Undetectable key logger?
I saw a key recording software that says "undetectable" sound on a Mac. I think I may have something on my Mac, I looked for the community for the recording of the key software, I'm not on the computer. So-called undetectable software, is there anyway to know if it's there?
"The thought" you have something on that you read and actually have are two completely different things.
There is no such thing as undetectable software. There is always a way to find him, even a rootkit. For the latter, rootkits charge before the OS layer and can then be written to tell the OS not to allow any search function to show. Terminal (Unix) is also under the layer of GUI OS and will show them. You could also start to another disk with an operating system that is specific to this topic. A rootkit may affect only the same drive, in what it is that you are starting. Another player, this is just another file and would be visible.
However, keyloggers are usually not rootkits. You just need to know which files to search for. But as I said, the chances that you have one are very slim. If you wish, you can download and run EtreCheck. Copy and paste the results here. It will show you all of the running processes. From there, members can help determine what should or should not be on your Mac.
Tags: Notebooks
Similar Questions
-
Security for the family Microsoft offers a key logger and screenshots of visited Web sites?
Security for the family Microsoft offers a key logger and screenshots of visited Web sites?
Original title: family safety
Moved from the community involvement Center
No it's not.
-
Think I have a key logger downloaded on my computer XP
I have a key logger downloaded on my computer? Identity was defently got ahold of? Are there free to identify downloads where this info is sent?
* original title - please help *.
What makes you think it was done using a KeyLogger?
There are ways people could have obtained the information, is probably less than you (in time and effort) to find out where he got sent to stop it as quickly as possible.
Contact all your credit cards, banks, holders of mortgage and other lien holders. Let them know that you think that your identity has been stolen.
Put a watch free (90 days) of your report of credit with all three credit bureaus:
You can also get a free credit report a year from each of the foregoing through annual credit report web page. (No - it's not that with stupid ads - they make money off of it.) It is free - unless you get a credit score. Just get one of the three credit reports - or get one of each - without the credit score. It does nothing yet.)
Change EVERY password you have used a computer you trust/do not usually use.
On the computer that you think has the problem, you have a few choices. None of them is using it for anything that requires a password. ;-)
(1) wipe and install Windows cleanly. * This is your best option *.
or
(2) use (FREE) MalwareBytes and SuperAntiSpyware (FREE) to scan and remove malware. There are other tools, but who's going to help you get started. Download them on another computer, burn it to a CD, copy them from the CD and on the infested computer. Do not use a USB key, unless it has write protect.
or
(3) pay someone for this study for you. I say this because if you have to ask here, you aren't goi ng to be able to do what you need to do and it's a big enough thing to ask someone to learn/do for free.
-
EventHandler - how to get the key to the user
Hello experts,
How to get the key to the user within an event handler. (Recon - BulkOrchestration in bulk of trust)?
The code below works if I create a user from the administration Console, but its does not work for the recon trust.
Recon trust incase it's go to loop else and do not return anything.
private String getUserKey (long processID, orchestration BulkOrchestration) {}
Take string;
If (! orchestration.getOperation () .equals ("CREATE")) {}
Take = orchestration.getTarget () .getEntityId ();
} else {}
OrchestrationEngine orchEngine = (OrchestrationEngine.class) Platform.getService;
Take = (String) orchEngine.getActionResult (processID);
}
Return take;
}
Thanks and greetings
INIYAWhy not try it?
public BulkEventResult execute(long l, long l1, BulkOrchestration orchestration) { logger.debug("BulkEventResult NEW"); try { Identity[] newUserState = (Identity[])getNewUserStates(orchestration); logger.debug("newUserState :: " + newUserState); for(int y = 0; y < newUserState.length; y++){ logger.debug(y + " . " + newUserState[y]); } for(int u = 0; u < newUserState.length; u++){ HashMap -
Maybe clicked on something that I should not have... Advice please!
A window appeared on my browser (latest version of chrome on a MacBook of 2015 using the latest OS) which resembles an investigation legitimate from my ISP. Recently I had problems with them and my alarm has not extinguished quickly enough. It is curious that this window has appeared without an email but it didn't fully if register because my ISP has pop-up warnings apparently. I have NEVER had a pop up - but - due to some questions by e-mail, my firewall is down and I forgot to put up again.
Yes, as the fog cleared I had already clicked through the investigation and he offered a free gift and that's when I realized that I should immediately stop the window. I haven't entered ANY info, never filled out a form, or I don't have to download anything. I installed Malwarebytes for Mac and he came clean.
My concern: could I have gotten something malicious as a key logger or some other identity stealing malware simply by clicking on the poll? I think they call it a drive by?
I'm a meticulous time machine user, so I have a complete backup of 99% of my system hard disk external. I should burn the Earth just to be sure?
... I haven't entered ANY info, never filled out a form, or I don't have to download anything.
Then you have no reason to worry.
Could I have gotten something malicious, as a key logger or some other identity stealing malware simply by clicking on the poll?
Keylogger No.. At for example requires authentication to install.
The survey was a ruse to try to get you to reveal personal information. There are several varieties of this scam. They are remarkably successful, but you didn't fall for it. No further action is necessary or justified.
Consider reading some of these tips to use:
Effective defenses against software malware and other threats
Phony 'technical support' / 'ransomware' popups and web pages
-
Questions about hackers, Keyloggers, ect.
Let's see what you got the community...
I want to know a few things about Keylogging and the virus with the Mac. Im a user of os x of long date, but I got a new iMac and downloaded some programs that may contain key logging, virus ect programs. My questions are as follows...
1 how Rare is to catch a virus on a Mac?
2. How can we see if one is to be key connected? And how it can be stopped
3 potatoes, a vegetable?
4 how Rare/commun are logging programs key OSX hidden inside files to a third-party developer or an unknown developer?
Thanks for your time. There is more than one obsessive-compulsive disorder thing to put my mind at ease. But it does not hurt to know some info.
See you soon
Fri3s3N /. M - Tech
1 learn more
Viruses, Trojans, Malware - and other aspects of Internet Security
problem for keyloggers is like when you make changes in the system preferences, you must re-enter your admin password, same case would be the face of the key logger, so to be able to monitor the keys without being active program would need password and sending the data to someone on the net would be too.
but at the end of the day, a system may not be safer than the person in front of the screen unny-Irish-Leprechaun-Computer-Virus-Email-1.jpg http://www.crazywebsite.com/Website-Clipart-Pictures-Videos/Saint-Patricks-Day/F
-
Username and password not saved
The option to save my user name and pw is not coming to my site of the Bank, Wells Fargo. I have the option on other sites, I've just set up FF.
In addition, FF doesn't have a Key Logger security option?
The https://www.wellsfargo.com/ website uses autocomplete = off to prevent Firefox to record the name and the password.
You can remove autocomplete = off with a bookmarklet to register the name and the password of Firefox.
-
Looking for potential keyloggers
MacBook Pro Mac OS X (10.7.5), activity (10.7.4) monitor, Terminal (2.2.3)
I want to make sure that my computer is not a malicious keylogger infect. The discussions on this site, I searched and found this - keylogger detection - one I didn't not really it, especially the parties on the use of Terminal or what they call the grain or 'man', but the marked resolved commentary concludes that keyloggers can only get (or most likely) on manually or through sharing services (which I assume are under system preferences > sharing which I don't use anyway).
Well, just to be sure, I've been watching the programs in my activity monitor:
It's a little hard to follow because the list keeps getting longer or shorter. I found this list - deals with the Description of Mac OS X: by triviaware - and in her view, none of these programs are malicious.
However, some of the programs in the activity monitor are not listed on the Web page I found (e.g. detection device, kernel_task, Safari Web Content and any program starting with Sophos) and some of them seem to appear more than once in the activity monitor (e.g. CVMCompiler, distnoted, launchd, UserEventAgent, xpchelper).
My question is:
- Can anyone recommend a method of detection of keyloggers?
- One of these programs look suspicious?
- Can someone explain Terminal?
Sophos is so-called "security software" that was installed, personally I don't think that you need, but it's your call. OS X will try to prevent known malware to run so the anti-virus scanner is probably not necessary (normally, they waste resources like RAM, time processor that you can be used elsewhere). Some companies require these elements to be installed, it might help if you share a lot of files with Windows users.
kernel_task is the first process, the system starts at the start - don't mess with it: it's 'zero process' everything else works essentially on top of that.
If you search around you will find other ways to possibly detect keyloggers, frankly they are all involved & you can be better to erase the OS & reset all passwords if you believe that the machine is compromised.
You can get better help here, explaining why you think a key logger is installed, OS X should be safe if you follow some basic guidelines as to avoid to use the administrator account to work inside (using a standard user account instead) and do not install any software randomly from the internet.
If the Mac is left unattended in a public place, anyone may be able to install the software if the admin password is known. Unattended Mac should require a password for login, be stopped when left or have the screensaver settings to require a password.
The "kextstat" command in this post you linked to bows "kernel extensions" are very low-level 'plugins' who have the ability to modify the operating system for all users. Keyloggers can use it as a method to access the key, but there are probably other ways that a key logger can always run.
Charles Minow suggested that the list of kextstat was read, looking for lines that do not contain «com.apple...» »
In the Terminal, enter
kextstat
-
Accidentally let a virus scan, what now?
Unfortunately, I am new to the mac community. I received a message saying "VIRUS DETECTED" in Safari. He wanted to scan my computer for viruses. I thought it to be real and let it scan my computer. He said "scanning documents" and other info from my mac. However, did not go further. I left out of it. I'm afraid now that the virus has all my personal information. I don't know what to do. Please help me!
Download and run this:
Malwarebytes Anti-Malware for Mac
There is really no viruses for a Mac but it is malware and adware.
However, they could have installed a key logger. I would boot to recovery
OS X: on OS X Recovery - Apple Support
then format the HD and restore from a backup that was made before allowing you the analysis
-
FixIt seen problems with the computer name NOT MINE I was HACKED?
Virus or hacked? Correct name of the specified computer withSTRANGE name of the computer. Appaarently MY computer has been HACKED and the hacker has INSERTED his name. How can I get rid of him. I clicked on DELETEi FIXIT page, but it has not REMOVED. I had several problems which ddealt FIXIT with, IGNORING MY real computer name. What now?
Topics of interest:
This 'as new' suppposedly RE - furbshided Windows XP computer arrived with ZERO discs of any kind.
I want a disc of resettlement to the cables and reinstall contant of original file (1) in order to completely destroy the Virus or whatever that changed he clock time, destroyed almost all files including banking information and keeps of worry a "key logger" had attached to it, I refuse now the info online purchase of ot entry that severely limits the use online. Start-up and GAMES sections is empty, as are too many to count other important files and the phoos. Section of games and start are also missssssing. I just loved currently off FREECELL game.
My Windows Defender - becme corruptf, McAfee destroyed files and now FIxIT Center responds wihtERROR. ANF Microsot Essentials never reported any viral activity as it did on my other Dell computer (shown as Trojan - whichreportedly has been FIXED.) But there webpage adverse change "/ / / home.mywebsearch.com ' an entry NOT made by me. I am the only user of my two machines.
You will need to get information from the company / the person who sold you the computer "re-burbished" on how to reinstall the operating system. The computer may have a hidden partition, or you may be able to get drives.
-
A message just jumped on my compputer saying: I have these suite on my computer:
These are the things they want me hit all delete or cancel. I'm afraid of her either because I don't want one or the other because of a virus. My McAfee security scan came up with nothing.
Adware.Win32.Winad
W32. Yaha.B@mmMagic DVD RipperTrojan - PSW.Win32.LdPinch.abmVirtumonde TrojanTrojan.Fakealert.355Trojan.Qoologic - Key LoggerAdware.Win32.Look2me.abTrojan IRC/Backdoor.SdBot4.FRVWin32/hoax.Renos.HXNoise.datc:\windows\system32\emptyregdb.datMPR.dllieakui.dllSet3.tmpCountry.sysAhui.exepopcinfo.datdsdmo.dllActive Setup Log.txtHello
What is the name of the program which is at the top "just popped up?
You can use this method to find malware.
Scan of Malware in Safe Mode with network.
http://www.bleepingcomputer.com/tutorials/how-to-start-Windows-in-safe-mode/#winxo
Windows XP
Using the F8 method:
- Restart your computer.
- When the machine starts first, yet once it will list usually some equipment that is installed on your machine, amount of memory, hard drives installed etc. At this point you should tap the F8 key repeatedly until you are presented with a menu of Advanced Options in Windows XP.
- Select the Safe Mode with networking option using the arrow keys.
- Then press enter on your keyboard to start safe mode.
- Make all the necessary tasks and when finished restart to start in normal mode.
Once in Safe Mode with network, download and run RKill.
RKill does NOT remove the malware; It stops the Malware process that gives you a chance to remove it with your security programs.
http://www.bleepingcomputer.com/download/rkill/
Then, download, install, update and scan your system with the free version of Malwarebytes AntiMalware in Mode safe mode with networking:
http://www.Malwarebytes.org/products/malwarebytes_free
See you soon.
-
Is there a cost of annual subscription for windows program 7, or you have to buy an upgrade
We bought a computer laptop toshiba p c for a gift of Christmas and from 12:00, 01/01/2012 internet access has been blocked. We cannot even go to the restore option and it shows a pop-up every time we try to just about any type of function. the pop-up wants us to purchase the full version of windows 7 with a error code for Trojan - BNK.Win32.Key Logger.gen
We bought a computer laptop toshiba p c for a gift of Christmas and from 12:00, 01/01/2012 internet access has been blocked. We cannot even go to the restore option and it shows a pop-up every time we try to just about any type of function. the pop-up wants us to purchase the full version of windows 7 with a error code for Trojan - BNK.Win32.Key Logger.gen
You have already infested/infected by a virus.
Restore the system to its default settings.
-
Somehow my daughter and me were watching you tube videos yesterday. today I went on my computer and was hacked by some viruses to windows vista security 2012. the virus is coming as a Trojan - BNK. Win32.key logger.gen. I tried to restart the system in safe mode and use system restore. The blocked virus, I tried to find the virus, no chance he hid. That I tried to download bigfix that worked before. all that I'm trying to work the horse of Trojan malware blocks and said infected with this Trojan BNK. Win32. under the window buy Vista security 2012. What can I do my Mc McAfee Security has expired? Curtis
Hello
If McAfee is expired then you must uninstall it and run the McAfee removal tool to avoid problems of
remains of the original. There are recommendations of the antivirus configurations for free below.McAfee - removal tool
http://service.McAfee.com/FAQDocument.aspx?ID=TS100507------------------------------
Here's what I use and recommend: (these are all free and very effective versions.)
Avast and Prevx proved extremely reliable and compatible with all I have
launched on them. Microsoft Security Essentials and Prevx have also proven to be very
reliable and compatible. Use MSE or Avast and Prevx, Prevx 3 but not all.Avast Home free - stop any shields is not necessary except leave the file system, Web,.
Operational network (Script and behavior are also recommended in Ver 6 +).Prevx - Home - free
Windows Firewall
Windows Defender (is not necessary if you use MSE)
Protected IE - mode
IE 8 - SmartScreen filter WE (IE 7 phishing filter)
I also IE always start with asset if filter InPrivate IE 8.
(It may temporarily turn off with the little icon to the left of the + bottom
right of IE)Two versions of Avast are available 6.x and 4.8 x
Avast - home - free - 6.x stop shields you do not use (except files, Web, network, &)
Shields of behavior) - double click on the icon in the Notification area - real time Orange - click on the
Shield that you want to stop - STOP. To stop the Orange icon to show an error indicator-
Click on the Orange icon - top right - settings - click on the status bar - uncheck shields you
disabled - click OK
http://www.avast.com/free-antivirus-downloadAvast 4.8 x - home - free - stop shields, you don't need except leaving Standard, Web,.
and the network running. (Double-click the blue icon - look OK. - upper left - Shields details
Finish those you don't use).
http://www.avast.com/free-antivirus-download#TAB4Or use Microsoft Security Essentials - free
http://www.Microsoft.com/Security_Essentials/Prevx works well alongside MSE or Avast
Prevx - home - free small, fast, exceptional protection CLOUD, working with other security
programs. It is a single scanner, VERY EFFICIENT, if it finds something come back here
or use Google to see how to remove.
http://www.prevx.com/ <-->
http://info.prevx.com/downloadcsi.asp?prevx=Y<-->Choice of PCmag editor - Prevx-
http://www.PCMag.com/Article2/0, 2817,2346862,00.aspAlso get Malwarebytes - free - use as scanner only. If you ever think malware and that
would be unusual with Avast and occasional Prevx running with the exception of a low level cookie
(not much), to UPDATE and then run it as a scanner. I have a lot of scanners and they
never find anything of note that I started to use this configuration.
http://www.Malwarebytes.org/products/malwarebytes_freeI hope this helps and happy holidays!
Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle="" -="" mark="" twain="" said="" it="">
-
I play games online and have recently my hacked account. Malwarebytes antivirus I've done, I ran the scan we found several infected files that have been processed and removed. I then scanned by using the onecare Center and she always found 7 infected files 5 threats that all listed as Trojans java program errors before the end. I guess my real question is is this a key logger any?, how can I remove the dam thing, or is just a case of restart and reinstall vista from scratch?
Hello
Not a single program can detect or remove all malware. Added that often easy to detect the malware comes
by a harder to detect and remove the payload. Better to overkill the process now that in order to pay the high price
an hour later.It can be made repeatedly in Mode safe - F8 tap that you start, however you must also run them
the Windows when you can.Download malwarebytes and scan with it, run MRT and add Prevx to be sure that he is gone. (If Rootkits run UnHackMe)
Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
Malwarebytes - free
http://www.Malwarebytes.org/Run the malware removal tool from Microsoft
Start - type in the search box-> find MRT top - right on - click RUN AS ADMIN.
You should get this tool and its updates via Windows updates - if necessary, you can download it here.
Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
(Then run MRT as shown above.)Microsoft Malicious - 32-bit removal tool
http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=enMicrosoft Malicious removal tool - 64 bit
http://www.Microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495e-94E7-6349F4EFFC74&displaylang=enalso install Prevx to be sure that it is all gone.
Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
Prevx - Home - free - small, fast, exceptional CLOUD protection, working with other security programs. It comes
a scan only, VERY EFFICIENT, if it finds something to come back here or use Google to see how to remove.
http://www.prevx.com/ <-->
http://info.prevx.com/downloadcsi.asp <-->Choice of PCmag editor - Prevx-
http://www.PCMag.com/Article2/0, 2817,2346862,00.asp--------------------------------------------------------
If necessary here are some free online scanners to help the
http://www.eset.com/onlinescan/
http://www.Kaspersky.com/virusscanner
Other tests free online
http://www.Google.com/search?hl=en&source=HP&q=antivirus+free+online+scan&AQ=f&OQ=&AQI=G1--------------------------------------------------------
Also do to the General corruption of cleaning and repair/replace damaged/missing system files.
Run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup
Start - type this in the search box-> find COMMAND at the top and RIGHT CLICK – RUN AS ADMIN
Enter this at the command prompt - sfc/scannow
How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log
http://support.Microsoft.com/kb/928228Run checkdisk - schedule it to run at the next startup, then apply OK then restart your way.
How to run the check disk at startup in Vista
http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html-----------------------------------------------------------------------
If we find Rootkits use this thread and other suggestions. (Run UnHackMe)
I hope this helps.
Rob - bicycle - Mark Twain said it is good.
-
What is a part of Windows 7? ETDCtrl.exe
I got an alert will appear on the start saying:-C:\Program Files\Elantech\ETDCtrl.exe
"This application has requested execution to terminate in an unusual way."
I have not installed this software and the site of momentum (which seems to be associated with defence) is not much help and concern described their caterpillars software/key logger.
Some CNet users think that this may be an essential part of the Windows 7 operating system. Anyone know if it is? Can I uninstall but not Windows 7 to malfunction if I do.
Someone at - it experience this? Thank you
Hi Roland
I think Thomas is correct.
Manufacturers of momentum a Touchpad, called the Smartpad for laptops. It is installed on some Asus laptops.
ELAN Microelectronics Corp.:
http://www.EMC.com.tw/Eng/tpn_sp_fun.aspSee the documentation for your computer.
If you have an Asus computer, check with the support of Asus for more information.
ASUSTeK Computer Inc. - Support Forums:
http://VIP.ASUS.com/forum/default.aspx?SLanguage=en-us
Tell us what you find.
Concerning
Maybe you are looking for
-
IPhones and accessories experience data loss when you browse the different areas?
When I walk with my iPhone in my pocket, I can't always hear, it sounds. If I miss a call and that you do not receive the message immediately, it is possible that the exchange rate between service providers can cause pieces of data to lose? I recei
-
Your opinion on Qosmio X 770-107
Hi guyz, I had the bad experience with qosmio before, atm I'm looking for the new machine. I ask you on what is your opinion on Qosmio x 770-107. Also, don't mind suggestion of other laptop too which works very well.
-
Satellite Pro A120 adapter works in the USA?
I'm leaving on a trip to the United States on business, and I don't know if I have to buy a new network for my laptop power converter.What is the standard converter that comes with the work of A120 in the States? Or will puff up my laptop if I try to
-
Running the Citadel on HMI and OPC Server OR
Hello! I want to use computers to screen HMI NI TPC 2215 and it interface with a GE Fanuc PLC using OPC Server and save the data in a database of the Citadel. I would like to know if the HMI OR supports a full edge of the blown OPC Server and a datab
-
How to get past the top-mast to print photos?
I just want a backup file for the year. on a cd.