Re: 14 antivirus apps found to have security problems.

2

Answers

  • RusliRusli Posts: 988

    Remember Davinci Malware can infect both Mac and Windows.

     

    DO NOT copy your previous files that you work with to your clean computer.

     

    Document any incidents on a notebook or notepad, write the date and time and place.

     

    Do a video recording of your innocent.

     

    Do a video recording to your computer what is happening.

     

    I don't know, if you intend to sent the infect file to F-Secure.

     

    You have to send the infected file via Air post to Finland. If you want to and write a letter.

     

    Corporate Headquarters &
    Finland

    F-Secure Corporation
    Tammasaarenkatu 7
    PL 24
    00181 Helsinki
    Finland

    Tel. 358 9 2520 0700
    Fax 358 9 2520 5001

     

    You can always send the infected file via online to F-Secure.

     

  • RusliRusli Posts: 988

    Make sure you see the videos and the links that I have given you.

     

    That is all I can help you.

     

    Hope you get your life back on track again.

  • BitsBits Posts: 19
    You are amazing for taking soo much of your time to help me, you don't even know me. For that thank you so very much. I've had great response here and hope the team at F-secure sees about my situation and maybe offers help or takes interest .

    It actually is only a Mac computer that I have . Everything I told you is happening is not on windows, it's on my MacBook Pro 10.9.3.

    I've kept a written journal and I've already tried to make a police report. But walking into the police department saying" a large company is ilegally monitoring me and has infected my computer with a virus no one in the police dept. knows anything about , oh and my IP address us giving off the wrong IP range. Well they don't respond well.... They think your crazy and tell you to call IC3 which is an automated recording.
  • BitsBits Posts: 19
    This site and suggestions I've been given are the best hope ive had yet. As far as disinfecting my computer I don't think it's possible for me on my own to do at this point. I just don't know how long this will go on for? If I buy a new computer will they do it again? Is my phone compromised ? I just don't know without some real help .

    But thank you! Really thank you for all you've suggested, I'll take what I can and do everything possible .
    M
  • RusliRusli Posts: 988

    If you follow what I told you.

     

    Half of the battle have been won!!!

     

     

     

    Sometimes the malware did not come from you, maybe you accidently get your computer infected.

     

    If someone have a heart to sabotage your computer.

     

    That can be possible also.

     

    First, just do the steps that I given you.

     

    Don't buy  a new laptop yet. See if this steps works.

     

    Remember don't copy back the backup files. It is infected!

     

    Oh yeah, I forgot to tell you one thing.

     

    Disable you Parental Control on your Mac OS X.

     

    Make sure it is disable and turn off.

     

    The reason is because I suspected that someone is already gain access to your computer and remotely desktop to you mac with Parental Control turn on!

     

     

    As long as you don't go to the infected site in the internet you are safe.

     

    If you have Apple boot camp.

     

    Make sure you install malwarebytes on your Windows OS.

     

    Hope you follow all the hints that I given you.

     

     

    When you redo or re installing your Mac OS X.

     

    Make sure you do it on your own.

     

    You cannot ask someone to do it for you.

     

    Because people can just create a user account and take complete control of your computer.

     

    You must learn how to do things yourself. You cannot rely on others.

     

    Don't click to the link you don't trust.

     

    Or any email attachment.

     

    Always do a scan on email attachments.

     

    Follow this tips from US Homeland Security on computer security issues.

     

    http://www.us-cert.gov/ncas/tips/

     

    You must learn the hard way and adapt to new technologies.

     

    Do not let others play with your computer. Even friends.

     

     

    Did you read the links that i've given you. And did you watch the video clips?

     

    You must read and see.

     

    Then you will know what I'm talking about.

     

    Then you know how to prevent this things from happening again.

     

    Like got infected with malware and viruses.

     

    This is a learning curve that you need to know.

     

    If you think you are still under threat.

     

    Then learn art of self defense.

     

    Like learning aikido. Like Steven Seagal??? (You watch Steven Seagal Lawman - http://stevenseagal.com/?page_id=34)

     

    So that you can disarm the bad guys.

     

    If you want a firewall on your Mac.

     

    You can use,

     

    http://www.hanynet.com/icefloor/

     

    http://www.oneperiodic.com/products/handsoff/

     

    http://www.obdev.at/products/littlesnitch/index.html

     

    One thing about mac is that you have to buy every piece of software. It did not come with Free.

     

    I just trying to help you out. Hope this will solve all your problems!!!

     

     

  • RusliRusli Posts: 988

    Summary tips on Macbook Pro security tips.

     

    1. check to see if your root user account is enable.

        Change the root user account password and disable it.

     

    2. check to see if Active Directory is enable.

        Change and disable Active Directory.

     

    3. Make sure all Sharing are untick and disable under Sharing System Preferences.

        Take note of Remote Login, Remote Desktop, VNC enable on Remote Desktop or Screen Sharing, Internet Sharing, File Sharing. Go to the option one by one and disable and untick all the settings.

     

    4. Check your Network settings.

        Make sure Internet Sharing is not enable. Your network is not bind. Make sure no Apple Airport is enable and  configure in your Mac.

     

    5. Disable your Parental Control.

       

    6. Do not use root and admin account every day. Create a Standard user acccount.

     

    7. Do not install Java.

     

    8. If you need to use Flash. Make sure you check whether you have the latest updates.

        Google Adobe Flash about, check to see if you have the latest version of Adobe Flash.

     

    9. Do not use Internet Explorer if you are using Apple Boot Camp.

     

    10. Do not use Apple Safari. Use alternative browser like Firefox or Google Chrome.

     Make sure you keep the browser up to date.

     

    11. Go to Apple Apps Store and Update your Mac Operating System.

    Go to Apple Security Update web site. http://support.apple.com/kb/HT1222

    To check for all apple product security updates.

     

    12. Enable Firewall via Firewall System Preferences and tick or select block all incoming.

     

    13. Buy or use a good Anti Virus program, Like Intego, Avira, Dr Web Light for Mac antivirus. Do a Full Scan.

     

    14. Use a First Aid strips to cover your web cam. Do not use the computer in the toilet or in your room when you are changing clothes. Do not turn on the computer.

     

    15. Be aware of any computer security issues by visiting to CERT.

    http://www.us-cert.gov/

     

    16. F-Secure blog and Intego web site. And also the SafeMac website.

     

    http://www.f-secure.com/weblog/

     

    http://www.intego.com/mac-security-blog/

     

    http://www.thesafemac.com/

     

    http://www.macissues.com/

     

    http://nakedsecurity.sophos.com/category/organisations/apple/

     

    http://clamav-du.securesites.net/cgi-bin/clamgrok?virus=osx&search-type=contains&case-sensitivity=No&database=daily&database=main&display=virus&display=signature&.submit=Submit+Query&.cgifields=database&.cgifields=search-type&.cgifields=case-sensitivity&.cgifields=display

     

    http://www.eset.com/us/threat-center/

     

    http://macscan.securemac.com/

     

    17. Do not install any third party remote desktop program.

     

    18. Go to terminal command. At the command prompt type w and hit enter.

    See if you see any other user logon to your computer.

     

    19. Record a video if you find out that your computer have been compromise.

     

    20. Reformat your hard disk and zero out and reinstall back your Mac OS X.

    Do not reuse or copy over your back up files. It might be infected!!!!

     

    21. Go to apple feedback. http;//www.apple.com/feedback

     

    22. If you see any mouse moving around your computer. Your computer is being remote desktop! Some one is controlling your computer remotely!

     

    http://www.thesafemac.com/mmg-infected/

     

    23. Do not use the same password on your user account.

     

    24. Do not let someone access to your Mac. Be it your boyfriend, friend, siblings etc.

     

    25.Use KeyLemmon Biometricss on your Mac.

    https://www.keylemon.com/

     

    https://www.keylemon.com/app

     

    26. Be wary of Adware, Spyware, Botnets & Malware on your Mac computer.

    Do not click site which you think it's not safe! Do not download anything from CNET Download it contain adwares or spywares!

     

    27. Enable your Gatekeeper setting. Under Security System Preferences.

     

    28. Do not reuse your Time Machine Back Up files to a clean refresh MAC OS X.

    It might be infected!!!

     

    29. keep tab on everything you do in the internet.

     

    30. Always remember what you do, DO NOT assume.

     

     

     

     

     

     

  • RusliRusli Posts: 988

    If you are using a PC.

     

    Download Malwarebytes and do a FULL SCAN.

     

    Use F-Secure Antivirus. Or alternative antivirus program like Bitdefender, Emsisoft, Hitman Pro, Superantispyware.

     

    Use Comodo or Outpost firewall.

     

    Do a Full scan on all your computers.

     

    Do not install any third party remote desktop program on your PC.

     

    Enable your windows firewall if you do not intend to use other third party firewall. Make sure Block All Incoming rules.

     

    Disable any Internet Sharing, Remote Desktop and Remote Assistant.

     

    Update your Windows OS.

     

    Update all your Programs that you use if the software vendor have release a new updated version of the program that you use.

     

    If you suspect any unwanted link do not click.

     

    Do not Download from CNET Download website because it contains adware, spyware. etc.

     

    Be wary of any up to date malware, spyware, botnet issue by visiting known Antivirus company blog web site.

     

    Do not download anything from email attachment files. It may be infected. Do a full scan on any email attachment files.

     

    Install a antivirus program on Your Android Smart Phones and tablets.

     

    Do not use the app in Google Apps Store if it is infected with Android trojans and malwares!

     

    That goes the same to your iPhone and Windows Phone. Use Antivirus program!

     

    http://www.av-test.org/en/home/

     

    http://www.av-comparatives.org/

     

    Always check with US-Cert Homeland Security.

     

    www.us-cert.gov

     

     

     

     

  • RusliRusli Posts: 988

    I think last month apple have release 10.9.4 mac os x updates.

     

    Read Apple Knowledge base steps that i have given it to you.

     

    Take your time to learn.

     

    It will be rewarding if you know how to do it yourself.

     

    Take your time learning the ropes.

     

    Once you get the hang of it. Things will be alot simpler later on. And you know what to do.

     

    Go to the library and borrow  Maverick for Dummies or iLife for Dummies or Maverick the Missing Manuals books.

     

    Read the book and learn at your pace and do hands on!

     

    Do not rely on others to do it for you.

     

    You must be tech savy!

     

    I too learn the hard way. There is no one to spoonfeed me doing everything on a computer. All are self taught at my end.

     

     

     If you buy and own the computer, you must learn how to use the machine / computer.

     

    Same like buying a sewing machine.

     

     Go to www.macworld.com and www.maclife.com. Good site on your mac.

  • BitsBits Posts: 19
    ***UPDATE IMPORTANT***

    I had my ISP company come check the wiring at my apartment to see if it's been tampered with, he checked my network and told me my IP ADDRESS ( when connected with Ethernet hard wired into the wall) had a completely wrong IP range than what they use. It should be in the 100's and mine starts with 23. So this morning I did a check to see where the IP I have is originating from.... It pin pointed the actual building DOWNTOWN LOS ANGELES POLICE DEPARTMENT! I called regarding this, the detective disagreed it could give me an exact building , I have a picture I told her, she took my info and said she'd call back. I'm assuming I won't hear from her . I did tell her the whole situation. Now my fear is even more confirmed , law enforcement IS behind this, and EVERYTHING about it is illegal .
    Wish me luck
  • BitsBits Posts: 19
    AND how is it possible my iphone is giving out the same IP address as my MacBook Pro 's Ethernet address?
    Guess there goes the safety of my phone
  • RusliRusli Posts: 988

    What is the ip address you been getting???

     

    Can you give IP address???

     

    You can go to this site to confirm the Ip address...

     

    Ihttp://whatismyipaddress.com/ip-lookup

  • RusliRusli Posts: 988

    I don't understand why an innocent people like you been victimised wrongly????

     

    I think they must been broking in to your apartment or while you are still working there in the office or maybe you go out for your Lunch, someone must have physically access to your computer and change the password to your root account and turn on the Parental Control and change and implement a ACL command to your computer and mess up with your Macbook Pro laptop and gain access to your root account and turn on the Parental control and remotely

    controlling your computer.

     

    They must have gain access to your computer via root user account on your Mac, and turn on remote login, remote desktop, remote service, screen sharing.

     

     

    When you see someone typing across your terminal screen on your computer. Curse you in your computer. Did you video it???? You must video the incident on your HAND HELD VIDEO CAMERA.

     

    I think they are monitoring you on your Macbook Pro computer.

     

    They must have gain access illegally or HACK into your computer and computer network.

     

    And Peer you thru via the Internet Access in your residential area.

     

    I believe your computer have been Remote Login, Remote Desktop and Screen Sharing or they install a third party Remote Desktop program and gain access to your Root user account and turn on your Parental Control so that you did not get any form of previlege access to your computer.

     

    Did you scan your computer with Intego Antivirus??? Can you install and do a Full Scan???

     

    Okay go to the terminal screen.

     

    Type w and press enter.

     

    see the list of users login to your macbook pro.

     

    or Type last and press enter.

     

    see the list of users login to your macbook pro.

     

    or Type finger and press enter.

     

    see the list of users login to your macbook pro.

     

    What did you see on your terminal screen. Can you cut and paste here???

     

    How many user name did you see in your computer????

     

    It seems to me you've BEEN FRAME WRONGLY for SOMETHING WHICH YOU DID NOT COMMITT.

     

    Take my advice you video tape what happen to your computer. That is the only proof that you got.

     

    By jurisdiction, it is illegal to HACK into someone else computer and take control of his / her computer to do illegal things. This is call A ORGANISE CRIMINAL OFFENCE!!!

     

    The person who did this to you MUST GO TO JAIL.

  • RusliRusli Posts: 988

    When I lookup the ip address 192.150.96.10 it is resided at Australia.

     

    click on this link if this is the source of the DAVINCI Virus Certifiate

     

    http://whatismyipaddress.com/ip/192.150.96.10

     

    IP Details for 192.150.96.10

    This information should not be used for emergency purposes, trying to find someone's exact physical address, or other purposes that would require 100% accuracy. Please read about geolocation accuracy for more information.

    General IP Information
    IP:    192.150.96.10
    Decimal:    3231080458
    Hostname:    192.150.96.10
    ISP:    
    Organization:    
    Services:    None detected
    Type:    Corporate
    Assignment:    Static IP
    Blacklist:    
    Geolocation Information
    Country:    Australia au flag
    State/Region:    New South Wales
    City:    Milton
    Latitude:    -35.3164  (35° 18′ 59.04″ S)
    Longitude:    150.4361  (150° 26′ 9.96″ E)
    Postal Code:    2538

  • RusliRusli Posts: 988

    It seems to me, someone must have broke in to the Internet cable box and hard wired to their network so that they can monitor your activities via the internet.

     

    I believe someone have already gain access to your computer and monitoring you.

     

    When the ISP come over to your house did you VIDEO taping the incident????

     

    You should have video tape the incident when the ISP people come to your house.

     

    It's like watching "ENEMY OF THE STATE" movie.... you know Will Smith and Gene Hackman.

     

    Did you watch the movie???

     

    http://www.youtube.com/watch?v=R90vWtcHLlE

     

    Here is the phone number to US CERT Homeland Security.

     

    (888) 282-0870

     

    or email [email protected]

     

    or go to their web site and you can sent and file the report to them.

     

    http://www.us-cert.gov

     

    At the bottom of the left hand of your computer screen, did you see "I WANT", click one of the option and file the report to the US Homeland Security.

     

    Here to cut story shot let me send you the link.

     

    https://www.us-cert.gov/forms/report?

     

    For FBI report...

     

    Go here...

     

    http://www.fbi.gov/report-threats-and-crime

     



    Report Threats and Crime

    General Public

    Members of the public can report violations of U.S. federal law or suspected terrorism or criminal activity as follows:

        Contact us online
            Use our Online Tips and Public Leads form
            Report a cyber scam or threat by filing a complaint with our Internet Crime Complaint Center
        Contact us via telephone or mail
            Contact your local FBI office or closest international office
            Call 1-800-CALLFBI (225-5324) for the Major Case Contact Center
            Call (866) 720-5721 to report fraud, waste, and abuse involving disaster relief to the National Center for Disaster Fraud or write to NCDF, Baton Rouge, LA 70821-4909.

    Law Enforcement (Secure Portal Access)
        FBICyshield-Seal-HiRes.png                    

    Vetted members of law enforcement can report cyber or terrorist incidents through eGuardian on the Law Enforcement Enterprise Portal (LEEP). Access is restricted to authorized users.


    FBI Industry Partners (Secure Portal Access)
    iGuardian logo.png            

    Trusted industry partners are able to submit information on cyber, criminal, and terrorist incidents through iGuardian via a secure portal.
        

    tips2.jpg
     
    Contact Us | About Us | Most Wanted | News | Stats & Services | Scams & Safety | Jobs | Fun & Games | Mobile | Español
    Resources for: Law Enforcement | Intel Partners | Researchers/Students | Communities | Parents | Victims | Businesses
    Follow Us On: Facebook | You Tube | Twitter | iTunes | All Sites
    Accessibility | eRulemaking | Freedom of Information Act | Legal Notices | Legal Policies and Disclaimers | Links | Privacy Policy | USA.gov | White House
    FBI.gov is an official site of the U.S. government, U.S. Department of Justice

    https://tips.fbi.gov/

     

    http://www.ic3.gov/complaint/default.aspx

  • RusliRusli Posts: 988

    Can you please check your network settings on your Mac???

     

    Did you use DHCP??? or Static????

     

    Make sure the ip address that you are using on your network must not resided from your previous Employer.....

     

    Okay you go to this site and check your network settings on your Mac.

     

    http://www.macworld.com/article/2027960/configuring-your-macs-network-settings.html

     

    What ip address did you see.

     

    Can you do a traceroute on your terminal screen???

     

    Now disconnect to your internet remove the ethernet cable, Can you reset your password....

     

    Go to this link.

     

    https://discussions.apple.com/docs/DOC-4101

     

    It show the steps.

     

        On Recovery

     

    When you forgot the password and you can't use OS X, you have to use the new Recovery.

     

        To boot in Recovery system, press Command and R keys in boot and hold the keys until you see the Apple icon. If you have a Mac with Internet Recovery, read > http://support.apple.com/kb/HT4718. If your Mac has got a wireless keyboard, hold them when you hear the startup sound
        When it starts, select Utilities > Terminal, and type:

     

        resetpassword

     

     

    Press your user and type your password. Finally, reboot.

     

    This doesn't work for FileVault. If you forget your password with FileVault, you lost your info. Also, you can see if you use Recovery HD or Internet Recovery, or enable it -> http://support.apple.com/kb/HT4904

     

    You can do it with an USB drive > http://support.apple.com/kb/HT4848

     

    Change all your password to your root account, administrator account and user account.

     

    Once you change your root account, disable the root account base on the link that I have given you.

     

    Disable you guest account. (see the previous link that I give you)

     

    Login to your administrator account, go to system preference and disable all the sharing options.

     

    Untick all the sharing.

     

    Save and reboot your mac.

     

    Logon your Mac base on your user standard account. Do not login to administator account.

     

     Now your ethernet cable directly to your Cable Modem (not to your router) and do a scan test on your computer see if there is any open ports.

     

    Go to www.grc.com and click on shield up.

     

    click proceed and select all service ports button.

     

    See if there is any open ports on your computer.

     

     Go to terminal again.

     

    Type ps aux command and press enter.

     

    Cut and paste in this forum.

     

    Now disconnect from your computer.

     

    Go to your router and press the reset button at the back of your router.

     

    Change the user admin account and password of your router and make sure it set to DHCP.

     

    Go to one of your router settings and enable the firewall settings.

     

    Disable your wifi settings on your router.

     

    Hook up the ethernet cable to the back of the router and hook up to your computer.

     

    Go to terminal type netstat -antp and netstat -tulpn  what did you see.

     

    Cut and paste here.

     

    Go to terminal type sudo ifconfig and cut and paste here in the forum.

  • BitsBits Posts: 19
    I already calked all the departments, police , FBI, Secret Service, etc. they don't offer any help;( yes you are correct I am in fact being " set up" to look guilty if something ( I don't know what ) I did not do. It is very illegal what they are doing, but I can't find anyone to help me as far as a government agency and that's who I need to help stop this, trouble is it IS THE government department that's doing this!!

    My IP address that's coming from my HARDWIRE ETHERNET ADDRESS IS 23.243.207.129 .

    It's weird that your seeing it as the other address your getting because that's my wireless address and I'm NOT connected wirelessly at all EVER! ONLY TO THE ETHERNET AT ALL TIMES. but the Ethernet address doesn't lead to my apartment either. So it's all very strange
  • RusliRusli Posts: 988

    Okay the ip address comes from Time Warner.

     

    23.243.207.129

     

    is this confirmed?

     

    P Details for 23.243.207.129

    This information should not be used for emergency purposes, trying to find someone's exact physical address, or other purposes that would require 100% accuracy. Please read about geolocation accuracy for more information.

    General IP Information
    IP:    23.243.207.129
    Decimal:    401854337
    Hostname:    cpe-23-243-207-129.socal.res.rr.com
    ISP:    Time Warner Cable
    Organization:    Time Warner Cable
    Services:    None detected
    Type:    Broadband
    Assignment:    Static IP
    Blacklist:    
    Geolocation Information
    Country:    United States us flag
    State/Region:    California
    City:    Los Angeles
    Latitude:    34.0522  (34° 3′ 7.92″ N)
    Longitude:    -118.2437  (118° 14′ 37.32″ W)
    Area Code:    323

     

    is this your ISP cable ip address or your the previously the company you work with.

     

  • RusliRusli Posts: 988

    No,

     

    what other ip address you get....????

     

    Beside this???

     

    Did you have a firewall log on your router????

  • RusliRusli Posts: 988

    Did you make a Maverick recovery USB thumb drive????

     

    Did you managed to change your root or admin password.

     

    If you have your Maverick Recovery USB thumb drive.

     

    You can format and zero out your hard disk.

     

    It will take more than 1 hour to format your hard disk.

     

    Then hook up your Maverick Recovery USB thumb drive by press shift key and reinstall your OS X Maverick.

     

    And do a software update.

     

    DO NOT COPY BACK ALL YOUR BACK UP FILES IT MIGHT BE INFECTED WITH DAVINCI MALWARE!!!

     

  • RusliRusli Posts: 988

    Did you manage to change your administrator and standard user password on your Mac  OS X ???

     

    If you did not change, then they still on your computer accessing and monitoring you.

     

    Mind if I ask you, why did you buy a Mac, when you do not know how to do this things????

     

  • RusliRusli Posts: 988

    *** Make Sure you read the instructions before proceed ***

    --------------------------------------------------------------------------------

     

    Michelle,

     

    Do me a favour,

     

    You go to Computer Shop or any shop that sell a 8 or 16 GB Thumbdrive.

     

    Get 2 thumbdrive if you want to. (Just in case)

     

    You know what is USB thumb drive right?

     

    http://www.sandisk.com/products/usb/drives/

     

    They have USB 2.0 or 3.0.

     

    Does your Mac have USB 3.0 or 2.0.

     

    If your Macbook Pro have USB 2.0 then buy USB 2.0.

     

    If your Macbook Pro have USB 3.0 then buy the USB 3.0.

     

    Firstly I need to know what Macbook pro version are you using?

     

    The 13 inch version or 15 inch version or the Macbook Pro retina version.

     

    Go to this site....

     

    http://en.wikipedia.org/wiki/MacBook_Pro

     

    How long ago did you buy this Macbook pro and from where????

     

    Base on the wiki page, which version of Macbook pro are you using....

     

     

    Because to do the Internet recovery, only certain models of Macbook Pro can do this.

     

    http://support.apple.com/kb/HT4904

     

    See below:-

     

    Computers that can be upgraded to use OS X Internet Recovery

    Some computers that did not come with OS X Lion or later installed can use the OS X Internet Recovery feature after applying a firmware update.

    Download and install an updated EFI Firmware ROM for these computers to use the OS X Internet Recovery feature:

        MacBook Pro (13-inch, Early 2011)
        MacBook Pro (15-inch, Early 2011)
        MacBook Pro (17-inch, Early 2011)
        iMac (21.5-inch, Mid 2011)
        iMac (27-inch, Mid 2011)
        MacBook (13-inch, Mid 2010)
        MacBook Pro (13-inch, Mid 2010)
        Mac mini (Mid 2010)
        MacBook Pro (15-inch and 17-inch, Mid 2010)
        iMac (21.5-inch and 27-inch, Mid 2010)
        MacBook Air (11-inch and 13-inch, Late 2010)

    Additional Information

    Learn more about available EFI firmware updates or about OS X Internet Recovery.

    Some computers that are upgraded can't use the Internet version of Apple Hardware Test.
    Last Modified: Jul 30, 2012

     

    If you have the exact model from above, (make sure it is the exact model) then you can do the Apple Internet recovery.

     

    (ref:- http://support.apple.com/kb/HT1820)

     

    You need to zero out your harddisk.

     

    Reboot your Mac and press Command R keys and go to the Apple Recovery.

     

    • Click on Disk Utilities, select the hard disk to erase, select the erase tab, Select the volume format from the Volume Format pop-up menu,Click Options,Select the checkbox for "Zero all data",Click OK,Click Erase. .

    You have to wait for about more than 1 hour or so depending your hardware spec to Zero Out your harddisk.

     

    Then proceed to the next step to the Apple Internet Recovery if you happen the have the same exact model of Macbook Pro.

     

    I repeat again, before proceeding make sure you have the same exact year model of your macbook pro.

     

    Then .... click on the link below.

     

    http://support.apple.com/kb/ht4718

     

    OS X: About OS X Recovery

    OS X Lion, Mountain Lion, and Mavericks include OS X Recovery. This feature includes all of the tools you need to reinstall OS X, repair your disk, and even restore from a Time Machine backup without the need for optical discs.
    About Recovery
    Recovery System

    OS X Recovery includes a built in set of utilities as part of the Recovery System. To start your computer from Recovery, restart your Mac and hold down the Command key and the R key (Command-R). Press and hold these keys until the Apple logo appears. This indicates that your Mac is starting up. After the Recovery System finishes starting up, you should see a desktop with an OS X menu bar and a "Mac OS X Utilities" window. Note: If you see a login window or your own desktop and icons, it's possible that you didn't hold Command-R early enough. Restart and try again.

    In order to reinstall OS X, you need to be connected to the Internet over an Ethernet or Wi-Fi network. The Wi-Fi menu is in the upper-right corner of the screen. Click the icon to select from available Wi-Fi networks. Choose your preferred network name and, if needed, enter a username and/or password.
    OS X Internet Recovery

    Mac models introduced after public availability of OS X Lion include the ability to start up directly from an Internet-based version of the OS X Recovery system. OS X automatically uses this feature when the Recovery System on the hard disk isn't available (such as when your hard disk encounters an issue, or when your hard disk has been replaced or erased). OS X Internet Recovery lets you start your Mac directly from Apple's servers. Starting up from this system performs a quick test of your memory and hard drive to check for hardware issues.

    OS X Internet Recovery presents a limited interface at first, with only the ability to select your preferred Wi-Fi network and, if needed, entering a passphrase. Next, OS X Internet Recovery downloads and starts from a Recovery System image. From there, you are offered the same utilities and options as a local Recovery System.

    Some computers that did not ship with OS X Lion or later installed may be able to add the ability to use Internet Recovery by applying a software update.

    Restoring iLife applications after Internet Restore of OS X

    If your computer came with OS X Lion or later and you erase your hard disk and install OS X, you can download iPhoto, iMovie, and GarageBand from the Mac App Store.

        After installation, start (up) from OS X.
        Choose App Store from the Apple menu.
        Enter your Apple ID and password when prompted.
        Click Purchases.
        If you haven't previously accepted your bundled iLife applications within the Mac App Store, you should see your iLife applications appear in the Accept portion of the screen. Click Accept.
        You may be asked for your Apple ID and password once again. Your iLife applications now move to the Purchased section. These applications are part of the software that came with your computer. Your account will not be charged for them. Click Install to complete installation of your applications.

    Requirements for reinstalling OS X using Recovery

    Reinstalling OS X using OS X Recovery requires broadband access to the Internet via Wi-Fi or an Ethernet connection. OS X is downloaded over the Internet from Apple when OS X Recovery is used for reinstallation.

    OS X Recovery requires that DHCP is enabled on your chosen Wi-Fi or ethernet network, If you bought OS X from the Mac App Store, you will be prompted to enter the Apple ID and password you used to purchase OS X.

    The time required to download OS X varies, depending on the speed of your Internet connection and the version of OS X you are installing. If your usual or current Internet connection has requirements or settings not supported by OS X Recovery, either change the settings to a supported configuration for the duration of your OS X reinstall, or seek out acceptable networks from which you are permitted to access the Internet (such as friends, family, Internet "cafe" establishments, or possibly your place of employment with appropriate permission).
    Supported network configurations and protocols
          

    local Recovery System
        

    Internet Recovery

    WEP
        

    Yes
        

    No

    WPA/WPA2
        

    Yes
        

    Yes

    WPA-Enterprise
        

    Yes
        

    No

    PPPoE (where there is no router handling the PPPoE connection)
        

    No
        

    No

    Captive-Networks (where you click an "Agree" button to access the Internet)
        

    Yes
        

    No

    Proxies (where specific proxy servers must be configured in network preferences)
        

    No
        

    No

    Certificate-based authentication / 802.1x
        

    No
        

    No
    Which version of OS X is installed by OS X Recovery?

        If you use the Recovery System stored on your startup disk to reinstall OS X, it installs the most recent version of OS X previously installed on this computer.
        If you use Internet Recovery to reinstall OS X, it installs the version of OS X that originally came with your computer. After installation is finished, use the Mac App Store to install related updates or later versions of OS X that you have previously purchased.

    What to do if the installer warns that no Recovery System can be created

    Some disk partition configurations may result in the OS X installer reporting that it could not create a Recovery System. In these situations, even if you are permitted to continue the install, you may want to quit the installation and create an external, bootable OS X hard drive with a Recovery System, first. You can continue your OS X upgrade on your computer's startup drive after creating an external Recovery System.

        Your storage device must have at least 13 GB available (after formatting) to install OS X Lion or later and a Recovery partition.
        These steps erase and reformat the storage device. This article instructs you on setting up a storage device to use the GUID partition scheme and the Mac OS Extended (Journaled) format, which are required to install OS X and a Recovery partition on your external storage device. You should back up any important files that are on the device to a different drive.
        This procedure installs a version of OS X that is compatible with the Mac it was created with. Using this OS X system with a different Mac model may produce unpredictable results.
        Your computer's serial number is sent to Apple as part of this process to help authenticate your request to download and install OS X Lion.

    Additional Information

    Please note that OS X Recovery must be present on the computer's startup volume in order to use FileVault 2. Using RAID partitions or a non-standard Boot Camp partition on the startup disk may prevent OS X from installing a local Recovery system. See "OS X: Some features of Mac OS X are not supported for the disk (volume name)" for more information.

    OS X Recovery includes a version of Safari with links to resources on www.apple.com. This version of Safari can be used to access help resources at Apple's website and elsewhere on the Internet. The network requirements listed above also apply to the version of Safari included with OS X Recovery. Plugins and Safari Extensions cannot be added to the version of Safari included with OS X Recovery.
    Last Modified: Mar 18, 2014.

     

    If your harddisk is empty without os.

     

    Command R and Apple Internet Recovery will reload your OS.

  • RusliRusli Posts: 988

    ** IF YOU DO NOT HAVE THE EXACT MACBOOK PRO MODEL TO DO APPLE INTERNET RECOVERY **

     

    Make sure you have your USB thumb drive.

     

    Firstly,

     

    Reset your Administrator Password.

     

    Reboot your Mac and Press Command R

     

    http://www.macobserver.com/tmo/article/os-x-mavericks-how-to-easily-reset-ther-administrator-password

     

     

     

    When booting is complete, you'll see a window of "OS X Utilities." You won't do anything there. Instead, you'll go to the Menu bar at the top and select Utilities > Terminal.

     

    In the terminal window type the following and hit the Return key.

    resetpassword

     

    Click on the volume of interest and select the desired user account (your administrator account and User standard account) in the popup. (See the note at the top of this article about the administrator's name). Then enter the new password twice. A password hint is optional. Click "Save."

     

    click on Reset button under  Home Folders Permission and ACLs.

     

    Go back to the Apple Menu at the top. Select OS X Utilities > Quit OS X Utilities. That will prompt you to restart the Mac.

     

    Then ....

     

    Reset your Root account password.

     

    http://support.apple.com/kb/PH14281

     

    Log in with your administrator account and password.

     

    Go to system preferences, click sharing.

     

    Disable all of the options under Sharing.

     

    Untick all.

     

    Then proceed....

     

    http://support.apple.com/kb/PH14281

     

    OS X Mavericks: Enable and disable the root user

    The root user, or superuser, is a special user account in OS X that can modify and delete critical system files. By default, the root user is not enabled.
    Warning: If you log in as the root user, use extreme caution. You can damage the system by moving or deleting important files. Use this account only for specific administration or monitoring tasks. When you finish the tasks that require logging in as the root user, always log out, log in as an administrator, then disable the root user.

        Open Users & Groups preferences, click Login Options, then click the lock icon to unlock it. If necessary, type your password, then click Unlock.
        In the Network Account Server section, click Join or Edit.
        Click Open Directory Utility.
        Click the lock icon to unlock it, then enter your administrator name and password.
        Do one of the following:

            Choose Edit > Enable Root User, then enter a root user password in the Password and Verify fields.

            Choose Edit > Disable Root User.

            Choose Edit > Change Root Password, then enter a new root user password.

            Tips for creating secure passwords

    Last Modified: May 8, 2014

     

    Once you change your root password, make sure you disable the root account.

     

    Then go to the Apple Apps Store and download the new version 10.9.4 of Maverick.

     

    Now download the free copy of maverick 10.9.4.

     

    Make sure your internet connection did not drop.

     

    Otherwise you have to redo again.

     

    It must download exactly about 5GB of Full version of 10.9.4 mavericks.

     

    Next.... once you have complete download of your OS X Maverick 10.9.4.

     

    Go to the next step....

     

    Then go to this step. follow exactly .... 

     

    Now plug in your USB thumb drive.

     

    http://appducate.com/2013/11/mavericks-install-usb-simple-terminal-command/

     

    Make Mavericks Install USB with a Simple Terminal Command
    Written by Damien Zander on November 2, 2013

    In a previous post I went through the lengthy method of creating a bootable USB Flash drive that could be used to install OS X Mavericks as well as a really simple solution that involves using an application called DiskMaker X.

    This post will go through another method that utilizes a single Terminal Command

    #1 – Download OS X Mavericks

    First things first, you need to download OS X Mavericks. This is a FREE download from Apple. Here’s link to it: OS X Mavericks

     
    #2 – Prepare your USB Flash Drive

    Creating a bootable USB drive for Mavericks requires a USB drive with at least 8GB of available space. If you don’t already have one, they are really cheap. If you need a good Flash drive, here is an affiliate link to a 16 GB flash drive: PNY 16GB Attaché 2 USB 2.0 Flash Drive – Black,Blue (P-FD16GATT2-GE) only $11.99.

    Before we can restore Mavericks onto the USB Flash drive, the drive has to be properly formatted.
    install mavericks usb pen drive

    To format the USB drive open Disk Utility (located in Applications/Utilities). Plug the drive in into your Mac.

        Select the USB Flash drive from the sidebar in Disk Utility.
        Select the “Erase” tab.
        Make sure the Format is set to Mac OS Extended (Journaled).
        As for the name, leave it as “Untitled”.
        Finally click the Erase tab.

    One important note about Step 5, this will erase everything that is currently on your USB drive.

     
    #3 – Terminal Command

    Now that the USB drive is properly formatted we can run the Terminal command that will take care of the rest. Terminal can be found in the Applications/Utilities folder.

    Simply copy and paste this into Terminal and press the Enter key on your keyboard:

    sudo /Applications/Install\ OS\ X\ Mavericks.app/Contents/Resources/createinstallmedia --volume /Volumes/Untitled --applicationpath /Applications/Install\ OS\ X\ Mavericks.app --nointeraction

    Since the above command uses the sudo atritubute you will be required to enter your password to start the process.

    Once the process starts you will see this in Terminal:

    Erasing Disk: 0%… 10%… 20%…100%…
    Copying installer files to disk…
    Copy complete.
    Making disk bootable…
    Copying boot files…
    Copy complete.
    Done.

    This process can take a while since it’s coping gigabytes of data over. Leave it alone and let it do its things.

    Congratulations you just created a working Mavericks install USB drive!

     

    Now unmount your USB thumb drive.  Eject your USB Thumb drive. (Do simple unplug it, you need to properly do the unmount or eject the thumbdrive)

     

     

    Reboot your mac and press Command R

     

    Then go to Disk Utilities do a zero out format your Hard disk.

     

    http://support.apple.com/kb/HT1820

     

    Open Disk Utilities

     

    Select the hard drive to erase

     

    Click the Erase tab

     

    Select the volume format from the Volume Format pop-up menu

     

    Click Options

     

    Select the checkbox for "Zero all data"

     

    Click OK

     

    Click Erase

     

    It will take about 1 hour or more depending on your Macbook Pro hardware specs.

     

    After you have zero out your harddisk,

     

    then

     

    plug in the USB Recovery thumb drive.

     

    And reboot your mac and reinstall your Mac OS X.

     

    Now you have a clean system with no viruses,

     

    After you install your OS X, do a software update.

     

    DO NOT COPY BACK YOUR BACK UP FILES to this freshly install OS X.

     

    Install Intego Antivirus or F-Secure antivirus for mac.

     

    There you go.

     

  • RusliRusli Posts: 988

    The next extra steps, go to Sharing System Preferences and untick every thing.

     

    Disable Parental control.

     

    Change your root password base on the previous steps that i told you.

     

    Disable your Guest account.

     

    Do not install Java.

     

    Install Adobe Flash.

     

    And reinstall your iLife apps. (Download your Garage band, iMove, iPhoto from the Apple Apps Store)

     

    http://support.apple.com/kb/PH14325

     

    Take note you can reset your password account base on Apple User ID.

     

    OS X Mavericks: Reset a login password

    Sometimes a user’s login password needs to be reset—for example, when the user has forgotten the login password and can’t use a password hint to remember it.

    When a user’s login password is reset, a new default keychain is created to store the user’s passwords. For more information about keychain passwords, see:

    About your keychain password
    Reset your login password using your Apple ID

    You can use your Apple ID to reset your login password only if “Allow user to reset password using Apple ID” is selected in Users & Groups preferences.

        If FileVault is turned on, open Security & Privacy preferences and turn it off. FileVault must be off to use your Apple ID to reset your login password.
        Log in to your account. In the login window, click the question mark in the password field, then click the arrow in the dialog that appears.
        Enter an Apple ID and password, then click Reset Password.

    Reset your login password when FileVault is turned on

    If FileVault is turned on, use the FileVault recovery key to reset your login password.

    For more information, see:

    If you forget your login password and FileVault is on
    Reset the password of specific users

    An administrator can reset the passwords of other users by using one of these techniques.

        Choose Apple menu > System Preferences, click Users & Groups, click the lock to unlock it, then provide an administrator name and password. Select a user, then click Reset Password.
        If your Mac is a server, use the Server app to reset server users’ passwords.

        For instructions, see Server Help.

    Last Modified: May 8, 2014

     

    Keep your USB Recovery Thumb drive on a safe place. Do not lost it.

     

    Keep the USB Recovery Thumb drive with you at all times.

  • RusliRusli Posts: 988

    Do not reuse or copy over your back up files it may be infected with DAVINCI malware!

  • BitsBits Posts: 19
    Your so sweet for helping me but I don't think maybe you've not read all that I wrote before . I've already reinstalled my Mac OS system. I do know how to do all these things but I've already done them all and it doesn't work . The davinci virus is installed BEFORE the operating system so reinstalling the operating system does no good . They DO HAVE ROOT ACCESS, if I change it, they just change it back somehow . When I enter to see how many users only computer it'd tells me 2 , when I the only user. I m no longer trying to figure out what is going on. I already basically know . I just need a bigger company with bigger technology to help me that has more advanced technology or a govt. agency I can trust to investigate why the police are behind this. The IP address you searched 23.343.207... That info I you found is not my apt or my mod boss it's the police department address!! Your so very kind for all your suggestions but retread my answers , I have no windows computer , only mac. I have nothing to save on my hard drive anymore , the hard drive with all the information was taken out and has a firevault passlock on it that I did not put on it. So I cAn not get it open . My new hard drive is only 2 month old and I have nothing important on it . I think thru are watching to make sure I don't talk , I don't know. I have an idea but I cAmt talk about it here , in public , you understand ?
  • BitsBits Posts: 19
    I tried to call f secure today and will try again tomorrow , I sent email to head if the company . I hope they help me
  • RusliRusli Posts: 988

    Then you buy a new hard disk.

     

    Have it replace.

     

    Or go to Apple Service Center, and replace the hard drive.

     

    The infected drive, you send over to F-Secure in Finland for analysis.

     

    If you don't do that, the person who did this to you will still online and keep attacking your computer.

     

    And you've been monitor. What's the point?

     

    Zero out and Normal format is two different thing.

     

    If you do not want to change your hard disk. You put your life at risk.

     

  • RusliRusli Posts: 988

    Can you check in this Apple Forum site.

     

    They have the method to format erase the filevault hard disk.

     

    They teach you how to format the Filevault encrypted hard disk.

     

    http://www.kremkow.com/blog/format-a-filevault-2-encrypted-disk

     

    https://discussions.apple.com/message/22229440

     

    http://derflounder.wordpress.com/2013/06/29/erasing-a-filevault-2-encrypted-volume/

     

    http://forums.macrumors.com/showthread.php?t=1455714

     

    https://jamfnation.jamfsoftware.com/discussion.html?id=5763

     

    Turn off filevault.

     

    If you want to use the Terminal, then reboot with the Command-R keys held to get to the OS X tools window. In here, choose "Terminal" from the Utilities menu, and then run the following command:

     

    diskutil cs list

     

    With this command entered, you should see a hierarchical tree of the encrypted volume, with the first entry being the core storage volume group. Get the UUID from this group, and use it int he following command:

     

    diskutil cs delete UUID

     

    See this screenshot for what this should look like (UUID is circled in RED, and typed commands are in BLUE):

     

    see illustration in this link.

     

    https://discussions.apple.com/message/22229440

     

    http://derflounder.wordpress.com/2013/06/29/erasing-a-filevault-2-encrypted-volume/

     

    Posted 10/29/12 at 10:18 AM by rtrouton

    You should also be able to remove the encrypted volume using the following command:

    diskutil corestorage delete /Volumes/insert_disk_name

    That should delete the encrypted volume and contents.

     

     

This discussion has been closed.