My laptop might of been hacked
mac pro ios6 my wife was on fb when all of a sudden all these pages started opening. then a popup from safari popped up with a number to call
said suspicious activity suspected; my wife called the number and the person started asking for info so my wife sounded suspicious to caller and caller hung up.
so we shut down computer. when we start up her side, when we hit safari, the popup (safari warning with # to call comes up. when I go on to my user side and log on, every thing seems normal. Can anyone help?
Also:
Check the links below for options to remove the Adware.
The Easy, safe, effective method:
http://www.adwaremedic.com/index.php
If you are comfortable doing manual file removals use the somewhat more difficult method:
http://support.apple.com/en-us/HT203987
Also read the articles below to be more prepared for the next time there is an issue on your computer.
https://discussions.apple.com/docs/DOC-7471
https://discussions.apple.com/docs/DOC-8071
Similar Messages
-
I replaced my and my family's electronic phones and computers with Apple products due to their superior security capabilities, and the intgrity of their workforce. Thus I come to you for help with a serious concern in hopes that you can help me.
Possible Hack into my personal Apple Laptop
I have a feeling my Apple Laptop has been hacked into and is being monitored. Today I noticed that an old HP printer that we removed from our wireless setup was still connected. In my attempt to remove the old one I noticed that as I was trying to do so it seemed my actions were being shadowed and both of my printer icons (old and new printer) dissapeared. Anyway I looked in the wastebasket and noticed the following item which I had never noticed before: "roaming_password_for_1475_txt_webarchive" in the trash. As it looked suspicious I restored it onto my desktop to open it and research it and it had information on it saying, To remove the DOCOMO interTouch Cable turn on the wireless network conection on your computer....." It had text giving my username and password for roaming - I could not copy or pirnt the information from my desktop, so I took a copy and video of it via my Apple cell phone.
Possible Hack into my personal Apple Cell Phone:
I have noticed that when I am on phone calls with certain people, my phone will emit a loud long beep. I am involved with protecting jobs through a union, and am concerned that the county I work for may have had one of their IT people hack into my phone, etc...
Can you please help me with this? PLEASE.
With appreciation
Martha Booker
<Personal Information Edited by Host>I replaced my and my family's electronic phones and computers with Apple products due to their superior security capabilities, and the intgrity of their workforce. Thus I come to you for help with a serious concern in hopes that you can help me.
Possible Hack into my personal Apple Laptop
I have a feeling my Apple Laptop has been hacked into and is being monitored. Today I noticed that an old HP printer that we removed from our wireless setup was still connected. In my attempt to remove the old one I noticed that as I was trying to do so it seemed my actions were being shadowed and both of my printer icons (old and new printer) dissapeared. Anyway I looked in the wastebasket and noticed the following item which I had never noticed before: "roaming_password_for_1475_txt_webarchive" in the trash. As it looked suspicious I restored it onto my desktop to open it and research it and it had information on it saying, To remove the DOCOMO interTouch Cable turn on the wireless network conection on your computer....." It had text giving my username and password for roaming - I could not copy or pirnt the information from my desktop, so I took a copy and video of it via my Apple cell phone.
Possible Hack into my personal Apple Cell Phone:
I have noticed that when I am on phone calls with certain people, my phone will emit a loud long beep. I am involved with protecting jobs through a union, and am concerned that the county I work for may have had one of their IT people hack into my phone, etc...
Can you please help me with this? PLEASE.
With appreciation
Martha Booker
<Personal Information Edited by Host> -
I clicked on a link from my gmail in ipad that looks sketchy. How do I tell if I have been hacked?
I received an email from "Mail International" with the subject "Ship Notification" indicating that I have a parcel that arrived, and the courier was unable to deliver it. I was actually expecting a package, and it indicated I needed to click on a link to print out a label to pick out the parcel. Thinking this was legit, I clicked on the link, which took me to a "404 not found" page. I looked back at the sender's email address, and it was [email protected]
It looks like I might have been hacked. Has anyone had this experience, and is there something I can do now?Quite likely the link would have taken you to a spoofed Mail delivery site which would have had a malicious attachment which you would be asked to print, etc. This would have had no effect on your iPad even if you had clicked on it. In your case, it looks like the host site had already removed the spoofed web page.
-
In need of Forensic Specialist to perform complete analyisis on laptop - been hacked -
Hey folks -
This is Paintbrush a 56 year old who is relatively new to computers & currently at full all out war with hackers & going through a lonely hell for several months now - using defective weaponry - This devious and
insidious infection must be extinguished before others suffer the way I have - I'll provide a thumb-nail sketch of what's up & what I think I need to resolve this crisis - any input will be welcome -
Apparently I have been hacked for several months now and been taken for some cash -
Many unauthorized credit card applications attempted
HP Smart Friends - In 8 problem solving sessions in the past few weeks - failed
Hackers and viruses still present
Discovered my computer, purchased new 9/2012 on line Wallmart was manufactured in 2005 and was previously owned or at least used several times before it was sold to me as new -
I believe Vista or XP or both were previously installed OS with Windows 7 layed over without thorough clean out-
Event logs - even on windows 7 installed 2009, show significant activity prior to purchase or the installation of windows 7 - with thousands of event errors logged - many critical dating back to 2005
several attempts to completely restore computer to pristine factory condition have - failed - viruses remain in creases & hide in innocuous files such as sample pictures and you-cam which I never downloaded - can't uninstall the files as they
multiply - many games remain installed - last I played was probably Mario brothers - Parameters can't be reset - etc. etc.
Many unauthorized users present with full permissions - can't delete them
Before I introduce new equipment into a contaminated environment & have MS clean out the OS and have HP deal with the hardware, I'd like to have a full accounting of exactly what has transpired with this laptop since its manufacture date
- including - all prior OS - all software - prior users - current unauthorized users - and their activities -
Experience tells me - that it is important to enter any negociations from a stand-point of accurate knowledge & I need this as evidence should any problems arise with new equipment in the future which leads back to the root
of present difficulties. This list could continue on and on and I need immediate assistance in securing the safety of my current life as well as my future. In the meantime - I am frozen and frightened without functioning tools to proceed and
not knowing who to trust.
To the right professional, I am more than willing to grant remote access & pay a modest fee. I need for everything to first be backed up in case of error - and then perform a handful of task specific reports.
I am in desperate need of help right now so any assistance would be greatly appreciated -
Sincerely, PaintbrushHey folks -
This is Paintbrush a 56 year old who is relatively new to computers & currently at full all out war with hackers & going through a lonely hell for several months now - using defective weaponry - This devious and
insidious infection must be extinguished before others suffer the way I have - I'll provide a thumb-nail sketch of what's up & what I think I need to resolve this crisis - any input will be welcome -
Apparently I have been hacked for several months now and been taken for some cash -
Many unauthorized credit card applications attempted
HP Smart Friends - In 8 problem solving sessions in the past few weeks - failed
Hackers and viruses still present
Discovered my computer, purchased new 9/2012 on line Wallmart was manufactured in 2005 and was previously owned or at least used several times before it was sold to me as new -
I believe Vista or XP or both were previously installed OS with Windows 7 layed over without thorough clean out-
Event logs - even on windows 7 installed 2009, show significant activity prior to purchase or the installation of windows 7 - with thousands of event errors logged - many critical dating back to 2005
several attempts to completely restore computer to pristine factory condition have - failed - viruses remain in creases & hide in innocuous files such as sample pictures and you-cam which I never downloaded - can't uninstall the files as they
multiply - many games remain installed - last I played was probably Mario brothers - Parameters can't be reset - etc. etc.
Many unauthorized users present with full permissions - can't delete them
Before I introduce new equipment into a contaminated environment & have MS clean out the OS and have HP deal with the hardware, I'd like to have a full accounting of exactly what has transpired with this laptop since its manufacture date
- including - all prior OS - all software - prior users - current unauthorized users - and their activities -
Experience tells me - that it is important to enter any negociations from a stand-point of accurate knowledge & I need this as evidence should any problems arise with new equipment in the future which leads back to the root
of present difficulties. This list could continue on and on and I need immediate assistance in securing the safety of my current life as well as my future. In the meantime - I am frozen and frightened without functioning tools to proceed and
not knowing who to trust.
To the right professional, I am more than willing to grant remote access & pay a modest fee. I need for everything to first be backed up in case of error - and then perform a handful of task specific reports.
I am in desperate need of help right now so any assistance would be greatly appreciated -
Sincerely, Paintbrush -
I am using a Dell laptop. An iCloud page appeared asking me for my password. When I entered it, it said it was incorrect and said it would send me an email to change it. However, I never received such email in my account of record (not in trash, either). Question: Have I been hacked?
Hey itapetita,
Thanks for the question. After reviewing your post, it sounds like you did not receive a reset email. I would recommend that you read this article, it may be able to help you isolate or resolve the issue.
If you didn't receive your Apple ID verification or reset email - Apple Support
Thanks for using Apple Support Communities.
Have a nice day,
Mario -
Might my eMac have been hacked?
I really doubt it...
Something tells me that after over 5 years of faithful service this isn't the case but here's the story...
My eMac simply crashed. I was putting clips in iMovie for a project and suddenly it said that there was an error or that one of the files had an error. So I restarted... I started trying to import the clips again and this black screen took over my Mac.
Then it wouldn't start up, well, the farthest I could get was the first screen with the Apple and the spinning lines under it.
So after much debate I did a clean 10.3 install and things seemed to be working fine. I did a slew of software updates. Then as I tried to reinstall old software (maybe I should have tried reinstalling the software before the software updates?), some installed, while iLife 2004 wouldn't. Also, I tried to install NeoOffice and that wouldn't install either.
So I ended up logging out and I saw that there was an extra user titled OTHER... listed on the logout screen. I didn't create this user. Also, when I logged back in my dock went back to normal (how it was when I reinstalled 10.3) yet programs that I had downloaded were still in my applications folder.
I checked FILE SHARING in my preferences and my computer listed it as off.
Under the SECURITY listing it says that a MASTER PASSWORD isn't set for my computer (yet, it always asks me for one when it comes time to download things). Also, it says that FILE PROTECTION is off my account.
So basically, I am trying to figure out what the problem might be. I was planning on getting a new iMac so this isn't too terrible, but I am wondering if, should my computer have been hacked, what all this means?
Could it have gotten a virus? I know those are rare...
Any help would be great,
Evan JacobsThe 'other' at logon indicates that the root user account is active:
About the root User and How to Enable It
If you did a clean install, there would be no accounts carried over; are you sure you didn't do an Archive and Install instead?
Who else has had physical access to the Mac? There have been exploits that lure unwary users to install trojan horse software over the net (this is the just most recent), but an administrative user password is still required from the user before those work. With physical access to a computer and a disc with appropriate software, any computer is vulnerable.
'Master Password' refers to an Open Firmware password; that's a separate item from an administrative user password. Refer to Open Firmware Password settings. Any download/install should be asking for an administrative user password.
You may want to refer to Corsaire: Securing Mac OS X (not sure if the host website still has the older Panther OS X 10.3 version online). Other resources are Mac OS X Security and NSA Security Configuration Guides. -
Mi iPad sending unsolicited emails to contacts each day. My laptop was infected. I changed all of my passwords but these messages are still going out one per day. I think my iPad has been hacked. What can I do to repair and clear infection.
Assuming you have not jailbroken your iPad, it is not your iPad that is sending the emails.
Your email account well may be, from the web mail or someone accessing your email elsewhere, but these emails do not originate from your iPad.
Change the password to your email account again to something very secure and update it on every device/computer you use to access your email. Activate any extra security features your email provider offers such as two-factor authentication. -
Macbook has been hacked and Genius Bar cannot help..anyone here please?!
My MacBook has been hacked, the mouse started moving on its own and clicking etc. the next day someone called my home and told me my system had been hacked, which I guessed was the mouse activity. So I downloaded the programme they asked me to, stupidly, which enabled them to remotely control my computer. The screen went blue and they started opening my documents / creating folders etc. I had a nasty feeling the whole time and when this happened i force shut down my latop. Ever since then sporadically the mouse will start playing up and clicking onto things etc. Everytime this happens I immediately shut down. I have been to Apple 3 times and had my computer wiped but it still happens. trackpad has been tested and is fine. I have called my internet provider and they say nothing looks out of the ordinar. Called a non emergency police number and other than advising me to change passwords and Bank details, which I had already done, no one can help me. I have adjusted my computer security settings, unplugged my internet cables etc. I literally can't think what else I can do to try and fix this. I work freelance design and my laptop is so important, I'm getting so frustrated that nobody can help!! please get in touch if you can help me!! Thanks a lot.
This might also help:
http://www.ehow.com/how_8682105_check-macbooks-hacks.html
1Turn on the MacBook.
2Click on "System Preferences" in the Apple menu. Once the window opens, click on "Accounts," then click on "Login" Items.
Sponsored Links
4 reasons why Mac is slowWondering why your Mac is getting slow over the time? Learn more now.macpaw.com/Slow_Mac
3Use the "- sign" to remove items that you do not recognize from the list.
4Note the applications you were using when the problem first occurred and review any software that was recently installed.
5Check your network activity in your Activity Monitor by locating this file in your Applications/Utilities folder. It will display a list of the processes, statistics, applications, and programs that are currently being used by the computer.
6Note any consistent action in the Activity Monitor. If you see purposeful activity, then it is likely that an unauthorized user has connected to your computer using remote access.
7Click on the "System Preferences" window in the Apple menu and launch the System Preferences application. Open the Sharing reference window.
8If Screen Sharing is enabled for the computer, note users who are currently allowed access to the computer. If you see suspicious activity, disable the Screen Sharing application.
9Disconnect from the network, unplug the Internet cable and turn off the computer.
10If problems persist, consult a computer technician.
Read more : http://www.ehow.com/how_8682105_check-macbooks-hacks.html -
I believe my apache server could have been hacked. Is there a member of the community that could take a look at the paste of my http.conf file. Thanks so much
# Mac OS X / Mac OS X Server
# The <IfDefine> blocks segregate server-specific directives
# and also directives that only apply when Web Sharing or
# server Web Service (as opposed to other services that need Apache) is on.
# The launchd plist sets appropriate Define parameters.
# Generally, desktop has no vhosts and server does; server has added modules,
# custom virtual hosts are only activated when Web Service is on, and
# default document root and personal web sites at ~username are only
# activated when Web Sharing is on.
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "log/foo_log"
# with ServerRoot set to "/usr" will be interpreted by the
# server as "/usr/log/foo_log".
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk. If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
ServerRoot "/usr"
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
<IfDefine !MACOSXSERVER>
Listen 80
</IfDefine>
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule authn_file_module libexec/apache2/mod_authn_file.so
LoadModule authz_host_module libexec/apache2/mod_authz_host.so
LoadModule cache_module libexec/apache2/mod_cache.so
LoadModule disk_cache_module libexec/apache2/mod_disk_cache.so
LoadModule dumpio_module libexec/apache2/mod_dumpio.so
LoadModule reqtimeout_module libexec/apache2/mod_reqtimeout.so
LoadModule ext_filter_module libexec/apache2/mod_ext_filter.so
LoadModule include_module libexec/apache2/mod_include.so
LoadModule filter_module libexec/apache2/mod_filter.so
LoadModule substitute_module libexec/apache2/mod_substitute.so
LoadModule deflate_module libexec/apache2/mod_deflate.so
LoadModule log_config_module libexec/apache2/mod_log_config.so
LoadModule log_forensic_module libexec/apache2/mod_log_forensic.so
LoadModule logio_module libexec/apache2/mod_logio.so
LoadModule env_module libexec/apache2/mod_env.so
LoadModule mime_magic_module libexec/apache2/mod_mime_magic.so
LoadModule cern_meta_module libexec/apache2/mod_cern_meta.so
LoadModule expires_module libexec/apache2/mod_expires.so
LoadModule headers_module libexec/apache2/mod_headers.so
LoadModule ident_module libexec/apache2/mod_ident.so
LoadModule usertrack_module libexec/apache2/mod_usertrack.so
#LoadModule unique_id_module libexec/apache2/mod_unique_id.so
LoadModule setenvif_module libexec/apache2/mod_setenvif.so
LoadModule version_module libexec/apache2/mod_version.so
LoadModule proxy_module libexec/apache2/mod_proxy.so
LoadModule proxy_http_module libexec/apache2/mod_proxy_http.so
LoadModule proxy_scgi_module libexec/apache2/mod_proxy_scgi.so
LoadModule proxy_balancer_module libexec/apache2/mod_proxy_balancer.so
LoadModule ssl_module libexec/apache2/mod_ssl.so
LoadModule mime_module libexec/apache2/mod_mime.so
LoadModule dav_module libexec/apache2/mod_dav.so
LoadModule autoindex_module libexec/apache2/mod_autoindex.so
LoadModule asis_module libexec/apache2/mod_asis.so
LoadModule info_module libexec/apache2/mod_info.so
LoadModule cgi_module libexec/apache2/mod_cgi.so
LoadModule dav_fs_module libexec/apache2/mod_dav_fs.so
LoadModule vhost_alias_module libexec/apache2/mod_vhost_alias.so
LoadModule negotiation_module libexec/apache2/mod_negotiation.so
LoadModule dir_module libexec/apache2/mod_dir.so
LoadModule imagemap_module libexec/apache2/mod_imagemap.so
LoadModule actions_module libexec/apache2/mod_actions.so
LoadModule speling_module libexec/apache2/mod_speling.so
LoadModule alias_module libexec/apache2/mod_alias.so
LoadModule rewrite_module libexec/apache2/mod_rewrite.so
LoadModule php5_module libexec/apache2/libphp5.so
#Apple specific modules
LoadModule apple_userdir_module libexec/apache2/mod_userdir_apple.so
LoadModule bonjour_module libexec/apache2/mod_bonjour.so
<IfDefine !MACOSXSERVER>
LoadModule authn_dbm_module libexec/apache2/mod_authn_dbm.so
LoadModule authn_anon_module libexec/apache2/mod_authn_anon.so
LoadModule authn_dbd_module libexec/apache2/mod_authn_dbd.so
LoadModule authn_default_module libexec/apache2/mod_authn_default.so
LoadModule auth_basic_module libexec/apache2/mod_auth_basic.so
LoadModule auth_digest_module libexec/apache2/mod_auth_digest.so
LoadModule authz_groupfile_module libexec/apache2/mod_authz_groupfile.so
LoadModule authz_user_module libexec/apache2/mod_authz_user.so
LoadModule authz_dbm_module libexec/apache2/mod_authz_dbm.so
LoadModule authz_owner_module libexec/apache2/mod_authz_owner.so
LoadModule authz_default_module libexec/apache2/mod_authz_default.so
LoadModule mem_cache_module libexec/apache2/mod_mem_cache.so
LoadModule dbd_module libexec/apache2/mod_dbd.so
LoadModule proxy_connect_module libexec/apache2/mod_proxy_connect.so
LoadModule proxy_ftp_module libexec/apache2/mod_proxy_ftp.so
LoadModule proxy_ajp_module libexec/apache2/mod_proxy_ajp.so
LoadModule status_module libexec/apache2/mod_status.so
</IfDefine>
<IfDefine MACOSXSERVER>
LoadModule hfs_apple_module libexec/apache2/mod_hfs_apple.so
#LoadModule auth_digest_apple_module libexec/apache2/mod_auth_digest_apple.so
#LoadModule encoding_module libexec/apache2/mod_encoding.so
#LoadModule jk_module libexec/apache2/mod_jk.so
LoadModule apple_auth_module libexec/apache2/mod_auth_apple.so
LoadModule spnego_auth_module libexec/apache2/mod_spnego_apple.so
LoadModule apple_digest_module libexec/apache2/mod_digest_apple.so
#LoadModule python_module libexec/apache2/mod_python.so
LoadModule xsendfile_module libexec/apache2/mod_xsendfile.so
LoadModule apple_status_module libexec/apache2/mod_status_apple.so
</IfDefine>
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
User _www
Group _www
# 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [email protected]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If your host doesn't have a registered DNS name, enter its IP address here.
#ServerName www.example.com:80
<IfDefine MACOSXSERVER>
DocumentRoot /var/empty
<IfModule mod_auth_digest_apple.c>
BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On
</IfModule>
<IfModule mod_headers.c>
Header add MS-Author-Via "DAV"
RequestHeader set X_FORWARDED_PROTO 'https' env=https
RequestHeader set X_FORWARDED_PROTO 'http' env=!https
</IfModule>
<IfModule mod_encoding.c>
EncodingEngine on
NormalizeUsername on
DefaultClientEncoding UTF-8
# Windows XP?
AddClientEncoding "Microsoft-WebDAV-MiniRedir/" MSUTF-8
# Windows 2K SP2 with .NET
AddClientEncoding "(Microsoft .* DAV\$)" MSUTF-8
# Windows 2K SP2/Windows XP
AddClientEncoding "(Microsoft .* DAV 1.1)" CP932
# Windows XP?
AddClientEncoding "Microsoft-WebDAV*" CP932
# RealPlayer
AddClientEncoding "RMA/*" CP932
# MacOS X webdavfs
AddClientEncoding "WebDAVFS" UTF-8
# cadaver
AddClientEncoding "cadaver/" EUC-JP
</IfModule>
<Directory /usr/share/web>
AllowOverride None
Options MultiViews FollowSymlinks
Order allow,deny
Allow from all
Header Set Cache-Control no-cache
</Directory>
Alias /webmail /usr/share/web/webmail.html
Alias /changepassword /usr/share/web/changepassword.html
Alias /profilemanager /usr/share/web/profilemanager.html
Alias /webcal /usr/share/web/webcal.html
</IfDefine>
<IfDefine !MACOSXSERVER>
<IfDefine WEBSHARING_ON>
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/Library/WebServer/Documents"
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
# First, we configure the "default" to be a very restrictive set of
# features.
<Directory />
Options FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# This should be changed to whatever you set DocumentRoot to.
<Directory "/Library/WebServer/Documents">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks MultiViews
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
</IfDefine>
</IfDefine>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
# Apple specific filesystem protection.
<Files "rsrc">
Order allow,deny
Deny from all
Satisfy All
</Files>
<DirectoryMatch ".*\.\.namedfork">
Order allow,deny
Deny from all
Satisfy All
</DirectoryMatch>
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "/private/var/log/apache2/error_log"
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
<IfModule log_config_module>
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedvhost
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%v %h %l %u %t \"%r\" %>s %b" commonvhost
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinediovhost
</IfModule>
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
CustomLog "/private/var/log/apache2/access_log" common
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog "/private/var/log/apache2/access_log" combined
</IfModule>
<IfModule alias_module>
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
ScriptAliasMatch ^/cgi-bin/((?!(?i:webobjects)).*$) "/Library/WebServer/CGI-Executables/$1"
</IfModule>
<IfModule cgid_module>
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#Scriptsock /private/var/run/cgisock
</IfModule>
# "/Library/WebServer/CGI-Executables" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/Library/WebServer/CGI-Executables">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
# DefaultType: the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
DefaultType text/plain
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
TypesConfig /private/etc/apache2/mime.types
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#MIMEMagicFile /private/etc/apache2/magic
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall is used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
#EnableMMAP off
#EnableSendfile off
TraceEnable off
# Supplemental configuration
# The configuration files in the /private/etc/apache2/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM prefork specific)
StartServers 1
MinSpareServers 1
MaxSpareServers 1
# ServerLimit and MaxClients support n% syntax which sets them to a
# fraction of the current RLIMIT_NPROC limit.
ServerLimit 50%
MaxClients 50%
ListenBackLog 512
MaxRequestsPerChild 100000
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
KeepAlive On
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
KeepAliveTimeout 15
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
MaxKeepAliveRequests 100
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the
# ServerName directive.
UseCanonicalName Off
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
AccessFileName .htaccess
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
ServerTokens Full
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
ServerSignature On
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
HostnameLookups Off
# PidFile: The file in which the server should record its process
# identification number when it starts.
PidFile /var/run/httpd.pid
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
LockFile "/private/var/log/apache2/accept.lock"
<IfModule mod_rewrite.c>
RewriteLock /var/log/apache2/rewrite.lock
</IfModule>
# Language settings
Include /private/etc/apache2/extra/httpd-languages.conf
<IfDefine WEBSHARING_ON>
# Multi -language error messages
#Include /private/etc/apache2/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include /private/etc/apache2/extra/httpd-autoindex.conf
# User home directories
Include /private/etc/apache2/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include /private/etc/apache2/extra/httpd-info.conf
# Virtual hosts
#Include /private/etc/apache2/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
Include /private/etc/apache2/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include /private/etc/apache2/extra/httpd-dav.conf
</IfDefine>
# Secure (SSL/TLS) connections
<IfDefine !MACOSXSERVER>
#Include /private/etc/apache2/extra/httpd-ssl.conf
</IfDefine>
<IfDefine MACOSXSERVER>
<IfModule mod_ssl.c>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLPassPhraseDialog exec:/etc/apache2/getsslpassphrase
SSLSessionCache shmcb:/var/run/ssl_scache(512000)
SSLSessionCacheTimeout 300
SSLMutex file:/var/run/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
AddType application/x-x509-ca-cert crt
AddType application/x-pkcs7-crl crl
</IfModule>
</IfDefine>
<IfModule mod_jk.c>
JKWorkersFile /etc/apache2/workers.properties
JKLogFile /var/log/apache2/mod_jk.log
JkShmFile /var/log/apache2/jk-runtime-status
</IfModule>
<IfModule php5_module>
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
</IfModule>
<IfDefine !MACOSXSERVER>
Include /etc/apache2/other/*.conf
</IfDefine>
<IfDefine MACOSXSERVER>
<IfDefine WEBSERVICE_ON>
Include /etc/apache2/sites/*.conf
</IfDefine>
<IfDefine !WEBSERVICE_ON>
Include /etc/apache2/sites/virtual_host_global.conf
Include /etc/apache2/sites/*_.conf
Include /etc/apache2/sites/*__shadow.conf
</IfDefine>
</IfDefine>That's a comment in the file. It has no effect at all.
-
How can I make my Apple ID security? It has been hacked three times in a week!
Just in a week, I found my apple id(this id) has been hacked for three times!
When I was trying to login in to the ITunes Connect, it returned following error,
Your Apple ID or password was entered incorrectly.
I'm sure I entered the password correctly that I checked it many times and it's never happens before. So every time it happens, I use the forget password tool to reset the password. Just in a week, the incorrect password occurred 3 TIMES and I have reseted my password 3 TIMES to get control back.
I'm a developer so first time it happens I did aware of there might be hacker. So I cleared all password cache in my machine, scan virus and reset the password of Apple ID and my mailbox in a more complex letters.
However, ever I did so, my password still goes wrong and the error happens again and again.
And one thing I can't understand in this story is,
- Every time I reset my password I got an email notification, it always works, during my 3 resets.
- When my password is hacked (I can just assume it's a hack), there's no email notification. I can almost sure the email is not deleted, because no matter how fast it's delete, my mobile should receive a popup anyway.
Now I have tried everything I can but my account is still not safe. I want report this issue to Apple that they can figure out the problem, to avoid a bigger security disaster. But I could not find a contact from apple for this problem, I sent a mail [email protected] but no reply. It's so terrible...
So i ask for help in this forum, I'd appreciate if anybody can help either security suggestion to me or help find the contact of apple.account disabled for security reasons: http://support.apple.com/en-us/TS2446
-
Basically my iPhone 4 asked for my Apple ID and I entered it thinking it was just some check or something and then I've just been scrolling through my music library and there is a whole U2 album there and i have never even heard of U2... i clicked on one of the songs to see what it was and it came up with "This device is already associated with an apple ID. If you download past purchases with your apple ID, you cannot auto download or download past purchases with a different Apple ID for 90 days."
I Can't delete the album like I can with my other music from my phone and I don't really want to connect my phone to my laptop incase I have been hacked and it could give the person all access to my phone?
Pde lease help me out, I don't know what's happened:(Do the half billion copies of the album they gave away count as "sales"?
Let's see... An album has to sell 500,000 copies to go gold, 1,000,000 copies to go Platinum, 10,000,000 copies to go diamond... What will they come up with for 500,000,000 copies sold?
Something radioactive would be cool... though difficult to display safely on the wall... -
How can i tell if my iphone 4 has been hacked into?
Here is the situation.....a friend of mine is in a bad marriage. She found out her husband bugged her laptop and her phone and is finding out all of her conversations. The other day, we were all at a buffet restaurant and he was sitting at the table with us, without thinking anything of it, I left my purse with my phone at the table while all but him went up to the bar. Later on that night, I was in the car with another friend and we were talking in detail about our friends situation. The next day my friend whom I was talking to in the car, checked her answering machine, and our conversation was on her machine. I checked my call log AND detailed billing from AT&T thinking I may have butt dialed her house, but there is no record of me calling her house. The same with her, she as no record of calling her house and her home phone does not have caller ID. This guy is very tech savy and is the manager of 4 AT&T stores. Is it possible for him to have hacked into my phone and put some sort of bug in it? If this is possible, is it also possible for my phone to be able to record our conversation without a call being placed? If it is possible, how can I tell if my phone has been hacked?
ThanksIt would be extremely difficult for someone to be able to grab your iPhone out of your purse and hack into it without having a laptop computer with him with which to jailbreak the iPhone and time to work on it. I can't say it would be impossible, though. I'd suggest as a precaution you perform a Restore on your iPhone; if it restores successfully that would clear any jailbreak and remove any hack.
http://support.apple.com/kb/ht1212
Regards. -
Have I been hacked??? "Stealth Mode connection attempt to UDP"
My Mac Mini has been running very slowly lately. Sometimes it takes half a minute to switch between apps, and I mean simple apps like Mail and Safari and Appleworks, not Photoshop. Photoshop is a joke it runs so slow. So I've run Onyx SEVERAL times, restarted and cleared my PRam, and nothing is helping. I also noticed it seemed like my Mini was "running" a lot (the hard drive making a noise like it was up to something when I'm not doing anything). So I looked at the cable box and the Ethernet light was flashing softly, going along with the hard drive noise. Then I downloaded something called MenuMeters and it is showing that I'm receiving data constantly - it goes between about 300B/s to 1500B/s, and sometimes it shows I'm sending too. So I opened up the System Preferences and found out that "Network Time" was enabled in the Firewall preference pane. I unchecked that but my Mini is still receiving. (I'm not on any Ethernet network or anything either.) So I opened Advanced and found that the "Block UDP Traffic" box is not checked, though the other two "Enable Firewall Logging" and "Enable Stealth Mode" are checked. THEN I opened the log file and was shocked to see 1048 lines, mostly reading ""Stealth Mode connection attempt to UDP," although once in a while I saw a few that said "12190 Deny TCP." And that 1048 is just for yesterday and today. Is that normal??? Sometimes the "Stealth Mode connection" lines are single (I mean, not to a repeating number), but sometimes they repeat two, three, even five times to the same number.
Have I been hacked? Is someone stealing our small business data? Sounds kind of ridiculous, but can't help and worry some. Or do I have a virus? I tried to google whether or not there are any Mac viruses out there, that might pertain to this, but couldn't figure out anything. What do I do? I'm not very computer savvy, other than running my apps, and don't anything about Terminal or things like that. Even as I type this MenuMeters is showing me I'm receiving SOMETHING. Yikes!
Mini Mac OS X (10.4.8)You mention one of the applications you have been using is Appleworks - which is not supplied with Intel systems, only PPC Macs. This would tend to suggest that your mini is a G4 model. It would be helpful to know which model the system is, what software you have on it, how much free space you have on your hard drive, and what you typically use the system for.
It's interesting that you note the system seems generally busy, which would go some way to explain why it may also seem rather slow, but you haven't mentioned whether you've run Activity Monitor to see what processes are active when the system seems to be active with some task that is not of your doing. If you haven't tried this yet, do so now - and let us know what processes the system shows as active when otherwise the system ought to be idle.
To answer a few of your broad questions: When the system is connected to the internet, it's not unusual to see a certain amount of data through-putting the network connection, but in most instances this would be in the region of 100-200B/s, with occasional, brief, spikes upwards of that. In the absence of a local router that level of data is likely to be higher, since basically your Mac is managing your internet connection and maintaining a public IP address assigned by your service provider. In a system with a router, the router handles this traffic so the resultant volume of data the Mac sees would be less.
The fact you see entries in the log of the sort you describe is not necessarily an indicator of a problem. It may suggest that the system is being probed, which as Boece has said is not at all uncommon for a system with a public IP number - and is indeed why it's most common to find systems being used 'behind' a router. The router takes the public IP number, and so systems behind it are given internal addresses by the router which are not visible to the outside world. The Router then performs something called Network Address Translation (NAT) which converts internal and public addresses as needed to ensure the computer can communicate with the internet while still staying 'invisible'.
In your position, I would look to add a basic router between your Mac and your cable/DSL modem because a hardware firewall is generally more effective than a software firewall, and NAT will keep your system clear of most potential hacking risks.
As for the potential for a virus - this is a bit of a thorny subject because most will (rightly) say that MacOS is not the target of any known virus that exists in the wild. Unfortunately, that doesn't mean that it will remain that way, or that it's impossible to create malware that can infect or impact Mac systems. A good line of defense can be obtained by downloading and installing ClamXav (http://www.clamxav.com/) and setting it to examine vulnerable spots such as the desktop where files are typically downloaded or your mail folders, and using it to scan the system. Generally speaking, unlike antivirus products for Windows, this software does not consume copious amounts of CPU time (it grabs between 1 and 5% on my 1.25 G4 mini while in the background) so it's worth having around.
You also mention running OnyX several times - this is not a good thing. OnyX, like the other utilities of this type, is a useful tool in resolving performance issues, but if you find that it doesn't work when you use it once, it indicates the problem is not something that OnyX can resolve. Running it multiple times doesn't necessarily do any harm, but it does mean that macOS is continually having to build new cache files etc, which makes the system run very badly!
So....
(1) tell us about your system, the software on it and what you use it for.
(2) how much free space is on your hard drive.
(3) run Activity Monitor and tell us what it shows when the system seems to be busy doing it's own thing.
(4) download ClamXav and run it as described.
(5) get an inexpensive router and insert that into your system as described (we can help explain how to set everything up once you've got it if you need assistance). -
PLEASE HELP! How can I tell if my Imac has been hacked?
PLEASE HELP! How can I tell if my Imac has been hacked? I see a few people have asked this question but the responses tended to be advice on what to do once you've been hacked, not what can done to find out if you have been hacked. I have a late 2012 model imac. My sharing was off and remote logging was off. I use an external router that send wireless to about 4 consoles in the flat. I don't think I have any firewalls up (now looking like a mistake). I think I'm possibly being hacked due to abnormal behaviour and most recently my camera was turned off all day (no LED) then I went to record something on Photo Booth, the application popped up displaying an image of me getting dressed (nightmare!) which happened hours earlier when the camera was off. This image quickly then disappeared and the camera began working normally. Very strange and alarming. Please help me. Any advice would be very much appreciated. Thanks.
1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.
Don't be put off merely by the seeming complexity of these instructions. The process is much less complicated than the description. You do harder tasks with the computer all the time.
2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.
There are ways to back up a computer that isn't fully functional. Ask if you need guidance.
3. Below are instructions to run a UNIX shell script, a type of program. All it does is to collect information about the state of the computer. That information goes nowhere unless you choose to share it. However, you should be cautious about running any kind of program (not just a shell script) at the behest of a stranger. If you have doubts, search this site for other discussions in which this procedure has been followed without any report of ill effects. If you can't satisfy yourself that the instructions are safe, don't follow them. Ask for other options.
Here's a summary of what you need to do, if you choose to proceed:
Copy a line of text in this window to the Clipboard.
Paste into the window of another application.
Wait for the test to run. It usually takes a few minutes.
Paste the results, which will have been copied automatically, back into a reply on this page.
The sequence is: copy, paste, wait, paste again. You don't need to copy a second time. Details follow.
4. You may have started the computer in "safe" mode. Preferably, these steps should be taken in “normal” mode, under the conditions in which the problem is reproduced. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.
5. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.
6. The script is a single long line, all of which must be selected. You can accomplish this easily by triple-clicking anywhere in the line. The whole line will highlight, though you may not see all of it in the browser window, and you can then copy it. If you try to select the line by dragging across the part you can see, you won't get all of it.
Triple-click anywhere in the line of text below on this page to select it:
PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/libexec;clear;cd;p=(Software Hardware Memory Diagnostics Power FireWire Thunderbolt USB Fonts 51 4 1000 25 5120 KiB/s 1024 85 \\b%% 20480 1 MB/s 25000 ports 'com.autodesk.AutoCad com.evenflow.dropbox com.google.GoogleDrive' DYLD_INSERT_LIBRARIES\ DYLD_LIBRARY_PATH -86 ` route -n get default|awk '/e:/{print $2}' ` 25 N\\/A down up 102400 25600 recvfrom sendto CFBundleIdentifier 25 25 25 1000 MB );N5=${#p[@]};p[N5]=` networksetup -listnetworkserviceorder|awk ' NR>1 { sub(/^\([0-9]+\) /,"");n=$0;getline;} $NF=="'${p[26]}')" { sub(/.$/,"",$NF);print n;exit;} ' `;f=('\n%s: %s\n' '\n%s\n\n%s\n' '\nRAM details\n%s\n' %s\ %s '%s\n-\t%s\n' );S0() { echo ' { q=$NF+0;$NF="";u=$(NF-1);$(NF-1)="";gsub(/^ +| +$/,"");if(q>='${p[$1]}') printf("%s (UID %s) is using %s '${p[$2]}'",$0,u,q);} ';};s=(' /^ *$|CSConfigDot/d;s/^ */ /;s/[-0-9A-Fa-f]{22,}/UUID/g;s/(ochat)\.[^.]+(\..+)/\1\2/;/Shared/!s/\/Users\/[^/]+/~/g ' ' s/^ +//;5p;6p;8p;12p;' ' {sub(/^ +/,"")};NR==6;NR==13&&$2<'${p[10]} ' 1s/://;3,6d;/[my].+:/d;s/^ {4}//;H;${ g;s/\n$//;/s: [^EO]|x([^08]|02[^F]|8[^0])/p;} ' ' 5h;6{ H;g;/P/!p;} ' ' ($1~/^Cy/&&$3>'${p[11]}')||($1~/^Cond/&&$2!~/^N/) ' ' /:$/{ N;/:.+:/d;s/ *://;b0'$'\n'' };/^ *(V.+ [0N]|Man).+ /{ s/ 0x.... //;s/[()]//g;s/(.+: )(.+)/ (\2)/;H;};$b0'$'\n'' d;:0'$'\n'' x;s/\n\n//;/Apple[ ,]|Intel|SMSC/d;s/\n.*//;/\)$/p;' ' s/^.*C/C/;H;${ g;/No th|pms/!p;} ' '/= [^GO]/p' '{$1=""};1' ' /Of/!{ s/^.+is |\.//g;p;} ' ' $0&&!/ / { n++;print;} END { if(n<200) print "com.apple.";} ' ' $3~/[0-9]:[0-9]{2}$/ { gsub(/:[0-9:a-f]{14}/,"");} { print|"tail -n'${p[12]}'";} ' ' NR==2&&$4<='${p[13]}' { print $4;} ' ' END { $2/=256;if($2>='${p[15]}') print int($2) } ' ' NR!=13{next};{sub(/[+-]$/,"",$NF)};'"`S0 21 22`" 'NR!=2{next}'"`S0 37 17`" ' NR!=5||$8!~/[RW]/{next};{ $(NF-1)=$1;$NF=int($NF/10000000);for(i=1;i<=3;i++){$i="";$(NF-1-i)="";};};'"`S0 19 20`" 's:^:/:p' '/\.kext\/(Contents\/)?Info\.plist$/p' 's/^.{52}(.+) <.+/\1/p' ' /Launch[AD].+\.plist$/ { n++;print;} END { if(n<200) print "/System/";} ' '/\.xpc\/(Contents\/)?Info\.plist$/p' ' NR>1&&!/0x|\.[0-9]+$|com\.apple\.launchctl\.(Aqua|Background|System)$/ { print $3;} ' ' /\.(framew|lproj)|\):/d;/plist:|:.+(Mach|scrip)/s/:[^:]+//p ' '/root/p' ' !/\/Contents\/.+\/Contents|Applic|Autom|Frameworks/&&/Lib.+\/Info.plist$/ { n++;print;} END { if(n<1000) print "/System/";} ' '/^\/usr\/lib\/.+dylib$/p' ' /Temp|emac/d;/(etc|Preferences)\//s/^\.\/[^/]+//p;' ' /\/(Contents\/.+\/Contents|Frameworks)\/|\.wdgt\/.+\.([bw]|plu)/d;p;' 's/\/(Contents\/)?Info.plist$//;p' ' { gsub("^| ","||kMDItem'${p[35]}'=");sub("^.."," ") };1 ' p '{print $3"\t"$1}' 's/\'$'\t''.+//p' 's/1/On/p' '/Prox.+: [^0]/p' '$2>'${p[9]}'{$2=$2-1;print}' ' BEGIN { i="'${p[26]}'";M1='${p[16]}';M2='${p[18]}';M3='${p[31]}';M4='${p[32]}';} !/^A/ { next;} /%/ { getline;if($5<M1) a="user "$2"%, system "$4"%";} /disk0/&&$4>M2 { b=$3" ops/s, "$4" blocks/s";} $2==i { if(c) { d=$3+$4+$5+$6;next;};if($4>M3||$6>M4) c=int($4/1024)" in, "int($6/1024)" out";} END { if(a) print "CPU: "a;if(b) print "I/O: "b;if(c) print "Net: "c" (KiB/s)";if(d) print "Net errors: "d" packets/s";} ' ' /r\[0\] /&&$NF!~/^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./ { print $NF;exit;} ' ' !/^T/ { printf "(static)";exit;} ' '/apsd|OpenD/!s/:.+//p' ' (/k:/&&$3!~/(255\.){3}0/ )||(/v6:/&&$2!~/A/ ) ' ' $1~"lR"&&$2<='${p[25]}';$1~"li"&&$3!~"wpa2";' ' BEGIN { FS=":";} { n=split($3,a,".");sub(/_2[01].+/,"",$3);print $2" "$3" "a[n]" "$1;b=b$1;} END { if(b) print("\n\t* Code injection");} ' ' NR!=4{next} {$NF/=10240} '"`S0 27 14`" ' END { if($3~/[0-9]/)print$3;} ' ' BEGIN { L='${p[36]}';} !/^[[:space:]]*(#.*)?$/ { l++;if(l<=L) f=f"\n "$0;} END { F=FILENAME;if(!F) exit;if(!f) f="\n [N/A]";"file -b "F|getline T;if(T!~/^(AS.+ (En.+ )?text$|POSIX sh.+ text ex)/) F=F" ("T")";printf("\nContents of %s\n%s\n",F,f);if(l>L) printf("\n ...and %s more line(s)\n",l-L);} ' ' /^ +[NP].+ =/h;/^( +D.+[{]|[}])/{ g;s/.+= //p;};' ' /^ +B/{ s/.+= |(-[0-9]+)?\.s.+//g;p;} ' ' END{print NR} ' ' /id: N|te: Y/{i++} END{print i} ' ' / / { print "'"${p[28]}"'";exit;};1;' '/ en/!s/\.//p' ' NR!=13{next};{sub(/[+-M]$/,"",$NF)};'"`S0 39 40`" ' $10~/\(L/&&$9!~"localhost" { sub(/.+:/,"",$9);print $1": "$9;} ' '/^ +r/s/.+"(.+)".+/\1/p' 's/(.+\.wdgt)\/(Contents\/)?Info\.plist$/\1/p' 's/^.+\/(.+)\.wdgt$/\1/p' 's/0/Off/p' );c1=(system_profiler pmset\ -g nvram fdesetup find syslog df vm_stat sar ps sudo\ crontab sudo\ iotop top pkgutil PlistBuddy whoami cksum kextstat launchctl sudo\ launchctl crontab 'sudo defaults read' stat lsbom mdfind ' for i in ${p[24]};do ${c1[18]} ${c2[27]} $i;done;' defaults\ read scutil sudo\ dtrace sudo\ profiles sed\ -En awk /S*/*/P*/*/*/C*/*/airport networksetup mdutil sudo\ lsof test );c2=(com.apple.loginwindow\ LoginHook '-c Print /L*/P*/loginw*' '-c Print L*/P*/*loginit*' '-c Print L*/Saf*/*/E*.plist' '~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \)' '.??* -path .Trash -prune -o -type d -name *.app -print -prune' '-c Print\ :'${p[35]}' 2>&1' '-c Print\ :Label 2>&1' '{/,}L*/{Con,Pref}* -type f ! -size 0 -name *.plist -exec plutil -s {} \;' "-f'%N: %l' Desktop L*/Keyc*" therm sysload boot-args status " -F '\$Time \$Message' -k Sender kernel -k Message Req 'Beac|caug|dead[^bl]|FAIL|fail|GPU |hfs: Ru|inval|jnl:|last value [1-9]|n Cause: -|NVDA\(|pagin|proc: t|Roamed|rror|ssert|Thrott|tim(ed? ?|ing )o|WARN' -k Message Rne 'Goog|ksadm|SMC:' -o -k Sender fseventsd -k Message Req 'SL' " '-du -n DEV -n EDEV 1 10' 'acrx -o comm,ruid,%cpu' '-t1 10 1' '-f -pfc /var/db/r*/com.apple.*.{BS,Bas,Es,OSXU,Rem,up}*.bom' '{/,}L*/Lo*/Diag* -type f -regex .\*[cgh] ! -name *ag \( -exec grep -lq "^Thread c" {} \; -exec printf \* \; -o -true \) -execdir stat -f:%Sc:%N -t%F {} \;|sort -t: -k2 |tail -n'${p[38]} '-L {/{S*/,},}L*/Lau* -type f' '-L /{S*/,}L*/StartupItems -type f -exec file {} +' '-L /S*/L*/{C*/Sec*A,E}* {/,}L*/{A*d,Ca*/*/Ex,Compon,Ex,In,iTu,Keyb,Mail/B,P*P,Qu*T,Scripti,Sec,Servi,Spo,Widg}* -type f -name Info.plist' '/usr/lib -type f -name *.dylib' `awk "${s[31]}"<<<${p[23]}` "/e*/{auto,{cron,fs}tab,hosts,{[lp],sy}*.conf,pam.d,ssh{,d}_config,*.local} {,/usr/local}/etc/periodic/*/* /L*/P*{,/*}/com.a*.{Bo,sec*.ap}*t .launchd.conf" list getenv /Library/Preferences/com.apple.alf\ globalstate --proxy '-n get default' -I --dns -getdnsservers\ "${p[N5]}" -getinfo\ "${p[N5]}" -P -m\ / '' -n1 '-R -l1 -n1 -o prt -stats command,uid,prt' '--regexp --only-files --files com.apple.pkg.*|sort|uniq' -kl -l -s\ / '-R -l1 -n1 -o mem -stats command,uid,mem' -i4TCP:0-1023 com.apple.dashboard\ layer-gadgets '-d /L*/Mana*/$USER&&echo On' '-app Safari WebKitDNSPrefetchingEnabled' );N1=${#c2[@]};for j in {0..8};do c2[N1+j]=SP${p[j]}DataType;done;N2=${#c2[@]};for j in 0 1;do c2[N2+j]="-n ' syscall::'${p[33+j]}':return { @out[execname,uid]=sum(arg0) } tick-10sec { trunc(@out,1);exit(0);} '";done;l=(Restricted\ files Hidden\ apps 'Elapsed time (s)' POST Battery Safari\ extensions Bad\ plists 'High file counts' User Heat System\ load boot\ args FileVault Diagnostic\ reports Log 'Free space (MiB)' 'Swap (MiB)' Activity 'CPU per process' Login\ hook 'I/O per process' Mach\ ports kexts Daemons Agents launchd Startup\ items Admin\ access Root\ access Bundles dylibs Apps Font\ issues Inserted\ dylibs Firewall Proxies DNS TCP/IP Wi-Fi Profiles Root\ crontab User\ crontab 'Global login items' 'User login items' Spotlight Memory Listeners Widgets Parental\ Controls Prefetching );N3=${#l[@]};for i in 0 1 2;do l[N3+i]=${p[5+i]};done;N4=${#l[@]};for j in 0 1;do l[N4+j]="Current ${p[29+j]}stream data";done;A0() { id -G|grep -qw 80;v[1]=$?;((v[1]==0))&&sudo true;v[2]=$?;v[3]=`date +%s`;clear >&-;date '+Start time: %T %D%n';};for i in 0 1;do eval ' A'$((1+i))'() { v=` eval "${c1[$1]} ${c2[$2]}"|'${c1[30+i]}' "${s[$3]}" `;[[ "$v" ]];};A'$((3+i))'() { v=` while read i;do [[ "$i" ]]&&eval "${c1[$1]} ${c2[$2]}" \"$i\"|'${c1[30+i]}' "${s[$3]}";done<<<"${v[$4]}" `;[[ "$v" ]];};A'$((5+i))'() { v=` while read i;do '${c1[30+i]}' "${s[$1]}" "$i";done<<<"${v[$2]}" `;[[ "$v" ]];};';done;A7(){ v=$((`date +%s`-v[3]));};B2(){ v[$1]="$v";};for i in 0 1;do eval ' B'$i'() { v=;((v['$((i+1))']==0))||{ v=No;false;};};B'$((3+i))'() { v[$2]=`'${c1[30+i]}' "${s[$3]}"<<<"${v[$1]}"`;} ';done;B5(){ v[$1]="${v[$1]}"$'\n'"${v[$2]}";};B6() { v=` paste -d: <(printf "${v[$1]}") <(printf "${v[$2]}")|awk -F: ' {printf("'"${f[$3]}"'",$1,$2)} ' `;};B7(){ v=`grep -Fv "${v[$1]}"<<<"$v"`;};C0(){ [[ "$v" ]]&&echo "$v";};C1() { [[ "$v" ]]&&printf "${f[$1]}" "${l[$2]}" "$v";};C2() { v=`echo $v`;[[ "$v" != 0 ]]&&C1 0 $1;};C3() { v=`sed -E "$s"<<<"$v"`&&C1 1 $1;};for i in 1 2;do for j in 2 3;do eval D$i$j'(){ A'$i' $1 $2 $3; C'$j' $4;};';done;done;{ A0;A2 0 $((N1+1)) 2;C0;A1 0 $N1 1;C0;B0;C2 27;B0&&! B1&&C2 28;D12 15 37 25 8;A1 0 $((N1+2)) 3;C0;D13 0 $((N1+3)) 4 3;D23 0 $((N1+4)) 5 4;for i in 0 1 2;do D13 0 $((N1+5+i)) 6 $((N3+i));done;D13 1 10 7 9;D13 1 11 8 10;D22 2 12 9 11;D12 3 13 10 12;D23 4 19 44 13;D23 5 14 12 14;D22 6 36 13 15;D22 7 37 14 16;D23 8 15 38 17;D22 9 16 16 18;B1&&{ D22 11 17 17 20;for i in 0 1;do D22 28 $((N2+i)) 45 $((N4+i));done;};D22 12 44 54 45;D22 12 39 15 21;A1 13 40 18;B2 4;B3 4 0 19;A3 14 6 32 0;B4 0 5 11;A1 17 41 20;B7 5;C3 22;B4 4 6 21;A3 14 7 32 6;B4 0 7 11;B3 4 0 22;A3 14 6 32 0;B4 0 8 11;B5 7 8;B1&&{ A2 19 26 23;B7 7;C3 23;};A2 18 26 23;B7 7;C3 24;A2 4 20 21;B7 6;B2 9;A4 14 7 52 9;B2 10;B6 9 10 4;C3 25;D13 4 21 24 26;B4 4 12 26;B3 4 13 27;A1 4 22 29;B7 12;B2 14;A4 14 6 52 14;B2 15;B6 14 15 4;B3 0 0 30;C3 29;A1 4 23 27;B7 13;C3 30;D13 24 24 32 31;D13 25 37 32 33;A1 23 18 28;B2 16;A2 16 25 33;B7 16;B3 0 0 34;B2 21;A6 47 21&&C0;B1&&{ D13 21 0 32 19;D13 10 42 32 40;D22 29 35 46 39;};D23 14 1 48 42;D12 34 43 53 44;D22 0 $((N1+8)) 51 32;D13 4 8 41 6;D12 26 28 35 34;D13 27 29 36 35;A2 27 32 39&&{ B2 19;A2 33 33 40;B2 20;B6 19 20 3;};C2 36;D23 33 34 42 37;B1&&D23 35 45 55 46;D23 32 31 43 38;D12 36 47 32 48;D13 20 42 32 41;D13 14 2 48 43;D13 4 5 32 1;D22 4 4 50 0;D13 14 3 49 5;D12 26 48 59 49;B3 4 22 57;A1 26 46 56;B7 22;B3 0 0 58;C3 47;D23 22 9 37 7;A7;C2 2;} 2>/dev/null|pbcopy;exit 2>&-
Copy the selected text to the Clipboard by pressing the key combination command-C.
7. Launch the built-in Terminal application in any of the following ways:
Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
Open LaunchPad. Click Utilities, then Terminal in the icon grid.
Click anywhere in the Terminal window and paste by pressing command-V. The text you pasted should vanish immediately. If it doesn't, press the return key.
8. If you see an error message in the Terminal window such as "syntax error," enter
exec bash
and press return. Then paste the script again.
9. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. In most cases, the difference is not important. If you don't know the password, or if you prefer not to enter it, press the key combination control-C or just press return three times at the password prompt. Again, the script will still run.
If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.
10. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, there will be nothing in the Terminal window and no indication of progress. Wait for the line
[Process completed]
to appear. If you don't see it within half an hour or so, the test probably won't complete in a reasonable time. In that case, close the Terminal window and report the results. No harm will be done.
11. When the test is complete, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.
At the top of the results, there will be a line that begins with the words "Start Time." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.
If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.
12. When you post the results, you might see the message, "You have included content in your post that is not permitted." It means that the forum software has misidentified something in the post as a violation of the rules. If that happens, please post the test results on Pastebin, then post a link here to the page you created.
Note: This is a public forum, and others may give you advice based on the results of the test. They speak only for themselves, and I don't necessarily agree with them.
Copyright © 2014 by Linc Davis. As the sole author of this work, I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed. -
TS3899 I can only pick up e mails in Trash, wondering if I have been hacked. Any ideas?
I can only pick up e mails in Trash, wondering if I have been hacked. Any ideas?
is this a shared i map account? where somebody else is looking at the e mails on a diffeent device, and trashing them? Are you deleting them from a different device on the same mail account.
A hack of the pad is not the problem, but it sure sounds like somebody else is participating in your mail service.
(you might want to change your mail password)
Last choice - is you ISP sending these to trash because it thinks they are junk mail or spam?
Maybe you are looking for
-
HOW TO USE PERFORM STATEMENT IN SMARTFORMS
Hi, Can anyone tell me how to use call subroutine in smartform? Thanks & Regards, Gauarv.
-
I'm trying to share my cable internet connection to an ipod touch via wifi. The ipod can connect but then can't access internet services. Anyone can help me about this?
-
JButton in table cell in Find Mode
Hello! I have JButton in JTable cell for calling LOV. When form goes to Find Mode all JButtons become disabled. Accordingly, I want that buttons active. Any help will be appreciated %)
-
Tape delay gets cut off in the middle of a project
I'm working on a multichannel 24bit, 48kHz audio project in Soundtrack Pro version 1.1. I'm using WAVs as source material. One of the audiotracks contains a short sample of 1 second, that has a Tape Delay effect on it with the feedback on 55%, so it
-
Tried downloading iOS 6 on my iPhone 3G. Now my iphone is stuck with the loading thing for the iOS 6 and has been for almost 24 hrs. I've tried restoring it but it just goes right back to that loading page and now won't even turn off or restore. What