Mysterious Rogue Process

Discussion in 'OS X Yosemite (10.10)' started by adamsounds, Nov 18, 2014.

  1. adamsounds macrumors newbie

    Joined:
    Nov 18, 2014
    #1
    Hello, everyone. Long-time surfer, first-time caller.

    So, here's a really tricky one: I seem to have a bizarre process that has gone rogue. Every once in a while, out of totally nowhere, my MacBook Air's fan will start whirring, and I'll open Activity Monitor to reveal this:

    [​IMG]

    I can force quit the "anzaq.com" process from Activity Monitor, but then it may pop up randomly, hours or days later, and start eating CPU again.

    Is it crap-ware or a keylogger of some sort? How can I use Activity Monitor to track it down and get rid of it?

    Even MORE fascinating thing: I have erased my hard disk using disk utility MULTIPLE TIMES and reinstalled Yosemite and it's STILL popping up this "anzaq.com" thing. WHA?
     
  2. iMac-Do-You? macrumors member

    Joined:
    Oct 28, 2014
    Location:
    Brexitland
    #2
    It's a tab or window you have open in Safari for the website specified. You'll see another one in your screenshot for Reddit.com.

    Anzac.com seems to be a nefarious site dealing with pirate software / serial keys and the like, so if you, or someone using your Mac has been looking for software or serial keys, it'll be from that. As it's a dodgy site it may have installed some sort of adware.

    Download AdwareMedic, and see if it finds anything lurking on your system.
     
  3. jbarley, Nov 18, 2014
    Last edited: Nov 18, 2014

    jbarley macrumors 68030

    jbarley

    Joined:
    Jul 1, 2006
    Location:
    Vancouver Island
    #3
    A google search puts 'anzaq.com' as a hacker-warez type website for illegal software cracks, serials etc.
    Looks like you or someone using your computer has been a naughty boy.
    Try looking for and deleting the extension-plugin etc under Safari in both your user and main Libraries.

    edit: when you erase and reinstall are you reloading your data, like say with migration assistant or from Time Machine, or even syncing Safari data from iCloud.
    If so, this could bring back the troublesome little bugger causing the problem.
     
  4. adamsounds thread starter macrumors newbie

    Joined:
    Nov 18, 2014
    #4
    Confession: I MAY have been obtaining some classic Star Trek episodes in less-than-legal ways. :(

    1) I don't have any other Safari windows open. Also, there are no Safari extensions installed (according to Safari's built-in interface).
    ... I also checked my user library (nothing), and system library, but there are a huge number of drivers and things in there, and I wouldn't know which ones belong or don't.
    2) I've been using Disk Utility to erase the drive. I then use the MacBook Air's Recovery mode (Command-R) to re-download an OS (10.8), then upgrade to Yosemite.
    3) No Time Machine. I've been copying my data in and out of Music and Document folders manually, using external drives. So, no preferences or other Home library corruption is likely.

    4) Just tried Adware Medic. After a few-second scan, it found nothing.

    I wish there were a way I could Right-click the process and say "reveal where you launched this code from"
     

Share This Page