rstemp
Level 1
(0 points)
Q: Is my iMac Hacked? System Logs
I have atttached sections of my system log files below. Specifically, I found the wireless country code being reset. The system is creating 'shield windows' and generating screenshots. Finally there are some entries relating to 'frequent transitions' on the ethernet interface. I am running the most recent version of Mountain Lion on a new iMac. Is there any valid reason while these processes should be taking place?
Much thanks in advance...
8/22/13 9:17:33.000 AM kernel[0] en0: 802.11d country code set to 'X0'.
8/22/13 9:17:34.000 AM kernel[0] en0: 802.11d country code set to 'US'.
8/22/13 4:21:30.000 PM kernel[0] en0: 802.11d country code set to 'X0'.
8/23/13 12:48:31.707 PM WindowServer[90] Created shield window 0x25b for display 0x003f003d
8/23/13 12:48:31.707 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fcac2890ea0(2004), shield 0x7fcac2930a60(2001), lock state 3
8/23/13 12:48:31.708 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: err 0x0
8/23/13 12:48:31.708 PM WindowServer[90] Created shield window 0x25c for display 0x003f003e
8/23/13 12:48:31.708 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fcac2890ea0(2002), shield 0x7fcac2930a60(2001), lock state 3
8/23/13 12:48:31.708 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: err 0x0
8/23/13 12:48:31.708 PM WindowServer[90] Created shield window 0x25d for display 0x003f003f
8/23/13 12:48:31.709 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fcac2890ea0(2002), shield 0x7fcac2930a60(2001), lock state 3
8/23/13 12:48:31.709 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: err 0x0
8/23/13 12:48:31.716 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fcac2890ea0(2002), shield 0x7fcac2930a60(2001), lock state 3
8/23/13 12:48:31.716 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: err 0x0
8/23/13 1:37:07.033 PM WindowServer[90] Created shield window 0x2ba for display 0x04280380
8/23/13 1:37:07.033 PM WindowServer[90] device_generate_desktop_screenshot: authw 0x7fcac282f430(2000), shield 0x7fcac1454b30(2001)
8/23/13 1:37:07.127 PM WindowServer[90] device_generate_lock_screen_screenshot: authw 0x7fcac282f430(2000), shield 0x7fcac1454b30(2001)
8/23/13 2:26:34.708 PM WindowServer[90] Created shield window 0x2bb for display 0x003f003d
8/23/13 2:26:34.708 PM WindowServer[90] handle_will_sleep_auth_and_shield_windows: releasing authw 0x7fcac282f430(2004), shield 0x7fcac1454b30(2001), lock state 3
8/23/13 1:35:28.037 AM configd[17] network changed: v4(en0-:172.16.42.4) DNS- Proxy- SMB
8/23/13 1:35:28.043 AM mDNSResponder[57] DeregisterInterface: Frequent transitions for interface en0 (172.16.42.4)
8/23/13 1:35:29.770 AM com.apple.launchd[1] (com.symantec.errorreporting.periodic) Throttling respawn: Will start in 2000 seconds
8/23/13 1:35:29.000 AM kernel[0] MacAuthEvent en0 Auth result for: 12:9a:dd:84:09:79 MAC AUTH succeeded
8/23/13 1:35:29.000 AM kernel[0] wlEvent: en0 en0 Link UP virtIf = 0
8/23/13 1:35:29.000 AM kernel[0] AirPort: Link Up on en0
8/23/13 1:35:29.000 AM kernel[0] en0: BSSID changed to 12:9a:dd:84:09:79
8/23/13 1:35:29.000 AM kernel[0] en0::IO80211Interface::postMessage bssid changed
8/23/13 1:35:29.000 AM kernel[0] AirPort: RSN handshake complete on en0
8/23/13 1:35:29.797 AM configd[17] network changed: v4(en0+:172.16.42.4) DNS+ Proxy+ SMB
8/23/13 1:35:29.801 AM mDNSResponder[57] mDNS_RegisterInterface: Frequent transitions for interface en0 (FE80:0000:0000:0000:2ACF:E9FF:FE16:569B)
8/23/13 1:35:29.801 AM mDNSResponder[57] mDNS_RegisterInterface: Frequent transitions for interface en0 (172.16.42.4)
8/23/13 1:35:29.807 AM UserEventAgent[11] Captive: en0: Not probing 'GAP5Hh12%s' (protected network)
8/23/13 1:35:29.809 AM configd[17] network changed: v4(en0!:172.16.42.4) DNS Proxy SMB
iMac, OS X Mountain Lion (10.8.4)
Posted on Aug 26, 2013 10:07 AM
