iTunes acting as keylogger?

Since upgrading to version iTunes 7.1 my Comodo firewall ( keeps alerting me about security considerations. This happens whenever my browser (Opera or Firefox) wants to connect to the internet AND iTunes is running. The firewall reports that “C:\Program Files\iTunes\iTunes.exe has loaded iTunesKeyboardCompatibility.dll into Opera.exe using a global hook which could be used by keyloggers to steal private information.”

Could this be a false positive?

Windows XP Pro, SP2.

cyclist, welcome to the forums! (:WAV)

What you’re seeing from CFP is not a warning that the application is a keylogger, only that the connection behavior resembles something a keylogger would do. So in that respect it’s not a “false positive.”

It may, however, not be something to worry about. A lot of times when an internet-capable application (such as i-Tunes) is running, and your browser or email is opened, the two interact in a way (an internal communication) that makes CFP say, “Whoa there! You’re not supposed to be doing that!” as an aspect of Application Behavior Analysis. Some people see this from their mouse software when they use the mouse to click on things in their browser. The general rule of thumb is that if you know the application(s) in question, it’s safe to allow. If it occurs regularly, and you deem it to be safe you can allow with “remember” and should not be bothered with that specific one any further.


OK, thx for the swift reply!

No problem!


I saw the same thing. But how do I know if this ituneskeyboardCompatibility is valid or not? I don’t trust itunes any more than any other program.

Hi zakman, welcome to the forum :slight_smile:

To be honest, unless you have written the code yourself, every program could be considered suspect. Sometimes you just have to have a little trust. If the Applications are well known to you, then you are probably ok allowing the connection.

I imagine that if a program like iTunes had an embedded keylogger, it would be all over the Internet about 30 seconds after discovery…

Thanks Toggie. You’re probably right (well actually, you ARE right). But I just don’t like it when programs run things in the background for no apparent reason. Probably some feature I don’t care about. Oh well, if I were ruler of the world, things would be different… (:AGL)

I suppose that they are just using the monitoring technology that looks like keylogging to anti-viruses. I would recommend you to download one of anti-keyloggers from here: and make sure that you do not have any of them