Hello: On Friday, I noticed that there were hidden folders in my trash can for my MacBook Air running 10.11 Public Beta 2. The folders were called "recovered folder #," and they were literally hidden, as in present but unable to be seen. I found them accidentally by clicking randomly in the trash can folder. I went and found that sharing/remote management/etc had been turned on, my account was restricted to below my home folder. The individual was logged in as root. The MacBook was set up to think its HDD was on a network, and I found someone connected to my MacBook via blue tooth. When I tried to restore the MacBook, by logging out and doing command-R, it ran through the process so quick it couldn't have really done anything. It didn't I logged back into my account as normal, nothing had changed. I tried restarting again in order to secureerase the harddrive, but that process was cancelled by the intruder. I spent about 4 hours in single user mode trying to defend off my hard drive before the intruder turned my Bluetooth off, as in disconfigured it. I don't recall the command he used but I remember the word "man" in it. My computer, since it thought the HDD was on a network connected by Bluetooth, then couldn't find its drive. I went into recovery to disk utility and found that he had restored every one of my time machine save points. I tried putting a firmware password on, and when I restarted again, he had changed it again. He was kicking me out of my own computer. I was able to do one thing to protect my information: format the entire HDD, including boot sequences. Now I have a computer that goes to a blinking folder when I try to let it boot. If I choose command-R or option-command-R, it takes me to a firmware password thjat I don't know. I have a boot USB I made on my windows pc, but I cant boot from it because I don't know the firmware password he put on it to prevent it from entering recovery made.