TechSpot

Embeded keylogger plzz help

By momsgonelooney
Mar 10, 2008
Topic Status:
Not open for further replies.
  1. i have a keylogger on my system embeded in the main program. it was put in there by my father in law and i do not know how to uninstall it or which program it is. wen i use an anti keylogger program it shuts down everything. i really need to find this program and shut it down. he has user names and passwords for all my email accounts and many of them r personal. i do not want to change my pws until i have removed this keylogger or figure out a way to block it without it shutting down everything. plzz help.
     
  2. kritius

    kritius TS Guru Posts: 2,087

    Hi momsgonelooney,

    Please read this sticky HERE.

    If you decide that you want to clean your computer the plese follow all the steps HERE and post back with the three requested logs as attachments.(see how here)

    Any questions then just ask.

    This thread is for the use of momsgonelooney only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. momsgonelooney

    momsgonelooney TS Rookie Topic Starter Posts: 130

    hjt log

    the rootkit program turned up nothing. adaware wouldn't work in safe mode. combofix didn't work it had a trojan in it. avg turned up a key logger (astlog).here is my hjt log.i hope u can help me remove this program. ty.
     
  4. kritius

    kritius TS Guru Posts: 2,087

    I need to see a Hijackthis log run from normal mode. Please run it again.

    Also please post the AVG log, if one didint get produced then you need to do it again, make sure its set to quarantine the results.

    What exactly happened with ComboFix? Try to run it again and post back the log from it.

    What about the three TOOLs from step 10? Did they find anything?
     
  5. momsgonelooney

    momsgonelooney TS Rookie Topic Starter Posts: 130

    here it is

    tools 1-3 came up with nothing. here r the files u asked 4.
     
  6. kritius

    kritius TS Guru Posts: 2,087

    Have HJT fix these entries,
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
    O3 - Toolbar: (no name) - {A057A204-BACC-4D26-908B-27FCD4A32E85} - (no file)
    O3 - Toolbar: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file)


    Where you warned by your internet security that you had a keylogger?
     
  7. momsgonelooney

    momsgonelooney TS Rookie Topic Starter Posts: 130

    the trend micro found it last night and deleted it..ran another scan 2day and it was there again. it is a keylogger i searched it all over the net and found the program but, it is an embedded program and it runs undetected by all spyware and virus scanners. astlog google it u'll c. if u can find a removal 4 it plzz tell me.
     
  8. kritius

    kritius TS Guru Posts: 2,087

    If you are able to save a report from your av scan then post it back here.
     
  9. momsgonelooney

    momsgonelooney TS Rookie Topic Starter Posts: 130

    i will try to save a log from my online scan and avg.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.