Hello, Do you know of a good, simple and light antilogger? Free, if possible. I have zemana antilogger 1.7.2 It's an old version but it seems to works nice with keylogger tests. However, there's a couple of things that bother me. - It works "silently". I mean there's no alert if a keylogger is on my computer. It scrambles the keys, no problem, but it doesn't tell me there's a keylogger. - It doesn't prevent print screen logging. - It uses the appinit_dll key in regedit and I think it's a bad idea. What's your opinion? Thank you.
I use KeyScrambler. I'm using the free version which only affects the browser, but I found the pro version problematic with some games so I skipped it when my license expired.
Unless your computer is in a public place where someone without your knowledge can access your computer, you don't need a separate anti-keylogger. Just keep Windows and your normal anti-malware program updated, and don't be click-happy on unsolicited downloads, attachments, popups and links.
Exact , if you need an anti-logger, it means you accept that you have already been compromised, so basically you have lost...time to reformat/reinstall/restore backups.
Is it mean that if you install some AV/IS you accept that you have already been infected? My choice also
Where do i mentioned an AV? read correctly please. An Anti-logger assume that a keylogger is running to detect it, hence all the blocking features (anti-cam, anti-screenshot, anti-mic, etc...) My point is if you have an AV or whatever, you don't need any Antilogger. For example SpS strenght is the HIPS , all the other features are pointless, unless the users tell the HIPS to ignore the logger...
Nowhere...it was "per analogiam": - if you want anti-logger you are compromised - if you want an AV you are infected it's just simple.
Your analogy , not mine because we talking about different things. Your analogy would be true if we talked about old AVs like 20 years ago when they could only scan & detect. Antiloggers were useful then, because "zero-day" loggers would leak datas until a signature could be made. Now AVs have a wide list of features to block loggers before they even execute on the system (HIPS, BB, webfilter, etc...). If you need an Anti-logger it means that you don't have any AV or you don't trust your AVs , because AVs already do what antiloggers do. Simple.
guest, my thought exactly. For a anti keylogger to be of value you already are infected and have a bigger problem
I don´t see any "logic" in this statement. The question was about an antilogger, the answer is that if you need one you are infected? No relation.
Sure is. Why do you need an antilogger, unless you are afraid of getting a keylogger on your system. And the only way you can get on is if you get infected by some malware, at which point you are already infected.
Scroll down to "memory based injection" keyloggers that attack browsers and are employed by banking malware such as Zeus and Spyeye to name a few. Ref.: https://books.google.com/books? id=K2MxCwAAQBAJ&pg=PT78&lpg=PT78&dq=browser+memory+based+keyloggers&source=bl&ots=KM_MNyEnkn&sig=1Y1exMXIeLb0NCqs4_cgproth5U&hl=en&sa=X&ved=0ahUKEwjv-Y6V-bLSAhUF04MKHc-iABEQ6AEISTAH#v=onepage&q=browser%20memory%20based%20keyloggers&f=false
Bit vague, so exactly how to they work. What I mean is the inject into the browser and then what, spawn something else to capture and transmit the keystrokes. What exactly happens.
Here's a detailed analysis of Zeus and Spyeye: http://www.ioactive.com/pdfs/ZeusSpyEyeBankingTrojanAnalysis.pdf . Of note is both of these plus Citadel are constantly evolving to avoid detection. Notable in the Ioactive article is the disabling of Window's Defender which is a trivial activity to perform with this being one of many ways to do so:
guest is right. The point is, if you prevent the keylogger from being installed on your system in the first place - which is easy to do by using a decent anti-malware program and keeping your computer updated, you will never need an anti-keylogger. There's no need to set mouse traps in your house if you seal all the holes a mouse can use to enter.
What an incredibly misleading and now, totally inaccurate article! Note first, the date of that PDF. It is 5 years ago! That means the Windows Defender it was talking about was the old version which an anti-spyware program only. Not the current Windows Defender, a full anti-malware solution found in W8 or W10. Second, if anyone had read that article, it refers to Windows Vista. Gee whiz! That's hardly current since even W7 came out in 2009 (and remember, W7 used the old Windows Defender too). Disabling the current Windows Defender found in W8 and specifically in W10 is no "trivial activity" at all.
Yes, unfortunately it is trivial to do so. Additionally, the only product to completely fail the recent MRG on-line banking botnet tests i.e. Citadel and SpyEye was Windows Defender. But I really don't care if the Microsoft fanboys use WD. The malware developers will thank you for doing so.
Here's a more recent detailed analysis on a Citadel variant named Atmos with interesting options - a few of which I noted below: http://www.xylibox.com/2016/02/citadel-0011-atmos.html
