Embeded keylogger plzz help

[momsgonelooney]

i have a keylogger on my system embeded in the main program. it was put in there by my father in law and i do not know how to uninstall it or which program it is. wen i use an anti keylogger program it shuts down everything. i really need to find this program and shut it down. he has user names and passwords for all my email accounts and many of them r personal. i do not want to change my pws until i have removed this keylogger or figure out a way to block it without it shutting down everything. plzz help.

 

[kritius]

Hi momsgonelooney,

Please read this sticky HERE.

If you decide that you want to clean your computer the plese follow all the steps HERE and post back with the three requested logs as attachments.(see how here)

Any questions then just ask.

This thread is for the use of momsgonelooney only. Please don't post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[momsgonelooney]

hjt log

the rootkit program turned up nothing. adaware wouldn't work in safe mode. combofix didn't work it had a trojan in it. avg turned up a key logger (astlog).here is my hjt log.i hope u can help me remove this program. ty.

 

[kritius]

I need to see a Hijackthis log run from normal mode. Please run it again.

Also please post the AVG log, if one didint get produced then you need to do it again, make sure its set to quarantine the results.

What exactly happened with ComboFix? Try to run it again and post back the log from it.

What about the three TOOLs from step 10? Did they find anything?

 

[momsgonelooney]

here it is

tools 1-3 came up with nothing. here r the files u asked 4.

 

[kritius]

Have HJT fix these entries,
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-908B-27FCD4A32E85} - (no file)
O3 - Toolbar: (no name) - {da30eff8-ccc6-4162-a20d-67402a26a215} - (no file)


Where you warned by your internet security that you had a keylogger?

 

[momsgonelooney]

the trend micro found it last night and deleted it..ran another scan 2day and it was there again. it is a keylogger i searched it all over the net and found the program but, it is an embedded program and it runs undetected by all spyware and virus scanners. astlog google it u'll c. if u can find a removal 4 it plzz tell me.

 

[kritius]

If you are able to save a report from your av scan then post it back here.

 

[momsgonelooney]

i will try to save a log from my online scan and avg.