But, if the modem was infected with dns changer i should have noticed that (weird browser redirections) There is no way a keylogger could install into the modem and steal information right?
When we use a router configured in NAT, the same network connection is shareable and useable simultaneously from multiple systems and all routers available in the market today, allow their configuration through a web interface, accessible by typing 192.168.0.1 and 192.168.1.1 in my case, as local IP address.
Some interfaces for management of routers, however, have vulnerabilities that expose to attacks XSS, CSRF, command injection or based on an insecure authentication procedure.
In the case of routers with a web administration interface vulnerable, an attacker may be able to change the DNS server, inserting arbitrary IP, simply causing the upload, for example using simple JavaScript code, of a local URL that asks the router to alter the DNS.
So by entering JavaScript code on any website the attacker might be able to edit the DNS on the router. The attack is effective, of course, only on vulnerable routers and that's why I absolutely recommend to regularly check the firmware updates but without being paranoid.
In online transactions it is advisable to have an anti keylogger that can encrypt your keystrokes, Zemana Antilogger free is a good choice.