Zemana AntiLogger and SpyShelter Premium tested

Discussion in 'other anti-malware software' started by genieautravail, Sep 17, 2013.

Thread Status:
Not open for further replies.
  1. genieautravail

    genieautravail Registered Member

    Joined:
    May 6, 2012
    Posts:
    92
  2. NSG001

    NSG001 Registered Member

    Joined:
    Jul 14, 2006
    Posts:
    617
    Location:
    Wembley, London
    Thanks for sharing :thumb:
     
  3. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    very good article, it eliminate some of my question
     
  4. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    Interesting to see that both Zemana and Spyshelter fail to protect against some keylogging methods.

    There is a giveaway btw:
     
  5. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Thanks for sharing. I used to have Zemana AL and felt protected. It's not the same anymore. Now WSA saves the day.:D:thumb:
     
  6. Ashanta

    Ashanta Registered Member

    Joined:
    Aug 21, 2007
    Posts:
    659
    Location:
    Europe
    Unfortunately, the 'Real time keystroke encryption' from Spyshelter Premium doesn't work on Vista 32 bits. ;)
     
  7. FOXP2

    FOXP2 Guest

    ZAL "paid" and ZAL Free must be run concurrently on all but Win8x64 systems for full protection.

    From a Zemana support July 24 email to my inquiry regarding this: The encrypting function of AntiLogger is active on only Windows 8 64 bit. However, this function on AntiLogger Free is active on all OS's. The encrypting function of AntiLogger will be active on all OS's very soon. For now, we suggest our customers who use another OS to use both AntiLogger and AntiLogger Free at the same time. (Slightly truncated for brevity, language barrier edits.)

    Raymond's test was on a Win8x32 system. If Free had been run concurrently and assuming it works as advertised, keystrokes captured by "paid" failures would have been encrypted.

    :thumb:
     
  8. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    Yes, but if ZAL paid-version's Anti-Keylogger module had been working as advertised, then those keystrokes wouldn't have been captured at all.
     
  9. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    757
    I always wondered about these two.Now I know thanks......:) I used Zemana here...
     
  10. whitedragon551

    whitedragon551 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    3,188
    Location:
    USA
    Ive been saying this for over a year that Spyshelter is better than Zemana by leaps and bounds because I did a similar comparison. :rolleyes:
     
  11. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Still testing on 32-bit OS?
    Come on!!
     
  12. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Sad to see products devoted entirely to stopping keyloggers failed to block them all. I'd rather trust a HIPS to stop keyloggers.
     
  13. FOXP2

    FOXP2 Guest

    True. There's no where on their Web site especially
    hXXp://zemana.com/product/antilogger-free/overview/
    where the Win8x64-only encryption and "soon" for all others is clearly called out. (I called this to their attention in April to no avail. There's a little bit of Wilders-like poser in them no doubt.) Their failure to elucidate to paying customers (and the multitudes of freebie recipients) the ability and need to run ZAL with Free for the other Win versions is unacceptable.

    Me, I only realized the Win8x64-only thing by my usual scrutiny of the changelogs as they rolled out and noticed the encryption integrated with 1.9.3.444 in March. An obscure reference to the KeyCrypt SDK in the July changelog prompted a strongly worded email to get my understanding of all that nailed-down (reply quoted above, #7).

    As of the Sept 16 v1.9.3.503, exclusive Win8x64-only encryption continues. I'll be satisfied running Free concurrently in the meantime. In fact, I'm kinda partial to controlling them separately.

    All that just-keylogger stuff aside, I trust ZAL's proven Anti-SSLLogger technology and the double whammy System-Defense HIPS with IntelliGuard (real-time cloud via VirusTotal's API) presents a superb feature set. Early on some Vipre tech got rolled in somewhere (I forget), too. Not to mention configuration settings from forget-it to bend-to-my-will granularity. Oh yeah, in 0.0000324 GB of memory.

    As well, the database store (threats.zdb in the ZALDSK folder) auto-updates every few hours. Another Blobs.db, yes, blobs, shows up every few days; haven't researched that one yet. With that kind of background support and consistent, timely upgrades I can cut them some, but not much, slack on the Web site.

    Since 2007, ZAL has played well without conflict with at least ten other anti-whatever and/or whatWall apps I've run with on four XP and two Win7x64 systems. It's been the one constant in my layered strategy.
     
  14. FOXP2

    FOXP2 Guest

    yawn
    .
    .
    .
    .
    extra text for the too short thing
     
  15. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    Zemana only failed a few more than Spyshelter in this test so I wouldn't call that leaps and bounds in this case. In my opinion, they both failed hard here, as they can't protect against some well known commercial keyloggers which the devs can easily download themselves and test against their product.
     
  16. Windows_Security

    Windows_Security Registered Member

    Joined:
    Mar 2, 2013
    Posts:
    3,067
    Location:
    Netherlands
    Spyshelter's HIPS warned at all installs. I think key encryption with HIPS (+FW) is the way these applications will evolve.
     
  17. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,485
    Location:
    Poland - Cracow
    "Few more" means in this case twice more...SS failed 8 actions, ZAL failed 16. It also means that detection of ZAL in this test was on level ca 67,5% but SS on level 84%. I think it's not the little difference...I would'n have security app whit possibility of detection on the level 2/3 of tested/real malware.
     
  18. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    The problem with these programs and pretty much all anti-malware programs at the moment is that if you design them to block all the bad stuff you end up blocking or conflicting with lots of legitimate stuff too. Best to just accept them as an extra measure of security but not blindly rely on them to keep you safe, and to exercise lots of common sense combined with other measures such as a good HIPS, good firewall, and extra malware scans if something starts to feel weird about your system.

    Besides, even if some trojan captuers keystrokes, audio, screenshots or whatever from your computer, shouldn't a properly configured firewall stop that information from being sent out to potential bad guys?

    The good thing about Zemana in my experience is that it's very light and works well with most other programs.
     
  19. ald4r1s

    ald4r1s Registered Member

    Joined:
    Apr 8, 2013
    Posts:
    51
    I have just checked raymond, thought I could see your reactions and bam, you are already discussing it :D

    Am I the only one who finds these results BIASED?

    I couldn't believe that SpyShelter fails Advanced Keylogger so hard - I have tested it and I must say that Raymond simply don't know how to test applications which provide Real Time Protection.

    He allowed it to change protected registry key, I mean, come on - it is like he has installed a virus and added it to exceptions list and then complain that antivirus is BS cause it doesn't work.

    And yeah, zemana would fail half of these tests at 64 bit systems...

    Still voting for SpyShelter!
     
  20. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,067
    No you aren't the only one, this is what the Spyshelter team says about this test

     
  21. raymondcc

    raymondcc Registered Member

    Joined:
    Jul 8, 2010
    Posts:
    11
    First of all, let me reassure you that my test is not biased if you understood what I am trying to test.

    The goal of this test is not to test if spyshelter or zemana can "block a keylogger" like what antivirus does but to actually test if the antikeyloggers such as SpyShelter and Zemana can detect a potential logging activity. Aren't these tools supposed to be behavior-based detector?

    It is true that Advanced Keylogger can be detected upon installation (shown in the result table), but what if someone who had physical access to the computer installed it without the knowledge of other users on the same computer? You should know that a malware can be compiled without adding itself to auto startup and this gives a one time access to the hacker. Please read the last paragraph on page 2 of the article. Another possibility is what if the user finds the HIPS annoying and decided to turn off System Protection (HIPS)?

    I was very careful in testing every logging activity.

    An example in testing Advanced Keylogger keystroke logging. First I disabled SpyShelter's protection and then install Advanced Keylogger. By doing this, I won't accidentally add Advanced Keylogger to "Allow" list. Then I enabled SpyShelter's protection, followed by randomly typing on my keyboard. If SpyShelter can recognize the keystroke logging method used by Advanced Keylogger, obviously SpyShelter will show the alert popup.

    As you can see, I did not command SpyShelter to not block it during installation.
     
    Last edited: Sep 22, 2013
  22. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    but by doing that the registry was already altered or changed isnt ito_O
     
  23. raymondcc

    raymondcc Registered Member

    Joined:
    Jul 8, 2010
    Posts:
    11
    The registry change is only used to auto startup the keylogger when Windows is booted up. Should NOT affect the antikeylogger's behavior detection on logging activity.
     
  24. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    So detection is more important than protection, gotcha. :rolleyes:
     
  25. raymondcc

    raymondcc Registered Member

    Joined:
    Jul 8, 2010
    Posts:
    11
    It will be always impossible to achieve a 100% protection for everyone. That is why hundreds of thousands internet users are part of botnets even when they have an antivirus that "should" protect them.

    Don't you think detection plays an important role too?
     
Loading...
Thread Status:
Not open for further replies.