Cyberhawk 2.01 vs. Anti-Keylogger Test

I just downloaded Cyberhawk 2.01 which runs as their pro version the first 15 days. Being that I was interested in rootkit detection, I then ran it against the AKLT. Here are my results:

GetKeyState- fail
GetAsyncKeyState- fail
DirectX- fail
Screenshot 1- fail
Screenshot 2- fail

Has anyone else had similar results? I noticed in a test of a prior version of Cyberhawk (1.2) it did well on the SSM keylogger.exe test.

http://www.techsupportalert.com/Security Tests/HIPS/Security Tests - CyberHawk V1.2.htm

 

Don't know if they tested it like you did or not but i'm sure that could be a point of contention for some including the vendor?

NO matter for me though but only personally speaking, i use snoopfree now and it pretty much covers that area where say a SSM or Cyberhawk might prove a bit weak in, but those results might be disturbing if no HIPS can pass that simple test.

 

They already know about this test.

https://www.wilderssecurity.com/showthread.php?t=161731

 

That's why I added : "Has anyone else had similar results? I noticed in a test of a prior version of Cyberhawk (1.2) it did well on the SSM keylogger.exe test."

I just now saw on the thread provided by VaMPIRIC CRoW that some users have had noticed some Cyberhawk success with Cyberhawk vs. AKLT.

 

Cyberhawk 2.0.1.2 passes GetKeyState & GetAsyncKeyState on my box.

Cyberhawk 2.0.1.2 fails DirectX keylogger test even GhostSecuritySuite failed even though it flagged the service and I disallowed keys were still logged.

Cyberhawk 2.0.1.2 fails both Screenshot 1 & Screenshot 2 however Snoopfree is able to catch Screenshot 2 and one of the other keyloggers

 

Discovered a quirk on another comp of mine same OS XPproSP2. When I run the GetKeyState & GetAsyncKeyState Cyberhawk seems to fail until I stop typing and right click my mouse then left click then Cyberhawk pops up and warns me to Allow or Deny. Maybe its because my keyboard and mouse run from USB ? My other system have the mouse and keyboard plug into the designated inputs but this system don't have that type of inputs so it uses its USB wonder if that could be causing problem?
Both systems are identical in programs installed aside from the way the keyboard and mouse inputs.....Anyone got any ideas? about this quirk ?

 

Looks as if I am not going to trial Cyberhawk anytime soon.
Jerry

 

Minimize the tester tool window and type something. Cyberhawk is detecting only keyloggs that are hidden from user, probably to decrease false alerts...

 

RejZoR ok I did what you said and upon minimizing the AKLT tester Cyberhawk instantly pop up with deny or allow so I guess in that scenario it works, but still I would like to think it would still detect even if it wasnt minimized, Im just looking at the AKLT window as a sub for some open text document etc. etc. thats why sometimes these tests kind of make me go
I guess what I'm trying to say is maybe you would need to get a real life hack attack from some one that could actually do what the test is trying to do and get your answer there lol too bad I dont know anyone that could do that, that I could trust