spyware or keylogger?

nunes013 · Jun 3, 2011

Ok, im trying to help my friend who has an iMac running leopard. hes texting me with info so ill try my best. he says he thinks he has a keylogger or something. whenever he tries to log into fb or a site he says a security verification pops up saying the website is fake and if he wants to continue. he clicks no and then he refreshes the page a few times and eventually safari stops working and he has to restart his computer. he said he looked at netstat in terminal and said it says there are foreign addresses. it only happens on safari though. he ran two different virus scans and both came up with nothing. any ideas.

GGJstudios · Jun 3, 2011

It's most likely not malware or a keylogger, unless he's actively installed something flaky or given someone access to his Mac to do so. He should try resetting Safari, clearing cookies and cache. Also, check DNS settings both on his Mac and his router. Also, a restart wouldn't hurt.

No viruses exist in the wild that can run on Mac OS X, and there never have been any, since it was released 10 years ago. The handful of trojans that exist can be easily avoided with some basic education, common sense and care in what software you install:

Mac Virus/Malware Info

The first section of that link deals specifically with the MacDefender/MacSecurity/MacProtector/MacGuard issue, which may or may not apply. I encourage you to read it.

Read the section "Why am I being redirected to other sites?" in the link above.

nunes013 · Jun 3, 2011

cool, thanks, he is trying all those. ill post back when he tells me what he did but it might be till tomorrow because its 1 am here lol.

but i did learn something very interesting from the post. i use sophos to scan every few months but didnt know about the exploit. thats good information. i always wanted an antivirus on my mac for some added protection. time to look into the others that were on there

MacmancUK · Jun 3, 2011

Have you checked for the DeCapital virus ?

Power Mac · Jun 4, 2011

GGJstudios said:
No viruses exist in the wild that can run on Mac OS X

Only in Imaginationland.

GGJstudios · Jun 4, 2011

Power Mac said:
Only in Imaginationland.

You obviously don't know about malware as it relates to Mac OS X. Read the link I posted and educate yourself.

Power Mac · Jun 4, 2011

GGJstudios said:
Read the link I posted and educate yourself.

I suggest you educate yourself on what links contain accurate information, then report back to us.

GGJstudios · Jun 4, 2011

Power Mac said:
I suggest you educate yourself on what links contain accurate information, then report back to us.

The link I posted contains nothing but facts. I also suggest, since you are new to this forum, that you read a few dozen of the existing virus/malware threads where this has been discussed ad nauseam. There are no viruses in the wild that can affect Mac OS X, and there never have been any since it was released 10 years ago. You are welcome to attempt to prove otherwise by simply naming one such virus, but I can save you time. No one has ever been able to name one, since none exist. Before you make your attempt, read the link I posted for accurate definitions of what is a virus, a trojan, etc.

Pintail · Jun 4, 2011

Dang, I think I just stepped in troll poop!

OP - let us know what happened ok? Love to know if those steps worked for you/him.

Badger^2 · Jun 4, 2011

As a second opinion -- GG is 100% correct.

Your buddy doesnt have a virus, or a keylogger or even malware -- the first one doesnt exist, he would have to give permission to install the second and his symptoms are not what the MacDefender malware does. (it only asks for money)

Apple has already issued a patch for MacDefender, so if everyone installs that -- now even thats no out there.

something else going on.

GGJstudios · Jun 9, 2014

Hellopuppy said:
To detect a keylogger on Mac, there are several ways to help.
Just share it here. Hope it can help.
Step 1 Open the Activity Monitor to check for unknown process. This system tool will allow you to view the programs (processes) currently running on your computer.
Step 2 Check and Research any unfamiliar processes running in your Activity Monitor. Critical system processes sometimes have unrecognizable names, however, and keyloggers may have a name that sounds legitimate.
Step 3 Download and install a mac keylogger detector or another software firewall. This type of mac software alerts you when another program tries to connect to the Internet. It will detect a keylogger for mac before it sends information over the Internet , and allow you to block it.

Most keyloggers will not appear in Activity Monitor and most users can't even recognize names of legitimate processes, so that approach won't work.

Here are more useful steps:

Did you install a keylogger app on your Mac?
Did you give someone else access to your Mac so they could install a keylogger?

If the answers to those two questions is "no", you don't have a keylogger on your Mac.

macsforever · Jun 9, 2014

GGJstudios said:
You obviously don't know about malware as it relates to Mac OS X. Read the link I posted and educate yourself.

But he's POWERMAC he he... he has the POWER he he.

GGJstudios · Jun 9, 2014

macsforever said:
But he's POWERMAC he he... he has the POWER he he.

3 year old thread. That user is long gone.

Search

Search

spyware or keylogger?

nunes013

macrumors 65816

GGJstudios

macrumors Westmere

nunes013

macrumors 65816

MacmancUK

macrumors member

Power Mac

macrumors newbie

GGJstudios

macrumors Westmere

Power Mac

macrumors newbie

GGJstudios

macrumors Westmere

Pintail

macrumors member

Badger^2

macrumors 68000

GGJstudios

macrumors Westmere

macsforever

macrumors regular

GGJstudios

macrumors Westmere

Our Staff