Hi,
Apologies in advance for my lack of technical knowledge here - I am having issue with a mac book pro, a 'friend' recently uploaded some apparent security software on to my mac before i could stop them! (to make browsing safer - they say it is to verify all web sites i visit...?).
Now they won't tell me what it was, what files they have put on or where they are - it is not an antivirus program and so they say, has attached itself to my browser (safari) and will only alert me when I visit a fraudulent site.
I am finding this all hard to believe due to the vagueness of their replies when quizzed - the answers sometimes being it is 'adzilla' or 'akrzilla', (or neither!) both of which look fishy to me on any searches - Adzilla pro is some kind of crypter? The only ref. to akr I could find is some kind of worm for PC? They said they uploaded 3 file, apparently 'dt files', a search in finder reveals nothing i can understand only throwing up lots of system files various and other seemingly irrelevent stuff???
I have scanned with Clam Xav and Sophos and no probs there, but out of desperation using Little Snitch some odd messages (trying not to be paranoid about Little Snitch messages as I know many are quite usual!).
I am most concerned re. usbmuxd connecting to certain sites, even if I ask it to deny it keeps connecting until i shut down and restart - (it seems often to be sites connected with mac like insanely mac). I am only running safari (plus Little snitch and activity monitor which doesn't seem to show anything fishy - though I am not very clued up on all the processes) I have no i-phone and no USB device plugged in, all file sharing, printer sharing etc. is turned off, I have the firewall set to only essential connections.
Other connections include possibly normal configd connecting to ff02::2 and mDSNresponder to various IP (most of which I've blocked - whether this is necessary I don't know?!)
Also nmblooked connects when I use certain applications, eg. when I use text edit or finder - not sure if this is normal but I never use windows file sharing or share this computer on any network.
Safari also connects to a lot of sites eg. doubleclick and cdn.uservoice during minimal browsing? not sure if this is just normal behaviour and adds that are embedded in sites, occasionally I connect to a known site and there is a new 'feedback' tab stuck on the side...this happen to anyone else?
am connecting via home wireless interface, not in an office or anywhere that could be shared.
I am holding off doing a full reinstall if poss. so any info on these issues or ideas on where to look for these rogue files or what they could be would be greatly appreciated...have much appreciated all the useful info on here with trying to work out this issue so far, been trawling the threads...
just wondering too if is there any way a full erase and install would not wipe all traces of anything nasty? Hope not!
Thanks in advance for any help - rke
Apologies in advance for my lack of technical knowledge here - I am having issue with a mac book pro, a 'friend' recently uploaded some apparent security software on to my mac before i could stop them! (to make browsing safer - they say it is to verify all web sites i visit...?).
Now they won't tell me what it was, what files they have put on or where they are - it is not an antivirus program and so they say, has attached itself to my browser (safari) and will only alert me when I visit a fraudulent site.
I am finding this all hard to believe due to the vagueness of their replies when quizzed - the answers sometimes being it is 'adzilla' or 'akrzilla', (or neither!) both of which look fishy to me on any searches - Adzilla pro is some kind of crypter? The only ref. to akr I could find is some kind of worm for PC? They said they uploaded 3 file, apparently 'dt files', a search in finder reveals nothing i can understand only throwing up lots of system files various and other seemingly irrelevent stuff???
I have scanned with Clam Xav and Sophos and no probs there, but out of desperation using Little Snitch some odd messages (trying not to be paranoid about Little Snitch messages as I know many are quite usual!).
I am most concerned re. usbmuxd connecting to certain sites, even if I ask it to deny it keeps connecting until i shut down and restart - (it seems often to be sites connected with mac like insanely mac). I am only running safari (plus Little snitch and activity monitor which doesn't seem to show anything fishy - though I am not very clued up on all the processes) I have no i-phone and no USB device plugged in, all file sharing, printer sharing etc. is turned off, I have the firewall set to only essential connections.
Other connections include possibly normal configd connecting to ff02::2 and mDSNresponder to various IP (most of which I've blocked - whether this is necessary I don't know?!)
Also nmblooked connects when I use certain applications, eg. when I use text edit or finder - not sure if this is normal but I never use windows file sharing or share this computer on any network.
Safari also connects to a lot of sites eg. doubleclick and cdn.uservoice during minimal browsing? not sure if this is just normal behaviour and adds that are embedded in sites, occasionally I connect to a known site and there is a new 'feedback' tab stuck on the side...this happen to anyone else?
am connecting via home wireless interface, not in an office or anywhere that could be shared.
I am holding off doing a full reinstall if poss. so any info on these issues or ideas on where to look for these rogue files or what they could be would be greatly appreciated...have much appreciated all the useful info on here with trying to work out this issue so far, been trawling the threads...
just wondering too if is there any way a full erase and install would not wipe all traces of anything nasty? Hope not!
Thanks in advance for any help - rke