SpyShelter new leak test tool has been released

SpyShelter new leak test tool has been released
I asked them for some example, so they created keylogger based on this leak.

Note about kaspersky; I click restrict. When i click block, leak test doesnt work, it is not surprise.

 

Thanks guest

 

nice

 

Small correction. KIS passes the test. You only need to either disable automatic mode or use the Virtual keyboard.

 

Sory, You are wrong. KIS failed.
It is not SSLT v1.4 keylogger test.
You can see new test there see picture
I have real app based on that leak (keylogger)

 

Ooops, yes you're right, didn't notice the icon is different in the screenshot.
Any idea when it's going to be posted on their site, or can you PM me the leak test?

 

Screenshot from test

 

WOOO i had 100% trust in Zemana
I know this is another lame test but it still counts

 

the link to download pls?

 

It's on the SpyShelter website unter the video
But here you have: -http://www.spyshelter.com/download/AntiTest.exe-

 

The newest SpyShelter new leak test tool is flagged like suspicious by Avast.

I sent to Avast'support a False Positive warning.

SpyShelter is working like a charm here - with System Protection only enable, a very good Real Time Protection!!!

 

It was also detected by PrevX, Panda, Avast, and G-Data. I reported to Panda and they confirmed it is clean.

 

I upload virustotal. Result: 0/43 no dedection!
Vendors can download from virustotal.com that file, MD5:8705a896c0e3d3da485188f1147247be

 

Also detected by Norton as medium risk, and quarantined, unfortunately.

 

Odd when ever I download Antitest.exe I get MD5: 41f1e55475c4806642cda2f7b519d523

This file has detects from: PrevX, Quickheal, Avast!, and G-Data (Avast Engine)

 

detected by Comodo av also

 

My comodo AV didn't detect it.

Comodo in Safe Mode with no sandboxing passed all except WebCam, Sound Record and screenshot tests 4 & 5.

 

A month or so ago, a friend became concerned about the possibility of a keylogger getting installed. A bit of searching around the internet reveals that there have been some exploits. Below are some that I found. Based on this, I determined that one's security against remote code execution exploits, and secure policies about not responding to spam protect adequately against a keylogger being installed -- it's just another binary executable.

Perhaps I've missed something, so I'm curious why one would want a product that actively monitors a keylogger being installed. Are there other ways a keylogger can get installed besides the methods described below?

By the way, based on what other vendors have written in the past about flagging test executables, it would seem the best proof would be to test with a real keylogger malware executable, and not a leak test.

----
rich



REFERENCES

CVE-2010-0806 Exploit in the Wild
http://research.zscaler.com/2010/04/cve-2010-0806-exploit-in-wild.html
MS10-018

Worth reading if you suspect you have recently contracted a Keylogger
Wed, Dec 31 2008
http://www.curse.com/forums/p/71996/376192.aspx

EXPLOIT of IE6 Vulnerability in the Wild
April 2006
http://www.nist.org/news.php?extend.102

Flash player exploit installs keylogger
Aug 2005
http://www.tacticalgamer.com/hardwa...-flash-player-exploit-installs-keylogger.html

Cyber criminals using eCards to deliver malicious rootkit and keylogger exploits
http://www.keylogger.org/news-world...ious-rootkit-and-keylogger-exploits-1209.html

Key Logger Malware: Key Stroke and Screen Capture
October 6, 2008
http://webcache.googleusercontent.c...y-logger-malware.pdf keylogger exploits&hl=en

Common spam hides keylogger Trojan
Trojan: Mal/Zbot-U
http://www.sophos.com/security/threat-spotlight/061810-threat-spotlight.html

Windows Shortcut Vulnerability keylogger
Troj/Chymin-A
http://www.sophos.com/security/threat-spotlight/073010-threat-spotlight.html

------------end references-----------------------

 

I usually turn off keyboard and screen monitoring in Comodo. The chances that 1) I will download a keylogger 2) the AV scan won't catch it, and 3) the firewall won't block it, are pretty slim.

 

Hi guest! What is this test? The file I downloaded is named antitest.exe and has a GUI.

 

To be fair, I tested it against Prevx, and it was detected immediately. However, I 'infected' myself on purpose to see how Prevx did when being 'infected'.

Prevx SafeOnline could not stand a chance against this new TestTool. Even though settings at max on a https site, it could take screenshots, log my keystrokes and access to my clipboard.

What a piece of wonderful TestTool!

 

I tried it.... I let it RUN!!! Prevx Passed all tests except all the System Protection and Screenshot tests.


Prevx SafeOnline latest stable build. v.3.0.5.199 Settings: MAXIMUM
TestTool: Running as Admin
Browsers: Running as Admin

Prevx Detected the tool (but I let it run and infect me)

Browser: Opera

• Keylog (Passed)
• Webcam (N/A) (I don't have a webcam LOL)
• Clipboard (Passed)
• SYSTEM PROTECTION test (All tests failed)
• Screenshot tests (All tests failed but...)

Browser: Internet Explorer

• Keylog (Failed)
• Webcam (N/A) (I don't have a webcam LOL)
• Clipboard (Passed)
• SYSTEM PROTECTION test (All tests failed)
• Screenshot tests (All tests failed but...)

Browser: SRWare Iron

• Keylog (Failed)
• Webcam (N/A) (I don't have a webcam LOL)
• Clipboard (Passed)
• SYSTEM PROTECTION test (All tests failed)
• Screenshot tests (All tests failed but...)

You had to make Spyshelter TestTool the main window to click the screenshot button... thus Prevx does not intercept screenshots since you have to make the browser the main window for Prevx to block the screenshot. (not really a fail for me but still. as long as it can take screenshot even a tiny corner of my browser I consider it a fail)

 

Can anyone try KeySrambler?

Thanks

 

Can't you ?

 

Keyscrambler PASSED Keylogging test.
the rest FAILED


Other tests here