Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Someone hacked my computer and set up a new administrative account by re-registering my computer. I can not access this account nor delete it. How can I fix this and get my computer back to the way it was?

Someone hacked my computer and set up a new administrative account by re-registering my computer. I can not access this account nor delete it. How can I fix this and get my computer back to the way it was? And also prevent this from being able to happen again. I have the link the kid used (http://www.ihackintosh.com/2009/05/how-to-hack-the-user-password-in-mac-os-x-wit hout-an-os-x-cd/) Apparently he used hack 2. HELP PLEASE!

iMac

Posted on Feb 20, 2012 11:32 AM

Reply
Question marked as Best reply

Posted on Feb 20, 2012 11:41 AM

You can use the OS X installation DVD to run the password reset utility and change the password for the new Admin account that was created. This in essence pulls the same "hack" that was used to change the account in the first place (see here for ways of doing this: http://reviews.cnet.com/8301-13727_7-20044353-263.html).


When done, you can prevent booting to Single User mode or to another boot volume by enabling a firmware password on the system (see the "how to enable a firmware password" section in this article: http://support.apple.com/kb/HT1352).

11 replies
Question marked as Best reply

Feb 20, 2012 11:41 AM in response to carenalicia4930

You can use the OS X installation DVD to run the password reset utility and change the password for the new Admin account that was created. This in essence pulls the same "hack" that was used to change the account in the first place (see here for ways of doing this: http://reviews.cnet.com/8301-13727_7-20044353-263.html).


When done, you can prevent booting to Single User mode or to another boot volume by enabling a firmware password on the system (see the "how to enable a firmware password" section in this article: http://support.apple.com/kb/HT1352).

Feb 20, 2012 11:48 AM in response to carenalicia4930

Which "kid" had physical access to your computer, which this requires? You should be able to go back in just the way he did, but using step one, since you should know the name of your user. If that won't work, then step 2. It's not really a "hack;" It's more a well known vulnerability, if you allow physical access to the computer.


The computer wasn't "reregistered."


This is obviously someone you know, so I would confront him or her with it.


EDIT: Yes, of course, use Topher's method with the install DVD.


Don't let the Firmware Password give you a false sense of security. Again, with physical access to the computer, the Firmware Pasword can easily be defeated. It sounds like you really need to take control of the situation, more than anything else. You also need to find out what else might have been changed during the time you lost control.


Message was edited by: WZZZ

Feb 20, 2012 12:14 PM in response to Topher Kessler

Okay thank you! I would like to try to reset the password without the installation dvd but I do not know the username he used. I apologize, I am not very knowledgeable about this sort of stuff so please bear with me. When we first realized what was done, I tried to just delete the account folder in my hardrive. Would it be the name that was on that? It does not have a name shown for the username of the account that I can see..

Feb 20, 2012 1:06 PM in response to carenalicia4930

Follow the directions for Leopard. Print them out first, or copy them by hand if printing is not available. They must be copied and typed in exactly, observing case and any spaces, or the the lack thereof.


http://www.macyourself.com/2009/08/03/how-to-reset-your-mac-os-x-password-withou t-an-installer-disc/


What happened to your install DVD? You should have it. It's an essential.

Feb 20, 2012 2:46 PM in response to WZZZ

All my regular accounts on the computer were listed just not the one that the kid put on that is labeled 'Other'. I followed the last methods on the link you sent me, was able to restart the computer and set up a new administrative account. Even using this new account I was not able to change the password or delete the other account.

In the beginning, before I posted on this. After not being able to delete the account from my preferences I tried to delete the account by trashing the account folder. It has been deleted, but is not showing up in the deleted accounts folder. But the it still shows up on my login and under my account users in my preferences.

Feb 20, 2012 3:35 PM in response to carenalicia4930

Not sure why you can't delete that account. If you have admin privileges, you should be able to. Sounds like you only removed the Home Folder for that account.


You should highlight/select the account you want to remove and then click the minus button. Might need to unlock the padlock with your admin password.


User uploaded file


Have a look at these articles from Apple, if necessary.


http://docs.info.apple.com/article.html?path=Mac/10.5/en/8235.html


http://docs.info.apple.com/article.html?path=Mac/10.5/en/8162.html


http://support.apple.com/kb/DL1399

Someone hacked my computer and set up a new administrative account by re-registering my computer. I can not access this account nor delete it. How can I fix this and get my computer back to the way it was?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.