Hi, I would like to know if DW is really protecting me. What can I do to know it? a test or something
regards
Full Version: dw protection
I did a test with sample of malware MSAS2009
VirusTotal Raport: http://www.virustotal.com/pl/analisis/2c33...d7f5c21411d8753
Description of this malware behavior:
http://www.prevx.com/filenames/X2847834140...AS2009.EXE.html
Another examples you'll find here:
http://gladiator-antivirus.com/forum/index...mp;#entry218775
HTH,
EDIT:
I forgot to give a link to my test:
http://www.youtube.com/watch?v=LRcxMhiHXGQ
VirusTotal Raport: http://www.virustotal.com/pl/analisis/2c33...d7f5c21411d8753
Description of this malware behavior:
http://www.prevx.com/filenames/X2847834140...AS2009.EXE.html
Another examples you'll find here:
http://gladiator-antivirus.com/forum/index...mp;#entry218775
HTH,
EDIT:
I forgot to give a link to my test:
http://www.youtube.com/watch?v=LRcxMhiHXGQ
OK, THANKS
http://translate.google.com/translate?js=y...te0=&swap=1 (Google Translate of the article on http://antimalware.ru/).
QUOTE (ajap @ Aug 22 2009, 10:15 PM) 
Hi, I would like to know if DW is really protecting me. What can I do to know it? a test or something
regards
regards
There is also this review of DW from Matt w/ Remove Malware dot com.
http://remove-malware.com/antimalware/anti...iew-on-youtube/
If you wish to test to make sure DW is working correctly on your system you can try AKLT.
http://www.snapfiles.com/get/antikeyloggertester.html
Just remember when starting AKLT that it is running untrusted as your browser should be.
Open notepad and start the test.
hi, i launched aklt and dw failed in : getkeyboardstate, lowlevelhook, journalrecordhook,( nothing intercepted until now)
screenshot 1&2 (showed me paintīs screen)
What do i do ?
regards
screenshot 1&2 (showed me paintīs screen)
What do i do ?
regards
Hello,
Even finding.
QUOTE
hi, i launched aklt and dw failed in : getkeyboardstate, lowlevelhook, journalrecordhook,( nothing intercepted until now)
Even finding.
QUOTE (ajap @ Aug 29 2009, 07:23 AM)
hi, i launched aklt and dw failed in : getkeyboardstate, lowlevelhook, journalrecordhook,( nothing intercepted until now)
screenshot 1&2 (showed me paintīs screen)
What do i do ?
screenshot 1&2 (showed me paintīs screen)
What do i do ?
Did you run as AKLT as trusted or untrusted?
QUOTE (ajap @ Aug 29 2009, 02:23 AM)
hi, i launched aklt and dw failed in : getkeyboardstate, lowlevelhook, journalrecordhook,( nothing intercepted until now)
screenshot 1&2 (showed me paintīs screen)
What do i do ?
regards
screenshot 1&2 (showed me paintīs screen)
What do i do ?
regards
AKLT must be run as untrusted.
Is this the way you tested?
QUOTE
AKLT must be run as untrusted.
Is this the way you tested?
Is this the way you tested?
Of course
QUOTE (ajap @ Aug 29 2009, 07:23 AM)
hi, i launched aklt and dw failed in : getkeyboardstate, lowlevelhook, journalrecordhook,( nothing intercepted until now)
screenshot 1&2 (showed me paintīs screen)
What do i do ?
screenshot 1&2 (showed me paintīs screen)
What do i do ?
It's very strange. If you could make a movie- do it and upload to a free file hosting service.
Ilya,
Have you tested DW with Anti-Keylogger Tester (AKLT)?
Anti-Keylogger Tester (AKLT): http://www.snapfiles.com/get/antikeyloggertester.html
Have you tested DW with Anti-Keylogger Tester (AKLT)?
Anti-Keylogger Tester (AKLT): http://www.snapfiles.com/get/antikeyloggertester.html
DW has passed AKLT for a long time. Check out some of the threads on Wilders where keyloggers are tested. Have you read what the DW help guide says about keyloggers? Do you get a pop-up notification?
No popup for getkeyboardstate, lowlevelhook, journalrecordhook. But I see "Nothing intercepted until now"
But, "Nothing intercepted until now" may mean that DW works by blocking the keylogger.
1. getkeyboardstate, lowlevelhook, journalrecordhook are what help called traditional
2. The others are advanced Key Loggers (with popups of DW).
In all cases DW is working properly.
Is my interpretation correct?
But, "Nothing intercepted until now" may mean that DW works by blocking the keylogger.
1. getkeyboardstate, lowlevelhook, journalrecordhook are what help called traditional
2. The others are advanced Key Loggers (with popups of DW).
In all cases DW is working properly.
Is my interpretation correct?
AKLT with DefenseWall 2.56
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment Click to view attachment
Click to view attachment Click to view attachment
Click to view attachment
(Test has been re-done with DefenseWall v. 2.56)
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment
Click to view attachment Click to view attachment
Click to view attachment Click to view attachment
Click to view attachment
(Test has been re-done with DefenseWall v. 2.56)
OK, now I understand. DW do block screen capturing and keylogers, but some can be blocked automatically, some can't as a legitimate software is using it- this case DW shows popup. The ones automatically blocked DW do not show popup.
i have a download folder as untrusted and aklt is there
i launched the test again, as untrusted like the first time, and i had pop-up notification in tests 1,2,3,4 and 7.
tests 5, 6 and screenshot 6 were like chachazz displayed but in screenshot 2 test i didn't get screenshot fail.
will it be the version of the program? i am using 2.56
regards
i launched the test again, as untrusted like the first time, and i had pop-up notification in tests 1,2,3,4 and 7.
tests 5, 6 and screenshot 6 were like chachazz displayed but in screenshot 2 test i didn't get screenshot fail.
will it be the version of the program? i am using 2.56
regards
ajap, post a screenshot of what you get...Screenshot Test 2
[edit]btw, I did not post all the DW alerts, just one for demonstration..
Installed DW 2.56 and re-take the test..new shots uploaded.
[edit]
Installed DW 2.56 and re-take the test..new shots uploaded.
DefenseWall did not let it copy your desk top...that's a PASS!
yes, but it was de same image. A black square. what i uploaded was a print screen of the test
Yes, the "black square" is the only information malware can see. Very informative, indeed...
then, it's all ok ?
regards
regards
QUOTE (ajap @ Sep 2 2009, 06:54 AM)
then, it's all ok ?
regards
regards
Since screenloggers can't see what you have on desktop and see only black screen, then Yes, everything is OK.
ok. thank you all for your replies. you can close the post
best regards
best regards
OP's inquiry satisfied - Topic closed.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.