Advice Request Keylogging protection not working

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.
A

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,714
hjlbx said:
He wants system-wide keylog protection - which HMP.A only provides it for protected programs...

But, of course, for that he needs to use paid SpyShelter or Zemana.
Click to expand...
There's no point to buying Zemana Antilogger if the OP is using Windows 10, since many of the features are non-functional on that OS.

He could use Zemana Antilogger Free, which is compatible with Windows 10 and should offer system-wide Keystroke encryption or wait until the stable version of Zemana Antilogger 2 is released and get a trial(if possible)
Zemana on Twitter
 
  • Like
Reactions: King Alpha, Logethica and Terry Ganzi
H

hjlbx

Azure Phoenix said:
There's no point to buying Zemana Antilogger if the OP is using Windows 10, since many of the features are non-functional on that OS.

He could use Zemana Antilogger Free, which is compatible with Windows 10 and should offer system-wide Keystroke encryption or wait until the stable version of Zemana Antilogger 2 is released and get a trial(if possible)
Zemana on Twitter
Click to expand...

Actually, if a keylogger has made it onto a system, then it is too late -- the system is compromised.

An anti-executable with Shadow Defender, Rollback Rx or Drive Vaccine\Reboot Restore is better protection in the first place.

Anti-loggers are notoriously unreliable; new keyloggers come along all the time that can decisively defeat anti-loggers.

With an AE, the anti-logger can't be installed unless the user allows it.
 
  • Like
Reactions: King Alpha, Logethica, _CyberGhosT_ and 1 other person
Duotone

Duotone

Level 10
Verified
Well-known
Mar 17, 2016
464
hjlbx said:
Actually, if a keylogger has made it onto a system, then it is too late -- the system is compromised.

An anti-executable with Shadow Defender, Rollback Rx or Drive Vaccine\Reboot Restore is better protection in the first place.

Anti-loggers are notoriously unreliable; new keyloggers come along all the time that can decisively defeat anti-loggers.

With an AE, the anti-logger can't be installed unless the user allows it.
Click to expand...

@hjlbx Have SBIE+HMP.A+VS(free)+AG is it even practical to include HMP.A in my setup?! Only like it risk reduction features.. Thanks!

Edit: Would replacing HMP.A w/ Tinywall be a better option?!
 
  • Like
Reactions: King Alpha, Logethica and _CyberGhosT_
L

LabZero

NullByte said:
That's not true, "there is a chance" that other products will detect it too.
Click to expand...
No doubt that there is a chance.
But, as I said, these KL simulators are written to be absolutely and obviously detected by the respective vendors.
This doesn't mean that an AV can not detect them via signatures or keystrokes detection.
It can, but these simulators are not the best way to test the AVs in this context.
If real keylogger malware uses GetAsyncKeyState, a common function, then it returns as the key is pressed or not at the time of the call. It is detected because the malware is making a system API call, and it is easily detected by an AV as the hook on Windows messages also.

But if a real keylogger uses hypervisor or kernel-space (virtual machine or driver) for example, it can really hide itself and you can really test a AV in the correct way, not with a simple simulator's test.
 
  • Like
Reactions: King Alpha, Logethica, _CyberGhosT_ and 1 other person
hypotemuse

hypotemuse

Level 1
Thread author
Jul 30, 2016
11
Terry Ganzi said:
You can give this a try. Ghostpress by Hendrik Schiffer
Ghostpress - Anti-Keylogger
Click to expand...
Interesting. Ghostpress seems to be giving system-wide protection (neither Zemana antiLogger free or KeyScrambler free provide system-wide protection, although Zemana antiLogger free didn't work with Windows Edge/Cortana either).

Having said that:

1) non-alphanumeric chars accessed with the shift-key ($^&) are still being logged in Zemana sim test (in Spyshelter they're logged as the corresponding "non-shift" char, so '*' would be logged as '8')
2) somewhat funnily, the minus sign is still being logged

Not entirely encouraging, will test it some more, but certainly not bad if those objections can be addressed.
 
  • Like
Reactions: Terry Ganzi and Logethica
Terry Ganzi

Terry Ganzi

Level 26
Verified
Top Poster
Well-known
Feb 7, 2014
1,540
hypotemuse said:
Interesting. Ghostpress seems to be giving system-wide protection (neither Zemana antiLogger free or KeyScrambler free provide system-wide protection, although Zemana antiLogger free didn't work with Windows Edge/Cortana either).

Having said that:

1) non-alphanumeric chars accessed with the shift-key ($^&) are still being logged in Zemana sim test (in Spyshelter they're logged as the corresponding "non-shift" char, so '*' would be logged as '8')
2) somewhat funnily, the minus sign is still being logged

Not entirely encouraging, will test it some more, but certainly not bad if those objections can be addressed.
Click to expand...

You can report problems here (Hendrik Schiffer) .
 
  • Like
Reactions: Logethica
Status
Not open for further replies.

Similar threads

X195
    • Like
Advice Request Help needed with DNS configuration
Replies
15
Views
973
AdGuard
Chuck57
Chuck57
Trident
    • Like
    • +Reputation
    • Thanks
Serious Discussion Decoding the Trend Micro Components and Protection Model
Replies
24
Views
2,987
Other security for Windows, Mac, Linux
Mahesh Sudula
Mahesh Sudula
A
    • Like
Some cuestions about configuring Kaspersky plus
Replies
3
Views
838
Kaspersky
Brahman
Brahman

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top