Which program to stop keyloggers?

Discussion in 'other anti-malware software' started by Gargoyle, Dec 11, 2007.

Thread Status:
Not open for further replies.
  1. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    I thinking about using computers at the university campus and the local internet cafes. Are there any programs I can store on my USB drive that somehow can defeat any keyloggers that are installed? Or just be able to detect them so that I may use another computer?
     
  2. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    You could try Dr.Web CureIt on your USB drive. Its a virus scanner with no install, just an .exe
    The only flaw, is that for keeping it updated, you have to download the whole file again (~5MB). But I don't know if it offers detection of keyloggers.

    Other solution is to try portableApps, and have your own browser (firefox), your own e-mail client (thunderbird), and your own password manager with encryption (Keepass). This way you can travel with your setting and don't need to type a password ever. You can also keep your own bookmarks and stuff there, so it's like working at home.
     
  3. guest

    guest Guest

  4. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    SnoopFree does the job -- jolly good, wot! -- for free.
     
  5. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    2 questions:
    1.- does snoopfree pass all AKLT keylogging tests?
    2.- I didn't see how to put it on an USB drive...can you use it so?
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Q1- It passes all those tests except for one of the two screenshots.

    Q2- I do not know.
     
  7. danny9

    danny9 Departed Friend

    Joined:
    Feb 18, 2004
    Posts:
    678
    Location:
    Clinton Twp. Mi
    I am aware that many here use SnoopFree.
    Just decided to try it, but no go on my system.
    Windows would not even restart.
    Luckily I was able to start up using a backup snapshot with BootBack.
    I think I'll move on to something else. :cool:
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That backup snapshot also removed any possible keylogger on your system as well. :D
     
  9. Blue Ring

    Blue Ring Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    100


    I would consider trying MyPlanetSoft Anti-Keylogger. It's free and claims to be able to block many keyloggers. There is no installation required, so it should run off a Usb drive. It won't stop everything out there, but would still be of help in your situation. http://myplanetsoft.com/free/antikeylog.php

    Also you could try adding Neo's SafeKeys to your portable defense plans. This program is a free on-screen keyboard for inputting passwords. It's a tough one to beat - much superior to the Windows on-screen keyboard. It works well against both hardware and software based keyloggers. An essential tool IMO when inputting passwords on a suspect machine. http://www.aplin.com.au/?p=204

    Another decent antikeylogger app that can be run off a Usb drive is Spycop. While I believe you would have to run a scan first, of the computer in question from the Usb drive (this could take some time) it would still be of help, so I thought I would at least mention it. This is NOT a free program but does a good job against many types of commercial keyloggers. http://www.spycop.com/

    None of these programs will defeat every possible keylogger in existence, so it's best to avoid inputting sensitive data (e.g. passwords) while using any computer that you suspect may have a keylogger installed.
     
  10. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    This app only blocked 2 of all AKLT tests (DirectX and LowLevelHook), so I wouldn't use it.

    This one passes all tests (except screenshots obviously), but I couldn't figure out how to actually use the typed string. No copy option....is it just me?
     
  11. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    Any top notch HIPS solution can block keylogger's work or notify you about it.
     
  12. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Yes, but the OP wants to carry it on an USB drive.
     
  13. Ilya Rabinovich

    Ilya Rabinovich Developer

    Joined:
    Sep 13, 2005
    Posts:
    1,543
    :) There is no miracle in this world.
     
  14. HAN

    HAN Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    2,080
    Location:
    USA
    Safekeys uses drag 'n drop. Just highlight all the symbols and drag them over to where you need them. Copying/pasting uses the clipboard...
     
  15. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Thanks, I'll check it out...seems a good addition for my USB drive
     
  16. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hello,

    About SnoopFree, you said :
    I don't know how you find these results. SnoopFree 1.0.7 tested on Windows XP SP2 against AKLT 3.0 gives these results :

    keylogger test 1 : passed
    keylogger test 2 : passed
    keylogger test 3 : passed
    keylogger test 4 : inconsistent
    keylogger test 5 : passed
    keylogger test 6 : passed
    keylogger test 7 : failed

    screenshot test 1 : failed
    screenshot test 2 : passed

    To sume it up, SnoopFree does not pass all of the tests, as it fails the keylogging tests 4 (DirectX) and 7 (GetRawInputData), in addition to the screenshot test 1. I tested SnoopFree alone without any other security software installed.

    EDIT : it worth notice that while testing SnoopFree results were inconsistent, explorer.exe crashed several times. For instance SnoopFree first
    failed some tests, before later sudently passing them without any popup (of course AKLT was denied at the first seen popup). I guess it is vulnerable
    to some race condition, making it to pass or fail depending on the situation.

    Regards,
    gkweb.
     
  17. Blue Ring

    Blue Ring Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    100

    Even if you wouldn't use it, it's still worth using for most of us. The majority of available keyloggers are still hook based. Good security is about layers, not one "do it all" app. MPS Anti-Keylogger is a nice addition to any Usb drive set up.

    Also as great a testing app as AKLT is, all its tests don't reflect real world uses of keyloggers. AKLT uses some exotic methods, most keyloggers are still hook based and that's what you'll find more often on the computers the Thread Starter mentioned he would be using.
     
    Last edited: Dec 12, 2007
  18. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    Where may I find these anti keylogger tests that people here keep mentioning?
     
  19. Blue Ring

    Blue Ring Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    100

    Gkweb knows. :ninja:




    hint: check the links at the bottom of Gkweb's post. ;)
     
  20. Gargoyle

    Gargoyle Registered Member

    Joined:
    Jun 2, 2007
    Posts:
    67
    Good catch Blue Ring. :) I thought it was only for firewalls, since it says firewall leak tester.
     
    Last edited: Dec 12, 2007
  21. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    I agree with you on the layered approach. It all depends on your setup and habits. If you see that it's unlikely to find some "strange" methods, then that anti-keylogger is fine. I don't even use an anti-keylogger at home, because I introduce all my sensitive passwords after a reboot and Returnil does its job.

    But for my USB drive I can't trust on other computers setup. It's very unlike being able to build a layered defense on an USBdrive, so if I can find some app that "does it all", I'll use it. I don't know what methods can be used to log my passwords on each computer I'll ever use. In my country, a few months ago the police caught a guy who had keyloggers installed at airports public computers and stoled bank accounts and credit cards. Blocking "most used methods" isn't enough for me, since I'll use my USB in computers all over the world due to bussiness and vacation travelling.

    That said, I really liked Neo's SafeKeys. Defeated all 7 AKLT tests and as it works with mouse input, it would even defeat hardware keyloggers.
     
  22. Blue Ring

    Blue Ring Registered Member

    Joined:
    Apr 13, 2007
    Posts:
    100
    After thinking about this thread for awhile, I was wondering how hard it would be to make a portable (can be run off a cd or Usb thumb drive) anti-keylogger that runs in a similar way to the MyPlanetSoft Anti-Keylogger, BUT..... will stop ALL the keylogging techniques used by AKLT (including the screen capture methods)? I mean how hard would it be to make such a anti-keylogger?

    I know I and others (before me) on this forum have mentioned Neo's SafeKeys which stops most of the methods used by AKLT. And while I do like Neo's Safekeys, it is more geared toward protection of your passwords, for the most part. I mean let's face it, who really wants to type an entire email or other document etc. with a virtual keyboard, one agonizing mouse click at a time, should you need or want this level of protection?

    But what I like about the MyPlanetSoft approach to blocking keyloggers is you just start the program and let it run in the background and it blocks the keylogger (hook based keyloggers in this case) so if you have a lot of information to type in, all of it will be more easy to protect from being captured.

    I've tried a few different anti-keylogger programs (that require an install) and run in a similar way to MPS anti-keylogger, but they all seem to have various problems like they won't run or uninstall properly, software conflicts etc., hence the idea of a anti-keylogger that you don't have to install. Not to mention the nice benefit of being able to run it off your thumb drive, so wherever you may ramble your always protected. Portability of such an app really would be king.

    Anyone know of such an animal available now or in the works?
     
  23. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124

    Attached Files:

  24. gkweb

    gkweb Expert Firewall Tester

    Joined:
    Aug 29, 2003
    Posts:
    1,932
    Location:
    FRANCE, Rouen (76)
    Hello,

    For Comodo to pass the 7 keylogging tests, you have to check in Defense+ at least "Windows\WinEvents hooks" and "Keyboard" (you can also check "Device Driver Installations" to prevent driver based keyloggers to install).

    Regards,
    gkweb.
     
  25. yankinNcrankin

    yankinNcrankin Registered Member

    Joined:
    May 6, 2006
    Posts:
    406
    I have a XpProS2 and Comodos latest firewall installed with all the settings on.
    Comodo does not pass Screenshot 2 on the latest AKLT but does pass everything else I guess snoopfree could be installed as I know it stops Sceenshot 2.
     
Loading...
Thread Status:
Not open for further replies.