Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Pls help me. Im scared, i think my mac is hacked
- Thread starter raiden831
- Start date
- Sort by reaction score
Well she might need help.... If you have the original restore disks just use those, pop them in, shut off your computer, turn it back on while holding the c key, it will boot, then just select format on the install options and continue on.
Activate firewall; block and log outgoing traffic .
You can also look into system.log file for suspicious activities.
Ah, and reinstall your system is still a good advise. Clone the disk before if you want to keep some evidence (but I share the doubt that would help).
You can also look into system.log file for suspicious activities.
Ah, and reinstall your system is still a good advise. Clone the disk before if you want to keep some evidence (but I share the doubt that would help).
Little Snitch app will block all outgoing connections, you'd be amazed at how many apps send info via outbound connections.
I'm a happy user for 4 years.
I'm a happy user for 4 years.
If you're worried and not confident enough to take care of the problem yourself, take it to apple for further analysis.
If you want to preserve evidence, take the computer to an Apple store and explain the situation. Have them take a look at it. If they find something you can then ask them to install a new drive so you can have a usable computer and take the hard drive they take out to the police. Make sure to get receipts everywhere and ask Apple to give you a written report as to what they found.
Yes it will cost you some money but at least you'll have peace of mind regarding the computer and evidence to take to the police. If the local police tell you they're not equipped then call the county sherif. If the county sherif tells you they're not equipped call the state police, they will be for sure.
For those that doubt that the police would turn her away at this point, you obviously have never had any dealings with the cops beyond a parking or speeding ticket.
There are certain things they will not do unless they have evidence of some kind. It also depends on the cop. There are some who simply don't give a ****. There are others who may want to help but are held back by red tape, procedures or as I said before, evidence.
Good luck!!
Yes it will cost you some money but at least you'll have peace of mind regarding the computer and evidence to take to the police. If the local police tell you they're not equipped then call the county sherif. If the county sherif tells you they're not equipped call the state police, they will be for sure.
For those that doubt that the police would turn her away at this point, you obviously have never had any dealings with the cops beyond a parking or speeding ticket.
There are certain things they will not do unless they have evidence of some kind. It also depends on the cop. There are some who simply don't give a ****. There are others who may want to help but are held back by red tape, procedures or as I said before, evidence.
Good luck!!
@ignorant replies...
To everyone who thinks she is asking for legal advice; she is not. She is simply asking for technical advice to investigate her suspicions.
To everyone thinking the cops can help her; they cannot. From what she has said no crimes have been committed. That's precisely the reason why domestics scare the daylights out of law enforcement. Those situations can be such volatile flash points and they can't (won't) do anything until crimes happen.
Btw...I agree with the posters who think you should wipe/reinstall OS-X if you are not a computer forensics expert. Also, I would only bother doing this if you will be the only person accessing this computer in the future. If not then I would buy yourself a different computer for you, only you, to use.
If you think there might be valuable data/evidence on your computer then I would leave it as is and keep it in a safe place for any future purposes.
With best regards and wishes for your future,
QL
To everyone who thinks she is asking for legal advice; she is not. She is simply asking for technical advice to investigate her suspicions.
To everyone thinking the cops can help her; they cannot. From what she has said no crimes have been committed. That's precisely the reason why domestics scare the daylights out of law enforcement. Those situations can be such volatile flash points and they can't (won't) do anything until crimes happen.
Btw...I agree with the posters who think you should wipe/reinstall OS-X if you are not a computer forensics expert. Also, I would only bother doing this if you will be the only person accessing this computer in the future. If not then I would buy yourself a different computer for you, only you, to use.
If you think there might be valuable data/evidence on your computer then I would leave it as is and keep it in a safe place for any future purposes.
With best regards and wishes for your future,
QL
In this screenshot you posted you can clearly see a process called ProteMac Daemon. Apparently it's taking 50% of the CPU, which is not normal for a software you're not aware of.
Kill that process (even if it's unlikely it could cause damages, it's very unusual for it taking so much CPU and memory). Being a root process we can't see which files it's using straightaway.
PM'ing me/posting the result of lsof (without -i) would defenitely help understand if there's something going on.
PS: Nothing strange had an open TCP socket at the time you run netstat, but that doesn't mean there's no software still running (maybe sending data by means of a timer, which would prevent us from seeing it).
Kill that process (even if it's unlikely it could cause damages, it's very unusual for it taking so much CPU and memory). Being a root process we can't see which files it's using straightaway.
PM'ing me/posting the result of lsof (without -i) would defenitely help understand if there's something going on.
PS: Nothing strange had an open TCP socket at the time you run netstat, but that doesn't mean there's no software still running (maybe sending data by means of a timer, which would prevent us from seeing it).
Last edited:
This is for everyone on this thread. I am a retired Police Officer with 34 years of service. What the lady is saying with regards to the police is not unusual at all and happens on a daily basis. Divorce is considered a civil matter, and barring substantial evidence to the contrary, the police will not help her. We usually do not prevent crimes, rather we mop up afterwards. So I beg of you please, don"t discount her as a nut job. She could be in real danger and is not asking you for legal advice.
Thank you for the courtesy of reading this,
Unkei
Last edited:
I said if she was legit and gave her a solution and if she was a troll and gave her a solution. That is not saying she is a nut
I agree. This is a scary situation but it really would be your word against his unless the police had more evidence. If they did they would seize his computer and take a look. But, as you said this is made to be invisible and it will be hard to prove anything.
I think why their all so suspicious about you being an advertiser is because this type of thing is often a scam. Just trying to get us to google a product. I think you've proved your legit. My advice, as stated above. Wipe it and move on.