-3
Guess these somehow are the ports I need to close?
https://justpaste.it/6tmmw or https://justpaste.it/6tmmw/pdf
I´m not user root (obc)
Also seems like they have made som changes, don't know if this one is relevant:
https://justpaste.it/3v674 or https://justpaste.it/3v674/pdf
Regarding the picture mentioned, I´ll try
]1
But as far as I can tell here, the villain, root and or wheel seem to access my apps, don't get it.
https://justpaste.it/3oxpk or pdf: https://justpaste.it/3oxpk/pdf
Didn`t manage to get brackets right to paste code, but here are we now. Keep killing processes, but they keep emerging, figure I´ve got alot of ports open, but losing focus, can't give up but been at it 24/ for several days in a row but never been this close.
https://justpaste.it/4u2xg or in pdf https://justpaste.it/4u2xg/pdf
Obviously I´d like to make it as easy to read as possible, sorry for not handling the pasting right, yet.
Update. Been fighting forwards and backwards. Think I might have managed to block most in and out coming traffic. Think these are the villains left, cannot seem to get rid of them. Sightkill won't work. Also think they somehow made me have less privileges, can't view all files nor remove and further on. See pic: https://i.paste.pics/87CFQ.png >
Installed OS X to get new logs. Got two:
This and those two under are from my phone. Ps aux show PID 176 is weird, cant kill it either.
Updated! A whooole lot. Should be up to Standard now. New info. Sry for earlier mistakes by me and my noob skillz regarding posting. Go easy on me, Im not so old tbh, nor is eng my first lang and its a bit weird writting from the browser in disk utility, formating etc. Also in my attempt(s) to post logs and this question earlier, several of my devices has got taken over. 4 cellphones 2 computers, all on different Wi-Fi or on mobil surf, both android, iphone, pc and now this mac. Finally got through with better info through a friend. Anyway:
I understand the lack of help due to lack of info on my part, my bad.
Now I´ve been able to update and present more info. I hope Im wrong. Sry for any lack of respect of and for rules, just got a little paniced when I´ve finally saved up enough to buy this really expansive (still the cheapest one) mac, and stuff happens. I understand why you couldn´t help or thinking I was imagining, which I hope I am.
As the title said, my mbp -19 is behaving weird. I see processes I have not started. Once found an virtual desktop overlay, been at this for weeks. Have erased my ssd to many times. Still the disc image are full, cant unmount and format them, because of pid 0, often. Tried everything from diskutil erasedisk, unmountDisk disk, etc, force, sudo, think I got something installed as root, seeing a weird username in osx (when I have an os installed, now im just in the disk utility) ; "wheel".
Also seen how Im used as a server, found shared movie folders, music etc. Tried closing all ports and kill all pid.
Seeing anything weird here, or any useful tips? Maybe another log could help figure this out? Or am I just imagining?
Didnt know how to paste code here, so I pasted it here:
log losf -i: https://justpaste.it/7oxrk
log losf -b: https://justpaste.it/6bjon
log ps aux: https://justpaste.it/3sa02
netstat, dont know much but looks suspicious:
netstat again, all these adresses and I am just in disk utility, haven´t installed OSX again, because there are suspiscious activity. Dont know much but a mentioned, I´ve seen folder, user, looking me out from admin, creating there own files and processes, hiding the utility map from me, giving me a desktop of a recording (took me longer to get that then I´d like to admit..)
Babysteps
Posted 2020-02-25T04:33:01.987
Reputation: 11
1How do I ask a good question?, What does it mean if a question is "closed"?, What topics can I ask about here? you also might consider taking the [tour]. – Mokubai – 2020-02-25T06:51:43.027
3What in these images is supposed to demonstrate your problem? How do you know you have been "hacked"? What is happening? Have you tried a clean install? A large number of images with no context is not really useful and describing the history of a problem can help get people invested. Pictures of text logs are less useful than the actual text itself. – Mokubai – 2020-02-25T06:58:16.823
1The problem is that we have no idea what you are seeing apart from some random images of what could be filenames (?) with times, addresses (?), and some unknown error message. On their own these things are useless and we have to guess at their meaning. They presumably make some sense to you as you have knowledge of what happened, what is going on and the events that caused you to take the photos. We have none of that. If you need help then you are going to need to explain your situation, what is happening, what the images are showing, why they are important. You can [edit] your question. – Mokubai – 2020-02-25T15:52:05.737
@Babysteps - You need to have more patience. Please stop submitting a comment every 2 hours, asking us to answer your question, when somebody comes upon your question and knows the answer they will answer it. – Ramhound – 2020-02-29T19:06:07.823