LMT AntiMalware (Formerly - LMT Anti Logger)

Looks like you have enabled encryption in Anti Keylogger right? That feature can be annoying to the user, I will find ways to improve it.

 

Yes, but if that child process belongs to the browser, my app won't block it.

To display the Scan with LMT Anti Logger option when the user right-clicks the file

 

Yes, but I'm trying to figure out if your process execution control works correctly. It should normally also block chrome.exe from loading chrome.exe, unless you made exceptions. If you didn't then something might be wrong.

I don't think you should need to use this registry key for modifying the context menu?

 

Hi!
LMT Anti Logger 4.8 released
Changelog:

• Improved Realtime Protection: Now LMT Anti Logger will scan modules used by a process when it is launched.
• Added option to detect PE Injection and Reflective PE Injection by heuristic in Malware Scanner feature.
• You can now enable the on-screen keyboard without having to turn on the Anti Keylogger feature.
• Updated Anti Keylogger feature to help reduce lag when typing
• Updated Scan with LMT Anti Logger feature: When scanning a .zip file, the software will show information about dangerous files contained in that .zip file.
• Fixed bug when closing the Malware Scanner window unexpectedly.

Homepage: https://leminhthanh.me/antilogger/

 

dunno if asked already
but can it be used with a main AV, the performance will be then OK?

 

Yes, my app can works with other AV. I'm using it with Windows Defender without any conflict. I think the performance is ok

 

Hi!
LMT Anti Logger 4.8.1 released
Changelog:

• Improved AI model. Overall accuracy now reached 98.83%.
• Fixed a bug that could crash the software when enabling Realtime protection.

Homepage: https://leminhthanh.me/antilogger/

 

98.83% - awesome AI job! what model did you use for train?

dunno but since you are developping it privately I think you can find a niche in program behavior scanner, it would do stuff that other scanners don't, an additional option like ERP by hitmanpro that would enumarate potentially dangerous services and programs
I say so because I really like how avz by oleg zaytsev puts info on top of each software: application has no visibile windows, has networking capabilities and listens on tcp ports, has export table and so on, that and a certificate scanner , these are stuff that I really miss from scanners that threat people as if they are dumb and can't make decisions

 

I used the dataset from this article to train a model:
https://www.evilsocket.net/2019/05/...lware-detection-system-with-Machine-Learning/

 

So you used the ANN network with an encoder/decoder with Keras Sequential model and interface (high-level API)?

 

I used LightGBM

 

Hi!
LMT Anti Logger 4.9 released
Changelog:

• Added USB drive Guard feature.
• Added an option to use AMSI for Fileless Protection.
• Updated Anti Executable feature, added more options.

Homepage: https://leminhthanh.me/antilogger/

 

Very interesting, thank you!

 

Wow, you are on fire! BTW, did you test it against tools like DNS Jumper and DNS Angel? Will it block them from changing DNS settings or at least give an alert?

https://www.snapfiles.com/get/dnsangel.html
https://www.snapfiles.com/get/dnsjumper.html

 

It will show a warning and allow you to restore DNS settings. My app will not block them from changing DNS settings because there are currently some problems with the registry driver, I haven't implemented it yet.

 

Hello, I created this software in March, during the quarantine period because of covid in Vietnam. After a period of development from the first version to 4.9, I think the current source code of my software is not suitable for further development. So I decided to rewrite LMT Anti Logger 5.0 from scratch, starting by dividing the software into the GUI and service (like other softwares). I don't know when it will be done because now I'm quite busy with my work. During this time, I will continue to maintain version 4.9.x
Good luck to me

 

Good luck @LeMinhThanh
I wish you a lot of patient and determination

 

Sounds a bit weird! I believe any HIPS/anti-logger should be able to block stuff. Hopefully LMT version 5 will be a bit more powerful. BTW, you said that LMT makes use of a driver, but did you then also have to buy a certificate to sign the driver?

 

Hi!
LMT Anti Logger 4.9.1 released
Changelog:

• The software will switch to using my API if Virustotal's API is rate limited.
• Fixed: Resolves potential program crashes when scanning .zip files.
• The AI feature in Scan with LMT Anti Logger will automatically detect the PE file without having to rely on the file extension.

Homepage: https://leminhthanh.me/antilogger/

 

i get this "checking" all the time when i opened the scanner. Same behavior even after rebooted the pc.

 

Please make sure you have an internet connection because software will connect to my server to scan the files. Looks like I forgot to mention this

 

LMT Anti Logger v4.9.2 Released (October 30, 2020)
Website + Download
Download (Softpedia / Majorgeeks)
Changelog

 

Hi @ LMT

Installed your software. Clicked on Secure browsing. Said it couldn't find browser, did I want to download it. Said yes.

Nothing happened

Terry

 

Hi!
LMT Anti Logger 4.9.3 released
Changelog:

• Malware Scanner feature has been removed because the API has been put to rest.
• Change the USB Guard feature: when you connect to the USB drive, the software will block untrusted applications from running from that USB drive.

Homepage: https://leminhthanh.me/antilogger/

 

Hi!
LMT Anti Logger 4.9.4 released
Changelog:

• Fixed a bug in Realtime Protection. Thanks to Mr. Daniel Gebert for reporting the bug.
• Improved Self-defense feature. Thanks to Mr. Daniel Gebert for reporting the bug.

Homepage: https://leminhthanh.me/antilogger/