Which is best for keystroke encryption & other protections, for effectiveness and value/cost?

  • Zemana Anti-Keylogger (ZAL)

    Votes: 12 34.3%
  • SpyShelter

    Votes: 10 28.6%
  • HitmanPro.Alert (HMP.A)

    Votes: 10 28.6%
  • KeyScrambler

    Votes: 6 17.1%
  • Ghostpress

    Votes: 1 2.9%
  • Other?

    Votes: 1 2.9%
  • Total voters
    35

vertigo

Level 2
Please say why you prefer what you do and, if possible, provide links if it's due to superior or inferior performance of one product or another.

I'm in the process of looking for updated security software, and one of the things I'm trying to figure out is keystroke encryption, as well as other related protection. I've been using KeyScrambler Free for years and have been mostly happy with it, but I'm looking for possible better alternatives. By better I mean more effective protection, protection with more programs, more secure (e.g. KeyScrambler can easily be killed by malware), and more encompassing (clipboard protection, screen capture protection, etc). While I consider it important, it is a last line of defense, so it will only be necessary in the event I actually get infected AND the infection isn't caught and wiped out. Also, I use KeePass, though admittedly I usually copy/paste because auto-input doesn't always work, so really clipboard protection is just as important. So it's not really worth it to me to pay much for, and the only reason I'm even considering ZAL and SpyShelter is because of the additional protection they also offer, but even then it's a tough call to be paying an annual subscription for them, especially if I get adequate malware/HIPS protection elsewhere (I'm still researching this, but thinking something like Avast + firewall + anti-exe + HIPS + 2nd opinion scanners). This is compounded by the fact that whatever solution(s) I go with, I plan on implementing on at least three computers, very possibly more. That said, I'm not against paying a reasonable amount if the software is that good.


Zemana Anti-Keylogger (ZAL)
+Effective
+Good reputation
+Additional protection: clipboard remote access protection (not sure how this differs from general clipboard protection), screen capture, webcam, microphone (seems to be the only one with this), malware, HIPS
-Expensive ($90/3yrs/3 licenses, $140/3yrs/5 licenses)
-Personally, I think them licensing their products to other companies (Watchdog, MalwareFox, PerfectGuard) hurts their reputation, especially since neither these companies nor Zemana make it obvious what's going on, leaving people to speculate (as an additional note to this, it's interesting that the rebranded products from these companies cost as much as or more than ZAL, yet offer less protection (they're only a ZAM equivalent)
-Website doesn't inspire confidence considering all of their store links lead to a 404, which required me to Google to find the actual purchase page
-Appears to be based in Turkey

SpyShelter
+Effective
+Good reputation
+Additional protection: clipboard, screen capture, webcam, folder (this could be a big one, since it's something I want and so far all others I've seen that offer it only allow a small number of folders to be protected), firewall (don't know how good it is)
-Very expensive ($60/$72 for 3 1-year Premium/Firewall licenses)
-Can be uninstalled by malware (Best Keystroke Encryption Software to Protect Against Keyloggers • Raymond.CC)
-Many MWT users say they have bad CS

HitmanPro.Alert (HMP.A)
+Good reputation
+Additional protection: webcam, malware
-Extremely expensive ($35/yr/license -> $105/yr/3 licenses)
-Questionable effectiveness of keystroke encryption (mixed reports here and at Wilders)
-No clipboard, screen capture, or microphone protection

KeyScrambler
+Effective
+Good reputation
+Have been using it for years mostly trouble-free
+Popup when typing to show it's working is obvious but unobtrusive, and allows immediate recognition of a problem (if you're paying attention)
-Keylogging protection only
-Free version only protects browsers, which provides most of the protection I really need, but it would be nice to have more programs covered, which is the main reason I'm looking at alternatives
-Can be killed/uninstalled per review linked above
-Possibly the cause of periodic hiccups I experience where the browser will stop accepting my input for a couple seconds and anything I type during that time won't be entered, though it's hard to say, as it could just as well be the browser/extensions

Ghostpress
+Seems promising
+Developer has been active here in the past
-Keylogging protection only
-Haven't seen much on it lately
-Not sure where it stands as far as effectiveness and security
-I don't like the widget for showing when it's working

Oxynger (on-screen, virtual keyboard, so not a viable alternative to the others, but worth a mention)
+Screen capture protection
+Free?
+Effective (5 Virtual Keyboards Tested to Determine their Effectiveness Against Keyloggers • Raymond.CC)
-Obscure, relatively unknown

As a final note, do keystroke encrypters even offer any protection? mspencer712 here (What is the best keystroke encryption software? • r/software) makes a strong case against their effectiveness, but they've shown effective against keyloggers, such as here (Best Keystroke Encryption Software to Protect Against Keyloggers • Raymond.CC). Then again, as he points out, if you're compromised, the malware could very likely have access beyond what a keystroke encryption tool can protect against. It seems to me that, like many things, their usefulness has limits, but it's better than nothing.
 

vertigo

Level 2
Bump.

Several people have voted, hopefully after reading my post and taking into account what I said to weigh your opinions, though I have no idea how many people actually voted since multiple votes are allowed, nor do I know why you voted the way you did. I would really appreciate some input from people with experience with or knowledge about these various apps to help me make a decision. The voting trend tracks the pricing of these products, with KeyScrambler (free) and ZAL (cheapest paid option) netting the most votes and HMP.A getting the least of the paid (and tied with GhostPress, a relative unknown, strangely enough). I'm curious if people are voting this way purely based on cost, considering I did say I prefer free or cheap, or if they feel the cheaper programs are actually better, another reason it would be nice to see explanations for your preferences. Even though I may go with one option over another due to the first option being free/cheaper, despite the second option maybe being a bit better, if the second option is significantly better the extra cost may be worth it to me. Or even if it's not necessarily a significant difference, someone else that comes along and views this thread might decide to go with a more expensive option for reasons given. So please, share whatever insight you can.
 
  • Like
Reactions: AtlBo and Hero7

ichito

Level 5
Content Creator
Verified
Hi @vertigo

The best...and I think not only for me...is one - SpyShelter. Why?...the good answer one can find in post about my security setup
RISK: DANGER - ichito's setup for Vista
but in short because of
- the widest anti-logger protection
- HIPS module
- user definied files/folders/registry protection
- apps/files/folders/removable drives restrictions
- firewall features
- and all ohters additional options/settings.

Next thing - you pointed at article "Best Keystroke Encryption Software to Protect Against Keyloggers" but no way to find in it something about possibility to disabling SS by malware...it can be find in other place on Raymond.cc
What is the BEST Anti Keylogger and Anti Screen Capture Software? • Raymond.CC
but
- there is no words about malware but only about Process Explorer
- such article was mentioned and discussed on Wilders and opinions about attached test was "a bit" critical
Zemana AntiLogger and SpyShelter Premium tested
 
Last edited:

vertigo

Level 2
@ichito

Thank you for the thorough response, and for catching my mistake on that link! I was going to fix it based on your correction, but for some reason I don't have an edit option for that post.

To your first point, regarding SpyShelter being the best, it makes me wonder if, due to ZAL having more votes, more people tend to prefer it to SpyShelter, or if the votes went that way more due to cost. I also wonder if SS is really that much better than ZAL, in your opinion, to warrant the significant extra cost. Of the things you pointed out that SS has, ZAL has most of them, too. The only things SS has that ZAL doesn't, that I can tell, are a firewall and folder protection. For the firewall, as I said, I don't know how good it is compared to others. Also, there are other options that are either free or much cheaper and seem to be very well regarded, such as Comodo, Glasswire, and Tiny wall, to name a few. So if it would be cheaper, and especially if it would be free, I'd rather use a separate one, which would then negate that benefit from SS. This is not only due to the expense of needing 3+ licenses of whatever I go with, but so I can, if helping a friend or family member, have them use the same thing I'm using, so I'd be familiar with it, which would be much easier if it's free or cheap. The same goes for folder protection, assuming I can find something to offer that separately.

As for the article, you're correct, it wasn't malware that did it, but Process Explorer, but this is only because he (presumably) didn't have malware on hand specifically designed to do this, and it was a lot easier to just use PE than to write one. But the fact remains, if PE could do it, malware could be made to do it. As for the Wilders thread, Raymond modified the article in response to the criticism, so it no longer applies. And IMO, the criticism was only mild anyways.

SS definitely looks, by most accounts, to be excellent software. My two main issues with it are the poor CS and the high price (one or the other on their own would be bad enough; the two combined are a huge negative for me). I might be able to be convinced to go with it, which is partly why I included it (the other reason was for completeness), but even with your strong argument, it seems ZAL can do most of the same stuff for far less. Of course, it has its own problems. So it comes down not only to what each program can do, but how well, and what areas that are lacking in each can be covered by other options.
 
  • Like
Reactions: ichito

conceptualclarity

Level 21
Content Creator
Trusted
Verified
All I can tell you about Zemana is I haven't used their two products for very long because their drivers caused too many blue screens on my old XP system.

I like SpyShelter and acquired a lifetime license on discount. My recollection is undiscounted lifetime licenses were under $100, but I wasn't looking at the version with firewall, and I don't recall whether it covered multiple computers.

The SpyShelter firewall is highly regarded. Lockdown speaks well of it on this site. I recall it did well on the Matousec testing.

SpyShelter does a lot of notifications, but I have found them useful. It will for example notify you when programs are trying to make scheduled tasks or other autostarts and make it easy to block that.. For a long time I was completely baffled as to where the Advanced System Care service was getting its autostart, always resetting itself to Automatic after I set it to Manual. During an update SpyShelter showed me the service was utilizing winlogon, so I blocked that.

May I ask what CS stands for in this context?
 

zamar83

New Member
When does clipboard protection become an important feature? If text is auto encrypted at typing by an anti-keylogger, it presumably remains encrypted in clipboard, and then decrypted when pasted into a target field - correct? If unencrypted text is copied to clipboard, will it be transcoded and stored encrypted there until pasted somewhere? Or instead an anti-keylogger would block access to clipboard to suspicious programs, or any programs unless permitted by user?

Clipboard protection seems important when inserting passwords from a desktop Password Manager package into login fields on websites, as the Password Managers presumably do it via clipboard. At times the only quick way to enter a long complex password is to copy-paste it manually via clipboard. Does KeyScrambler offer any type of clipboard protection whatsoever? I can't find any info about it.

Another interesting moment: when typing into textarea post fields on forums like this one - will an anti-keylogger encrypt keystrokes when you type, and then immediately decrypt them to place into the textarea? Or everything you type on the forum remains in clear while typing?
 
Last edited:

vertigo

Level 2
May I ask what CS stands for in this context?
customer service

@zamar83 - I don't know how it works, but I'm pretty sure clipboard protection just blocks programs (again, not sure if by blacklist, whitelist, or some other means) from accessing the clipboard. I don't think it actually encrypts the clipboard contents, especially since it won't always be text. Also, text is encrypted from the keyboard intercepts to the program it's being entered in to, it's not encrypted in the program. So as I type in this text box, if I were running a scrambler (I'm not currently, as I haven't installed one yet on my fresh install), it would be receiving my keystrokes, encrypting them, then entering them into this text area in the browser, decrypting them as it did so. Again, I don't understand how it does all this, but that should answer a few of your questions:

If text is auto encrypted at typing by an anti-keylogger, it presumably remains encrypted in clipboard, and then decrypted when pasted into a target field - correct? If unencrypted text is copied to clipboard, will it be transcoded and stored encrypted there until pasted somewhere?

Another interesting moment: when typing into textarea post fields on forums like this one - will an anti-keylogger encrypt keystrokes when you type, and then immediately decrypt them to place into the textarea? Or everything you type on the forum remains in clear while typing?
So to the first two (the first paragraph), text is encrypted by the anti-keylogger, but once it's typed, it's not encrypted in the program, so when you select it to copy it to the clipboard, you're not selected encrypted text, just plain text. If it were encrypted, you wouldn't be able to read it. Again, whether these programs encrypt it in the clipboard when you copy it to the clipboard I don't know, but I don't think they do. This applies to your last question as well: again, it's not encrypted once it's where it needs to be (in this case, the forum message box), because that's not the point, and it doesn't need to be encrypted there. Keyloggers don't look to see what's in text areas, they just do what their name implies: log keystrokes. It's the transit that's the problem. Think of it like money and banks, where you withdraw from one bank (type out your thoughts, password, etc) and deposit it into another (the browser or whatever). The anti-keylogger's job is to protect it in between the two, so it's the armored truck. Once it's in the new bank, it's safe from keyloggers (robbers who can only steal it while it's outside), and now it's the browser's job to keep it safe from bank robbers. I hope that makes sense.

Also, while having keylogger protection helps protect you, you shouldn't copy/paste login info from a password manager. It's better to use a browser extension (though this has its own potential issues) or auto-type, both of which are more like sending your money via helicopter, so they're never within reach of (normal) robbers. But neither are perfect, and there's still some risk, it's just largely mitigated.
 

zamar83

New Member
When using several browsers, it's not convenient to use browser password manager extensions, and generally less secure to store your passwords on some 3rd party remote server. Better to use a separate Password Manager, independent on other programs. The problem is, some websites like Gmail offer 2-page login, so fields "login / password" are on different webpages. This prevents Password Manager from auto entering login data with default Autotype code, and one must copy and paste a long password manually via clipboard. That's were Clipboard Protection gets important, and KeyScrambler doesn't seem to provide any.

Some Password Managers like KeePass may be programmed to work with 2-page login sites by changing Autotype code per site, but the process or required commands seems to differ on various sites, making the process cumbersome. With Clipboard Protection its just simple copy and paste to any site fields.
 
Last edited:
  • Like
Reactions: RoboMan

vertigo

Level 2
Not sure why you deleted your post zamar, but I personally use KeePass, though I may switch to KeePassXC at some point. And I use Kee with it, which works very well (though not perfect), including in situations like you mentioned. As for using multiple browsers, it's easy to install an extension in each browser you use. Or, again, you can use auto-type, and not have to worry about that. And auto-type can be configured per site, so it can deal with a separate page for username/email and password or other variables. The biggest problem with it is that it's less convenient, because you have to take time to set those special rules up, and you have to remember the shortcut (a minor thing). I'm considering switching to using it, since it is more secure than an extension, doesn't rely on the extension to remain in active development and, what little I've used it, seems to work well even in cases that throw Kee off.
 

zamar83

New Member
I didn't delete any posts. What are the advantages of using KeePassXC compare to latest KeePass?

Keeping the same passwords in several browser plugin DBs doesn't strike me as a good idea, and hard to maintain.
 
  • Like
Reactions: SumTingWong

Yellowing

Level 5
Verified
I'd wish to have a new option. Unfortunately Zemena is no longer any good, SpyShelter has too much functionality that is better exchanged with other programs, Ghostpress does not work on my PC anymore :cry::mad: (Error 0xc0000005 for god-knows what reason) probably because DLL injection is now prohibited on my PC, the Oxynger is just a virtual keyboard and does nothing with physical keyboard, afaik, and Hitman is too expensive.:cry:

Well I try the last thing left for me: KeyScrambler :unsure:
Does anyone have another alternative for me? :emoji_sob:
 
Last edited:
  • Like
Reactions: SumTingWong

shmu26

Level 76
Content Creator
Trusted
Verified
These features are not important if you have a good security setup. If you are defending yourself against a keylogger, it means your system is already compromised, and you are already in big trouble.
Focus on protecting your system from intrusions.
Blocking keyloggers is like waging a gunfight with an attacker who is already inside your house. You want to stop him from getting there in the first place.
 

Yellowing

Level 5
Verified
Yes ... but, what about some random browser script capturing my master password for my pw manager? :ROFLMAO:
Hm. Why not having a fail-safe? :confused:
 
  • Like
Reactions: shmu26

LDogg

Level 28
Verified
I think it puts people into a false sense of security having one of these. I believe most AVs, OSArmor, VDS & most firewalls by default would stop keyloggers in their tracks. Seems a waste to have an anti-Keylogger software on a system. Not many people use them.

~LDogg
 
  • Like
Reactions: BryanB and shmu26

Yellowing

Level 5
Verified
Hmmmmmmmmmmmmmmmmmmmm... :(

EDIT: Oh now I know why I want one: A Keylogger is the last thing that can defeat my Password manager/PC. How it gets on my PC ... I guess legitimately. Bundled with legitimate software. Does that make sense? :unsure::unsure::unsure: :ROFLMAO:
 
Last edited:
  • Like
Reactions: BryanB and shmu26

shmu26

Level 76
Content Creator
Trusted
Verified
Yes ... but, what about some random browser script capturing my master password for my pw manager? :ROFLMAO:
Hm. Why not having a fail-safe? :confused:
There are dangerous browser exploits that harvest your login credentials etc after you typed them in. So a keylogger won't help for that.
 

RoboMan

Level 27
Content Creator
Verified
I don't think anti-keylogger software are useless, at all. I mean, after all, it's a module many AV have nowadays. But of course it's a waste to have a full suite with anti-exploit and anti-logging features and then throw upon it another anti-keylogger software. Waste of space, RAM, and hell too many notifications.
On the other hand, I would pair, for example, Zemana Anti-Logger with Windows Defender or free antivirus software. And this specific software can be useful with many other products due to its un-intrusive working technique and it's lightness on resources.
 
  • Like
Reactions: harlan4096