Process Guard and keyloggers

Discussion in 'ProcessGuard' started by Blackcat, Jul 16, 2004.

Thread Status:
Not open for further replies.
  1. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Will Process guard protect against keyloggers ?
     
  2. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, Blackcat

    Yes PG protects against Keylogges, you will get a checksum warning of something new trying to start.

    Take Care,
    TheQuest :cool:
     
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,057
    Also Keyloggers have to be able to set a global hook to use the keyboard, so with Block Global Hooks set it could key log even if you let it run.
     
  4. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Many thanks ;)
     
  5. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
  6. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Thanks, Pilli, some good reading here. Just tried the keystroke recorder listed above and PG jumped in straight away :cool:

    I think I have keystroke loggers covered with PG. Good job I checked in here as I was looking at Anti-keylogger;

    https://www.wilderssecurity.com/showthread.php?t=41388
     
    Last edited: Jul 17, 2004
  7. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Hi all

    Whilst I take on board what you are saying about Global Hooks and Keyloggers, I think it is only fair to point out that a lot us (for various reasons) do not have Block Global Hooks enabled. In my case (and that of many others), it is because of the problem with BOClean (well documented elsewhere/earlier in this forum). Also, as mentioned on more than one occasion by one of the DCS team (Wayne?), Block Global Hooks is pretty much experimental and is not for the average (me) user...

    So.. as things stand at the mo, PG is not really the answer to Keyloggers, is it?


    :doubt:
     
  8. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Oremina, Yes, I understand your argument there :) but you still have checksum protection which will jump in if the keylogger tries to execute. So not completeprotection but a whole lot better than nothing. :)
     
  9. Oremina

    Oremina Registered Member

    Joined:
    Mar 28, 2004
    Posts:
    209
    Location:
    England
    Hi Pilli

    Thanks for your quick reply... I was trying to do a "let me come back on this" before your last post, but lost my dialup connection.

    Was going to say, of course program checksums would be the first line of defence and one would have to be pretty loopy to let it run, but, yes, the warning would be there.

    I guess it is just that I will be delighted when Block Global Hooks is sorted and working to everyone's satisfaction and I can use it as it is meant to be used..

    Don't think I was knocking PG... two programs I consider the best I've ever had are PG and (although not from the same stable) BOClean and I look forward to the day when they blend together well... ;)
     
    Last edited: Jul 17, 2004
  10. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    That's OK Oremina, Jason is working on a new version of PG which, hopefully, will be ready in two or three weeks, lots of small bug fixes and improvements. :D
     
Thread Status:
Not open for further replies.