W

Wave

The purpose of an Anti-Malware product is to either be used as real-time protection or on-demand to scan for and clean out detected malware (not all anti-malware security products will provide real-time protection - I recommend an AV if you're looking for real-time and to stick with Anti-Malware for on-demand). However, the purpose of an Anti-Logger is to prevent software from obtaining the keys you're typing into a program, which can prevent any malware which may be on the system from obtaining this information and it actually being useful.

As an example, let's pretend my name is John and I have just downloaded CCleaner from a suspicious website, and I open it up on my system (whilst believing its the genuine version and not suspecting it's malicious). At the same time, I have Malwarebytes Anti-Malware Pro running (which supports the real-time features - the free version is on-demand only). Luckily for me, Malwarebytes Anti-Malware detected this malicious sample on-execution and blocked it, preventing my system from becoming infected based on the payload the malicious sample would have attempted to carry out (in this case the purpose of this malware sample is to perform keylogging activities and send this information back to the attacker). Whereas, if I was just using an Anti-Logger software (e.g. by Zemana), it would have made sure the keys became encrypted and only the software I was typing into receives the real un-encrypted keys... Therefore, the malware would just end up getting a bunch of encrypted data which is useless to it (so when the attacker receives it, they can't hack my accounts because the login won't work - the logged keys are useless as they are encrypted with a random algorithm each time (which prevents reverse engineering the anti-logger software and then reversing the algorithm to convert the encrypted keys to a decrypted form)).

In fact, I recommend using both an Anti-Malware and Anti-Logger software if you think it's necessary, as long as they both work together and don't cause any conflicts. Without that being said, it's possible for Anti-Virus/Internet Security software to involve zero-day protection features such as anti-keylogger protection (which may work like the typical Anti-Logger software from companies like Zemana by encrypting keys, or may work differently by identifying programs running which are attempting to execute instructions similar to a keylogger).

Note: Anti-Malware isn't meant to act as a replacement to existing Anti-Virus software, but the purpose it's meant to serve is to help catch threats which typical and standard AV software may miss - I decided to point this out due to my statement earlier regarding how Anti-Malware software (e.g. MBAM Pro) can also support real-time protection of some kind, usually for on-execution only.

If you know what you're doing and are wise when it comes to safety practises, you could end up being fine and protected with just Windows Defender alone, and to improve things, you could add some on-demand scanners and anti-logger software. If you really want to be secure, you could look into learning about how to use Anti-executable & anti-exploit software. Just make sure not to overload your configuration, just find a simple and secure one that works for your current system configuration without causing the system to be too slow, and works for you altogether... You'll require some trial and error testing with numerous products.

I recommend you create a configuration over at the security configuration area should you need help with product recommendations and an overview of if your current configuration is secure or not.

Regardless of what you end up deciding to use, if you use Anti-Logger then make sure to do the tests so you know that the protection is really working and there isn't a bug problem going on where it isn't really working but claims it's enabled... You can do this via simulation software online, I can provide some links if required. You can do the same for Anti-Virus/Anti-Malware real-time protection, since most security products will detect the basic eicar test files to allow the customers to perform protection checks (make sure everything is up and running and not really disabled but claiming it is).

I hope this post helped you,
Good luck and stay safe! ;)
 
W

Wave

@Wave couldn't have said it any better. Zeman Anti-Logger is a combination of both kinds and I recommend you buy it if you have the chance.
Honestly, I really like the approach that Zemana Anti-Logger takes. As far as I'm aware, it's method is by a low-level driver to intercept when you enter a key and then it works by making sure this key becomes encrypted except for the target program the keys are being entered into, whilst using a random key encryption algorithm each time to prevent analysis and then a tool being made for decryption of the encrypted keys (so dynamic encryption).

However, there is actually a flaw when it comes to anti-logger itself, since there's another way to check the keystrokes being entered whilst just using this standalone anti-logger software - I actually just thought of this on-the-spot whilst writing the above to your quote. It is technically possible for existing malware to detect if the anti-logger software is on the system, and if it is, it can attempt to inject into the target process (e.g. DLL injection against Internet Explorer) and then manually monitor to steal the credentials, and it wouldn't be encrypted since it'd need to stay decrypted since it'd be entered into the program itself... So for additional protection, it's probably best to work with existing security software which can help safe guard against these attacks via zero-day protection components (like Behaviour Blocker/HIPS). A great and pure example would be the Emsisoft Behaviour Blocker, which is decent enough at detecting injection attempts (e.g. DLL/Code injection).
 

Leviathon

Level 1
I forgot to mention my current security setup:
Windows 7 Home Premium
Kaspersky Anti-Virus (purchased version)
Windows Firewall (easy to configure)

Aren't there other programs inclueded in the anti-logger version, like safe browsing, or a program similar to CCleaner?

You've now made me rethink whether or not I want a paid version of Zemana Anti-Malware. I don't know that the keylogging has ever been an issue for me or ever will. I never download and open an executable without scanning both anti-virus and anti-malware. Plus, I generally always buy my software directly from the company so I don't really worry about executable files. There's always the chance that I could end up at a bad webpage though.

I'm the type of person who doesn't like a lot of programs running in the background. I think part of me is worried that the more programs I have, the more possible exploits could be found.

I guess I need to figure out whether having an active anti-malware scanner is worth it or if I should just allow it to be an on-demand scanner.
 
Last edited:

Leviathon

Level 1
Honestly, I really like the approach that Zemana Anti-Logger takes. As far as I'm aware, it's method is by a low-level driver to intercept when you enter a key and then it works by making sure this key becomes encrypted except for the target program the keys are being entered into, whilst using a random key encryption algorithm each time to prevent analysis and then a tool being made for decryption of the encrypted keys (so dynamic encryption).

However, there is actually a flaw when it comes to anti-logger itself, since there's another way to check the keystrokes being entered whilst just using this standalone anti-logger software - I actually just thought of this on-the-spot whilst writing the above to your quote. It is technically possible for existing malware to detect if the anti-logger software is on the system, and if it is, it can attempt to inject into the target process (e.g. DLL injection against Internet Explorer) and then manually monitor to steal the credentials, and it wouldn't be encrypted since it'd need to stay decrypted since it'd be entered into the program itself... So for additional protection, it's probably best to work with existing security software which can help safe guard against these attacks via zero-day protection components (like Behaviour Blocker/HIPS). A great and pure example would be the Emsisoft Behaviour Blocker, which is decent enough at detecting injection attempts (e.g. DLL/Code injection).
I think I just wrote a book to you in PM, sorry, lol.
 
P

PEllis

I forgot to mention my current security setup:

Kaspersky Anti-Virus (purchased version)
Windows Firewall (easy to configure)

Aren't there other programs inclueded in the anti-logger version, like safe browsing, or a program similar to CCleaner?

You've now made me rethink whether or not I want a paid version of Zemana Anti-Malware. I don't know that the keylogging has ever been an issue for me or ever will. I never download and open an executable without scanning both anti-virus and anti-malware. Plus, I generally always buy my software directly from the company so I don't really worry about executable files. There's always the chance that I could end up at a bad webpage though.

I'm the type of person who doesn't like a lot of programs running in the background. I think part of me is worried that the more programs I have, the more possible exploits could be found.

I guess I need to figure out whether having an active anti-malware scanner is worth it or if I should just allow it to be an on-demand scanner.
You really don't need security software specifically for keyloggers, as your AV/AM real-time protection should prevent that in the first place. Security software isn't bullet proof though, so if you're paranoid you can include anti-keylogging software.

My recommendation, if you want anti-keylogging software, is to buy Zemana Anti-Logger. It also has the anti-malware capabilities in Zemana Anti-Malware.
 
Last edited by a moderator:
W

Wave

You really don't need security software specifically for keyloggers, as your AV/AM real-time protection should prevent that in the first place. Security software isn't bullet proof though, so if you're paranoid you can include anti-keylogging software.
Not necessarily. Sure, normal AV software can detect keyloggers based on static and standard detection methods (which are so easy to bypass) however you'd be surprised about the lack of behavioural detection features there are today in a lot of products when it comes to zero-day protection. Some security software will support behavioural analysis of processes (e.g. via the use of HIPS/BB technology) which will pick out when activity seems to be like keylogging and prevent it (e.g. via injecting into all processes running on the system and setting hooks to monitor it) or will even run suspicious rated programs within a virtualised environment... Or some will support anti-keylogging via much more secure and reliable methods, such as using a low-level keyboard driver (which also at the same time removes the ability to actually pin-point the keylogging activity to a particular process since it doesn't work for malware only but just makes sure it's all secure all the way round)... But you'd be surprised at how many security products (e.g. AV) would lack this.

Anti-Malware products usually don't include zero-day behavioural protection features, with the exception of products like Emsisoft Anti-Malware (which even Emsisoft have mentioned themselves, it can replace existing AV security suites - it was mentioned on the official website at some point and most likely still is now). Whereas, products like Malwarebytes Anti-Malware, I'd say the best bet would be it detecting the sample with real-time on-execution based on the standard detection methods (and maybe some dynamic checks but nothing too major IMO).

Avast are a multi-millionaire company and they only introduced a HIPS feature last year, and I still don't think this is even as good as it should be, compared to the HIPS/BB system integrated into let's say... Maybe Emsisoft Anti-Malware? I doubt it even supports anti-keylogging within it's HIPS feature-set (correct me if I does though).

Regarding the part about Zemana Anti-Logger for anti-keylogging, 100% agree with you there. It really is one of the best IMO at what it does.
 
Last edited by a moderator:

Spawn

Administrator
Verified
Staff member
Zemana AntiMalware Premium - Block online threats before the infections take place.
  • Real Time Protection (Premium)
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Zemana AntiLogger - Identity Theft Prevention at its Best
  • Secure SSL
  • Keystroke Logging Protection
  • Real Time Protection
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Both are great software and can recommend either to which ever suits your requirements. Premium version includes 24/7 Support.
 

Terminator

Level 1
Zemana AntiMalware Premium - Block online threats before the infections take place.
  • Real Time Protection (Premium)
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Zemana AntiLogger - Identity Theft Prevention at its Best
  • Secure SSL
  • Keystroke Logging Protection
  • Real Time Protection
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Both are great software and can recommend either to which ever suits your requirements. Premium version includes 24/7 Support.
this sums it up pretty good, thanks.
 

jamescv7

Level 61
Verified
Trusted
Keep in mind that the word Anti-Malware is comprise of protection capabilities against all kinds of threats. Zemana AntiMalware contains Pandora Technology to determine the zero day infection. Meanwhile Anti-Keylogger acts as a HIPS based against that similar behavior of malicious keystrokes.
 

Leviathon

Level 1
Zemana AntiMalware Premium - Block online threats before the infections take place.
  • Real Time Protection (Premium)
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Zemana AntiLogger - Identity Theft Prevention at its Best
  • Secure SSL
  • Keystroke Logging Protection
  • Real Time Protection
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Both are great software and can recommend either to which ever suits your requirements. Premium version includes 24/7 Support.
I get what the logging protection is, but what is secure SSL?
 
  • Like
Reactions: Logethica

Spawn

Administrator
Verified
Staff member
I get what the logging protection is, but what is secure SSL?
Prevents hijacking of your connection between browser and server.

"Protects SSL (https) data pre-encryption, prevents Man-in-the-Browser (MitB), and monitors Trusted Root CA Store for fake root certificate information." - Zemana SafeOnline (Business Site)

What is Man-in-the-browser (Wikipedia).
 

Leviathon

Level 1
Thanks for all the help. Got my license for Zemana anti-malware. I just wasn't interested in the anti-logger features.
 
  • Like
Reactions: Wave

eXDj

Level 5
Verified
Zemana AntiMalware Premium - Block online threats before the infections take place.
  • Real Time Protection (Premium)
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Zemana AntiLogger - Identity Theft Prevention at its Best
  • Secure SSL
  • Keystroke Logging Protection
  • Real Time Protection
  • Browser Cleanup
  • Cloud Scanning
  • Pandora Sandbox
  • Ransomware Protection
Both are great software and can recommend either to which ever suits your requirements. Premium version includes 24/7 Support.
Antilogeer it's better no?
 
  • Like
Reactions: Dirk41 and XhenEd