SpyShelter va Zemmana AntiKeyloger? Which one?

Which one would you choose and why?
Who makes Zemmana? U.S. ?

 

Who makes Zemmana? U.S. ?[/QUOTE]
Zemana comes from Turkey.

 

zemana : made in turkey

64 bit windows : spyshelter ( 64 bit windows zemana : only works hips module )

32 bit windows : zemana

 

Oh wait so Zemmana does not protect 64bit windows as fully as spyshelter does?

Now will this conflict or be redudant on 64bit?:
1) Mamutu
2) OA (HIPS and WALL)
3) Zemana
4) Spyshelter


(Sucks since I just recently purchased 1 year of ZEmanna)

 

With OA you might not need any of these two.

 

For one this configuration is a great overlap and the first item I'd excluded is mamutu for it does nothing that any of the other three cannot do. The other three are all solid programs which have their strong and weak sides. The choice depends on the personal taste, but to run them at the same time is not too good idea.

 

Neither. They're unnecessary, because I have SRP, CF, and SB (w/ Internet Restrictions).

 

This is not enough to protect your sensitive information from leaking out (if you have any, of course).

 

i would chose neither as well and i have tried both.

Zemana i won't use because i find it too expensive for what it does.
Spyshelter i won't use because it totally borked my system when i tried it.
too many bloody kernel hooking.

 

Not even close. SS just added a restricted mode to the x64 version where as Zemana still doesnt detect anything.

http://pc-babble.blogspot.com/2010/11/spysheler-x64-premium-vs-zemana.html

 

SRP prevents execution outside of whitelist. Comodo Firewall monitors for unknown connections and modifications. Sandboxie isolates malware, and only allows browser and plugins to access internet.
If that's not enough, then you are sadly mistaken.

 

I'm afraid you are very mistaken, for a false belief is always a great mistake.

1.) Comodo Firewall monitors for unknown connections, but in default config it is very dependent on AV part and is very weak against tricked beasts. This is confirmed by a lot of independent testing. To be strong against the tricks you need to configure it in a way that renders it unusable.

2.) Sandboxie is really great program, but it doesn't isolate malware until you run it in sandbox. And even in sandbox (until manually configured) it allows malware to read your sensitive data and to send it out by DDE command to IE that is launched outside sandbox.

 

Wow. Guess you should work for Tzuk.

Comodo with Def+ and its auto sandbox feature is nearly impossible to bypass even in the default state.

 

OK. I'll be short on words, just one example:

https://www.wilderssecurity.com/showpost.php?p=1864421&postcount=2

(I can find more if you need).

 

IE is still in sandbox when launched via commands (DDE, OLE etc.). Confirmed.

Anyway, as you've said, SBIE can be config'd to restrict outbound network access for sandboxed programs... (which, of course, implies that you have to run said programs in the SB in the first place)

 

Could you explain this a tad more clearly? It's a bit confusing.
Is IE Internet Explorer? If so, how about other browsers?
And how about the limited use inside the box?
And how about when you close Sandboxie and delete the contents?

 

The combination that works for me in the past :
OA+mamutu
SS+mamutu

Never use zemana since I move to 64bit windows.
Zemana 64bit version gives u a very minimal protection, it feels like a rushed release

Mamutu is a behaviour blocker, it won't interfere much with hips module on the other three. The most complete protection of the three should be OA+Mamutu.
But personally I love SS+mamutu, since it is light on the system.

@Jose Lisbon : I believe what alex_s means would be all internet explorer (not only microsoft IE). And u can read 3x0gR13N statement on post 15 for some peace of mind

 

I don't think he does, and I don't think there's one word in his posts that could lead to such conclusion.

 

I mean the case where IE is started out of sandbox (by a user, for example). Malware in sandbox is allowed to send DDE command to IE out of sandbox which makes IE to connect to any URL.

I tested it for a purpose just a month ago. I still confirm that SB is a great program and its sandbox is the greatest one out there. It is rather about false confidence

 

And I've done the same test here (32 bit system) a few moments ago: IE running on native system (and IE not running on native system as a consequence of sandboxed program launching it)=> sandboxed program isn't able to manipulate or launch IE outside the SB.

 

Try DDEtest from matousec with default SB settings

 

Already did when I made my previous post. Nothing happens to IE that is running outside the SB.
Default config.

 

Hm .. I confirm that now on my Vista nothing happens as well. But it surely happened one month ago on other test system. I have not access now to that system, but I have a guess that it might be x64. Another guess is there could be SB update since then

 

Tried both Zemana and SpyShelter on my 32 bit Win XP system.

SpyShelter did some bad things (including disabling my keyboard twice).

Zemana failed its own and some other keylogger tests when paired with PrivateFirewall (with the HIPS in PF disabled).

I much prefer Online Armor paired with Sandboxie. Of course YMMV but it's a combination that works for me and continues to earn my confidence.

 

uff... I thought there was something wrong with Sandboxie (my favourite app).
Now I understand that none of you really knows what he/she's talking about.