Comodo Question

Sorry Ron for posting a direct download. Wasn't thinking. If you guys go to SpyShelter.com at the bottom of the page you will find the link.

Spyshelter invites anyone to test their setup by opening the .exe and do the tests to see how well you are protected.

I'd like to compare Comodo & OLA etc but I can't do it here right now.

 

At preferred settings CIS 5.8 will not allow the hooks, which is unsurprising as these are common methods and have been out for a while. But will it prevent a new keylogger working by a new method from stealing data?

The real deficiency in these keylogging tests is that they invariably will ignore the second and equally important part of a successful keylogger- can it transmit data to the collector? You will find that applications running in the CIS sandbox will either be blocked outright (eg Trojan Downloaders) from connecting to the internet, or when a connection is attempted an Outgoing Firewall alert will appear.

So yes, CIS will stop the Antitest hooks (wowie zowie), but it will also prevent data theft from keyloggers working by novel methods by blocking transmission.

ps- As excellent as CIS is, it will not protect against being stupid. If you ever have a non-geek use CIS I would STRONGLY suggest that popup alerts are suppressed and that Comodo will automatically block things. We've seen in various focus groups that even people that should know better will override alerts and let stuff through (this not being specific to CIS by any means).

 

very true good explanation thanks alot for your time

 

CIS v5.8

detected by AV (at download),
detected at execution by cloud & D+
sandboxed at execution.

test by allowing it to run just with D+ and with sandbox & AV disabled:

keylogging: pass (cloud & D+)
webcam capture: pass (cloud & D+)
screenshots: pass all (cloud & D+)
clipboard: pass (cloud & D+)
system protection: pass (cloud & D+)
sound record: fail (a feature made for spyshelter)