I'm lost : antimalware/keylogger choice ?

Hi, you must understand how these tools work.

If you let a driver based keylogger like Elite Keylogger to be installed, don,t expect any security application to detect key logging in real time. Elite Keylogger si like a rootkit. You might detect it on an on-demand rootkit scan but too difficult to detect it in real time. I doubt any software can do it. Anyone pls ?

Even if you detect Elite keylogger, one can write other similar rootkit type loggers that will not be detected. It,s cat n mouse game that you can never win. ONLY option is to stop the install of such a keylogger/ rootkit. And yes, for that a HIPS is the best security application( plus possibly a Sandbox and/ or virtualization tool).

 

KeyScrambler is good but let me tell you it can fail also. It was not long ago when i told them here on these forums that Elite Keylogger is bypassing KeyScramble and then they fixed it( promptly though). But I wonder why these companies don,t care to test their software against well known sneaky malware samples before making big claims. I guess they don,t care about the users infact. They care all about the money.

KeyScrambler is just an example. You can see this happening with many software.

 

Well from a Executable standpoint such as a keylogger test it clearly states a keylogger is trying to capture your key strokes,A No brainer of what to do and Deny, but downloading some other executables it will tell you what or where it wants to install but not if its bad or Good at least from what I have seen but then again maybe if it idenfies real malware it may say differently but I have not tested it with real malware.Thats way I mentioned it being a classic hips type but yet it not suppose to be nor is it.I may be wrong but I have never seen a big red warnings with Zemana or clearly saying hey this is malware and you should deny it.It very well may be there when it sees a bad behavior, I just have not seen that as I did with Comodo or Prevx Edge for Example.

 

Hi djohn!

Thanks for your comments, I think I get what you're saying. Basically when executing keylogger tests, it warned you that a keylogger was executing, but when executing other programs it just told you where the program was installing and asked for allow or deny with no warning even if there was possible malware type behaviour, which other programs warned you against. Off course you haven't tested it with real malware so maybe in those cases it might give you a warning like it did with the tests. Is this right?

EDIT: Does Zemana only prevent the installation of these loggers or does it also actively prevent them from operating?

 

Yes Exactly what I was saying and as far as prevention of a logger from installalling then yes, I would imagine it would but I seriously doubt it if was allowed intentionally. Example a keylogger is trying to capture key strokes what do you want to do allow or deny, If a user did not understand what that means or perhaps thought its was part of the installer of what they may be installing at the time or did not read the warning and allowed it,well then its past prevention to late.IF something was to execute in the background then it should pop with a warning from its behavior and the user should get the warning which should always be Deny.Prevention from its behavior= Access Denied by user and should = no install, No start run,Nothing written to the drive.Also it builds rules for what was asked of the user to allow or deny and can be easily removed from the rules list.

 

Finally someone who understands my point of view, and isn't just another Zemana fanboi. It does seem many companies are just in it for the money, too bad. But at least some are willing to listen to input from users and make improvements.

That's great that you notified the makers of KeyScrambler about Elite bypassing them, I wasn't aware that it could. Does seem about right that they rely on others to test their programs against real malware for them , I hope you at least got a free copy of the pro version.

 

hmmm.... nothing like that. It was just one of my posts here in the thread about KS and they fixed it pretty fast after that.

It,s too late now to demand a free key.

 

dont worry GesWall is a keylogger killer

 

Yes, GW is great against keyloggers. Actually my system is free of any keyloggers.

The day i need a software to defeat an active keylogger, i believe my security has failed.

 

Ehhh, what does it mean ?

 

According to the GesWall website GW 2.8 blocks against screen and clipboard logging. Does anyone know how effective GW is in doing this?

 

Very effective against all keyloggers except web cam loggers.

 

Agree, No doubt Geswall rocks.

 

that is good againts keyloggers

 

How good is GesWall against movie style screen recorders?

 

Hmmm.... not sure. I can test if you have a POC/ utility etc?

 

Sorry whats a POC/utility?

 

Any software that is movie style screen recorder and I might try that in GW.

 

Ah I guessed as much but wasnt sure. Sorry but I dont really have access to any malware. Im a noob and would rather not deal with real malware yet. I guess we will have to turn to our buddies at Wilders.

How about it, anyone in the forum at large can provide aigle with a movie style screen recorder for him to test GesWall with?

 

Hi Terry,

Try System Shield from Usec.at: http://www.usec.at/ushields.html at the bottom of the page, please.

You will see!

And give your impressions!

PRO