc deleted a comment Aug 27, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ctrlaltca @mantarray