Keylogger without the need of hooks or drivers

I heard that a keylogger can still do the logging without hooks or drivers. I am not sure how it works. Could anyone explain about that?

What anti-keyloggers are proactive in nature and are capable of blocking such kinds of logging (keys, mouses, screenshots) which make use of the above technolgy?

Thank you.

 

A program can check the state of the keyboard (polling) - and example of this is Martin's undetectable keylogger.

 

Would you mind explaining more or provide any link which explains this technique?

What security software can stop this kind of logging?

 

GetKeyState is defined here: http://msdn.microsoft.com/library/d...erence/keyboardinputfunctions/getkeystate.asp

One can simply check the state of each key very rapidly - (simplistically - check if A is up or down, then check if B is up or down, and so on. Assuming 102 keys to check - its a fast loop. )

Lets say it takes 2/10ths of a second to do the check. Keep repeating the check over and over again - and every 2/10ths of a second you know the complete state of keyboard (A - not down, B - down, Caps - down) etc.

I'm unsure which software *currently* detects this particular method using some kind of proactive mechanism, but I know one that *will* very soon.

 

That is next OA.
GW partially stops it( stops logging of keys but not mouse clicks).
Antivir detects it by heuristics.
BOClean heard to detect it( not sure by signature or heuristics).
SSM probably detects it.
CH detects and stops it.
BZ an older version used to stop it, current version- No, latest pre-release version- not checked!
Others ... let,s wait.