If no-one has had access to your Mac and you haven't installed any programs from less-than-reliable sites, then it would have been hard to install a keylogger on your Mac.

Just to make sure that we have the correct info, please launch the "Terminal" application (under /Applications/Utilities) and copy & paste the following commands (all together), press Return, then copy & paste the results back here so we can see:

uname -a
sysctl -a 2>/dev/null | egrep 'osrelease =|model ='
echo "done"

OMG lol im so sorry i was reading something else i meant to say tiger 10.4.11 OS X tiger lol very sorry.

Please run the commands I suggested in my previous post and show us the results (via copy & paste)

wtmp begins Thu Apr 1 00:52
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ Welcome to Darwin!
-bash: Welcome: command not found
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ You have mail.
-bash: You: command not found
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ filip-gabrielyans-power-mac-g4:~ filipgabrielyan$
-bash: filip-gabrielyans-power-mac-g4:~: command not found
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$





(Thats what showed up when i did the copy & paste thing)

You seem to have copied what was in the Terminal window back into the Terminal window again.
Don't do that.
Instead, copy the 3 lines of commands that I gave in the above post and then paste them into a Terminal window, then press Return.
Then copy the contents of the Terminal window and paste it into your reply on this forum.

this is what it said when i put in (under/Applications/Utilities) and pressed return.



-bash: under: command not found
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$

You've obviously misread Hayne's post. I'll reiterate for him. Open the terminal program and then copy and paste the following commands, hitting return after each line, then copy and paste the results here. The commands you should be copy and pasting are the ones below which are green.

uname -a
sysctl -a 2>/dev/null | egrep 'osrelease =|model ='
echo "done"

(This is what it says)



Last login: Wed May 21 13:17:20 on ttyp1
Welcome to Darwin!
You have mail.
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ under
-bash: under: command not found
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ Applications
-bash: Applications: command not found
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ Utilities
-bash: Utilities: command not found

It should look like this

Nightdav, if you are serious about receiving some help, I would start reading the instructions in hayne's posts carefully and follow them. I'm finding it hard to believe that you honestly thought that hayne meant for you to type "(under/Applications/Utilities)" into the terminal. Instead, I'm more inclined to believe that you are trying to waste everyone's time. Please prove me wrong and type the proper commands in your terminal (the ones in green).

Twice!

I'm tempted to file this under "troll". Quite apart from what seems to be a wilfull refusal to read instructions, the original symptoms just don't seem that reasonable to me. They just don't seem to be the sort of thing which could possibly have happened under the alleged circumstances.

Just because he/she doesn't understand does not make them a troll. This forum is pretty darn polite and people are pretty cool. Lets keep it that way.

(Is this the correct thing?)


Welcome to Darwin!
You have mail.
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ uname -a
Darwin filip-gabrielyans-power-mac-g4.local 8.11.0 Darwin Kernel Version 8.11.0: Wed Oct 10 18:26:00 PDT 2007; root:xnu-792.24.17~1/RELEASE_PPC Power Macintosh powerpc
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ sysctl -a 2>/dev/null | egrep 'osrelease =|model ='
kern.osrelease = 8.11.0
hw.model = PowerMac3,6
filip-gabrielyans-power-mac-g4:~ filipgabrielyan$ echo "done"

no replies yet what's wrong... did something happen ... :(

The results of those commands (post #33) show that you are (as you said) running OS X 10.4.11

Please give us a recap of your current situation. Is there some problem with your Mac at the moment?

If you think that someone else had control of your Mac (either via physical access or remotely over the network) and that person was malicious, then you should do the following:

a) Make a good backup of all of your files (usually this means your home folder)
b) Do an "erase & install" of OS X from the Install DVD. Note that the "erase" part of this will completely erase all files on the Mac, hence the need for the backup first.
c) After the install is finished, copy your files from the backup disk to your newly created user account.
d) Make sure that you use good (difficult to guess) passwords and don't download any software from less-than-reliable sites. And be sure to keep your system software up to date by using Software Update.

Just to add one thing to Hayne's very good list.

Do NOT use the same or previous passwords if your system has been compromised, make up all new passwords.

Did that already, anyways Thanks a lot everyone :) .

With reference to my earlier post and tlarkin's followup, tlarking is correct, of course. I apologise unreservedly. Long day on my part, although that's not an excuse.

Nightdav: just to add to what hayne and tlarkin have already said, I'd also recommend you make sure your firewall is on and locked down to anything non-essential. And maybe consider investing in a router or other hardware firewall if you don't have one already?

The situation you described earlier certainly sounds like someone had access to your computer somehow and, if nobody has physical access, we've got to assume they got in remotely.

To add another piece of "standard" advice to hayne's list, use a separate user account for daily computing and reserve your admin account only for administrative tasks. This separation of accounts makes it a little bit harder for you to accidentally give someone carte blanche access to your computer.

Root And Administrator Account
 

Would someone explain this a bit more? How is the "Admin" account different than "Root"? The 1st account that I set up on my new Mac is admin, is it also "Root"? How important is it to set accounts this way if no one else has physical access to the machine? Can one just drag the admin account home folder to the public folder to replicate it for a new user account that does not have admin prilivege? This is a home computer with only one user, locked when unattended. Have tried searching for a sticky on the subject with no luck.