05-20-2012 01:06 AM
05-20-2012 01:23 AM
05-25-2012 09:12 AM
Here's a two-part question for you:
1) Do you ever use your laptops from unsecured public wifi?
2) What Wifi router are you using at home?
From what you're describing, it seems most likely that the vector of attack was via one of these avenues.
Unless you're the victim of a targeted attack (do you work for some government or aerospace company?), your EFI partition is likely still fine, and your restore partition likely was too.
Since you've been doing all this on your personal laptop, what's the state of your wife's Mac? It is very possible that this was the point of entry. Are her passwords and usage as secure as yours? Does she use unsecured Wifi?
As for "worst that could happen" -- the worst that could happen is that you have a fully non-functioning Mac. However, that's highly unlikely; you're more likely to end up with a nimble system without a few years of crud built up on it. Of course, any registrations/credentials/etc. will have to be re-built.
If you haven't wiped her Mac yet, it may be useful to open up console.app and have a poke around. You'll also want to check the settings on your Wifi router.
05-25-2012 09:15 AM
Oh, I also forgot to ask: Did you have SAV installed on your machines? Did you have Little Snitch installed?