mark00thomas
Level 1 (4 points)
Mac OS X

Q: Finding and removing malware, key-loggers, spyware

There have been many threads about finding keylogers and spywear on OSX, but most of them are akin to giving a man a fish than teaching him to fish. For instance Linc Davis responded to the below thread with some instructions in terminal and requested the output be copied to the thread. This will not help anyone who doesn't have access to a "Linc Davis."

 

https://discussions.apple.com/thread/4243511?start=0&tstart=0

 

Is there a tutorial or something that we can use to monitor these kinds of things? I look in Console, Activity Monitor, Little Snitch but I don't really know what I'm looking for. And when you do find it how do you remove it? I heard once that if you back up your infected computer to a drive and computer you now connect that drive to can get infected (like my freshly wiped HD with a new copy of OSX). A list of all known malware process names.

 

After looking at my output in the above link someone suggested that  com.BT.kext.bpkkext was a suspect and that Blazing tools Perfect Keylogger was the software. I can't remove it; I even downloaded the uninstaller from Blazing tools.

MacBook Pro (Retina, 15-inch, Early 2013), OS X Mountain Lion (10.8.4), Many outdated, but unbreakable macs

Posted on Aug 2, 2013 4:11 PM

Close
mark00thomas

Q: Finding and removing malware, key-loggers, spyware

  • All replies
  • Helpful answers

Previous Page 2

  • by John Galt,

    John Galt John Galt Oct 29, 2013 10:54 PM in response to perseverer
    Level 9 (50,389 points)
    Mac OS X
    Oct 29, 2013 10:54 PM in response to perseverer

    perseverer wrote:

     

    I'm quite sure that someone has put a keylogger on my macbook pro.

     

    Hi perseverer

     

    First of all, the possibility that someone installed a keylogger on your Mac is a serious concern and may be a crime. No one on this user-to-user site can advise you regarding the appropriate legal actions to take, but if you have reason to believe there is a keylogger then you should take all efforts to preserve evidence so that you can pursue whatever remedies are available to you. That means stop using your Mac.

     

    The remainder of this response is limited to Mac - specific technical advice only.

     

    None of what you posted directly indicates the presence of a keylogger. While it is possible to identify the presence of a keylogger, it is simply not possible to determine the absence of one without an exhaustive examination of every single file of the potentially hundreds of thousands of files on your Mac. Even if your Mac's software has not been altered, the possibility of a hardware keylogger exists that can only be ruled out by a physical examination of your Mac, and even that would be extremely difficult.

     

    The question to be answered is why you suspect a keylogger was installed. You would be better off explaining the reasons that led you to that suspicion. Since this thread is so old and started with the definite presence of a known keylogger with a solution to remove it, you should start a new Discussion so that your individual concerns can get the attention you deserve. Please do that, posting the information you already provided and explain the reasons you believe a keylogger is installed.

     

    I know you did not ask specifically but the McAfee product has no ability to detect a keylogger and is capable of doing nothing beneficial. It can only degrade your Mac's performance. I recommend you remove it completely according to its instructions, but bear in mind the potential necessity to preserve evidence I mentioned earlier.

Previous Page 2