good antilogger?

Discussion in 'other anti-malware software' started by zagmarfish, Feb 27, 2017.

  1. zagmarfish

    zagmarfish Registered Member

    Joined:
    Feb 27, 2017
    Posts:
    10
    Location:
    europe
    Hello,

    Do you know of a good, simple and light antilogger? Free, if possible. :blink:

    I have zemana antilogger 1.7.2
    It's an old version but it seems to works nice with keylogger tests.
    However, there's a couple of things that bother me.
    - It works "silently". I mean there's no alert if a keylogger is on my computer. It scrambles the keys, no problem, but it doesn't tell me there's a keylogger.
    - It doesn't prevent print screen logging.
    - It uses the appinit_dll key in regedit and I think it's a bad idea.

    What's your opinion?

    Thank you.
     
  2. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
    Agreed - it's a bad idea.
     
  3. Beyonder

    Beyonder Registered Member

    Joined:
    Aug 26, 2011
    Posts:
    545
    I use KeyScrambler. I'm using the free version which only affects the browser, but I found the pro version problematic with some games so I skipped it when my license expired.
     
  4. Eru

    Eru Registered Member

    Joined:
    Mar 23, 2010
    Posts:
    107
    Location:
    Poland - Sosnowiec
    Spyshelter
     
  5. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    3,841
    Location:
    Nebraska, USA
    Unless your computer is in a public place where someone without your knowledge can access your computer, you don't need a separate anti-keylogger. Just keep Windows and your normal anti-malware program updated, and don't be click-happy on unsolicited downloads, attachments, popups and links.
     
  6. Jerry666

    Jerry666 Registered Member

    Joined:
    May 28, 2002
    Posts:
    176
    Spyshelter
     
  7. guest

    guest Guest

    Exact , if you need an anti-logger, it means you accept that you have already been compromised, so basically you have lost...time to reformat/reinstall/restore backups.
     
  8. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    Is it mean that if you install some AV/IS you accept that you have already been infected? o_O

    My choice also
     
  9. guest

    guest Guest

    Where do i mentioned an AV? read correctly please. :cautious:

    An Anti-logger assume that a keylogger is running to detect it, hence all the blocking features (anti-cam, anti-screenshot, anti-mic, etc...)
    My point is if you have an AV or whatever, you don't need any Antilogger.
    For example SpS strenght is the HIPS , all the other features are pointless, unless the users tell the HIPS to ignore the logger...
     
    Last edited by a moderator: Feb 28, 2017
  10. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,973
    Location:
    Poland - Cracow
    Nowhere...it was "per analogiam":
    - if you want anti-logger you are compromised
    - if you want an AV you are infected
    it's just simple.
    :cool:
     
  11. guest

    guest Guest

    Your analogy , not mine because we talking about different things.
    Your analogy would be true if we talked about old AVs like 20 years ago when they could only scan & detect. Antiloggers were useful then, because "zero-day" loggers would leak datas until a signature could be made.
    Now AVs have a wide list of features to block loggers before they even execute on the system (HIPS, BB, webfilter, etc...).

    If you need an Anti-logger it means that you don't have any AV or you don't trust your AVs , because AVs already do what antiloggers do.

    Simple. ;)
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    guest, my thought exactly. For a anti keylogger to be of value you already are infected and have a bigger problem
     
  13. Robin A.

    Robin A. Registered Member

    Joined:
    Feb 25, 2006
    Posts:
    2,546
    I don´t see any "logic" in this statement. The question was about an antilogger, the answer is that if you need one you are infected? No relation.
     
  14. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Sure is. Why do you need an antilogger, unless you are afraid of getting a keylogger on your system. And the only way you can get on is if you get infected by some malware, at which point you are already infected.
     
  15. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
  16. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Bit vague, so exactly how to they work. What I mean is the inject into the browser and then what, spawn something else to capture and transmit the keystrokes. What exactly happens.
     
  17. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
    Here's a detailed analysis of Zeus and Spyeye: http://www.ioactive.com/pdfs/ZeusSpyEyeBankingTrojanAnalysis.pdf . Of note is both of these plus Citadel are constantly evolving to avoid detection.

    Notable in the Ioactive article is the disabling of Window's Defender which is a trivial activity to perform with this being one of many ways to do so:
     
  18. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    3,841
    Location:
    Nebraska, USA
    guest is right. The point is, if you prevent the keylogger from being installed on your system in the first place - which is easy to do by using a decent anti-malware program and keeping your computer updated, you will never need an anti-keylogger.

    There's no need to set mouse traps in your house if you seal all the holes a mouse can use to enter.
     
  19. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590

    Wow that was a heck of a read. I am covered.
     
  20. Bill_Bright

    Bill_Bright Registered Member

    Joined:
    Jun 29, 2007
    Posts:
    3,841
    Location:
    Nebraska, USA
    :( What an incredibly misleading and now, totally inaccurate article!

    Note first, the date of that PDF. It is 5 years ago! That means the Windows Defender it was talking about was the old version which an anti-spyware program only. Not the current Windows Defender, a full anti-malware solution found in W8 or W10.

    Second, if anyone had read that article, it refers to Windows Vista. Gee whiz! That's hardly current since even W7 came out in 2009 (and remember, W7 used the old Windows Defender too).

    Disabling the current Windows Defender found in W8 and specifically in W10 is no "trivial activity" at all.
     
  21. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Good catch Bill. I missed it. Itmano_O
     
  22. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
    Yes, unfortunately it is trivial to do so.

    Additionally, the only product to completely fail the recent MRG on-line banking botnet tests i.e. Citadel and SpyEye was Windows Defender.

    But I really don't care if the Microsoft fanboys use WD. The malware developers will thank you for doing so.
     
    Last edited: Feb 28, 2017
  23. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Is that article really pertinent anymore?
     
  24. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    8,400
    Location:
    U.S.A.
    Here's a more recent detailed analysis on a Citadel variant named Atmos with interesting options - a few of which I noted below: http://www.xylibox.com/2016/02/citadel-0011-atmos.html

     
  25. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Thanks.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.