Extreme Issues - Whats going on and what action is needed, HELP!!!
Problem # 1 Can Someone tell me whats going on here. I dont believe I even burned this disk and is a valid test to find out anything http://icarusx.com/icarusx/index.php?BD_NO=763
(Also see below for a REAL Bizarre problem #2 and #3
Ps I have all sharing firewall and protection at max, turned off wifi...
Finder: Burn started, Thu Jan 16 14:24:42 2014
Finder: Burning to DVD-R (MBI 01RG40) media with DAO strategy in TSSTcorp CDDVDW SH-222AL SB00 with generic profile via USB.
Finder: Requested burn speed was 47x, actual burn speed is 16x.
Finder: Warning - generated file 'Info.plist' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'INFO.PLIST' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'Info.plist' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'PkgInfo' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'PKGINFO' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'PkgInfo' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'applet' has unusual st_mode value (0100715 octal) in HFS+
Finder: Warning - generated file 'APPLET' has unusual st_mode value (0100715 octal) in ISO-9660
Finder: Warning - generated file 'applet' has unusual st_mode value (0100715 octal) in Joliet
Finder: Warning - generated file 'applet.icns' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'APPLET.ICNS' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'applet.icns' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'applet.rsrc' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'APPLET.RSRC' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'applet.rsrc' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'domain.txt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'DOMAIN.TXT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'domain.txt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'host.txt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'HOST.TXT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'host.txt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'maildir.txt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'MAILDIR.TXT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'maildir.txt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'smtpport.txt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'SMTPPORT.TXT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'smtpport.txt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'user.txt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'USER.TXT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'user.txt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'useroot.txt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'USEROOT.TXT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'useroot.txt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'usessl.txt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'USESSL.TXT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'usessl.txt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'TXT.rtf' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'TXT.RTF' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'TXT.rtf' has unusual st_mode value (0100604 octal) in Joliet
Finder: Warning - generated file 'main.scpt' has unusual st_mode value (0100604 octal) in HFS+
Finder: Warning - generated file 'MAIN.SCPT' has unusual st_mode value (0100604 octal) in ISO-9660
Finder: Warning - generated file 'main.scpt' has unusual st_mode value (0100604 octal) in Joliet
Finder: Burn underrun protection is supported, and enabled.
Finder: Burn finished, Thu Jan 16 14:29:51 2014
Finder: Verify started, Thu Jan 16 14:29:51 2014
Finder: Verify finished, Thu Jan 16 14:34:21 2014
Problem #2
Every time I turn my mac mini on the console spits the out every 8 or 9 seconds
Jan 8 16:01:42 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to TCP 98.15.243.208:22 from 218.26.89.179:56526
Jan 8 16:05:07 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:63396 from 209.18.47.62:53
Jan 8 16:10:07 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:54118 from 209.18.47.62:53
Jan 8 16:19:12 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to TCP 98.15.243.208:22 from 218.7.37.194:4648
Jan 8 16:20:06 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:53678 from 209.18.47.62:53
Jan 8 16:22:18 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:5060 from 188.138.41.34:5301
Jan 8 16:25:06 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:59877 from 209.18.47.62:53
Jan 8 16:30:06 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:49844 from 209.18.47.62:53
Jan 8 16:30:10 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to TCP 98.15.243.208:0 from 113.108.21.16:12213
Jan 8 16:35:07 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:53819 from 209.18.47.62:53
Jan 8 16:38:39 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:19 from 89.248.172.102:59742
Jan 8 16:40:06 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:64533 from 209.18.47.62:53
Jan 8 16:42:28 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to TCP 98.15.243.208:2083 from 124.205.118.44:38207
Jan 8 16:45:07 cpe-98-15-243-208 Firewall[80]: Stealth Mode connection attempt to UDP 98.15.243.208:49475 from 209.18.47.62:53
Jan 8 16:53:12 cpe-98-15-243-208 Firewall[80]: Deny netbiosd data in from 98.15.243.208:137 to port 137 proto=17
Jan 8 16:58:34 Jeffs-Mac-mini Firewall[80]: parentalcontrols is listening from 0.0.0.0:49152 proto=6
Jan 8 16:58:34 Jeffs-Mac-mini Firewall[80]: parentalcontrols is listening from 0.0.0.0:49152 proto=6
Jan 8 16:58:52: --- last message repeated 8 times ---
Jan 8 16:58:52 cpe-98-15-243-208 Firewall[80]: Deny netbiosd data in from 98.15.243.208:137 to
Jan 8 16:58:52 cpe-98-15-243-208 Firewall[80]: Deny netbiosd data in from 98.15.243.208:137 to
then after making some changes: it look for a server called smb:..... see below
2/3/14 12:18:12.908 PM com.apple.launchd: (com.apple.nis.ypbind) Throttling respawn: Will start in 10 seconds 2/3/14 12:18:12.914 PM Firewall: ypbind is listening from 0.0.0.0:746 proto=6
2/3/14 12:18:22.916 PM ypbind: Can't find host: smb:7d2458000000
2/3/14 12:18:22.916 PM ypbind: Can't contact any servers listed in /var/yp/binding/209.18.47.62.ypservers. Aborting 2/3/14 12:18:22.916 PM com.apple.launchd: (com.apple.nis.ypbind[5711]) Exited with code: 1
2/3/14 12:18:22.916 PM com.apple.launchd: (com.apple.nis.ypbind) Throttling respawn: Will start in 10 seconds
2/3/14 12:18:22.916 PM Firewall: ypbind is listening from 0.0.0.0:745 proto=6
2/3/14 12:18:25.425 PM Firewall: Stealth Mode connection attempt to TCP 204.210.149.117:22 from 95.79.102.196:26236 2/3/14 12:18:32.923 PM ypbind: Can't find host: smb:7d2458000000
2/3/14 12:18:32.923 PM ypbind: Can't contact any servers listed in /var/yp/binding/209.18.47.62.ypservers. Aborting
2/3/14 12:18:32.924 PM com.apple.launchd: (com.apple.nis.ypbind[5732]) Exited with code: 1
2/3/14 12:18:32.924 PM com.apple.launchd: (com.apple.nis.ypbind) Throttling respawn: Will start in 10 seconds
2/3/14 12:18:32.924 PM Firewall: ypbind is listening from 0.0.0.0:744 proto=6
2/3/14 12:18:42.932 PM ypbind: Can't find host: smb:7d2458000000
2/3/14 12:18:42.932 PM ypbind: Can't contact any servers listed in /var/yp/binding/209.18.47.62.ypservers. Aborting
2/3/14 12:18:42.932 PM com.apple.launchd: (com.apple.nis.ypbind[5753]) Exited with code: 1
2/3/14 12:18:42.932 PM com.apple.launchd: (com.apple.nis.ypbind) Throttling respawn: Will start in 10 seconds
2/3/14 12:18:42.932 PM Firewall: ypbind is listening from 0.0.0.0:743 proto=6
2/3/14 12:18:46.806 PM Firewall: Stealth Mode connection attempt to TCP 204.210.149.117:36029 from 46.105.111.169:80 2/3/14 12:18:52.939 PM ypbind: Can't find host: smb:7d2458000000
Problem #3
After lots of whis and other network tool I emailed the suspected address and got this, then learned that this was ALWAYS copying the person on my email: Rhett... even though the mail was returned it still when to the person
From: Mail Delivery System <Mailer-Daemon@cdptpa-oedge01>
Subject: Mail Delivery Failure
Date: October 30, 2013 9:49:57 PM EDT
This message was created automatically by the mail system (ecelerity).
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:
rweires@rhettdweirespc.com (after MAIL FROM): 530 authentication required for relay (#5.7.1)
Arrival-Date: Thu, 31 Oct 2013 01:49:57 +0000
Reporting-MTA: dns; cdptpa-oedge01
Last-Attempt-Date: Thu, 31 Oct 2013 01:49:57 +0000
Remote-MTA: dns; mail.rhettdweirespc.com
Diagnostic-Code: smtp; 530 authentication required for relay (#5.7.1)
Action: failed
Status: 5.0.0
Final-Recipient: rfc822; rweires@rhettdweirespc.com
------ This is a copy of the headers of the original message. ------
Return-Path: <jeffruhren@hvc.rr.com>
Received: from [98.15.249.176] ([98.15.249.176:49571] helo=[192.168.0.10])
by cdptpa-oedge01 (envelope-from <jeffruhren@hvc.rr.com>)
(ecelerity 3.5.0.35861 r(Momo-dev:tip)) with ESMTP
id E6/21-02506-447B1725; Thu, 31 Oct 2013 01:49:57 +0000
From: Jeff Ruhren <jeffruhren@hvc.rr.com>
Content-Type: multipart/mixed; boundary="Apple-Mail=_BA0ADC74-1F1B-40A1-A102-4C157A5D18EE"
Subject: PLease Advise
Date: Wed, 30 Oct 2013 21:49:56 -0400
Message-Id: <1506BE03-BD9D-4D01-B026-CD9BBCC8B84F@hvc.rr.com>
To: rweires@rhettdweirespc.com
Mime-Version: 1.0 (Apple Message framework v1283)
X-Mailer: Apple Mail (2.1283)
X-RR-Connecting-IP: 107.14.168.118:25
X-Cloudmark-Score: 0
I dont know what to do and need help real bad because it appears this person has access to very sensitive and confidential documents , after making some more changes more users that I never created stared to become visible and there appear to be some kind of invisible shell.
Mac mini, OS X Mountain Lion (10.8.5), Need help!!!!!!