Currently Being ModeratedMay 11, 2012 12:34 PM (in response to Enio Cordoba)
Those messages regarding the ARDAgent are all normal and not an indication that your system has been compromised. The same probably applies to any Java permission messages you may see in Disk Utility. See:
If, however, you allowed someone to download anything on your computer that allowed that person any sort of control over your system, you may well still be compromised. Since we have no way of knowing what he might have downloaded - if you didn't give him your administrator ID and password he probably couldn't have installed anything really nefarious, but we can't be absolutely sure - I'd recommend backing up all your important documents and content, erasing the hard drive, and reinstalling Mac OS X and your apps from scratch. That's the only way you can be really certain your system isn't compromised.
I'd also suggest you immediately change passwords to any of your online accounts - bank, iTunes Store, etc. - as a precaution.
Currently Being ModeratedMay 28, 2012 5:33 PM (in response to R C-R)
According to Leo LaPorte it's an ongoing problem in India but their actions in this case, rebooting my system against my specified wishes, asking for passwords, and the system trying to contact them upon reboot is evidence of malicious intent.
Currently Being ModeratedJun 17, 2013 9:56 PM (in response to Enio Cordoba)
Exactly the same thing happened to me. I thought I was ringing the apple help line, as iyogi comes top when I google searched apple, and they use the word apple n their advert. I was on the phone 3/4 hour. They directly accessed my laptop, though it was a problem with the ipad. I thought it was ok, because I thought it was apple. Then they mentioned money in an indirect way at the end and I figured out what was going on. I'm a pensioner and dont have much understanding about all this and am now really worried. I gave them my phone number and email address as well, but no passwords.
Currently Being ModeratedOct 29, 2013 8:25 AM (in response to Enio Cordoba)
Sounds terrifyingly similar to my morning. i Googled HP support for a phone nuber, called the first one that came up. I allowed them access. Then they wanted to charge me a ridiculous amount to clarify a scanning issue. I hung up and shut down my Mac and when it started up again I had no access to any applications, AT ALL!!!. tried to reboot again and now it wont even turn on. Iyogi IS without a doubt a scam in my opinion. They wanted to know how many other computers were on my network etc. Something needs to be done about these companies. Why is google allowing them to run the ads that they do? There are enough legitimate paying companies that need to advertise they certainly dont need to accept cash from companies that are set up to scam peolpe. Wasted half my day on this. Now i have to go and cgange some passwords. ANd no idea what wrong with my $4000 Imac
Currently Being ModeratedDec 7, 2013 5:56 PM (in response to Enio Cordoba)
I just encountered iYogi, and while he had access to my screen, he copied my Ethernet ID. As far as I could see he didn't have any other access, other than that I had to enter my password, which showed on the screen as encrypted -- could he have captured my keyboard strokes? I have cleared the caches in both Safari & Chrome; do I need to do anything else (short of the drastic steps outlined above); are they likely to have some sort of access to my computer now?
Currently Being ModeratedMar 6, 2014 4:18 PM (in response to Enio Cordoba)
My recent experience involved stumbling across iyogi when i was in a panick after my computer played up. Thought iyogi was with Apple as that's how it presented in their ad. I allowed them into my computer. All seemed fine at first. They downloaded Mackeeper which showed the bad shape my computer was in. Then came the fee options (1, 2 or 3 yr) ranging from $330 up to nearly $600. I agreed to take the one year and when it was time to pay, they provided a screen for putting in your details. I said to the guy I did not feel comfortable about providing my details on that form and asked if they had P-Pal. He questioned why I would want to use P-Pal and I told him it is the safest way to do transactions as that's what the ads say on TV. He argued that P-Pal is not safe. I still would not agree to putting me details on the form so he put me through to someone on the phone instead and I gave them my Amex card details. Then they said it wouldn't process as the lines went down and asked if I had another credit card. I got a really bad feeling and told them I did not feel comfortable about giving any further credit card information. They convinced me it was safe and said it would be totally secure if I entered using the keypad of my phone instead of just giving them the number. They said the payment went through and the guy said he was just going to do some tests on my computer. I noticed that they put my on hold and did not talk to me while testing which I thought was strange as whenever Apple has helped me remotely they are always communicating with you while their doing things, telling you what they are doing step by step. He was in there for a long time. A screen came up that seemed to have historical data on it. He then finally came back to me and said he was just going to put me through to another guy who was going to fix the problem. By this stage I had been on the phone for nearly one hour. He put me through to the other guy and the first thing this guy said to me was "what's your mother's maiden name?" Right then I knew this was definately dodgy. I asked him what he needed the name for and he said it was for security purposes,. I argued how it could be when i've never given them my mother's name for any reason since being on the phone. When he said that, I told him I no longer wished to go ahead with the service and that I wanted my card refunded. He tried placating me, saying it's ok, there's nothing to worry about and telling me to calm down. The more he talked the more panicked I became. I demanded he reverse the transaction on my credit card. I demanded he get out of my computer and I told him I sensed the company is dodgy and that I was concerned that they have stolen my personal information. He kept pressing me to continue, until I screamed at him that I will be calling my bank straight away to cancel all of my credit cards and to change all of my banking details AND that I was going to contact the Australian Federal Police to report their company. He finally put me through to someone he said would reverse the transaction. It was a woman and she too asked me for my mother's maiden name "for security purposes." I just screamed at this woman. Told her my mother's maiden name is not relevant to anything and that I wanted my credit card refunded. Unbelievable she kept going on and on and on trying to press me to continue with the service and transaction. It was not until she heard me talking to someone on my other phone (talking to my bank) and she asked who I was talking to, I told her it is my bank and now the bank person on the phone will be witness to the fact that you are refusing to reverse the transaction on a service I decided I didn't want. With the bank hearing everything I told this woman I would be cancelling all banking details and changing everything and reporting their company to the police....... It was ONLY then that she agreed to reverse the transaction.
My computer is 5.5 years old. I have decided to purchase a new one because I simply could never feel safe using that computer again.
Currently Being ModeratedMar 7, 2014 1:47 PM (in response to Betteb)
I can't wade through the whole of that story, but a few points...
1) There's no need to purchase a new computer over this.
2) You got scammed by a fake tech support company. It sounds like they may have refunded you, but I would still report the incident to your credit card company. I would probably ask for a new card to be issued and the old one cancelled.
3) Since you gave these people remote access to your computer, you should erase it and reinstall everything from scratch. There's no telling what they may have done. See:
More Like This
- Retrieving data ...
- This solved my question - 10 points
- This helped me - 5 points