I was told by a Belkin (wireless router) technician that I have a key logger on my Mac Book Pro. How can I tell if he is correct or just trying to sell me their $100 "clean-up" services?

He is trying to sell you service. See Thomas Reed's site, http://www.thesafemac.com for reliable information. Also, take your MacBook Pro to an Apple store genius bar and have the techs check it. Don't believe installers or others trying to sell you something.

As has been the case lately, the ASC software, Jive, is not showing your screen shot, all I see is a big, blank box.

One thing you can do is go tohttp://www.etresoft.com/etrecheck and download the etrecheck program...it is free and will show you the details on your hardware and what is running. That way it is possible to work down line-by-line (not always fun to do) and see if anything is running that should not be.

A kernel call setting a code on the wireless (802.11 is the wireless protocol from the IEEE) is not necessarily a sign of something amiss. See what etrecheck says. That program is written by one of the regulars on here who is reliable and trustworthy.

One more thing you can do, if you run etrecheck, look at the background processes that are running. This is a list of keyloggers that is fairly complete:http://macscan.securemac.com/spyware-list/

You could get a free (three hour) demo version of Little Snitch that should be able to show

what is getting anything from your computer; however a real keylogger may have other

tricks or hours of the day, yet should've left a trail in the computer's outgoing net logs.

http://www.obdev.at/products/littlesnitch/download.html

I've not tried the Little Snitch product, years ago the early version was a shareware and

I downloaded it; but had no issues related to remote access or data gathered/sent out.

Some of the independent Apple authorized resellers and service providers in Montana

could help you; instead of paying a Belkin? tech who may not even know Mavericks 10.9

for an unknown quality of support, you could likely get about an hour of Apple trained Tech.

The company simplymac seems to have several locations and a web site near Bozeman

and Helena; comes up when I look for anything near the latter name. Other areas probably

have nearby authorized service providers and a few Specialists.

To discover the cause of an alleged 'keylogger' event, and know how to deal with symptoms

and find their true causes if not a real key logger, is an important aspect of learning and also

to save money for real events that may occur that could involve a need for pro tech help.

Or for hardware issues, that can take on an other-worldly dimension such as twilight zone.

There are areas covered in TheSafeMac to check regarding access issues where someone

could, say, discover your Apple ID, or use another password-protected item you have to go

and do things in your name online; or try to gain access to the computer from elsewhere.

These are not necessarily a keystroke logger; that implies personal access to a computer

to be able to install such an application. Your admin password and sitting at your Mac.

Hopefully you can find the issue, and that it may not be keystroke logging after all.

Oh, I did email thomas_r. at 'the safe mac' about this ASC thread, with link to it.

Good luck & happy computing! 🙂

You are being scammed, but unfortunately, the fact that you gave the scammer remote access to your computer means that this may now be a self-fulfilling prophecy.

The selected lines in your Console are not remotely a source of concern. I can assure you, I am 100% sure I don't have a keylogger on my computer, yet when I search my Console for "encrypt" and "country code", here's a selection of the things I see:

This is a very common trick that scammers will use to trick you into giving up access to your computer. They will tell you to look for something that is perfectly normal, but that the average user won't understand is perfectly normal, then say that's evidence that you have malware installed.

I'm guessing that you weren't actually talking to a Belkin rep. Either someone called you claiming to be a Belkin rep, or you went searching for help with your Belkin router and stumbled across a fake Belkin support site. Either way, that rep was a scammer in no way associated with Belkin.

Unfortunately, since you allowed this person to have remote access to your machine via Team Viewer, it is now impossible to rule out the possibility that he installed some kind of keylogger or backdoor on your system. There is no anti-virus software in the world that can guarantee your system is safe in this situation. Your only option at this point is to wipe your hard drive clean and reinstall everything from scratch. You will need to be cautious about what you import to the clean system from backups, as you don't want to carry over anything malicious.

For more information on how to do this, see How to reinstall Mac OS X from scratch.

Sorry to be the bearer of bad news!

(Fair disclosure: I may receive compensation from links to my site and software, in the form of buttons allowing for donations. Donations are not required to use my site or software.)

You're at least the second person in the last few weeks who has reported falling for that scam. Don't Google something like "Belkin tech support" and then call the first number that comes up. It will be a scam. Go the Belkin website and find the contact information.

s8jane8 wrote:

I will try identify any key loggers after running the http://www.etresoft.com/etrecheck program and then if I am still concerned, it seems as if I will have to wipe my hard drive clean

You really shouldn't bother trying to identify keyloggers. If you don't find any, that doesn't mean one isn't there.

Since a scammer has had access to your computer, there should be no question about whether you need to wipe your hard drive... it simply needs to be done. You don't wait for criminals to actually use your credit card after your wallet is stolen, you cancel the card immediately. The same caution needs to be used here.

You are using Mac OS X 10.9.4... there is no disk. You just need an internet connection. See the instructions at the link I gave you previously on how to reinstall from scratch.