Keyloggers

Discussion in 'ProcessGuard' started by djg05, Jan 26, 2006.

Thread Status:
Not open for further replies.
  1. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    There is a thread running elsewhere on Wilders about Keyloggers. I know PG stops them but in the thread it said not many can stop them at kernel level, in particular "ELITE Keylogger"

    I have the paid version of PG and wonder if it can stop this type.
     
  2. TECHWG

    TECHWG Guest

    sorry i dont think it can
     
  3. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    I guess that something has to execute before the keylogger can do its work, so PG should stop it.
     
  4. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    Thanks

    So we have a 50/50 split. Is there any test I can run to see for myself.

    I did try downloading the Elite Keylogger and Avast immediately through it out. Whether or not that is a true test I do not know.
     
  5. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    I just downloaded Elite keylogger and PG blocked its installation.

    First I had to allow the installation file to run (ek_setup.exe). Then I had to allow windump.exe to run twice (i.e. that's 3 alerts I had to ignore) and then I got a message saying "Error while installing Elite Keylogger". I checked PG log and found that windump.exe was blocked from creating a driver/service named usbkbd.

    HTH
     
  6. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    That's good to know. So we don't need to bother with this other program that is being touted at the moment. PG does a lot more and at a better price - unless anyone knows different.
     
  7. hollywoodpc

    hollywoodpc Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,325
    Absolutely it can ! PG works at the kernel level and CAN stop them cold ! Unless something has changes in the last few months .?
     
  8. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504

    Thanks - I can save my pennies
     
  9. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504
    I see that the help file in 3.2 does address keyloggers or maybe did not see it before.

    The second question is about HIPS. Does or will PG address that intrusion?
     
  10. SpikeyB

    SpikeyB Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    478
    Process Guard is a HIPS.
     
  11. djg05

    djg05 Registered Member

    Joined:
    Apr 6, 2005
    Posts:
    1,504

    Thanks. That is what I have been trying to find out and could not see the information anywhere.

    When I bought PG I did wonder if I had done the right thing, but more and more it seems to cover instances that other programs are just specialising in.
     
Thread Status:
Not open for further replies.