If I suspect that someone has installed a keylogger application on my computer, what is the best way to test/find if such an application exists? Also, if I boot my Mac in safe mode, does this mean that a keylogger application would be disabled on startup?
First, I agree with Iszi in that it would be safest to format the hard disk and re-install OSX. You would want to backup your documents and such first. If you do decide to take that route, have a look at tripwire. That should be installed immediately after you re-install OSX.
Short of that, you can do a couple of things:
- Use Little Snitch to detect and prevent any data being sent across the network.
- Secure your Mac physically, or take it with you if it is a Macbook to make sure nobody but you has physical access to it.
- Look for processes, using Activity Monitor already on your Mac in Applications/Utilities, that look like 'logKext'.
- Try this: http://www.chkrootkit.org/