New keylogger tests from Zemana

Discussion in 'other anti-malware software' started by aigle, Aug 21, 2008.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    http://www.zemana.com/list/list.asp?ktgr_id=413

    Hmmm... It,s interesting. Much failure.

    CFP

    Key Logger Simulation Test - - - - - PASS
    Screen-Logger Simulation Test - - - PASS
    Webcam Logger Simulation Test - - FAIL
    Clipboard Logger Simulation Test - - FAIL
    SSL Logger Simulation Test - - - - - POC not Available so far

    EQSecure

    Key Logger Simulation Test - - - - - FAIL
    Screen-Logger Simulation Test - - - FAIL
    Webcam Logger Simulation Test - - FAIL
    Clipboard Logger Simulation Test - - FAIL
    SSL Logger Simulation Test - - - - - POC not Available so far

    GesWall

    Key Logger Simulation Test - - - - - FAIL PASS
    Screen-Logger Simulation Test - - - FAIL
    Webcam Logger Simulation Test - - FAIL
    Clipboard Logger Simulation Test - - FAIL
    SSL Logger Simulation Test - - - - - POC not Available so far

    Older thread is here.

    https://www.wilderssecurity.com/showthread.php?t=204941
     
    Last edited: Aug 22, 2008
  2. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland


    Hi,

    Process Guard v 3.410 can block these tests.
     

    Attached Files:

  3. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Test two.
     

    Attached Files:

  4. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Test three.
     

    Attached Files:

  5. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Test four.
     

    Attached Files:

  6. CogitoErgoSum

    CogitoErgoSum Registered Member

    Joined:
    Aug 22, 2005
    Posts:
    641
    Location:
    Cerritos, California
    For those who are interested,

    I personally tested DefenseWall v2.45 against three of the four available Zemana security tests. The results are below.

    Key-Logger Simulation Test.........PASS(*Note: Pop-up notification allowed me to terminate the attempt on the spot.)
    Screen-Logger Simulation Test.....PASS(*Note: Silently blocked attempt.)
    WebCam-Logger Simulation Test..?(*Note: I was not able to test because I do not have a webcam.)
    Clipboard-Logger Simulation Test..PASS(*Note: Retested. Pop-up notification allowed me to terminate the attempt on the spot. Please take a look at the following link for instructions on how to properly conduct this test - https://www.wilderssecurity.com/showpost.php?p=1303569&postcount=40 )


    Peace & Gratitude,

    CogitoErgoSum
     
    Last edited: Aug 22, 2008
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    @ the mul

    It,s not an execution test. Any HIPS can do what PG is doing. Allow the test to run and then see if PG intercepts the actula logging attempt.
     

    Attached Files:

    Last edited: Aug 21, 2008
  8. Remouald

    Remouald Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    99
    @the mul: you must allow the execution of the software and then see if PG block the loggers.

    EDIT: oups, aigle beat me on this :)
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    That,s good. Anyone can test WebCam test with DW?
     
  10. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Hi aigle,

    I have allowed PG to run the keylogger test and outpost pro 2009 blocked this test.
     

    Attached Files:

  11. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Here is the result after blocking the test with outpost pro firewall 2009.
     

    Attached Files:

  12. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    That,s a PASS indeed for Outpost FW. :thumb:
     
  13. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    Tested..........It's a fail. :mad:
     
  14. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    What about other test from Zemana against OP (not just first keylogg)?
    Screen logger and Clipboard logger will be interesting to see against OP...
     
    Last edited: Aug 21, 2008
  15. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    At least Defensewall passed 2 of 4. Look at geswall god it failed bad:oops:
     
  16. Metting

    Metting Registered Member

    Joined:
    Aug 3, 2006
    Posts:
    100
    SSM 2.4.0.621

    Key Logger Simulation Test - - - - - PASS
    Screen-Logger Simulation Test - - - FAIL
    Webcam Logger Simulation Test - - FAIL
    Clipboard Logger Simulation Test - - FAIL
    SSL Logger Simulation Test - - - - - POC not Available so far

    :'( :'(
     
  17. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Aigle thanks once again for the testing great work.:thumb:
     
  18. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,151
    Location:
    PA
    How does Outpost 2009 do against the other tests?
     
  19. Metting

    Metting Registered Member

    Joined:
    Aug 3, 2006
    Posts:
    100
    it failed all these tests :oops:
     
  20. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    @CogitoErgoSum I tested DW version 2.45 on default settings. My results are a bit different.

    Key-Logger Simulation Test......... DW gave keylogging warning with option to termiante the keylogger but no way to just block the keylogging
    Screen-Logger Simulation Test..... Fail
    WebCam-Logger Simulation Test... Fail
    Clipboard-Logger Simulation Test.. DW gave keylogging warning with option to termiante the clipbaord logger but no way to just block the clipboard logging.

    1.jpg
    2.jpg
    3.jpg
     
  21. Atomic_Ed

    Atomic_Ed Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    389
    Has anyone tried this with Mcafee to see if it can block this as well?
     
  22. ruinebabine

    ruinebabine Registered Member

    Joined:
    Aug 6, 2007
    Posts:
    1,097
    Location:
    QC
    SSM 2.4.0.621: Same results here (but no webcam)

    DW v2.45

    Key Logger Simulation Test - - - - - PASS
    Screen-Logger Simulation Test - - - PASS
    [ Webcam Logger Simulation Test - - no webcam ]
    Clipboard Logger Simulation Test - - FAIL
     
  23. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,151
    Location:
    PA
    Doesn't Outpost at least pass the Key Logger Simulation Test, based on the screenshot above?
     
  24. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Ok some confusion Screen logger passed from your testing,for some others it failed.strange in consistent results, configuration perhaps.:doubt:
     
  25. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    They refused to give me any POC for this. But I think I have found two POCs( not sure) so I tried them.

    !- SIW.exe from

    http://www.gtopala.com/

    Run and go to Tools> Eureka and follow the pictures.

    2- Sownload Revelation from here.

    http://snadboy.com/

    And follow the pictures;

    Results: CFP, GW, DW, OA free, SafeSpace all passed
    EQS failed with revelation and passed with SIW

    a.jpg
    b.jpg
    aa.jpg
     
Loading...
Thread Status:
Not open for further replies.