Keylogger Removal

[Sliver]

Hi.

I have a keylogger on my system. Any ideas how to remove it ?

 

[BDEE]

Why, what are you wanting to look at which you don't want the wife to know about?

There is a confessions thread for this....

 

[Mynight]

Malwarebytes?

If not then nuke it.

How do you know you have one?

 

[norm]

Format reinstall. Only safe way to eradicate it.

 

[Sliver]

Malwarebytes?

If not then nuke it.

How do you know you have one?

Cause I can't get into Safe Mode without a password and things I type are been relayed back to over my speakers on occasion. I spent a while already recovering other network hijacks already. I think he's using Bluetooth to log with it.

 

[Sliver]

Format reinstall. Only safe way to eradicate it.

The easy option eh ?

 

[Mynight]

Cause I can't get into Safe Mode without a password and things I type are been relayed back to over my speakers on occasion. I spent a while already recovering other network hijacks already. I think he's using Bluetooth to log with it.

Sounds badly written then chances are malwarebytes will kill it assuming it's not custom.

Never heard of one locking safe mode though.

 

[Sliver]

MB didn't touch it.

 

[Sliver]

There's a lot out there but it's knowing the right free one.

 

[Mynight]

MB didn't touch it.

Any errant processes?


If malwarebytes didn't see it it's either a new one or custom .

If it's hiding it's process and able to block safe mode then it's most likely going to be in the MBR. Otherwise I don't know how it's affecting safe mode.

Chances are this will be a nuke job unfortunatly.

Is this a friend prank or do you have a job worth logging your system? If you think it's Bluetooth either kill the Bluetooth device and see if it stops or find where they're logging it from its only a 60ft range iirc.

Wait I should probably ask what your speakers are relaying. I assume they're Bluetooth? Is your keyboard also Bluetooth?

 

[arctine]

Remove your computer from the network. Log into safe mode.

 

[Rroff]

Is this a friend prank or do you have a job worth logging your system? If you think it's Bluetooth either kill the Bluetooth device and see if it stops or find where they're logging it from its only a 60ft range iirc.

Inside most buildings it would be more like half that. I've managed ~60 foot in the warehouse at work but in the office part it doesn't go more than 2-3 rooms away or so.

 

[Destination]

Disable Bluetooth in your BIOS options

-edit
What version of windows?
Screenshot the process running, lets have a look at them.

 

[Deleted member 77746]

Hi.

I have a keylogger on my system. Any ideas how to remove it ?

Format. The only safe way. Be safe... there may be a second way in.

 

[Mynight]

Inside most buildings it would be more like half that. I've managed ~60 foot in the warehouse at work but in the office part it doesn't go more than 2-3 rooms away or so.

I've never used Bluetooth outside my car audio. Didn't realise it was affected so badly by walls.


This is sounding like a rather advanced attack if it's hijacked the network as well as sending logs via Bluetooth.

What on earth do you do sliver?

When you say mb didn't touch it did it see it but couldn't remove it?

 

[dacads]

Post on malwarebytes forum, they'll guide you through the process of removing it and other things after you create a thread with the log etc

 

[Deleted member 77746]

What on earth do you do silver?

He works with Gold.

 

[Mynight]

He works with Gold.

Oops .

 

[Sliver]

BIOS passworded too so I'll just live with it till I can do a full reinstall. Thanks anyway.

 

[Mynight]

BIOS passworded too so I'll just live with it till I can do a full reinstall. Thanks anyway.

Pull the CMOS battery?