Skip to main content

How does keyloggers get past anti-virus?

Most spy programs gets detected and removed by anti-virus software and security tools. redpill is one of the few (if not the only) spy software company that is continually managing to stay under the radar.

How do the redpill Spy Software Products manage to get past anti-virus packages?

First, let’s look at how anti-virus packages detect spy software and key loggers.

There are two main ways how anti-virus packages detect malware and spy software:

Fingerprint Detection:
Anti-virus companies have databases of know malware and spy software that is updated daily (virus definition files). The anti-virus software then looks for a fingerprint … a piece of code that would be unique to the specific spy program inside each file.

Behavior Detection:
Each anti-virus package has its own name for this technique (Bloodhound, Sonar Detection, Sandbox Testing, etc). In short, the software will not only look at what the program is doing, but also execute pieces of code of the program in a safe (sandbox) environment too see what it is capable of doing.

Even if the key logger or spy program is a new program, it can still be detected and removed by anti-virus software.

How does redpill then manage to get past most anti-virus packages?

redpill has a unique set of counter detection techniques to avoid detection by both the fingerprint detection method as well as the behavior detection method. For obvious reasons we can’t discuss how these techniques work but redpill is continually busy improving these techniques.

Can redpill get past all anti-virus packages and security tools?

At the end of the day, the redpill spy products still need to perform some ‘red flag’ operations like logging keys, taking screenshots, transmitting data and restarting after a reboot. Although redpill employ some advanced and unique techniques to camouflage these actions, it is impossible to hide them completely as they need to be performed.

For that reason it will always be possible for the more advanced anti-virus packages and security tools to detect, remove or block redpill products.

redpill still get past most, as these advanced detection products that can detect or block redpill products are not very popular due to a large percentage of false positives from these products.

What to do if your redpill product is detected or removed

If your redpill product is detected or removed by your anti-virus, download and install the latest version (for redpill Spy) or install again using a new install module (for redpill Detective and redpill Agent).

Never use an old install file or install module. Even if the version number is the latest, redpill products are continually updated to prevent detection.


  1. With the help of FlexiSpy, you will have an opportunity to lock your phone remotely, have a glance at keyloggers application here.

  2. These reports are tricks are produced to panic you. This particular malware reports genuine windows documents furthermore non-existent records as diseases. You have to in no way, shape or form attempt to wipe out these records physically observing that it is conceivable to hurt the designs of your working System, rendering it temperamental.


Post a Comment

Popular posts from this blog

Sending a spy program with gmail

To install a spy program remotely you need to email the target an install module. Spy software like redpill Agent and redpill Detective allows you to hide the install module within a 'cover application' . When emailing the target the install module, you will need either zip the file, embed it into wordpad or send it as a link as most email service providers doesn't allow you to add executables (exe's) as attachments.

To see how to send the spy program as a link see 'Installing spy software with a link'.
To see how to embed the spy program in wordpad, see  'How to remotely install spy software'.

Using a zipped file for the attachment can be a problem when either you or your target is using gmail as gmail will block attachments that contain executables even when they are zipped.

There is however a simple solution to the problem:

Add a password to your zip file

In winrar and winzip you can choose to add a password to your zip/rar file. When you add a passwo…

How to remotely install spy software

---------------------------------------------------------------------------------------------- Update (2015/07/07):  redpill now has a new and better product for installing spy software remotely: redpill Hacker
You can also have a look at newer articles with better tools at: -----------------------------------------------------------------------------------------------
In a previous article we discussed how to get usernames and passwords from other users on a computer you have access to. We will now look at how to install spy software on a computer you do not have access to … even if the computer is on the other side of the world.

Step 1: Get quality Spy Software

You will need quality spy software that can be remotely installed and is not easily detected and removed by anti-virus. There are a couple of key loggers that can be installed remotely, but very few that can secretly be remotely installed.

redpill Detective has been designed to be covertly installed…

How to get a username and password

---------------------------------------------------------------------------------------------- Update (2015/07/07):  redpill now has a new and better product available: redpill Hacker

You can also see more up to date articles at:
This article will explain how to get a username and password for an email account like gmail or yahoo or a social network account like facebook.

In this article we will focus on getting a username and password of another user (the target) on a computer that you have access to. In a following article we will explain how to get a username and password from someone that works on a computer that you do not have access to that might be in another part of the world.

Step 1: Install a key logger

You will need to download and install a key logger that is not easily detected by anti-virus software and that is completely hidden and discreet