LMT AntiMalware (Formerly - LMT Anti Logger)

Discussion in 'other anti-malware software' started by mood, May 25, 2020.

  1. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.0 released!
    This is a major update to make LMT Anti Logger protect you better
    Changelog:
    • Added the Anti Executable feature. When you open an executable file, LMT Anti Logger will scan the file, if it detects file is unsafe, LMT Anti Logger will block access to that file.
    • Now you can edit Whitelist from the application interface.
    • Updated Basic Firewall feature.
    • Updated Registry Guard.
    Link download: https://leminhthanh1998.github.io/lmt-anti-logger/index-en.html
    Video: https://youtu.be/ZAy1mFyTi8A
     
    Last edited by a moderator: Jun 10, 2020
  2. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    600
    Location:
    Wallachia
    This one looks interesting.
    What exactly is the firewall feature ?
    Whats the level of customization for the firewall feature ?
    I may install this on my small AMD AM1 machine with some older W10 version.
     
  3. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi, this is a basic firewall, it will notify you when any non-signature application attempts to access the internet.
     
  4. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    600
    Location:
    Wallachia
    Hi, your software looks nice.
    Just installed it on a AMD AM1 5350 quad core machine, with 4Gigs of RAM and W10Pro 10.0.10586.
    It is installed along Sandboxie, Kaspersky Free and TinyWall 3.0.4 Official.
    Just removed VoodooShield to avoid conflicts.
    I see no slowdowns.
    I would say though that the interface needs some enhancements.Maybe a sober look ?
    The icons in the main page seem huge on a 80 cm TV display, at 1080p, and I think that the Protection switches need a more aggressive color scheme, to show when items are on the Off position.
    And a question : Why are 4 outbound ports connections required , i see TCP outs to port :80,443,1433 and 8080 ?

    It detects stuff, like voodooshield :)
     
  5. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi,
    My app need to connect to Virustotal and my server to scan file.
     
  6. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    600
    Location:
    Wallachia
    Just got a crash of the app.

    I was scanning various .exe files that i have on the desktop, smaller than 20 Mb, to see what it does.

    I ve scanned some older Sandboxie versions, with results returned, and then tried to scan an older version of Winbox.exe(version 3.18 ) .Nothing was shown prior to the crash message, no result was returned.Restarted the app and enabled the self protection in options this time, to scan again the same files (winbox.exe and various older versions of wfc.exe).Second time no results of the files scan were shown/returned, but no crash this time and the taskbar icon of the app is still pulsatile.
    After restarting the app i ve observed that the webcam option went to Off position, it was On before.Keep in mind there is no webcam installed at this moment.
    In the settings were activated: Start with Windows, Activate Scan with LMT anti-logger,Check Malware, Use AI,Use heuristic,Use Yara (updated).Exclude files in the Program Files folder.
    For TCP Outbound only port 443 and 1433 were allowed, 8080 is blocked.

    The way it crashed remembers me of a voodooshield bug, it would crash that app when a scan was invoked, with no network connection, if i remember correctly.

    The dialog shown after the scan has 2 buttons, one for Cancel and another for Delete.I ve barely observed that the Delete button is greyed out /inactive.Why is the name of the button Cancel if you just scan the file via contextual menu - and the scan already happened :) ?
     
  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,085
    Location:
    The Netherlands
    Yes, sounds cool, it should be completely driver based. I will soon post a couple of ideas, about stuff that should be monitored.
     
  8. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Thanks for your report, I will check it now
     
  9. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
  10. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    498
  11. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
  12. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.1 released
    Changelog:
    • Added LMT Artificial Intelligence. Now the AI will run on your computer, help prevent the latest threats.
    • Fixed bugs.
    Link download: https://leminhthanh.me/antilogger/
    Video: https://www.youtube.com/watch?v=y_VlSwIxluc
    IMPORTANT NOTE:
    -Due to issue in new bug on Windows API introduced in 20H1, Anti Screenlogger feature does not work in 20H1. I’ll keep you updated regarding that matter.
    -Because AI is already running on your computer, it no longer depends on my server. So from next week, I will turn off the AI server, so you need to update to version 4.1.
     
    Last edited by a moderator: Jun 17, 2020
  13. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,085
    Location:
    The Netherlands
    That really is way too much! You should be able to improve this IMO.
     
  14. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,898
  15. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.2 released
    Changelog:
    • Added: Fileless Malware Protection, help protect you from fileless malware.
    • Change the location when notification windows appear.
    Link download: https://leminhthanh.me/antilogger/
    Video demo: youtube.com/watch?v=3pcommOgy54
    IMPORTANT NOTE:
    -Due to issue in new bug on Windows API introduced in 20H1, Anti Screenlogger feature does not work in 20H1. I’ll keep you updated regarding that matter.
    -The AI server is off, so please update to the latest version.
     
  16. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,085
    Location:
    The Netherlands
    Interesting stuff, so you basically block powershell.exe from loading, right?
     
  17. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi, I used a driver to check if a process being executed has a command line that matches the rules, my app will prevent it from executing.
     
  18. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,085
    Location:
    The Netherlands
    OK I see, so this isn't just about powershell.exe? However, this would mean that you can only block malware that trigger these exact command lines, sounds a bit weird. And what kind of driver are you using, is it .sys based?
     
  19. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    37,898
    LMT Anti Logger v4.2.1 Released (June 25, 2020)
    Website + Download
    Download (Softpedia / Majorgeeks)
    Changelog
     
  20. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    It will block execution if the command line matches rules like this:
    https://i.imgur.com/Y8qgiId.png
    So it can help prevent fileless attacks
     
  21. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,085
    Location:
    The Netherlands
    OK I see, and about the driver, I now see that it's indeed .sys based, but I see several .sys files, why is that? For example, SpyShelter only uses 2 drivers, 1 for the behavior blocker and 1 for keystroke encryption.
     
  22. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Actually there are only 2 drivers, 1 for I/O and 1 for processes. You see many files because they are for different platforms.
     
  23. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.3 released
    Changelog:
    • Improved Folder Guard feature. Now you have more options such as allowing to create files, rename files, move files, ... in the protected folder.
    • Add the option Trust based on digital signatures. This is preparation for the Application Whitelisting feature.
    Link download: https://leminhthanh.me/antilogger/
    Video demo: youtube.com/watch?v=d5jv9AYRfrk
     
  24. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi, because of work, I don't have time for this project, so from this version I will stop developing LMT Anti Logger.
    Best regards,
    Thành
     
  25. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    111
    Location:
    Vietnam
    Hi!
    Honestly, I was about to stop developing this software, but 2 days ago I read some negative comments about my software in a French forum. So I decided to continue developing this software.

    LMT Anti Logger 4.4 released
    Changelog:
    • Improved Realtime Protection. Now it can work like other AV software, LMT Anti Logger scans files before they are executed and can deny execution in case of malware.
    Link download: https://leminhthanh.me/antilogger/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.