There are many keystroke logging software that you can find on the Internet. Most if not all is able to record the keys that you typed on your keyboard and save it to a log file for reference. The difference between the keyloggers are the features that comes with it, the ability to hide its presence from antiviruses and anti-keyloggers and most importantly the method that is used to capture the keystrokes.
Most of the normal keyloggers simply captures the keystrokes using hooking mechanism where it hooks the function that comes with Windows and is commonly being used because it is easier to implement. A more advanced method would be using a low-level or kernel driver where it can receive the keystrokes directly from the keyboard without going through Windows first, hence bypassing protection by most anti-keylogger software.
There are very few driver based keyloggers in the market because it is very hard to implement and the lack of support for 64-bit Windows operating system due to the restriction of only allowing installation of the driver if it is digitally signed. Getting a keylogger driver signed is definitely not an easy task because a keylogger can be used for both good and bad purposes. Somehow WideStep, the company from Ukraine that develops one of the most advanced keylogger software called Elite Keylogger managed to get their driver genuinely and digitally signed making it the first keystroke logging software to officially support 64-bit Windows operating system.
First of all, Elite Keylogger is a shareware that cost $79 to monitor a single PC. In my opinion, the amount you pay for this advanced keylogger is definitely worth the price because:
1. It uses driver based keylogging method which is very hard to implement to log keystrokes. This method also evades detection by many anti-keylogging software that only detects hooking method.
2. Specially compiled to avoid detection from well known antiviruses. It is common for most antivirus and antispyware programs to flag known keyloggers as a threat. The publicly available trial version of Elite Keylogger 5 currently has 7 detection out of 42 in VirusTotal and I believe the special compiled version will definitely be 0/42.
3. Create a pre-configured installer based on your settings with silent installation. You can export the settings and embed it to the installer to avoid configuring the keylogger after installation.
4. Multiple log delivery options from USB, FTP, network share or Email. I find that the saving of the logs to USB option is pretty cool because only a specially assigned USB flash drive that is plugged in to the computer will receive the logs while other USB flash drives will act as a normal USB flash drive.
Elite Keylogger 5 took two years+ to deliver but the user interface remains pretty much the same as the previous version 4. Most of improvements are done on the back end especially getting it to work in 64-bit Windows operating system.
How to detect Elite Keylogger 5
One way to find out if your computer has Elite Keylogger 5 installed is to check for atap2k.sys file located in C:\Windows\System32\Drivers\. The atap2k.sys driver file is not hidden and is visible without setting to show hidden files in Folder Options. If it’s on your system, right click on atap2k.sys and select Properties. Go to the Digital Signatures tab and confirm if you are seeing Trusted Security as the name of signer.
How to remove Elite Keylogger 5
Once you confirm that your computer has Elite Keylogger 5 installed by verifying the existence of atap2k.sys file in C:\Windows\System32\Drivers, removing it quite easy by editing the registry in Windows:
1. Click the Start button
2. Type regedit at the Search program and files bar, hit enter and click the Yes button at the UAC window.
3. Expand HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ and delete the atap2k folder.
4. Restart your computer and Elite Keylogger 5 is no longer active on your system.
Protection against Elite Keylogger 5
As powerful as Elite Keylogger 5 is, I am glad to give everyone a confirmation that Elite Keylogger still captures the scrambled encrypted keystrokes by KeyScrambler Premium, protecting the sensitive information such as your password from being stolen. You can view the video below as a proof.
You can visit Elite Keylogger’s official website by typing www.widestep.com at your web browser’s address bar.