Anti-keylogging, screengrabbing etc..questions

Trying out CIS ver6 and I tried SpyShelter AntiTest.exe to check if ver6 can block or keylogging/screengrabbing and the like. A pop-up came and I “allowed” SpyShelter AntiTest.exe to run. See images below.


http://s9.postimage.org/7ex6xk4lr/key.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site


http://s8.postimage.org/69s8tk90l/screen.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site


http://s8.postimage.org/614behrxh/clip.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site

I exited the antitest and enabled KeyScrambler. Then I tried to run SpyShelter AntiTest.exe again but a pop-up with a geekBuddy recommendation showed after-which an new pop-up showed from cloud scanner. See below.


http://s2.postimage.org/dl660mf3t/block.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site

I clicked ‘ignore once’ to see if it repeat. Meanwhile I was waiting on the ‘View Logs’ window to appear but it was too long. Tried to click it again and it seemed not to show. After about 3-4 mins. An error appeared. See image.


http://s2.postimage.org/6dvqwn6d5/error.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site

What has happend here? First I allowed the ‘SpyShelter AntiTest.exe’ and I was able to keylog/screengrab/clipgrab without a pop-up from CIS. Isn’t it supposed to block every attempt to keylog/screengrab/clipgrab…?

Or is it if you allow the launch of the ‘SpyShelter AntiTest.exe’ it will allow all actions of the program?

How come when I wanted to check it against KeyScramblerPro all of a sudden CIS shows a pop-up with a recommendation from GeekBuddy and a pop-up from cloud scanner…?

If I was not online will that cloud scanner show that pop-up?

If that was the cloud scanner, how come it sent it without my permission? Where is the setting located?

How can I test anti-keylogging and the like efficiently? Can you show me how please.

Help.

Thank you.

Windows 7 64-Bit here. I tried SpyShelter test just now. My CIS auto-blocked it and it failed to run. No action was required from me apart from the cloud AV.

Also what system are you using?

Hi Seany007,

Thanks for the reply. Kindly bear with me as I am trying to understand the program better.

– Kindly see image attached for the HIPS settings. Settings are based on Proactive.

http://s1.postimage.org/rc7aijolr/hipsset.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site

– Okay, I must have missed that. I’ll leave it ‘on’.

Just ran SpyShelter AntiTest.exe just seconds earlier and the HIPS blocked it. See image attached.


http://s9.postimage.org/fg3xbnx7j/Hipsblock.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site

There was no pop-up from Cloud Scanner.

Questions:

From the first test I did, I allowed the tool to run. So if I “Allow” ‘SpyShelter AntiTest.exe’ to “run” it will “not” block whatever the tool runs(keylogging/screengrabbing etc)…correct?

I was on the premise that even if I allow/run the test tool Comodo HIPS will still block whatever action/tool I run from that test tool.

Why was there no pop-up from the Cloud scanner after the HiPS pop-up for the ‘SpyShelter AntiTest.exe’?

Is there means to scan manually using Cloud Scanner?

CIS v6 does not ‘encrypt’ keystrokes right?

I was looking for the logs of the previous events but there was none. I scanned the date when I first ran the ‘SpyShelter AntiTest.exe’ and there was no trace of it in the logs. All I could find was the new alert log. See image.


http://s1.postimage.org/fsven32of/hiplog.jpg

Edit by Dennis2: I removed the spam like notification that your image was from a image sharing site