Spycop / Spy Reveal Anti-keyloggers

Discussion in 'other anti-malware software' started by robtnyc123, Dec 14, 2011.

Thread Status:
Not open for further replies.
  1. robtnyc123

    robtnyc123 Registered Member

    Joined:
    Dec 14, 2011
    Posts:
    4
    Location:
    united states
    Hi. I read a few threads about this topic from a few years ago and was wondering if there was ever a resolution. To recap, Spycop partners had a disagreement and split, forming two companies, Spycop and SpyReveal. Spycop is a real-time scanner, SpyReveal is closer to the original, and is a scanner for after the fact.

    I am paranoid about key-loggers being installed on my personal machines by business partners. (Let's please not go into the ethics, or comments about 'find new business partners', etc...it is what it is.)

    SpyReveal seems to be the ticket...a scanner against the commercially available key-loggers. I know there were trust issues regarding the breakup and formation of new companies, but this seems to be the answer to my concerns. Any input on these programs?

    If not, are there any opinions about preventing/revealing/removing these insidious (commercially available) programs? Zemana vs. Spyshelter vs. Winpatrol, etc. etc.

    Any comments would be greatly appreciated. Thanks.
     
  2. Thankful

    Thankful Savings Monitor

    Joined:
    Feb 28, 2005
    Posts:
    3,736
    Location:
    New York City
    Zemana doesn't have a scanner so it won't catch loggers already on your computer. I can't speak about SpyShelter. Most AVs will catch keyloggers
    already on your system. I remember VIPRE to be especially good at that.
    Other programs to try are Malwarebytes and the Emergency Kit from Emsisoft.
    Zemana is very good at stopping loggers and other malicious programs from getting on your system.
     
  3. robtnyc123

    robtnyc123 Registered Member

    Joined:
    Dec 14, 2011
    Posts:
    4
    Location:
    united states
    Appreciate it Thankful. Any others with input?
     
  4. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    There have been discussions in the past about Anti-Spyware apps not detecting/removing commercial keyloggers (CKs). I would make sure that any scanners you use do not intentionally exclude them. In fact if you can get your hands on the CKs install them yourself and then test the scanners against them. Against general malware I use MBAM, Hitman Pro, and SuperAntispyware, but I can't say from experience how effective they are against CKs.
     
  5. robtnyc123

    robtnyc123 Registered Member

    Joined:
    Dec 14, 2011
    Posts:
    4
    Location:
    united states
    Thanks Victek. MBAM ans SuperAntispyware are NOT effective against CK's. How can I be sure (other than through he testing you mentioned) that scanners don't intentionally exclude CKs?
     
  6. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Google serves up quite a few discussions about it. I would do some reading. Here's one an example:

    https://www.wilderssecurity.com/archive/index.php/t-246664.html

    You could also try contacting the antispyware vendors directly. I don't see why they wouldn't be upfront about it. Regardless I would still use keylogger blocking software such as Zemana AL, Spyshelter, or Keyscrambler. There is also Prevx - see here:

    https://www.wilderssecurity.com/showthread.php?t=246663

    The latest version is called Webroot SecureAnywhere. You could ask the reps directly in their wilders forum. Hope this helps.
     
  7. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,766
    Location:
    Outer space
    Some AV vendors detect them but classify CK's as Potentially Unsafe/Unwanted Programs or another classification that are usually not enabled by default.
     
  8. hugsy

    hugsy Registered Member

    Joined:
    May 22, 2010
    Posts:
    167
    You could try neo's safekeys -aplin.com.au- It will help against many KL already on your machine.
    A good defense against KL coming from the net is.... well... a firewall, AV and common sense or some sandbox thingy.
    Good defense against software KL being installed on your machine locally is password protecting entire PC/laptop (truecrypt, built in hdd-pass, bios startup pass, etc.)
    Good defense against hardware KL is neo's safekeys, perhaps a "guard dog" :)

    For whatever solution you go, please don't choose password containers, they are the first thing a person or KL will try to monitor or attack to gain its master-password, after that it is game over.
     
  9. robtnyc123

    robtnyc123 Registered Member

    Joined:
    Dec 14, 2011
    Posts:
    4
    Location:
    united states
    Thanks all of you for your insights. Very helpful.

    Hugsy...the type of CK I am particularly concerned with is the one that can be installed remotely via e-mail. There is a surprising number of these programs easily available for download and purchase.

    Since these are business partners I have to accept e-mails and open attached files. (There have been occasional warnings from Comodo when Microsoft's conversion feature kicks in to convert an Excel file. Since I upgraded to Office 2010 these have stopped.)

    I am using Avast (free edition), Comodo firewall (free edition) and WinPatrol (free edition) all in real-time. On-demand scanners include MalwareBytes Anti-Malware and SuperAntiSpyware. I recently downloaded a trial version of Prevx 3.0 and ran a scan (clean. I do not run Prevx realtime yet).

    Is this protection adequate?
     
  10. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Assuming you're using Windows XP I would recommend running Prevx "real time". Running the "demo" you will get the full benefit of detection (the ability to clean the system is what you pay for).

    Regarding Winpatrol it provides good information but it's not really an anti-malware app - I wouldn't rely on it for that purpose.

    The comodo firewall with D+ can be very strong depending on how it's configured. There are users on Wilders who can tell you the best settings (I think there's a "paranoid" option :) ).

    Last, there's Hitman Pro, which uses multiple scan engines. It is very effective in my experience. There isn't a freeware version however it will clean the system once for free. Keep it in mind if you get infected at some point (or you think you may be). Hope this helps.

    Additional thought: Use dual authentication when possible to protect accounts. For instance my bank sends a text message to my phone with a unique code every time I login - the password alone is not enough.
     
    Last edited: Dec 19, 2011
  11. hugsy

    hugsy Registered Member

    Joined:
    May 22, 2010
    Posts:
    167
    Your setup is good enough, regarding comodo+, i had it for about a year and it is good, but it will be annoying if you set it to paranoid mode, then it asks you about every single thing you do on the machine. "safe mode" setting should work just fine.
    In my experience, using almost any "security suit" (AV+firewall+sysprotection) will keep you covered in 99 % of the time.
    Anyway..... if i could recommend something, if you are on winxp, use limited user account and full DEP. Later you can enable "software restriction policy" - here is the guide (http://www.mechbgon.com/srp/).
    All of these options are allready built-in the winxp.
     
  12. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    2,564
    PS:
    I re-installed SpyReveal, and posted todays database update in the Updates Alerts forum section.
     
  13. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,828
    Location:
    Last Breath Farm
    I reinstalled it as well.
    Thanks for posting. :)
     
  14. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    thanks
     
Loading...
Thread Status:
Not open for further replies.