CAVS blocks Logitech SetPoint?

A couple of days ago I received a Logitech cordless mouse as a gift.

One of the main reasons I wanted it was because it has side-scrolling functionality when you tilt the mouse wheel to one side or the other. However, I was disappointed because this wasn’t working.

I just this evening discovered that the Logitech SetPoint software that installs off the driver CD that came with it was being blocked by CAVS. When I disabled the HIPS Application Control, the side-scrolling function worked! I’ve now set the HIPS App Control to allow the SetPoint software to run, and everything is hunky-dory.

I’m wondering why Comodo would block that software automatically, without even asking. Does the SetPoint software do something that Comodo considers malware?

Hi CiderJack,
This application is not analysed by Comodo lab and hence it is not added into safelist database. You can submit this file to comodo lab.
You must(exception switch user case) get HIPS alert for those files which are not added into comodo safelist database. It blocks the file’s execution until you select allow or block. After you select ‘Allow’, HIPS will allow them to execute.


Yeah, it’s been allowed now, and everything is working smoothly.

I guess I’m just curious if anyone knows if there’s anything to worry about with Logitech SetPoint software. I know that it’s not uncommon for some of the fancy software installed with hardware drivers, especially keyboards & mice, to include things like keyloggers & backdoors - or at least I’ve had it happen in the past.

If anyone has any definitive (or even anecdotal) information about whether or not SetPoint installs anything suspicious, please let me know! Right now I’m running it, but would like to know more info about this - of course when I asked on the Logitech forum, it was denied outright! :wink:

insert tin-foil-hat emoticon here

Ok, now this is interesting…

From this thread in the Logitech forum:

The LDM software will install upon installing the SetPoint software. However, the LDM software is not a keylogging software. The only information this service allows us to collect is what Logitech products are connected and what operating system is being used. This allows us to target messages which apply to specific customers.

Once a week, when connected to the internet, Logitech Desktop Messenger will automatically connect with Logitech servers to see if there are any new messages for you. It performs this check during idle time to avoid slowing down other application that may be accessing the Internet.

If there is a message on the server, then Logitech Desktop Messenger will download the message utilizing bandwidth that would otherwise be unused. After the message is downloaded, Logitech Desktop Messenger will wait for one minute of keyboard and mouse inactivity before displaying the message on your screen.

Call me a privacy freak, but this qualifies as malware behaviour in my book. It’s unwanted, turned on by default without the user’s knowlege, and completely unnecessary for the operation of the software. It also creates a potential (and again, unnecessary) security risk.

In addition, I can’t find any way to disable it besides blocking it in my firewall software, which to me is just plain unacceptable. That is, I have no problem with blocking it, but if I run without the firewall (which happens on occasion) then this information would be allowed through. I can’t turn it off at the source.

Sooo… anyone know of any mice that have the tilt-wheel side-scrolling feature that don’t phone home? 88)