For some time now a misconception has been propagating on several several bulletin boards, but we never thought too much about it. Most comments we've seen simply say "use a Virtual Keyboard to bypass Keyloggers." Well, for the most part, this is simply false unfortunately.
Virtual keyboards inject keyboard messages into the queue pretty much the way your system's keyboard driver does. These messages should be seen by most any Keylogger, but we never were concerned with it, so we never were quite sure.
The inquiries got our curiosity up, so we tried a simple free Keylogger. It captured every character typed by both Click-N-Type and the XP virtual keyboard, as we expected.
Before I speak in absolutes, let me say there may be some keyloggers that intercept keyboard messages at a lower level (earlier in the queue) that would not see your keystrokes. But, these keyloggers would only work on NT4(SP3) or newer systems. In simpler words, a Keylogger would have to TRY to be that dumb.
There is a way to get info such as passwords past "some" keyloggers,
using our keyboard, but it's cumbersome and not very useful, and many
keyloggers now are monitoring the system clipboard as well.
following the following steps may fool those keyloggers that do not,
there's no way of knowing. We are not in the business of trying
fool keyloggers and hence do not endorse any tricks. It's up to
if you want some degree of safety from some keyloggers:
1) Have the password (or whatever) on a Macro.
2) Use the "Macro > Display Macro in Buffer..." menu.
3) Click the key with the correct Macro, so the password appears in the Buffer.
4) Release [Buffer] button to put the text on the Clipboard.
5) Paste it someplace, with either a "Right-Click > Paste" or a <Ctrl>+<V>.
Of course, you could do the same thing by copying and pasting text from a file.
We're sorry to have to break the news, but this page is our attempt
to explain what seems to have grown into an Urban Legend.
|You may also want to read this article http://www.pcmag.com/article2/0,2817,1978513,00.asp by people who have studied this more than we have.|