Forum Thread: Kelogger is getting detected by windows defender

Can anyone tell me how can i make my keylogger file untectable to windows defender. I have made it UD to AVG, Avast n all but i am facing problems with windows defender. Some help would be appreciated. Thanks in advance

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

18 Responses

Try using a crypter.

which crypter. can u suggest some.?
i tried many but cant seem to get anywhere. windows is still detecting it.
can u suggest a good crypter.?

Is it detecting your file on disk or during runtime?

its detecting on disk.
i havent tried on runtime yet. First i need to make it UD on disk right.

A crypter should do that for you. I'd suggest you use one which isn't Shellter or Veil-Evasion.

can you name any such crypter.?
i have tried a few but cant seem to get anywhere.

Try making your own.

making my own crypter :o
well thats a new idea.
thnaks for the response. I will look into it right now.

these things are getting common in real world so AV's are also updating day by day.. so try to use a crypter with less rating.. i had also tried hex editing on my trojan and it was'nt detected as multiple files but when i again merged that it again got detected..

or i think we dont have to upload our malicious files on coz i have seen many people advicing that.. they send these files to AV providers...

yeah buddy i read that online that these sites send the files to AVs... but i bypassed most of the AVs...avg is not detecting is n so is avast...but windows is detecting it. i dont know how. can u suggest a good crypter please.?

also i tried hexing but was really confused so left that option xD

i never used crypters i had tried a few with trojans but these not worked...

Hexing looks difficult but its much easier what u just have to is to split that file into a few files and then scan one by one with ur AV installed on pc then in which u got a thread found then again split it into smaller ones and then do the same again until they got a smaller sized files which dont give and thread try that from its previous file which a thread found and open with ur hex editor and change a few rows and save as new file and again scan and if still thread found in that edited new file again open that and gain edit next rows and again scan until no thread is found and then again scan that last file u had edited and keep remember the rows whom edited and dont gave any thread and now try the same process one by one on columns and scan until no thread left and join the whole file and u will see when u scan it with ur AV it will not show any thread.. HOPE So :D :P

i tried that. But i have problem in the hexing part. i mean i split the files just the way you said so. i went down from 2.5mb to 20kb. Now what to change and what now. thats the part where i got struck.

i tried that. But i have problem in the hexing part. i mean i split the files just the way you said so. i went down from 2.5mb to 20kb. Now what to change and what now. thats the part where i got struck.

I wrote a tutorial on creating a python keylogger, and it's remote so sends to your email. You can check it out. Here you go. And since it is custom, it will most likely not be flagged by an AV. :D

Wuzi out

thnx man thats very helpful . I will check it out for sure. BTW can u help me in hexing that file a bit.?
i really want to make my keylogger file UD. Any tips for that.?

Also the link you gave in that thread is not opening.
i keep getting this problem even though i changed my vpn.
Proxy Error

The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /paste/nfwg2.
can you upload a txt file on datafilehost or something. That would be so much helpful.

change each into 0C or C0 i think that will show a zer0... thats a null value so it dont have any problem.. when u got the string which shows the thread trying making a slight changes like changing its look from lower case to upper case alphabet or vice versa

Share Your Thoughts

  • Hot
  • Active