Results 1 to 6 of 6
  1. #1

    Member Since
    Dec 07, 2011
    have i been hacked - dodgy files uploaded!
    Apologies in advance for my lack of technical knowledge here - I am having issue with a mac book pro, a 'friend' recently uploaded some apparent security software on to my mac before i could stop them! (to make browsing safer - they say it is to verify all web sites i visit...?).

    Now they won't tell me what it was, what files they have put on or where they are - it is not an antivirus program and so they say, has attached itself to my browser (safari) and will only alert me when I visit a fraudulent site.

    I am finding this all hard to believe due to the vagueness of their replies when quizzed - the answers sometimes being it is 'adzilla' or 'akrzilla', (or neither!) both of which look fishy to me on any searches - Adzilla pro is some kind of crypter? The only ref. to akr I could find is some kind of worm for PC? They said they uploaded 3 file, apparently 'dt files', a search in finder reveals nothing i can understand only throwing up lots of system files various and other seemingly irrelevent stuff???

    I have scanned with Clam Xav and Sophos and no probs there, but out of desperation using Little Snitch some odd messages (trying not to be paranoid about Little Snitch messages as I know many are quite usual!).

    I am most concerned re. usbmuxd connecting to certain sites, even if I ask it to deny it keeps connecting until i shut down and restart - (it seems often to be sites connected with mac like insanely mac). I am only running safari (plus Little snitch and activity monitor which doesn't seem to show anything fishy - though I am not very clued up on all the processes) I have no i-phone and no USB device plugged in, all file sharing, printer sharing etc. is turned off, I have the firewall set to only essential connections.

    Other connections include possibly normal configd connecting to ff02::2 and mDSNresponder to various IP (most of which I've blocked - whether this is necessary I don't know?!)
    Also nmblooked connects when I use certain applications, eg. when I use text edit or finder - not sure if this is normal but I never use windows file sharing or share this computer on any network.

    Safari also connects to a lot of sites eg. doubleclick and cdn.uservoice during minimal browsing? not sure if this is just normal behaviour and adds that are embedded in sites, occasionally I connect to a known site and there is a new 'feedback' tab stuck on the side...this happen to anyone else?
    am connecting via home wireless interface, not in an office or anywhere that could be shared.

    I am holding off doing a full reinstall if poss. so any info on these issues or ideas on where to look for these rogue files or what they could be would be greatly appreciated...have much appreciated all the useful info on here with trying to work out this issue so far, been trawling the threads...
    just wondering too if is there any way a full erase and install would not wipe all traces of anything nasty? Hope not!

    Thanks in advance for any help - rke

  2. #2

    McBie's Avatar
    Member Since
    Apr 26, 2008
    iPad Pro 12.9 latest iOS
    Since there is no way for us to have a look at your machine, this becomes complicated ... and then again ... not really.

    My suggestion
    - Do a full backup of your disk
    - Wipe the disk
    - Re-install the OS
    - Re-install your apps from their original source and update as needed
    - Restore the files you need from the backup ... and only those that you know
    - Get rid of these " Friends "
    - Never again share your Mac with someone else.

    Cheers ... McBie
    A computer lets you make more mistakes faster than any invention in human history - with the possible exceptions of handguns and tequila.
    The bitterness of poor quality remains long after the sweetness of low price is forgotten.

  3. #3

    Member Since
    Dec 07, 2011
    Thanks - good advice (especially the 'friends' bit!)
    Just one thing, I have a full time machine back up prior to the evil uploading business, I am really holding off doing it as I'm not sure if all my apps will be restored - is it possible to restore all applications from a time machine back up or will many need reinstalling from scratch?

  4. #4

    chscag's Avatar
    Member Since
    Jan 23, 2008
    Keller, Texas
    2017 27" iMac, 10.5" iPad Pro, iPhone 6s+, iPhone 7+, Numerous iPods, High Sierra
    Use the full Time Machine backup to restore before your "friends" decided to help you. Time Machine will restore everything including your apps, settings, and documents. That's what TM is for.

    And congratulations on making backups. I wish more folks were as diligent.

  5. #5

    harryb2448's Avatar
    Member Since
    Nov 28, 2007
    Nambucca Heads Australia
    iMac, i7 4GHz, 32GB memory, 1TB Blade Drive, OS X.13.4
    And keep 'friends' away from the MacBook Pro. Sounds like a jealous PC user showing how very clever he/she is. As chscag says, restore from TM.
    Hang on to those original install discs like grim death! Using OS X.7 or later make a bootable USB thumb drive before running Installer!

  6. #6

    Member Since
    Dec 07, 2011
    Thanks for the advice and support,
    Guess I'd better go ahead and erase and restore, hopefully without having to ask for more advice if all goes well!

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. g/f's son hacked into my files
    By tug_slug in forum macOS - Operating System
    Replies: 0
    Last Post: 04-13-2012, 09:18 AM
  2. Replies: 10
    Last Post: 05-18-2011, 09:16 PM
  3. Size of Apps including their uploaded files?
    By callagga in forum iOS and Apps
    Replies: 0
    Last Post: 02-08-2011, 09:06 PM
  4. How to unlock files uploaded on ftp
    By vieraR in forum macOS - Operating System
    Replies: 6
    Last Post: 10-27-2009, 06:09 PM
  5. Just uploaded new GB track...
    By MartinS in forum Music, Audio, and Podcasting
    Replies: 2
    Last Post: 07-11-2007, 03:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts