Refog keylogger not detected by some antiviruses

Discussion in 'other anti-virus software' started by wallpapers, Feb 25, 2014.

Thread Status:
Not open for further replies.
  1. wallpapers

    wallpapers Registered Member

    Joined:
    Jun 15, 2012
    Posts:
    42
    I found this keylogger -https://www.refog.com/- and it's not detected by most antiviruses, I looked at the forums and the excuse seems to be: "it's not malware, it's a tool to protect children". How can this be accepted ? If such software is whitelisted then there is no doubt government malware is also whitelisted because "it's to protect you against terrorists". Since this discovery I stopped using my current antivirus and choose another. Should "approved" malware be whitelisted by default by antiviruses or leave the choice to users ? What do you think about that ? :blink:

    ~ VirusTotal Results Removed per Policy ~
     
    Last edited by a moderator: Feb 25, 2014
  2. avman1995

    avman1995 Registered Member

    Joined:
    Sep 24, 2012
    Posts:
    944
    Location:
    india
    360 IS missed it....but it didnt allow it do damage for sure.

    It installed without a hitch from 360 but as soon as it tried to key log me in the VM proactive defense detected it and sternly warned me to block it also I got a unknown driver loading warning from 360 I said it to block it all and then this program was constantly being blocked by 360 whenever it tried to do something bad.

    So with 360 something like this cant go further atleast with proactive protection. :thumb:
     
  3. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    It's not detected as "malware" because it's designed to do exactly this. Same thing with the Spector software, companys or parents can install them to track their employees or parents to track their children. Or children can install them to track their parents. :D

    From the website...
    I think most vendors detect monitoring softwares like Spector or Refog like Potentially unsafe/unwanted apps. In most products it's an optional detection category and needs to be enabled by the user.

    IMO the parent above in the quote could have started using a DNS service like OpenDNS Familyshield, or K9 from Bluecoat. Anything would have been better than starting to use monitoring software.
     
  4. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    If you want to block porn then a DNS service can be very useful, but social networks can be the biggest danger to children. You may still want to allow them to use something like Facebook, but you may still want to monitor who they are talking to. I know of many cases of child predators, and even murder cases where the child meet the person on Facebook, or Myspace. I'm not saying a keylogger is the way to go, but a DNS service will not protect your child from a child predator unless you decide to totally block all Social Networks. Most parents I know allow their child to use something like Facebook, but need to monitor who they are talking to. A DNS service would not help in scenarios like this.
     
  5. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Commercial keyloggers aren't malware. They belong into PUP zone.
     
  6. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Just to let you know, they are still malware. I used to use a commercial keylogger at my school when i was 15 to grab other students passwords. I was not doing anything wrong, because I was just curious about how keyloggers worked and never did anything with the information, but other less curious more malicious people can use commercial keyloggers for wrong doing. In my eyes the only difference between a commercial keylogger and an noncommercial keylogger is one legitimatizes itself by paying taxes.

    I also find parents that hate the government spying on them but also low jack their children's computers kinda funny. Government looks at its people like its own children and spy's on them because it thinks they are not entitled to make smart choices and parents do the same. I think keylogging of all forms are wrong. Use DNS settings and passive blocking "non-logging" software is what should be used to keep your children safe online. If you worry about them using Facebook they probably are not old enough that you should be letting them use Facebook anyway.
     
  7. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Either they are allowed to use facebook without a parent logging the activites, or they shouldn't let their kid use facebook at all. And that's easily done by blocking "social networking" sites by using a DNS service. Just like some companies block facebook to prevent their employees from using it during work time.

    I mean it's not like the parents have explained to the kid "if you're going to use facebook mom & dad will know about everything you do on facebook, is that OK with you?"

    And what about the kids phone, would they install an app that sends the parent a sms everytime the child sends a sms or makes a call to a friend. Where does it end, it's about trust, and having rules with your kids. Obviously some kids are worse than others with drugs and alcohol and whatever but those are not the ones I talk about, I am talking about normal kids that doesn't do much wrong in life.

    The teenagers that thinks that drugs and alcochol is making their life more fun parents can track them as long as they want and do what ever it takes to get them off that crap before it's too late.
     
  8. phyniks

    phyniks Registered Member

    Joined:
    Jun 3, 2011
    Posts:
    258
    I sent some of their products for ESET and here is the result:
     

    Attached Files:

    • 2.PNG
      2.PNG
      File size:
      33.8 KB
      Views:
      108
    • 1.PNG
      1.PNG
      File size:
      81.4 KB
      Views:
      110
  9. Narxis

    Narxis Registered Member

    Joined:
    Jun 10, 2009
    Posts:
    477
    That's nice phyniks! ESET is fast.
     
  10. phyniks

    phyniks Registered Member

    Joined:
    Jun 3, 2011
    Posts:
    258
    You r welcome Narxis

    Yes they re really fast (I had sent them at 5:30 A.M and the answer was there at 12;27 P.M)
     

    Attached Files:

    • 3.PNG
      3.PNG
      File size:
      39.2 KB
      Views:
      14
  11. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Panda labels it as "Goodware" in their software, which is pretty disappointing. I did however send it in again to try and get a reclassification.
     
  12. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    What makes you think its whitelisted? The fact that it's not detected would be due to the fact that AV software has not added detection for it.

    As RejZoR already posted:
     
  13. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    Oh they most certainly are legal malware :)
     
  14. wallpapers

    wallpapers Registered Member

    Joined:
    Jun 15, 2012
    Posts:
    42
    It's impossible they don't know about it. Also it's ok if they choose to put it in the pup zone but then antiviruses should report pup detection to users by default. I suggest detection name: "win32.totally.legit.goodware.notmalware.recording.everything.you.type.move.along.citizen" :D
     
    Last edited: Feb 28, 2014
  15. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    How it is impossible? I'm sure not all AV companies test every commercial keylogger.
     
  16. phyniks

    phyniks Registered Member

    Joined:
    Jun 3, 2011
    Posts:
    258
    I dont know anout the other keyloggers....but refog's is a malware

    Avira Analysis:
     

    Attached Files:

    • 56.PNG
      56.PNG
      File size:
      43 KB
      Views:
      33
  17. jack76

    jack76 Registered Member

    Joined:
    Jul 3, 2009
    Posts:
    72
    Location:
    Helvetin Kylm
    Using this kind of software is illegal here :D
     
  18. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I have to respectfully disagree. I don't see any reason in using a keylogger as I already said, but depending on the age of the child the parents have every right in the world to monitor their kids online activity. I know many parents that do the best they can to monitor their child's online activity, and they do not hide it from their child. They openly talk to their child about what is ok, and what is not ok. Then if they see online activity that their child is involved in that is risky then they talk to their child about it, and take reasonable measures necessary to correct that behavior if any are needed. I believe that is the best way to go about it. Their is no deception involved at all. The parent is the parent, and the child is only a child. Our family just caught someone with a fake profile that had been talking to my 12 year old cousin on facebook making sexual comments, and we had him blocked (assuming it was a male). Then we talked to her about it. If parents decide to monitor their child's online activity then that is being a good parent to me. If other parents decide to not monitor their child's online activity then that's their choice, but to say parents that do monitor their child's online activity are bad is just totally wrong.
     
    Last edited: Feb 28, 2014
  19. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Sure all parents tackle this in different ways, some obviously do it with the help of special softwares, and some does it differently.

    I'm wondering, did your 12 year old cousin know "before" they talked to her about it, that the person making those sexual comments was a person she should "ignore" and not take any serious and should not respond to?
     
  20. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    13,269
    Location:
    Ontario, Canada
    WSA detects it during download.

    TH

    2014-03-01_15-14-02.png
     
  21. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    Virustotal gives 11/50 detected for personal-monitor.exe and 12/50 for keylogger.exe. In most cases, the detections are labelled as keylog, PUA/PUP or riskware. Even Kaspersky tags it as not-a-virus.
     
  22. SnowFlakes

    SnowFlakes Registered Member

    Joined:
    Jun 29, 2011
    Posts:
    194
    How about Mcafee, Bitdefender, and Symantec ? does they detect this file ?
     
  23. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,741
    Location:
    UK
    As of this posting, McAfee is the only one out of those that detects the keylogger.exe file as Keylog-Refog.
     
  24. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    I suspect he was trying to lure young girls to meet in person, or just trying to get illegal photos of them. I talked to her about it, and she said she knew better than to give him any personal info about herself. She should not have added him as a friend to begin with. Her mom just banned the person, but he could be reported. The Police would have to have evidence that a crime had been committed before using their already stretched thin resources. I've personally seen close to 50 cases like this over the years were an adult was sexually soliciting a minor over the internet.
     
  25. chabbo

    chabbo Registered Member

    Joined:
    Jun 28, 2009
    Posts:
    370
    Emsisoft website Is This File Safe says This file is infected!
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.