LMT AntiMalware (Formerly - LMT Anti Logger)

Discussion in 'other anti-malware software' started by mood, May 25, 2020.

  1. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    I don't think my sandbox is comparable to Sandboxie. I developed it only took 3 hours, so it needs to be improved more.
     
    Last edited: Aug 1, 2020
  2. FibonacciMozart

    FibonacciMozart Registered Member

    Joined:
    Mar 13, 2020
    Posts:
    10
    Location:
    Norway
    Norwegian Bokmål: A-Z + ÆØÅ
    KLID: 00000414 (nb)
    Localename: nb-NO
    Uppercase: Æ Ø Å
    Lowercase: æ ø å

    Æ: U+00c6 Latin Capital Letter Ae (Ash) * - Alt-code 0198
    Ø: U+00d8 Latin Capital Letter O With Stroke - Alt-code 0216
    Å: U+00c5 Latin Capital Letter A With Ring Above - Alt-code 0197

    æ: U+00e6 Latin Small Letter Ae (Ash) * - Alt-code 0230
    ø: U+00f8 Latin Small Letter O With Stroke - Alt-code 0248
    å: U+00e5 Latin Small Letter A With Ring Above - Alt-code 0229

    The software crashes the moment it's launched. No windows shown. Let me know if you need more information and I'll provide it.
    Thank you!
     
  3. ichito

    ichito Registered Member

    Joined:
    Jan 14, 2011
    Posts:
    1,964
    Location:
    Poland - Cracow
  4. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
  5. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
  6. FibonacciMozart

    FibonacciMozart Registered Member

    Joined:
    Mar 13, 2020
    Posts:
    10
    Location:
    Norway
    It works! Anti-screenlogger function works perfectly as well. Good looking out:)

    I'm not sure if it's a bug or if it's supposed to be this way but these characters do not work: . , / ! (dot, comma, slash, exclamation mark).
    It does say that some special keys may not work but dot and comma is much needed. Tested with ENG keyboard layout and same result.

    Nonetheless, it works. Good developer - thanks LeMinhThanh
     
  7. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    Those keys worked fine on my test, but I think I figured out why they didn't work in your case. I will release version 4.6.2 to fix that.
     
    Last edited: Aug 2, 2020
  8. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.6.2 released
    Changelog:
    • Fixed a bug in the Anti Keylogger feature.
    • Temporarily disable the Registry Guard feature because it is not effective.
    Home page: https://leminhthanh.me/antilogger/
    -----------
    @FibonacciMozart can you try this version?
     
  9. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.6.3 released
    Changelog:
    • Added YARA Rules Editor. Now you can edit YARA rules from the GUI.
    • The app now will show details about the YARA rule when a matching process is detected.
    • Now you can run a suspicious application in Sandbox when detected by Heuristic or YARA rule.
    Homepage: https://leminhthanh.me/antilogger
     
  10. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    507
    It seems features keep on getting added without the high memory usage being addressed... last time I looked process explorer reported +/- 270 private bytes being used. Maybe break it up into smaller applications, or is that feasible?
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,369
    Location:
    The Netherlands
    OK I see, but I wondered if it would also run processes with for example low or untrusted rights.

    I remember GeWall, it offered good protection but I hated it. Somehow I feel more secure if virtualization is used.
     
  12. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    That is the cost of obfuscation and I think +200MB RAM usage shouldn't be a problem in 2020.
     
  13. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    507
    The "cost of obfuscation" is not known to me... explain?
     
  14. drhu22

    drhu22 Registered Member

    Joined:
    Aug 21, 2010
    Posts:
    507
    Also... not everyone has money to update hardware
     
  15. Sm3K3R

    Sm3K3R Registered Member

    Joined:
    Feb 29, 2008
    Posts:
    604
    Location:
    Wallachia
    What hardware are you using ? I am sure you could still find some newer modern AMD CPU based PC-s, with more cores and enough RAM..
     
  16. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    I protect the source code of the software by confusing it, this can cause the software use more than 200MB RAM.
     
  17. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.7 released
    Changelog:
    • Added Anti Exploit for Browsers. This feature automatically blocks all child processes of web app parent processes.
    Homepage: https://leminhthanh.me/antilogger/
     
  18. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    Hi!
    LMT Anti Logger 4.7.1 released
    Changelog:
    • Added Malware Scanner. Helps find and detect malware on your computer. The database is still under development, so the scan result will not good.
    Homepage: https://leminhthanh.me/antilogger/
    -----------------------
    I added this feature just because I wanted to test if my server can handle a database with over 1 million rows.
    At the time of writing these lines, I have imported 1377411 hashes from ClamAV's database into my database.
    And in my test, it only detected 11/92 ransomware samples :p:p
    https://i.imgur.com/cO5Hp44.png
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,369
    Location:
    The Netherlands
    Cool, but do you simply block ALL child processes? What if they need to launch a legitimate tool? Now that I think of it, nowadays browsers are multi-process, so did you make a whitelist, so that for example chrome.exe can launch chrome.exe?
     
  20. scip

    scip Registered Member

    Joined:
    Feb 13, 2020
    Posts:
    24
    Location:
    internet
    i like ur software but..
    adw cleaner finds some suspected files when i install ur software....
    and is the antiscreenlogger now working ?
     
  21. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    If chrome.exe launches chrome.exe, my app will not block it.
     
  22. LeMinhThanh

    LeMinhThanh Registered Member

    Joined:
    Apr 21, 2020
    Posts:
    131
    Location:
    Vietnam
    Can you post the sreenshot when adw cleaner finds some suspected files?
    And the anti screenlogger still not work on Win 10 2004
     
  23. scip

    scip Registered Member

    Joined:
    Feb 13, 2020
    Posts:
    24
    Location:
    internet
    each time i install LMT and then i check with ADW cleaner i get this and i delete it and after deleting LMT runs perfectly.

    ***** [ Registry ] *****

    Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utilman.exe
    Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utilman.exe
     
  24. FibonacciMozart

    FibonacciMozart Registered Member

    Joined:
    Mar 13, 2020
    Posts:
    10
    Location:
    Norway
    Antiscreenlogger works on W10 Win 64 1909. It works with multiple monitors also.

    Thanks, you fixed the issue with dot, comma etc but '/' (forward slash) does not work. Backslash works.
    Also, with the antikeylogger: if you type fast the delay gets pretty annoying. It can't keep up. It's like typing on Win98 with slow HW. Maybe this can be improved in the future?
    Other than that it works great. No performance issues.
     
  25. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    14,369
    Location:
    The Netherlands
    But did you exclude them? Because you said that it will block ALL child processes.

    That's weird! Why would LMT modify this registry key?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.