Just another 'n00b' misreading logs? Any input appreciated...

Discussion in 'Mac OS X Lion (10.7)' started by Rabids Bad, Sep 13, 2013.

  1. Rabids Bad macrumors newbie

    Sep 13, 2013
    Hello all,

    This is my first post here - I'll try and make it as concise as possible, but no doubt tangents will be explored to some degree...

    I've been browsing Teh Interwebz for the last couple of months, pretty quickly I gathered that this was the place to join. Having had no followup from Apple, I hope you don't mind me picking your brains?

    In a nutshell, I'm fairly certain that I've had recurring/intermittent security problems for a while. Some six months ago was when alarm bells went off initially, as a result of (numerous, varied) online services stating that my device/location was unusual and requesting ID verification. Nothing had changed as far as I was concerned.

    After scaring myself looking at my logs with no real understanding of what I was seeing, I performed an OS reinstall (not reformat) and all seemed OK for the time being.

    Fast forward to several weeks ago; My hard drive would seem to never stop moving. Ever. This had been going on for a few days when "sleeping" before I started digging around.

    I'm now using Little Snitch, which in itself has helped me sort out my browsing habits. Having grown up with Macs from a young age, I guess I had developed the typical 'Macs are immune' thought process to an extent.

    Over the past few months I've familiarised myself with the terminal to some degree, though I'm not 'capable' yet. So far I've been able only to print out approx' 1/3 of 'The Linux Command Line'...

    I have checked for the Flashback Trojan.

    I'm running 10.7.5 on a Macbook Pro 13" Late 2011.

    I'm aware of how easy it is to jump to very wrong conclusions, when looking at things such as log files, processes etc... through an untrained eye. I've been there and got the shirt. While I'm no less competent in the grand scheme of things, I now don't react to anything until I've done the research.

    Maybe laughable; but there are people with motive to cause me problems, or simply have access to my online life. I have some ruthless competitors on a little known auction site, for example. Possibly driving any paranoia is the fact that spyware was installed on a mobile phone of mine early in the year. No relation I believe.

    Sorry for the 'waffle' above - I hope some of this might be relevant.

    I've got a whole load of crap I could copy and paste here for you, but I'll save that for a later date, if anyone decides there might be merit in it. The AppleCare chap I was on the phone to was very excited as soon as I mentioned that I saw 'Something about a Wormhole'...

    07/09/2013 13:23:13.302 Finder WormholeServer::copyMyAppleIDSecIdentity returned NULL

    ...Run for the hills?

    I'm sadly going to have to revisit this post tonight and add more. I hope nobody minds if I post it as-is for the time being, with the promise of an update very shortly?

    I decided against saving this as a text file and revising offline prior to posting - mainly because there's a lot of text here already for a first post, but also any response in the meantime might give me some guidance regarding what next to post.

    To anyone who has so far plodded through this post, I thankyou.
  2. benwiggy macrumors 68020

    Jun 15, 2012
    If you are concerned about security, then you need to do the following:

    Change all passwords, particularly your AppleID and your admin user account. Then reinstall.
    Make sure the computer is physically safe from being used by others.
    Turn of the Firewall, and even Silent Mode if you want. Turn off all Sharing.

    Excessive hard drive use is likely to be Spotlight indexing: you can check what processes are working hard at the time with Activity Monitor.

    Little Snitch is a perfect way to make you worry about everything your computer is doing.

    A brief Google suggests that WormholeServer is related to AirDrop.

Share This Page