Please help with keylogger

View previous topic View next topic Go down

Please help with keylogger

Post by CG1644 on Tue Jun 19, 2012 2:16 pm

I believe I may have a keylogger on my computer. I am not sure how to go about finding it. I have Norton Home Security and Malware Bytes. I am currently running a Malware Bytes scan(it has found 12 items so far) and my Norton has come up with a virus it says it cant remove called Trojan.Gen.2.

This is the story. I have a affiliate business and the past week someone has been getting into my accounts using my username and password and trying to withdraw money. I know who the guy is, he lives in Vietnam and I know his IP. He has been around for years and this has happened to other people in my line of business. But he is very clever and we cant seem to find a way to stop him. I have changed all my passwords now and used a password generator to create all new passwords for my accounts. He has managed to get in today again AFTER the passwords were changed so I am very worried he has a keylogger either on mine of my business partners computer. I am not sure how to find it and remove it. Can anyone help? Thanks so much!


Posts Posts : 1
Joined Joined : 2012-06-19
OS OS : Windows 7
Points Points : 16303
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Please help with keylogger

Post by Gabethebabe on Wed Jun 20, 2012 2:03 pm

Hi there CG1644 and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:
  • Whilst Im helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  • Feel free to ask questions! Especially if my instructions are not clear. Im here to help, not confuse you.
  • I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  • Stick with me till the end. If your computer starts running better, doesnt mean it is clean yet!


Please download OTL by OldTimer from [You must be registered and logged in to see this link.] and save it to your desktop.
  • Close all windows and double click OTL.exe.
  • The Extra Registry setting should be Use Safelist
  • Copy and paste the following text into the Custom Scans/Fixes box:

%systemroot%\system32\config\systemprofile\*.dat /x
%PROGRAMFILES%\Common Files\*.*
%USERPROFILE%\My Documents\*.exe
%PROGRAMFILES%\Mozilla Firefox\*.exe
%systemroot%\system32\*.* /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.* /lockedfiles
hklm\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
hkcu\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
hklm\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
  • Click the Run Scan button and allow it to run.
  • It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  • You may need multiple posts to get it all.


Please download aswMBR by Alwil Software from [You must be registered and logged in to see this link.] and save it to your desktop.

  • Double click aswMBR.exe to run the tool
  • Click the Scan button to start the scan
  • Dont panic if you see any **Rootkit** entries. The tool sometimes produces false alarms
  • Once the scan finishes click Save log to save the log to your desktop
  • Copy and paste the contents of this log (aswMBR.txt) into your next reply.

Top Dog
Top Dog

Posts Posts : 1568
Joined Joined : 2010-03-07
Gender Gender : Male
OS OS : Win7
Points Points : 38208
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

Permissions in this forum:
You cannot reply to topics in this forum