Keylogging is the action of logging the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. Not only keystroke logging, there are also things like screen logging, clipboard monitoring etc that can be used to track the user activity on a PC. While there are legal ways to do this, like parents monitoring their children or monitoring employees in a company, keylogging can be used by criminals to steal personal information like passwords, credit card number etc. In fact in these days a majority of malwares have keylogging activities. A good introduction to what keyloggers are capable of can be found here.
Anti keyloggers are a special kind of software designed to protect the end user from keylogger softwares. Usually traditional anti keyloggers use heuristic or behavior based technique to detect keyloggers but these days some anti-keyloggers also use whitelist signatures/cloud response system to minimize false detection. Few anti-malwares have also incorporated anti keylogger features to protect user from malicious keylogging while most others still depend on blacklist signatures and so have every possibility to miss zero-day keyloggers. In such cases it is always necessary to add an additional layer of security, that is to install an anti-keylogger.
As already been said, most anti-keyloggers use behavior based technique to detect keyloggers and that’s why most anti-keyloggers prompt the user on any such detection leaving the decision on the user. But that’s not always a good approach because for a relatively in-experienced computer user such prompt brings no meaning; only a nagging. Moreover most anti-keyloggers can only block the executable having keylogging behavior leaving it in accessible. This behavior might cause serious consequences on a false situation.
DataGuard AntiKeylogger from MaxSecurity Lab is ahead in the race in two very important aspects that I’ve already covered.
- It is extremely user-friendly. Smooth interface, no prompt, no difficult learning curve, nothing….
- It detects keylogging by heuristics and without asking the user only removes the dangerous part from the executable making it otherwise accessible.
- Actually there is a third and a very important point. Dataguard Antikeylogger is extremely light on resources, lighter than any other competitive products I have tried yet. It consumes no CPU and less than 10Mb memory all the time.
DataGuard AntiKeylogger comes in four flavors Free, Lite, Pro and Ultimate, each varying in the number of features. All the three paid products comes with 15 days trial with all features that become disabled after the trial ends.
Max Tiganovschii from MaxSecurity Lab arranged me a license of the ultimate version and answered to my every question and feedback.
Download and Installation
- The latest version (v188.8.131.52) installer was downloaded from the company website.
- Downloaded file (5.788Mb) is a zip archive (DataGuardAklUltimateSetup.zip ; MD5: b8e9ef7c1b4f80c619f35c10b97d8027) containing the setup file (DataGuardAklUltimateSetup.exe ; MD5: 6ca480c2d1355ba1d0d3e0074bf9aafc).
- Unfortunately the setup file is yet to be digitally signed. I was informed that it will be signed in near future.
- The installation was smooth without any confusing options. Only customization that an user can do is to create a desktop and quick launch shortcut.
- Installation took about 2-3 minutes to complete and requires a reboot to complete the driver (dataguard.sys ; MD5: ae55e070b4e09b064aa7a041e67a2bf4) installation.
- Overall the installation consumed less than 10Mb hard drive space.
Screenshots of the installation process can be viewed here.
Usability and Effectiveness
After the reboot the software becomes completely ready.
- It shows up a system tray icon that looks like a combination of keyboard and lock. A single left click on that opens up the interface; a very neat one.
- It also has 75 alternative skins to fit any taste. A few can be seen below.
- Initially I was unable to find any version info of the installed software from the user interface. I was guided to hover the mouse on the note “This computer is protected by DataGuard AntiKeylogger ” and that showed up the version information. Max told me that in future, version information will be easier to find.
A bunch of useful settings can be found under Advanced Options.
- By default the software uses expert level of protection verbosity that can be lowered to Standard.
- The software is set to check updates automatically and the update check interval (in days) can be customized (default 5 days). Minor updates were installed automatically after user approval and for major upgrades the user were notified/redirected to download the installer form the homepage. The software lacks proxy with authentication support. So, users having that type of internet connection will not be able to use auto-update feature. I was informed that this settings will be added soon.
- To avoid unauthenticated handling of the software the software can be password protected. Under password protection, no major settings can be changed other than making some cosmetic changes like changing skins, switching off notifications and sound alerts about auto-detected modules.
- The software is set to check an executable for valid digital signatures and if found to allow it. But that can be turned off too. I think everyone should turn off that features because there are reports of digitally signed malware.
DataGuard AntiKeylogger checks all executable files in realtime for possible keylogging activity and adds those to its ‘Auto Detected Modules’ list. In addition to its behavior based analysis the software also has a whitelist that gets updated with each version. If the detected module is found to be in its whitelist or have digital signature it will allow its keylogging activity. In that case a green tick can be found on the left of the executable name, otherwise it will just filter its keylogging ability and it will be listed with a red cross. If the user needs to allow the keylogging ability of a detected module, he just has to do a left click on that red cross; in the opposite case a left click on the green tick enables filtering of the keylogging activity of the executable. The software also has a whitelist tab where the user can add executables that he needs to run smoothly.
- The software has a flaw where a user can access and change the status of the auto-detected modules even if password protected is enabled. I informed them about this and got the assurance of a possible fix.
- Under the about tab, link to the homepage and the registration information can be found. It is indeed a matter of worry that the license key is displayed instead of showing asterisk. An upcoming release might fix this too.
- The help file is pretty thorough and easy to understand. But it might create a confusion about the update policy of the software. The licensing of DataGuard AntiKeylogger is lifetime, so the note “All updates of the program (within the same major version) are free” is ambiguous. I was advised to ignore that and was informed that help file will be updated soon.
- The software has a powerful self protection that protects it from unwanted termination through malicious activity. There is no way to turn off the self protection.
- DataGuard Antikeylogger can run on 32 bit Windows e.g. Microsoft Windows 2000 SP4, 2003, Vista and 7. 64 bit version is under development.
- I have tested the software with some antikeylogger test suites available in the internet. It is able to completely block Zemana and Comodo test and partially Spyshelter test. I have informed them about this and got an affirmative reply.
- While talking with their support I get to know that they will soon be introducing cloud response system for making the protection more effective while reducing false detection.
- While the auto-response of the software is its most useful feature, power users need more control and an optional ask mode will be handy. In near future that feature might be there too in DataGuard Antikeylogger like in most other competitive products.
- Additionally it is worth mentioning in case the user needs to uninstall the software, that the software can be uninstalled by going to Add/Remove Programs. During uninstallation process you will be asked for the reason of uninstallation but you can skip that thing. I found that DataGuard AntiKeylogger leaves very few traces in the computer; 4 harmless registry entries and about 6 files in temporary folders.
In cooperation with MaxSecurity Lab, I have arranged a giveaway of DataGuard AntiKeylogger Ultimate. Each license is worth $59 and can be used lifetime in one PC. The giveaway will run for 7 days and will be closed on 24th Nov, 2011, 11:59pm GMT.
- To grab a license you need to go to the giveaway page. Enter your name, email address and them click on to “Submit Query”. You will get to see the license information once the page finished loading. You will not receive any mail regarding the license so please note down your serial for future use.
- After registering the software with the license it can be used lifetime. All the minor updates and major upgrades can be installed.
- The license is for 1 PC but it can be used even if the user needs to format his PC.
- If anyone needs to use the software in multiboot environment or in his other PCs it is advisable to grab multiple licenses.
- You will be able to get free support from MaxSecurity Lab. Just write them to email@example.com. In case you ever experience any bugs please submit them to firstname.lastname@example.org. For general questions please mail to email@example.com. As far as I experienced the support team is very eager to receive feedbacks. You can find the online F.A.Q here.
Please don’t copy the giveaway page and post it elsewhere. In case you need to share about this giveaway in any other blogs, forums or social networking sites, please link to this blog post.
I would encourage everyone to subscribe to get prompt information on coming exciting giveaways, reviews and fresh news about technology.
Have a nice day.
The giveaway, organized by MaxSecurity Lab and Techno360 has ended on Nov 24.
However, you can use 50PERCENT discount code to save 50% when buying DataGuard AntiKeylogger Ultimate or NextGen AntiKeylogger Ultimate! The offer ends soon!