Anti-keylogger

Discussion in 'other anti-malware software' started by Alexx, Nov 29, 2004.

Thread Status:
Not open for further replies.
  1. Alexx

    Alexx Guest

    Any information about this software? Found here: anti-keyloggers.com.

    Thanks.
     
  2. eisefr

    eisefr Registered Member

    Joined:
    Nov 23, 2004
    Posts:
    153
    Location:
    Germany
    No info's about this one... I think it would be hardly possible for someone to install a keylogger on my computer. :D
     
  3. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    Just use a good Anti-trojan/AV with Spybot and adaware. More than enough.
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    ProcessGuard will stop keyloggers dead without the need for definitions and protect all your vital processes.

    Pilli :)
     
  5. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    Show him how it works... show him how it works!!!!
    ...It's pretty nice to see PG in action you know...
     
  6. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Ah! A challange :)
    Note: I had to allow keyhook.exe to run but it still could not inject the keylog.dll due to ProcGuard's protection. Nice!
     

    Attached Files:

  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Very nice indeed Pilli :D

    Cheers :D
     
  8. Alexx

    Alexx Guest

    Thanks for reply, guys!

    I asked about that product because they say it doesn't use signature base and it helps fight spies which are not well-known in the Web (it is pretty logical, BTW) and no questions asked. That's why I guess Spybot and adaware don't suit me well enough- I'd rather say they are out-of-date at the moment. Who doesn't agree-you're welcome to argue about it :)

    I'd like to hear opinions and comments from those who dealt with this product or the company that developed it. I have a trial version and I'm going to check right now whether it is as good as its name :)

    thx
     
  9. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Alexx, You may be dissapointed to here that there is no easy solution to all the threats around at the moment.

    Regarding the ProcessGuard trial version, this will not give you all of the protection afforded by the full version but will, at least, give you the ability to control any program that tries to run.
    Note the free version only does the first four bolded protections
    FEATURE
    Control application execution
    Protect applications from unwanted termination
    Protect applications from unwanted modification & injection
    Protect applications from unwanted viewing

    Block new and changed programs
    Protect physical memory (prevent operating system vulnerabilities)
    Block Global Hooks (stops keyloggers and password stealers)
    Block unwanted driver/service installation (stops rootkit trojans)
    Block registry DLL injection (stops spyware such as CoolWebSearch)
    Secure Message Handling (protects applications from messages)
    Interface Lock (protects from malicious changes and other users)
    FREE technical support

    I'll try and place these in no particular order of priority and this is not a complete list:)

    1. Patch your OS with the latest security updates
    2. Ensure you use a well configured firewall especially if you are on BroadBand and do not use some sort of router.
    3. Install ProcessGuard which stops many types of malware from runnig including the latest threats such a .dll injection, rootkits etc.
    4. Run a resident Anti virus program, this will stop any email attachments etc. from infecting your system providing the signatures are up to date and use the scanner on any downloads.
    5. Use SpyWareBlaster & run SpyWareGuard (See JavaCool's tools)
    6. If you use Internet Explorer make sure you know how to secure it or use an alternative browser such as FireFox
    7. In addition I would also suggest using a good Anti Trojan program and Anti Spyware program.
    8. The best protection probably sits on top of your shoulders :)

    No security is 100% and that is why Wilders believes in a layered and structured defence and I agree that prevention is far better than cure ;)

    Others will make many more well informed suggestions which I am sure you will find educational.

    Cheers. Pilli
     
    Last edited: Nov 29, 2004
  10. no13

    no13 Retired Major Resident Nutcase

    Joined:
    Sep 28, 2004
    Posts:
    1,327
    Location:
    Wouldn't YOU like to know?
    Yup. No contest with that statement (unless someone feels that its better to be hit by trojans and then spend a month cleaning the mess they leave behind)
     
  11. controler

    controler Guest

    Hi

    I was wondering if PG notices a program taking screen shots?

    Thanks

    Bruce
     
  12. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Controller, It certainly does if you have not given explicit permission for the screenshot program to run.

    Cheers. Pilli
     

    Attached Files:

  13. controler

    controler Guest

    Since I have not been following PG much, I have one more question.

    some commercial monitoring programs use processes of program products with knowingly permitted access to the Internet (browsers, mail clients, etc.) As a rule the user must permit them accessing the Internet.

    If IE is givin permission to access the intenet for example, does PG still detect the other program trying to se the same process?

    Thank you

    Bruce
     
  14. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Bruce, Not sure exactly what mean but I'll try to answer anyway :)
    With ProcessGuard you have several layers of protection.
    Initially you have Execution Protection which makes a checksum of your trusted program, any change will be flagged to the user.
    Next you have the Protection list, here is where you add your system and security programs. Once on the protection list a program cannot be killed modified or injected by malware providing you use the four general protection tabs but protected list programs can be allowed to change each other if necessary.
    Regarding IE. If another program required access to it's memory space such as .dll injection, sat a hook or change the IE .exe then the user would be alerted. Though most of the problem with IE is that it's default settings allow users to make bad decisions based on scripting and active x which is not under PG's control.

    HTH Pilli
     
  15. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    I am of the opinion that if your computer already has a keylogger on it that you're un-aware of - totally hooked in, hidden and functioning with all the allowances it needs - then subsequent installation of PG (or any other such-like program) may not tip the average user off that it's there, simply because of the way PG gets set-up in "Learning Mode" (where you run all your "trusted" programs).

    That's why I always recommend that anyone with even the least bit of concern about being keylogged purchase a good dedicated anti-keylogger program (I use SpyCop) to check for pre-exising keyloggers on the computer in question before relying on any other subsequently-installed program to keep you keylogger-free thereafter.

    The only scenario I can envision where you wouldn't need to do this is if you did a complete low-level reformat of your computer and a complete re-install of the OS (offline, using CD's to put in the updates) - then installing PG ( or a like) program - but even then you'd still be reliant on the computer owner being savvy enough about what he/she's seeing as regards PG alerts to keep themselves clean.

    To me, it's simply easier to rely on a dedicated anti-keylogger program - if keylogger-detection is your primary concern. Pete
     
  16. computercop

    computercop Guest

    I agree with Spy1, but doesn't Spycop just detect KNOWN commercial keyloggers? Now what if I write my own keylogger, would Spycop still find it? That's where I feel a program like Anti-Keylogger comes in. It will find keyloggers that the "signature based" Spycop could miss, and therefore is a valuable program to add to ones arsenal imo. Not that Spycop is useless, far from it, Spycop is a valuable program to have along with Anti-Keylogger to better cover yourself, if you can afford to buy both. Otherwise I would probably just go with Anti-Keylogger myself. Also Security Task Manager is a lower cost program that is very useful in detecting keyloggers too.
     
  17. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    I notice that SnoopFree Privacy Shield is up to version 1.0.5, and that it's now simply donationware instead of payware?

    http://www.snoopfree.com/default.htm

    Interesting. Pete
     
  18. controler

    controler Guest

    well said Pete

    One thing alot forget is ease of use. LIke I said I don't know how easy the learning curve is in PG or how good the out of box is but not that many people can do a low level format and reinstall.

    There are many here that just do an image and not really a low level format at all.

    I still use Anti-Keylogger since I have a Lic from a hile back.
    I kinda like the new version that asks no questions. The only thing you need to do is go into the exclusions list and allow programs like Bo Clean ect.
    Anti-Keylogger seems to think some are bad and adds them to the exclude list as not allowing them access at a low level.

    Bruce
     
  19. preAARP

    preAARP Registered Member

    Joined:
    Jun 18, 2004
    Posts:
    6
    preAARP

    FWIW...I just purchased [GLOW]Anti-keylogger[/GLOW] from

    http://www.anti-keyloggers.com/products.html

    and haven't been able to load it (so I can't even get to the point of adding exclusions like BOClean, etc.)...

    I've tried disabling all my resident security-related programs ( NOD32, BOClean, Spybot, Spyware Guard, and Look 'n' Stop) but I still received a prompt that I had an incompatible program installed.

    Several Emails to Anti-keylogger's Tech Support, an attempt for 'real-time' support (option available at the above url), and repeated telephone calls have not yielded a response...

    I would like to see if I have a keylogger already 'embedded' on my system.
     
  20. 3shots

    3shots Guest

    I wouldn't rely on PestPatrol to find keyloggers. It only finds about 30% of them in my tests, and it's mem check (active scanner) is not too good either and still a lot of FPs. Overall PP is an ok anti-spyware/anti-trojan/anti-keylogger, but the all in one packages, like PP, are truly a "jack of all trades, master of none".

    I would rather go with A2 (free) & Ewido (free) for trojan detection. Ad-Aware (free), Spybot (free), X-Cleaner (free), SpywareBlaster (free), SpywareGuard (free), & WinPatrol (free) for spyware blocking/detection. And Snoopfree (free) for keylogger detection. Also System Safety Monitor-[blocks dll injection ect..] (free) along with Process Guard-[to watch SSM] (free). Keep in mind there is some overlap here, A2 will find some spyware, X-Cleaner will find some keyloggers, WinPatrol will block some trojans ect... ect...
     
  21. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    I also had trouble with Anti-Keyloggers. SnoopFree will detect any programs that have obtained global hooks. However, I seem to recall that it installed a rootkit which I was not too happy about. However, it will give you information regarding programs that are acquiring global hooks.

    For proactive protection - i.e. preventing any keyloggers from installing - I would recommend ProcessGuard which also prevents dll injections as well as rootkit installation. In my experiences, PG provides the best overall protection and stability. SSM provides similar capabilities, but the last time I tried it, which was about 2 months ago, it played havoc on my machine. I had to take it off.

    Rich
     
  22. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC

    "installed a rootkit"o_O? Huh? I had to let it install drivers and a global hook in ProcessGuard when setting it up - but a rootkit? Pete
     
  23. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Yes, I seem to recall something like that. But it was a while ago.

    Rich
     
  24. controler

    controler Guest

    preAARP

    I have seen times with the GUI doesn't show but the driver was stil loaded.
    What OS are you using?
    Any other programs that would stop it from loading like PG, ect.?
    Yes their support lacks LOL
    I have always had luck with the Yahoo Im mod.

    I am sure we can figure it out and if not, there is a 30 day money back.

    Bruce
     
  25. snichols

    snichols Guest

    FYI:

    SnoopFree Privacy Shield does not install a "rootkit" per se. It hooks the OS to watch for suspicious activity. Of course, the hooking process issomething that rootkit programs also do.

    steve
     
Loading...
Thread Status:
Not open for further replies.