# Keylogger, Remote access



## AlwaysInternet (Dec 13, 2008)

I believe there are other unwanted people access my computer from remote logging.

I did a rootkit scan and 3 warnings were for
suspicious files
hiddes files and 
system remote logging

Is there a command to check logs of other people entering?

Help will be greatly appreciated.

I am using a Mac OS x


----------



## JMPC (Jan 15, 2011)

Router's typically will show machines that are connected to the network and may have some logging of the machines that have requested IP addresses.

If you're not currently using WPA2 encryption for wireless you should set that on your router, use a complex password to log into the router and use a complex phrase for network access.


----------



## AlwaysInternet (Dec 13, 2008)

Having trouble finding login page for router =/


----------



## koala (Mar 27, 2005)

What router are you using? (make and model number)


----------



## AlwaysInternet (Dec 13, 2008)

koala said:


> What router are you using? (make and model number)


Thomson
TG585 v7


----------



## koala (Mar 27, 2005)

Default IP: type 192.168.1.254 in the address bar in your browser and hit Enter
Default username: Administrator (case sensitive) or leave blank
Default password: leave blank

If this doesn't work, reset the router by holding the Reset button at the back for a few seconds until the Power LED turns red, then try again with the default name/pass.


----------



## AlwaysInternet (Dec 13, 2008)

koala said:


> Default IP: type 192.168.1.254 in the address bar in your browser and hit Enter
> Default username: Administrator (case sensitive) or leave blank
> Default password: leave blank
> 
> If this doesn't work, reset the router by holding the Reset button at the back for a few seconds until the Power LED turns red, then try again with the default name/pass.


Does this reset your router pass?
just so I can change if neccassry


----------



## AlwaysInternet (Dec 13, 2008)

Doesn't work but I found out another people somehow always getting my password on an account even after changing it many times, the ip of that is host-2-102-138-48.as13285.net....is there a way to stop remote logging...if that is the problem...this is really starting to bug me..


----------



## koala (Mar 27, 2005)

2.102.138.48 is TalkTalk Communications. Are you in the UK and is TalkTalk (or Tiscali) your ISP?

What makes you think they have access to your password?

Post a screenshot of the warnings you get when running a scan.

Have you changed your router's encryption to WPA2 and set a secure password as JMPC advised in post#2?

If you're connecting to the router via cable and don't need wireless access for any of your other computers, have you tried disabling the wireless feature?


----------



## AlwaysInternet (Dec 13, 2008)

koala said:


> 2.102.138.48 is TalkTalk Communications. Are you in the UK and is TalkTalk (or Tiscali) your ISP?
> 
> What makes you think they have access to your password?
> 
> ...


When I login into this account Ip addresses show, it was different from my own so they must have some sort of access
I have WPA2
I use wireless
an anti-virus scan gives no warnings
although the rootkit scan did
not entirely sure about ISP
I am in UK


----------



## koala (Mar 27, 2005)

ISP is Internet Service Provider. Check your monthly bills to see who you're paying for your internet connection. If it's Tiscali, they were recently taken over by TalkTalk in the UK.

I've asked someone from our Network team to have a look at this thread as I don't use Macs.


----------



## AlwaysInternet (Dec 13, 2008)

Hm, still waiting.


----------



## Basementgeek (Feb 7, 2005)

Did you see the question that was asked here?

http://www.techsupportforum.com/forums/f65/keylogger-remote-access-596559.html#post3412255

You have the same basic question in two forums here. That just makes harder to help you.

BG


----------



## AlwaysInternet (Dec 13, 2008)

Basementgeek said:


> Did you see the question that was asked here?
> 
> http://www.techsupportforum.com/forums/f65/keylogger-remote-access-596559.html#post3412255
> 
> ...


This was because I first posted it there 'edit: might be in wrong section'
I didn't get a reply for a long while there so I decided to post it here where I thought it was more relevant, I posted it there because I am using a Mac, and help for a Mac would be different, but since I was getting no replies I posted it here.


----------



## Basementgeek (Feb 7, 2005)

You probably will never get a reply in 20+ minutes. You posted the same day.

Going to close this post at least for the time being. Stay with your question in the MAC
forum. This post can be re opened if need be.

BG


----------

