Blow Out Spy Activity on Your System
key review info
- Application: Zemana AntiLogger 220.127.116.11
- Reviewed on:
- Anti-SSL Logger Module that provides protection against SSL Logger
- (5 more, see all...)
One of the most dangerous forms of malware nowadays is represented by keyloggers. They used to be able to record only keystrokes - hence the name, but, like any sort of malware, they have rapidly developed new abilities, permitting surreptitious logging of all user activity on the computer, complete with reports on time of launching every application, snapshots of the screen, monitoring of web navigation and even subduing your webcam to capture stills of whatever is in front of it.
Keeping yourself out of harm's way and protecting your privacy may be a tricky deal, despite the fact that most security software on the market today is perfectly capable to restrain malware activities on your computer. And that is because most anti-malware pieces of software still rely heavily on creating signatures for newly detected malware and sending them to their users.
Few are the applications specialized in detecting activity logging threats, and even fewer that can provide real protection against them. Zemana AntiLogger is particularly built to fight any sort of loggers that may attack your system, and in a smart way, as it does not depend on signatures, basing its alerts on the activity of the suspicious process.
In the Protection Console of the application, you'll find five modules available, four of which are designed for recognizing specific logging activity (key-logger, screen-logger, webcam-logger, clipboard-logger), while the fifth is crafted to monitor the important areas of the computer and safeguard them against rootkit installations, global hook installation, DLL code injection, kernel driver loading or system registry modification.
The application usually sells for $39.50, but the current offer from the developer includes a 15% discount, bringing the price to $34. Even a better offer that gets you the application absolutely free of charge for an entire year is currently available on Softpedia. The expiration date on the giveaway is set for Wednesday, March 17, 2010. No registration is required, just a simple download and Internet connection for activating your copy of the product.
Once installed, you'll realize that the application supports little intervention from your part, as configuration settings are very few. Zemana AntiLogger has been built to disturb as little as possible and provide as tight protection against activity logging malware as possible. Thus, the only sort of intrusion you'll have to put up with are the alerts giving away the surreptitious activity of the loggers. Luckily, the amount of popups can be reduced by creating a rule for the alert-triggering item, to be allowed or blocked.
The message popping up the moment suspicious doings are detected on the system is not without details on the attempt. It will include the type of activity recorded, the name of the item trying to carry out the detected suspicious task, as well as the risk level. However, in the end, it is up to you to allow or deny the conduct.
Configuring the application should not take too much time, regardless of your computer skills. The Settings panel in Zemana AntiLogger contains little options and all of them consist in ticking or clearing checkboxes in order to enable/disable features. Among the interesting possibilities available in the application, there is that of using Zemana White List Technology, which includes a set of items carefully selected as harmless by the developer that will reduce the number of alerts on the desktop.
There is also the possibility to enable protection against SSL loggers, but only for the applications using Microsoft SSL coding, meaning that the users of Firefox, Thunderbird and any other app not relying on the Redmond-based giant's secure layer will not benefit from this type of protection.
In order to reduce the number of desktop alerts as much as possible, the developer allows you to choose how certified and uncertified applications should be treated by Zemana AntiLogger by default. For certified elements, you can choose to automatically allow or be informed of the recorded activity and ask for confirmation. In the case of uncertified apps, your option is between asking for confirmation and automatically block it. You also have a say on the effect of blocking an application: should it be terminated or just block its doubtful activities?
The intuitive interface and scarce set of configuration options make for a very easy to work with application. Protection Console provides an important set of details about the number of blocked and permitted activities, or total amount detections. As far as the options are concerned, the only thing possible is to enable or disable the protection of each module individually or halt it for all of them at once.
Each rule you apply is recorded by the application and can be viewed in the Management Console, together with quarantined items and the rule logs. To make things easier when re-installing the entire application, Zemana Anti-Logger allows you to export and import rules.
Regarding the resource usage, AntiLogger functions very well with less then 30MB of RAM (in our case, the peak usage was of about 25MB), while CPU is insignificant. Also, it will simply stay in the system tray without intruding on you each time you launch an application, but only when there is no rule for the newly launched process and suspicious activity has been detected.
You will also notice it pop upon installing various programs that require access to Windows Registry for their files. In this case, the System-Defense module of Zemana kicks in notifying you of the attempt. Should this become too annoying, you can keep it disabled and re-enforce it when dealing with shady software.
As far as the detection abilities of Zemana AntiLogger are concerned, they are quite impressing, although not to the point of declaring its behavioral detection unavoidable. Out of the suite of 9 keyloogers and 5 test files we faced it against, AntiLoogger's success was quite resonant, as the surreptitious activity of only one keylogger remained undetected. The rest of 13 items were all spotted the instant they tried to record the keystrokes, take snapshots of the desktop or record the information contained by the clipboard.
The result clearly demonstrates the high success rate of Zemana AntiLogger, but there are some other logging activities the program does not take into consideration. Several pieces of spying software today are capable of stealing web navigation reports, as well as monitor and record file and application activity. Although these are not exactly traditional "features" in a keylogger, they still count as spying activities.
But, overall, the application did a great job detecting the spying utilities we threw into the system. It would promptly alert about the specific logging activity the item was about to perform and wait for our decision in order to block or allow it.
Immediately after installation, an average user has absolutely nothing to configure and set up, as the application is prepared to blow the cover of spying utilities and restrict the number of alerts for the user right from the box.
It accurately detects most of the loggers running stealthily on a system and block their activity, be it keystroke recording, taking screenshots, webcam activation or logging clipboard content. Additionally, it can guard sensitive areas of the system against infiltration of malware, and all this is achieved with insignificant resource usage.
Adding Zemana AntiLogger on a system already protected by security software raises absolutely no compatibility issues in most cases. According to the developer, there are very few security programs posing compatibility problems.
During our tests, it failed to detect the spying activity of Refog Personal Monitor, letting it do its bidding unhindered.UPDATE: The current version of AntiLogger supports Microsoft WININET API , Mozilla NSS API and OpenSSL API are supported. This translates into protection against SSL loggers regardless of the web browser you use.
Keeping it updated to the latest computer spy activities, such as protection against monitoring web navigation or file activity, would improve its already great set of features.
Protection against SSL loggers is assured only as long as the applications you use employ Microsoft coding. Yet, Mozilla's products gain more and more popularity.
Despite the fact that it failed to notice the activity of a commercial monitoring utility, Zemana AntiLogger proved its amazing capabilities by using minimum system resources and acting promptly in the rest of the cases. The ease of use is amazing, as for the majority of users, it is ready to function at optimum parameters out of the box, without any modification to its original configuration.
UPDATE: Zemana AntiLogger has been updated to a new version, bringing a set of improvements designed to strengthen security and detection of whatever keyloggers may be running wild on your system. Among the most important improvements in version 18.104.22.168, there is the enhanced kernel mode keylogger detection, increased protection against legitimate keyloggers and against fake path manipulation methods.
In a new round of tests, the application alerted us whenever Refog or any other certified app attempted to record keystrokes or capture the screen. The extreme side of the testing involved a genuine trojan with logging capabilities. This complicated piece of malware would allow a remote attacker to execute code on the infected machine. In this case, Zemana successfully detected the server thus compromising all activity of the trojan. However, the rootkit behavior of the threat may mislead the user into trusting the activity of the process and instruct Zemana to allow it.
Due to fixing the issues of the initially tested version of AntiLogger and improving logging detection, the application gains the fifth star from us.