Potential keylogger infection
Hi,
I need some help to find out whether there's a keylogger installed on my machine.
Is there a way to detect if such software is installed on my machine? Or should I suspect a keylogger has been installed in the EFI partition?
I've installed ClamXav and Little Snitch (among others) to scan and control the network connections my machine makes. Also installed HotSpot Shield thinking it might help secure my internet connection and changed the password for my Mac ID.
I went through this post I believe that I have a keylogger or some sort of spyware installed on my mac, please help! and I was wondering whether I could get an insight from the experts posting regularly here. I also checked with the official Apple reseller to find out whether there are Mac repair shops that could help me out on this but didn't get any recommendation.
I'm using a MacBook Pro (Retina, 15-inch, Mid 2014) and a MacBook 13-inch unibody.
Here's what I got after typing in Terminal the commands suggested in the post I've mentioned:
====================================
Last login: Wed Jan 28 09:01:15 on ttys000
usernames-MacBook-Pro:~ username$ kextstat -kl | awk '!/com\.apple/{printf "%s %s\n", $6, $7}'
at.obdev.nke.LittleSnitch (4234)
com.intego.netbarrier.kext.monitor (180)
com.intego.netbarrier.kext.process (180)
com.intego.netbarrier.kext.network (180)
com.intego.Family-Protector.extension (2591)
com.anchorfree.tun (1.1.1)
usernames-MacBook-Pro:~ username$ sudo launchctl list | sed 1d | awk '!/0x|com\.(apple|openssh|vix)|edu\.mit|org\.(amavis|apache|cups|isc|ntp|postfi x|x)/{print $3}'
Password:
com.intego.Family-Protector.daemon
com.intego.WashingMachine.service
com.bitdefender.AuthHelperTool
org.whatpulse.ChmodBPF
com.bitdefender.CoreIssues
com.intego.virusbarrier.daemon.emlparser
com.intego.commonservices.icalserver
at.obdev.littlesnitchd
com.intego.PersonalBackup.daemon
com.intego.netbarrier.daemon
com.intego.commonservices.daemon.taskmanager
com.bitdefender.UpdDaemon
com.bitdefender.Daemon
com.intego.commonservices.metrics.kschecker
com.prosofteng.DriveGenius.locum
com.intego.netupdate.daemon
com.adobe.SwitchBoard
com.intego.netbarrier.daemon.logger
com.bitdefender.upgrade
com.adobe.fpsaud
com.intego.virusbarrier.daemon
com.intego.netbarrier.daemon.monitor
com.intego.virusbarrier.daemon.logger
com.teamviewer.Helper
com.intego.virusbarrier.daemon.scanner
com.intego.commonservices.daemon.integod
com.anchorfree.ajaxserver
usernames-MacBook-Pro:~ username$ launchctl list | sed 1d | awk '!/0x|com\.apple|edu\.mit|org\.(x|openbsd)/{print $3}'
com.intego.commonservices.taskmanager
com.intego.virusbarrier.alert
uk.co.markallan.clamxav.330892
com.intego.netupdate.agent
com.irradiatedsoftware.SizeUp.259040
com.intego.app.netbarrier.monitor.285736
com.intego.Family-Protector.agent
at.obdev.LittleSnitchUIAgent
com.intego.netbarrier.alert
com.anchorfree.Hotspot_Shield.275796
com.intego.commonservices.uninstaller
com.adobe.AAM.Scheduler-1.0
jp.co.canon.ScanGearMF.appl.Canon-MF-Scan-Agent
com.intego.personalbackup.agent
com.evernote.EvernoteHelper.214168
com.intego.commonservices.integomenu
com.citrixonline.GoToMeeting.G2MUpdate
com.adobe.ARM.df0ab5bbe6f698196fcc21e3c1e66dcb758bd911f4d637272d9d8109
com.spotify.webhelper
com.bitdefender.antivirusformac
com.google.keystone.user.agent
com.google.Chrome.96592
com.intego.WashingMachine.ui.helper
com.vmware.fusionStartMenu.75292
usernames-MacBook-Pro:~ username$ osascript -e 'tell application "System Events" to get name of every login item' 2> /dev/null
iTunesHelper, VMware Fusion Start Menu, SizeUp, EvernoteHelper, Hotspot Shield, NetBarrier Monitor
usernames-MacBook-Pro:~ username$
===============================
Any hint is highly appreciated (kinda desperate right now).
Thanks in advance!
MacBook 13 unibody, Mac OS X (10.6.7)