Testing a keylogging program against OA FREE + SnoopFree

I do a fair amount of online shopping and some online banking so I am always pretty paranoid about my details being taken by a keylogger.

I already have Online Armor (FREE version) installed and I decided to throw in SnoopFree alongside OA for some extra protection. I have been very impressed with SnoopFree so far because it seems very quick, light on resources, etc. but I wanted to test it against a real keylogger.

I installed a commercial keylogging program called "All in One keylogger".
As soon as I installed it I got a warning from Online Armor that the keylogger was trying to create a global hook, so I blocked it from doing so.

I then started the keylogger and SnoopFree warned me that it tried to access my screen, so I blocked it from accessing the screen. Shortly after this SnoopFree said it tried to hook my keyboard, so I blocked that too.

Now I was expecting the keylogger to be pretty useless, as it had been blocked by OA from creating a global hook and blocked from accessing my screen and keyboard by SnoopFree.

I opened Firefox and typed some letters in google then checked the logs in the keylogger - somehow it is still able to track my every keystroke...

SnoopFree seems to be doing an excellent job at blocking all screenshots, but does not seem to be blocking it from tracking my keystrokes, even though it is blocked from the keyboard.

How can it still track my keystrokes after being blocked from creating a global hook, accessing the keyboard and the screen?

Here are some screenshots;

Online Armor FREE blocking global hook;


SnoopFree blocking screen access;


SnoopFree blocking keyboard hook;


SnoopFree after keylogger blocked;


SnoopFree logs;

 

I've been testing this some more and have found that it only seems to be able to track letters and words typed in search engines, like google or yahoo.

It has not been able to log any passwords at all and I also sent a test email and it was unable to log any of the email.

Here is what the keylogger can apparently do;

The only things it has been logging are websites visted and words typed in google and yahoo... It has not been able to track any keystrokes in notepad, login details, passwords, emails or screenshots, so I would class this as a success by OA and SnoopFree.

 

Check inside OA that it does not have any IE objects, such as BHO.

And, remember that OAFree does not include full keylogger protection

 

What are IE objects?

I have been very impressed with OA so far. It automatically blocked the keylogger from autorunning, it allowed me to block the keylogger from starting with my PC and more importantly blocked the global hook.

I wish I had switched off SnoopFree to see what happened with just OA running, but I didn't think of that.

OA is by far my favourite firewall I have ever used and I plan to keep using it. I might even upgrade if you have a Christmas sale...

 

As Mike said, it may be a BHO. Check for that.
Try in Opera and see the results.

 

I have already uninstalled the keylogger, but I expect you and Mike are right.
The aim was to see how effective OA free and SnoopFree work together at blocking keyloggers, and I am very happy with the results.

 

Hello,

The best if you want to test you security against keyloggers, is to use AKLT :
http://www.firewallleaktester.com/aklt.htm

It's a free tool I've done enabling you to use 7 different keylogging methods to test your system safely.

Regards,
gkweb.

 

Very nice, I didn't realise that. Thanks a lot!