Malware Defender

MD is excellent but other HIPS (OnlineArmor, D+, Spyshelter) offer better detection/protection versus the the full-spectrum of the keylogger genre.

If anyone comes up with rules to strengthen MD's anti-keylogger abilities, please share them. A good test for MD's keylogger rules is at THIS link -- scroll to bottom of the page & grab the download directly under the label "Test security of your PC".

 

Hola Pete-sensei,
Pretty sure. At least, that's the way it looked when I ran the series of tests from the Spyshelter site. MD was spot-on with some of them but somnolent with others.

 

Guys, just want to refresh my mind, does MD has conflicts with EAM?

I'm planning to install it, but want to make sure first

 

I do not know the answer to your question. However, be aware that MD does NOT require a reboot during install. Therefore, you can test it yourself. To wit . . .

+ Install EAM "for real"

+ then go into virtual mode (e.g. Shadow Defender et al) & install MD.

+ If MD & EAM play nicely in virtual mode, they should do so "for real".

 

I had some issues that I posted about on Emsisoft's forum.
The issues I observed did not lend much confidence in running these two apps together IMHO.

 

Damn, i really wanted a good HIPS.
Now that makes me doubt if install it or not

Screw it i'll test it right NOW!!!
Here we go v2.7.2

 

You can always choose a different AV. That's what I decided to do. I have had 0 issues using MD with NOD32 4, F-Secure 2010, avast! 5, Avira 10 Premium, and latest KAV2011. This tells me something is not right with Emsisoft, but who knows?

I'm on XP, so your experience on 7 may be different.

 

How can i see if it's still having the same problems as you?
Want to make sure

 

The simplest way is to download the eicar test file and make sure EAM detects it.

 

BTW, for what is this option in the configuration?

It says something like "Inject mdhook.dll into other processes"

 

There is no setting. Any AV should detect this file.

You can disable mdhook.dll in MD's settings. I don't know if you'll still get the prompt from EAM, but if you do I would say to choose allow.

 

I think wasn't clear hehehe

I was talking about a setting in Malware Defender that said "Inject mdhook.dll into other processes", It is disabled by default by i wanted to know what it does if i enable it.

About the EICAR test file, i'll try it now to see if EAM catches it , I know it's a test file that all AV's detect

 

All at the same time? (Just kidding - I know you're more akamai than that.)

By the way, have you tested MD against Spyshelter's Antitest? I am a big MD fan EXCEPT it seems a bit weak on alerting to all types of keyloggers. Am I wrong?

 

Yes, unfortunately it is.

The last time I tested, it didn't detect clipboard or screen capture tests which were the most important to me. I may have to do some testing of an MD / SpyShelter combination.

 

Noob, from MD's help file......

 

How good is Mamutu detecting keyloggers etc.?

BTW, been using MD in learning mode for the last hour and it seems very stable.
Just had a few issues in the beginning, it was throwing lots of BSOD's.

Tested with the EICAR test file and it detected it every single time.

Thanks man very helpful!

 

Mamutu is VERY weak at the keylogger genre, sad to say.

 

Damn, now considering Zemana as my last layer but not sure if it would conflict with the HIPS and BB

 

Except for Zemana & Spyshelter, the strongest app I have found for protecting against keyloggers is Online Armor (OA). It passes all the tests on Spyshelter's Antitest.exe, except for a couple of the several screenshot exploits.

NOTE: OA is a combination HIPS plus Firewall.

 

Why don't you use your OS internals, see https://www.wilderssecurity.com/showthread.php?t=278014

With A2 and this setup you have a strong , very strong security setup.

 

+1 and Bookmarked

Applied the UAC settings, DEP, SEHOP, and denied execution from downloading directories!

This is worth GOLD!
I'm still thinking about Keyloggers hehehe

 

One of our very experienced Wilers members, Sully creator of PrettyGoodSecurity, has told me he will create a second freeware (called SAFE) which provides all these protections (and hopefully a icacls based on the fly reduction of rights for executables) through scripts. So these tweaks are available for less tech savvy users.

Hopefully Lucy, Tly and ZopZop will help with testing again.

Regards Kees

 

i cant manage to get it down - any ideas? (chs either - 0 bytes)
(other solutions pm pls)

 

Saw some of your other posts on SpyShelter and decided to test it. I've been running it along with MD for about 48 hours now with no problems. I'm kind of surprised that for me they work well together considering the semi similarities of the two.