Testing a keylogging program against OA FREE + SnoopFree

Discussion in 'privacy general' started by ChrisBUK, Dec 20, 2007.

Thread Status:
Not open for further replies.
  1. ChrisBUK

    ChrisBUK Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    86
    I do a fair amount of online shopping and some online banking so I am always pretty paranoid about my details being taken by a keylogger.

    I already have Online Armor (FREE version) installed and I decided to throw in SnoopFree alongside OA for some extra protection. I have been very impressed with SnoopFree so far because it seems very quick, light on resources, etc. but I wanted to test it against a real keylogger.

    I installed a commercial keylogging program called "All in One keylogger".
    As soon as I installed it I got a warning from Online Armor that the keylogger was trying to create a global hook, so I blocked it from doing so.

    I then started the keylogger and SnoopFree warned me that it tried to access my screen, so I blocked it from accessing the screen. Shortly after this SnoopFree said it tried to hook my keyboard, so I blocked that too.

    Now I was expecting the keylogger to be pretty useless, as it had been blocked by OA from creating a global hook and blocked from accessing my screen and keyboard by SnoopFree.

    I opened Firefox and typed some letters in google then checked the logs in the keylogger - somehow it is still able to track my every keystroke...

    SnoopFree seems to be doing an excellent job at blocking all screenshots, but does not seem to be blocking it from tracking my keystrokes, even though it is blocked from the keyboard.

    How can it still track my keystrokes after being blocked from creating a global hook, accessing the keyboard and the screen?

    Here are some screenshots;

    Online Armor FREE blocking global hook;
    OA keylog block.JPG

    SnoopFree blocking screen access;
    SF screen.JPG

    SnoopFree blocking keyboard hook;
    SF keyboard.JPG

    SnoopFree after keylogger blocked;
    Snoopfree.JPG

    SnoopFree logs;
    SF logs.JPG
     
    Last edited: Dec 20, 2007
  2. ChrisBUK

    ChrisBUK Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    86
    I've been testing this some more and have found that it only seems to be able to track letters and words typed in search engines, like google or yahoo.

    It has not been able to log any passwords at all and I also sent a test email and it was unable to log any of the email.

    Here is what the keylogger can apparently do;

    The only things it has been logging are websites visted and words typed in google and yahoo... It has not been able to track any keystrokes in notepad, login details, passwords, emails or screenshots, so I would class this as a success by OA and SnoopFree. :thumb:
     
  3. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Check inside OA that it does not have any IE objects, such as BHO.

    And, remember that OAFree does not include full keylogger protection :)
     
  4. ChrisBUK

    ChrisBUK Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    86
    What are IE objects?

    I have been very impressed with OA so far. It automatically blocked the keylogger from autorunning, it allowed me to block the keylogger from starting with my PC and more importantly blocked the global hook.

    I wish I had switched off SnoopFree to see what happened with just OA running, but I didn't think of that. :doubt:

    OA is by far my favourite firewall I have ever used and I plan to keep using it. I might even upgrade if you have a Christmas sale... :D :D
     
  5. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    As Mike said, it may be a BHO. Check for that.
    Try in Opera and see the results.
     
  6. ChrisBUK

    ChrisBUK Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    86
    I have already uninstalled the keylogger, but I expect you and Mike are right.
    The aim was to see how effective OA free and SnoopFree work together at blocking keyloggers, and I am very happy with the results. :thumb:
     
  7. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hello,

    The best if you want to test you security against keyloggers, is to use AKLT :
    http://www.firewallleaktester.com/aklt.htm

    It's a free tool I've done enabling you to use 7 different keylogging methods to test your system safely.

    Regards,
    gkweb.
     
  8. ChrisBUK

    ChrisBUK Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    86
    Very nice, I didn't realise that. Thanks a lot! :thumb:
     
Loading...
Thread Status:
Not open for further replies.