A family member installed a keyloggker in my PC.
Its installation process creates a folder C:\WINDOWS\system32\MPK.
I tried to uninstall it but it asked for a password.
Then I deleted all the contents of the folder MPK .
Then I downloaded micro keylogger setup and installed it.
When I opened it , it asked for the password, not the new, but the old one set by that family member.
Now I think all my activities are monitored by this keylogger.
And i wish to completely uninstall it,
I dont know what to do ?
Since you have administrative rights (you wrote that you deleted a folder in system32),
you can use Start -> Run -> services.msc and look for anything suspicious.
If you're running Professional or above, msconfig could also be of use?
The best thing to do would be reinstalling Windows, setting an Administrator password and then to annihilate what threatens to destroy you.
Keyloggers are pretty limited in their options for installation. The good news is that the entry points and attack vectors are pretty well known so many Anti-virus applications will remove them although it may require an off-line scan if the logger uses some of the more advanced techniques. You are correct that deleting this file under system32 will NOT remove the infection and it is highley probable that your activity is still being monitored.
I couldn't find the keylogger on my computer, however, I caught my mom watching the logs on her own computer last night, and I know which kind of spy software it is, http://www.microkeylogger.com. Then I tried to remove it from my computer, but it asked the password to delete it. My god, my mom will not tell me the password of course.
Presumably she'd need the password to access the keylogger's log, so use that to your advantage. Install your own keylogger, wait a week or two, check it for the password to HER keylogger, and then access her's and proceed as desired.
For setting your keylogger's password I would recommend creating a txt file on another computer containing all the valid characters for a password in the keylogger program, and then copying and pasting them in order of your desired password to the input box for the password creation, that way she won't be able to find the password you made in her log.
My dad did the same thing to me when I was about 13, this is more or less the same solution I used then
Just tell her that you know she has a keylogger, talk about the reasons, and talk about it. If she's sane (she's not if she's logging your keys) she'll probably tell you what she's worried about. Sneaking around never helps anything.
This software claims to be "invisible", I know that it's just advertising and they are not concerned about being accurate but let's assume for a second that this is as close to being true as we can resonably expect, let's also assume that a responsible company would not try to hook their clients IAT, SSDT or any of those neat little tricks.
Without hooking anything a process and its start up entry* are plainly visible so we can rule those out. A service would not need a startup entry but would still be plainley visible to any user who cares to look. This along with the function of the software suggests that it is loaded as a device driver. Although to many of us this does not qualify as invisible they could have patched over the existing keyboard driver there by making it harder to notice(Aren't default drivers a wonderful thing? Such predictable behavior). Reinstall this driver from your system disk and that should break the whole thing. That reporting component is probably running as a service with a bunch of obnoxious persistence conditions so you may have to boot into safe mode to remove this part of it. Of course this is only if you, for some reason, have to or want to remove this by hand, otherwise the AV suggestions that other people brought up earlier are better.
*: Exempting the 255+ rule in WinXP in regards to the startup entry.