I have been struggling with this issue for weeks now. First I thought it was on the Watchguard side, but seems like our side. Here is the setup:
1. EC2 instance running Amazon Linux and OpenSwan.(no iptables)
2. Other side (right side) running WatchGuard.
Tunnel does not get setup. I take the same ipsec.conf file over to a server in RackSpace running CentoS and the tunnel gets established. No idea why. I have attached the conf file and the log file if anybody can help. Thanks a lot.
#nual: ipsec.conf.5
#
# Please place your own config files in /etc/ipsec.d/ ending in .conf
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
klipsdebug=all
plutodebug=all
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
protostack=netkey
nat_traversal=yes
#virtual_private=
oe=off
# Enable this if you see "failed to find any available worker"
#nhelpers=0
#You may put your configuration (.conf) file in the "/etc/ipsec.d/" and uncomment this.
include /etc/ipsec.d/*.conf
/etc/ipsec.d/conn.conf
conn TestConn
authby=secret
auto=start
forceencaps=yes
left=%defaultroute
leftid=209.20.92.47
leftsourceip=209.20.92.47
leftsubnet=10.183.128.9/32
leftnexthop=%defaultroute
right=50.206.18.58
rightsubnet=10.10.2.61/32
esp=3des-sha1
#auth=esp
keyexchange=ike
ike=3des-sha1;modp1024
#salifetime=43200s
pfs=no
#dpdaction=restart
#aggrmode=no
Pluto Log
Jan 19 19:32:24 ip-10-1-201-245 ipsec__plutorun: Starting Pluto subsystem...
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: nss directory plutomain: /etc/ipsec.d
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: NSS Initialized
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: Non-fips mode set in /proc/sys/crypto/fips_enabled
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: Starting Pluto (Openswan Version 2.6.37; Vendor ID OEu\134d\134jy\134\134ap) pid:29440
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: Non-fips mode set in /proc/sys/crypto/fips_enabled
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: LEAK_DETECTIVE support [disabled]
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: OCF support for IKE [disabled]
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: SAref support [disabled]: Protocol not available
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: SAbind support [disabled]: Protocol not available
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: NSS support [enabled]
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: HAVE_STATSD notification support not compiled in
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: Setting NAT-Traversal port-4500 floating to on
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: port floating activation criteria nat_t=1/port_float=1
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: NAT-Traversal support [enabled]
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | inserting event EVENT_REINIT_SECRET, timeout in 3600 seconds
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | event added at head of queue
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | inserting event EVENT_PENDING_DDNS, timeout in 60 seconds
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | event added at head of queue
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | inserting event EVENT_PENDING_PHASE2, timeout in 120 seconds
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | event added after event EVENT_PENDING_DDNS
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: starting up 1 cryptographic helpers
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: started helper (thread) pid=140152581191424 (fd:8)
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: Using Linux 2.6 IPsec interface code on 4.1.13-18.26.amzn1.x86_64 (experimental code)
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | status value returned by setting the priority of this thread (id=0) 22
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | helper 0 waiting on fd: 9
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | process 29440 listening for PF_KEY_V2 on file descriptor 12
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | finish_pfkey_msg: K_SADB_REGISTER message 1 for AH
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | 02 07 00 02 02 00 00 00 01 00 00 00 00 73 00 00
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | pfkey_get: K_SADB_REGISTER message 1
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | AH registered with kernel.
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | finish_pfkey_msg: K_SADB_REGISTER message 2 for ESP
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | 02 07 00 03 02 00 00 00 02 00 00 00 00 73 00 00
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | pfkey_get: K_SADB_REGISTER message 2
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | alg_init():memset(0x558361de3500, 0, 2016) memset(0x558361de3ce0, 0, 2048)
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: sadb_msg_len=22 sadb_supported_len=72
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_add():satype=3, exttype=14, alg_id=251
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[0], exttype=14, satype=3, alg_id=251, alg_ivlen=0, alg_minbits=0, alg_maxbits=0, res=0, ret=1
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_add():satype=3, exttype=14, alg_id=2
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[1], exttype=14, satype=3, alg_id=2, alg_ivlen=0, alg_minbits=128, alg_maxbits=128, res=0, ret=1
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_add():satype=3, exttype=14, alg_id=3
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[2], exttype=14, satype=3, alg_id=3, alg_ivlen=0, alg_minbits=160, alg_maxbits=160, res=0, ret=1
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_add():satype=3, exttype=14, alg_id=5
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[3], exttype=14, satype=3, alg_id=5, alg_ivlen=0, alg_minbits=256, alg_maxbits=256, res=0, ret=1
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_add():satype=3, exttype=14, alg_id=6
Jan 19 19:32:24 ip-10-1-201-245 pluto[29440]: | kernel_alg_register_pfkey(): SADB_SATYPE_ESP: alg[4], exttype=14, satype=3, alg_id=6, alg_ivlen=0, alg_minbits=384, alg_maxbits=384, res=0, ret=1
Edit
I could not figure out what was going on with Amazon Linux/OpenSwan. So I switched to Ubuntu Linux and with the same config file, the tunnel got establisehd in first try!! Both sides see the tunnel established. However we are not able to ping. When I ping, I see that the packets are traversing the tunnel, I see that using tcpdump. Other sides sees my packets reaching. However the reply packets are not getting to my server. I suspect something not right with AWS setup. I do have disabled the Source/Destination check on the instance, I have added a route to the subnet route table to route the packets destined to the tunnel to go to the instance running OpenSwan. Still not able to ping.
Any idea why the ping might not be working? I posted this to AWS forum also, no answers yet. https://forums.aws.amazon.com/thread.jspa?threadID=223853&tstart=0
I opened a ticket with AWS support. They looked at the log files and config and they gave me the answer to why the tunnel is not getting established. It was a stupid mistake from my part. The route attached to the Amazon Linux instance running OpenSwan had no route to internet, so it was not reaching the WG. Once I added that route the tunnel was established. The reason why the Ubuntu worked is because I instantiated that machine in a new Subnet which had the route to internet. So always ping the public ip of the other end first. I am impressed with the AWS support team. They know what they are doing.
Related
I have the vagrant 'virtualbox' virtual machine, however I can no longer access vagrant with another pc to retrieve my information contained in the virtual machine.
'ubuntu/focus'
how can I proceed?
In your project directory (the one where you have the Vagrantfile) vagrant will create . .vagrant folder. The content of this folder has the Virtalbox vm information
for example:
ls -all .vagrant/machines/default/virtualbox/
total 72
drwxr-xr-x 11 fhenri staff 352 Aug 28 22:20 .
drwxr-xr-x 3 fhenri staff 96 Aug 27 22:38 ..
-rw-r--r-- 1 fhenri staff 40 Aug 28 22:20 action_provision
-rw-r--r-- 1 fhenri staff 10 Aug 28 22:18 action_set_name
-rw-r--r-- 1 fhenri staff 148 Sep 6 09:42 box_meta
-rw-r--r-- 1 fhenri staff 3 Aug 28 22:18 creator_uid
-rw-r--r-- 1 fhenri staff 36 Aug 28 22:18 id
-rw-r--r-- 1 fhenri staff 32 Aug 28 22:18 index_uuid
-rw------- 1 fhenri staff 1679 Aug 28 22:18 private_key
-rw-r--r-- 1 fhenri staff 316 Sep 6 10:18 synced_folders
-rw-r--r-- 1 fhenri staff 63 Aug 28 22:18 vagrant_cwd
the name of the vagrant machine is default and provider is virtual box in this case.
If you copy the virtual box VM into another PC, you also need to copy this folder or need to recreate it. It contains the id of virtual box VM which helps vagrant to map and link with the VM.
I'm following the Anchor docs here, but I keep getting this error...
BPF SDK path does not exist: /Users/herbie/.cargo/bin/sdk/bpf: No such file or directory (os error 2)
I ran ls -al /Users/herbie/.cargo/bin and got this output:
total 239152
drwxr-xr-x 17 herbie staff 544 31 Jan 16:55 .
drwxr-xr-x 9 herbie staff 288 13 Dec 11:58 ..
-rwxr-xr-x 1 herbie staff 12574724 31 Jan 16:49 anchor
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 cargo
-rwxr-xr-x 1 herbie staff 7578989 14 Dec 14:05 cargo-build-bpf
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 cargo-clippy
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 cargo-fmt
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 cargo-miri
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 clippy-driver
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 rls
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 rust-gdb
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 rust-lldb
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 rustc
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 rustdoc
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 rustfmt
-rwxr-xr-x 12 herbie staff 8521112 31 Jan 16:55 rustup
Haven't found much online, and have never heard of BPF before...
It's unclear when you're getting the error during the installation, but here's a few things to try:
be sure that you're using an up-to-date version of Rust stable with rustup update stable
check that you're using the Solana CLI version designated in the docs using solana -V
run cargo build-bpf on the hello world Rust application: https://github.com/solana-labs/example-helloworld/tree/master/src/program-rust
For more reference, BPF is the bytecode format used by on-chain programs with Solana. You can find some more info at the links contained within https://docs.solana.com/developing/on-chain-programs/overview#berkeley-packet-filter-bpf
Try removing the solana cache before running your code. It worked for me. Basically, the BPF SDK hasn't been installed accurately.
rm -rf ~/.cache/solana/*
After deleting the solana cache run. It should download the BPF SDK again
solana build
A mac user was having some clock errors, and thought they had seen someone using remote/VNC action on their screen. I went through the system.log and most of this activity is showing at times when the laptop was off and unplugged (no battery) and the user was asleep.
System.log file here- https://ghostbin.com/paste/mcukf
These were the lines that interested me.
Java connection causing clock to be off.
23:54:32 Ushas-Air Java Updater[531]: Original euid:501
Apr 24 23:54:32 Ushas-Air com.apple.xpc.launchd[1] (com.apple.preference.datetime.remoteservice[366]): Service exited due to signal: Killed: 9 sent by com.apple.preference.datetime.re[366]
Apr 24 23:54:32 Ushas-Air Java Updater[531]: Host name is javadl-esd-secure.oracle.com
Apr 24 23:54:32 Ushas-Air Java Updater[531]: Feed URL: https
Apr 24 23:54:32 Ushas-Air Java Updater[531]: Hostname check passed. Valid Oracle hostname
Apr 24 23:54:33 Ushas-Air com.apple.xpc.launchd[1] (com.apple.bsd.dirhelper[523]): Endpoint has been activated through legacy launch(3) APIs. Please switch to XPC or bootstrap_check_in(): com.apple.bsd.dirhelper
Apr 24 23:54:36 Ushas-Air java[541]: objc[541]: Class JavaLaunchHelper is implemented in both /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/bin/java (0x1023604c0) and /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/jli/./libjli.dylib (0x119327480). One of the two will be used. Which one is undefined.
Instances of IMRemoteURLConnection Agent happening
Apr 25 00:14:11 Ushas-MacBook-Air com.apple.xpc.launchd[1] (com.apple.imfoundation.IMRemoteURLConnectionAgent): Unknown key for integer: _DirtyJetsamMemoryLimit
Apr 25 00:01:22 Ushas-MacBook-Air com.apple.xpc.launchd[1] (com.apple.imfoundation.IMRemoteURLConnectionAgent): Unknown key for integer: _DirtyJetsamMemoryLimit
Apr 25 00:05:57 Ushas-MacBook-Air com.apple.xpc.launchd[1] (com.apple.preferences.users.remoteservice[762]): Service exited due to signal: Killed: 9 sent by com.apple.preferences.users.remo[762]
Multiple cache deletes requested after.
Apr 25 00:01:27 Ushas-MacBook-Air logd[57]: _handle_cache_delete_with_urgency(0x7fdf19412a60, 3, 0)
Apr 25 00:01:27 Ushas-MacBook-Air logd[57]: _handle_cache_delete_with_urgency(0x7fdf19412a60, 3, 0)
Apr 25 00:01:31 Ushas-MacBook-Air com.apple.preferences.icloud.remoteservice[700]: BUG in libdispatch client: kevent[EVFILT_MACHPORT] monitored resource vanished before the source cancel handler was invoked
Apr 25 00:01:33 Ushas-MacBook-Air logd[57]: _handle_cache_delete_with_urgency(0x7fdf19658620, 3, 0)
Apr 25 00:01:33 Ushas-MacBook-Air logd[57]: _volume_contains_cached_data(is /private/var/db/diagnostics/ in /) - YES
Apr 25 00:01:34 Ushas-MacBook-Air logd[57]: 239517600 bytes of purgeable space from log files
Apr 25 00:01:34 Ushas-MacBook-Air logd[57]: _purge_uuidtext only runs at urgency 0 (3)
Apr 25 00:01:34 Ushas-MacBook-Air logd[57]: 0 bytes of purgeable space from uuidtext files
And appears to be launching the FamilyCircleFramework
Apr 24 23:56:11 Ushas-Air com.apple.xpc.launchd[1] (com.apple.imfoundation.IMRemoteURLConnectionAgent): Unknown key for integer: _DirtyJetsamMemoryLimit
Apr 24 23:56:16 --- last message repeated 1 time ---
Apr 24 23:56:16 Ushas-Air familycircled[615]: objc[615]: Class FAFamilyCloudKitProperties is implemented in both /System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/FamilyCircle (0x7fffbe466a60) and /System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled (0x10aa01178). One of the two will be used. Which one is undefined.
Apr 24 23:56:16 Ushas-Air familycircled[615]: objc[615]: Class FAFamilyMember is implemented in both /System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/FamilyCircle (0x7fffbe466880) and /System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled (0x10aa01268). One of the two will be used. Which one is undefined.
Apr 24 23:56:16 Ushas-Air familycircled[615]: objc[615]: Class FAFamilyCircle is implemented in both /System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/FamilyCircle (0x7fffbe466a10) and /System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled (0x10aa01358). One of the two will be used. Which one is undefined.
Activity related to Findmyfriends happening. The mac owner doesn't use FindMyFriends, or have a mac phone.
Apr 25 00:30:00 Ushas-MacBook-Air syslogd[40]: Configuration Notice:
ASL Module "com.apple.mobileme.fmf1.internal" sharing output destination "/var/log/FindMyFriendsApp/FindMyFriendsApp.asl" with ASL Module "com.apple.mobileme.fmf1".
Output parameters from ASL Module "com.apple.mobileme.fmf1" override any specified in ASL Module "com.apple.mobileme.fmf1.internal".
Apr 25 00:30:00 Ushas-MacBook-Air syslogd[40]: Configuration Notice:
ASL Module "com.apple.mobileme.fmf1.internal" sharing output destination "/var/log/FindMyFriendsApp" with ASL Module "com.apple.mobileme.fmf1".
Output parameters from ASL Module "com.apple.mobileme.fmf1" override any specified in ASL Module "com.apple.mobileme.fmf1.internal".
Apr 25 00:30:00 Ushas-MacBook-Air syslogd[40]: Configuration Notice:
The keybaglogd being shared with com.apple.mkb
Apr 25 00:30:00 Ushas-MacBook-Air syslogd[40]: Configuration Notice:
ASL Module "com.apple.mkb.internal" sharing output destination "/private/var/log/keybagd.log" with ASL Module "com.apple.mkb".
I'm running Windows 10, and note that my programData folder contains dozens of files with hexadecimal file and folder names. Anyone know what they, and if they are safe to delete? See for example, the folders surrounded with curly brackets, and filenames starting: ea4ae7af-xxxx-x
Directory of C:\ProgramData
13 Aug 2016 12:01 <DIR> {039b9585-712c-1}
24 Oct 2016 23:42 <DIR> {052F5A09-B284-EDA2-BFE1-B9E000248071}
20 Aug 2016 14:14 <DIR> {09017ad4-512c-0}
06 Aug 2016 19:54 <DIR> {0989b384-112c-0}
25 Nov 2016 21:49 <DIR> {0ca76cfe-312c-1}
06 Aug 2016 14:15 <DIR> {11af99ff-212c-1}
27 Nov 2016 20:39 <DIR> {15D107F3-A27A-B058-1651-2436E7122443}
25 Nov 2016 21:49 <DIR> {16cb7ce6-412c-0}
12 Oct 2016 18:14 <DIR> {184B900B-AFE0-27A0-D1E9-E58DE58F188A}
13 Aug 2016 12:01 <DIR> {1b25513b-712c-0}
30 Sep 2016 19:35 <DIR> {1bf7731f-112c-0}
25 Nov 2016 21:49 <DIR> {23780c81-212c-1}
20 Aug 2016 14:14 <DIR> {26799d2c-512c-0}
30 Sep 2016 23:26 <DIR> {359a98f9-312c-0}
25 Nov 2016 21:49 <DIR> {36ef270a-712c-1}
25 Nov 2016 21:49 <DIR> {4f852513-712c-0}
25 Nov 2016 21:49 <DIR> {54f05bc9-412c-0}
23 Oct 2016 23:37 <DIR> {55901e0d-112c-0}
23 Oct 2016 23:37 <DIR> {7cc1682f-112c-0}
29 Jul 2016 07:40 <DIR> 176ae28e-1295-1
29 Jul 2016 07:40 <DIR> 176ae28e-3635-0
30 Nov 2016 18:42 <DIR> 3b085a5f
21 Jan 2016 13:23 <DIR> Adobe
30 Nov 2016 13:54 47,070 agent.1480514086.bdinstall.bin
21 Jan 2016 14:30 <DIR> ASUS
30 Nov 2016 14:00 <DIR> BDLogging
30 Nov 2016 14:07 <DIR> Bitdefender
30 Nov 2016 13:54 <DIR> Bitdefender Agent
30 Nov 2016 14:00 377,662 cl.1480514321.bdinstall.bin
16 Jul 2016 11:47 <DIR> Comms
30 Nov 2016 18:40 <DIR> Comodo
05 Aug 2016 16:43 <DIR> Corel
21 Jan 2016 18:11 <DIR> CorelDRAW Graphics Suite X5
03 Jul 2016 22:49 <DIR> CorelDRAW Graphics Suite X8.1
14 Aug 2016 22:46 <DIR> ea4ae7af-00d1-0
29 Jun 2016 22:46 <DIR> ea4ae7af-0113-0
13 Aug 2016 22:46 <DIR> ea4ae7af-0517-0
08 Aug 2016 10:46 <DIR> ea4ae7af-0613-0
23 Oct 2016 23:42 <DIR> ea4ae7af-07a5-1
23 Jul 2016 12:11 <DIR> ea4ae7af-0847-1
22 Aug 2016 10:46 <DIR> ea4ae7af-09c3-1
03 Oct 2016 16:46 <DIR> ea4ae7af-0a01-1
23 Jul 2016 23:59 <DIR> ea4ae7af-0c61-0
09 Aug 2016 22:46 <DIR> ea4ae7af-0df3-1
23 Aug 2016 22:46 <DIR> ea4ae7af-1361-0
06 Aug 2016 18:15 <DIR> ea4ae7af-1433-1
27 Jun 2016 11:06 <DIR> ea4ae7af-1587-0
24 Jul 2016 22:46 <DIR> ea4ae7af-18b5-1
23 Jul 2016 22:46 <DIR> ea4ae7af-19c5-1
28 Jun 2016 16:46 <DIR> ea4ae7af-1a67-1
09 Aug 2016 22:46 <DIR> ea4ae7af-1b57-0
26 Oct 2016 07:53 <DIR> ea4ae7af-1cd7-0
23 Aug 2016 16:46 <DIR> ea4ae7af-1d23-1
22 Aug 2016 22:46 <DIR> ea4ae7af-1ec7-1
03 Oct 2016 10:46 <DIR> ea4ae7af-21d1-0
22 Aug 2016 10:46 <DIR> ea4ae7af-22c7-0
22 Aug 2016 16:46 <DIR> ea4ae7af-22f1-1
24 Aug 2016 22:46 <DIR> ea4ae7af-23c1-1
21 Aug 2016 04:46 <DIR> ea4ae7af-2431-0
08 Aug 2016 22:46 <DIR> ea4ae7af-24e3-0
29 Jun 2016 16:46 <DIR> ea4ae7af-25d1-0
06 Aug 2016 22:46 <DIR> ea4ae7af-25e5-0
30 Sep 2016 23:25 <DIR> ea4ae7af-2653-1
21 Aug 2016 16:46 <DIR> ea4ae7af-2657-0
25 Oct 2016 08:42 <DIR> ea4ae7af-26e5-0
04 Oct 2016 07:00 <DIR> ea4ae7af-2783-1
06 Aug 2016 18:15 <DIR> ea4ae7af-2815-0
23 Jul 2016 12:11 <DIR> ea4ae7af-2821-0
24 Jul 2016 16:46 <DIR> ea4ae7af-2935-1
09 Aug 2016 10:46 <DIR> ea4ae7af-2a33-0
24 Aug 2016 04:46 <DIR> ea4ae7af-2c23-0
09 Aug 2016 16:46 <DIR> ea4ae7af-2c27-0
22 Aug 2016 04:46 <DIR> ea4ae7af-2c67-1
24 Jul 2016 16:46 <DIR> ea4ae7af-2cf3-0
23 Oct 2016 23:37 <DIR> ea4ae7af-2ee1-0
27 Jun 2016 16:46 <DIR> ea4ae7af-3023-1
21 Aug 2016 22:46 <DIR> ea4ae7af-3085-1
13 Aug 2016 16:46 <DIR> ea4ae7af-3175-0
23 Aug 2016 10:46 <DIR> ea4ae7af-3353-0
22 Aug 2016 04:46 <DIR> ea4ae7af-3365-0
13 Aug 2016 12:01 <DIR> ea4ae7af-33b1-1
24 Jul 2016 22:46 <DIR> ea4ae7af-3483-0
20 Aug 2016 16:46 <DIR> ea4ae7af-3531-1
21 Aug 2016 10:46 <DIR> ea4ae7af-3677-0
23 Oct 2016 23:37 <DIR> ea4ae7af-3785-1
24 Aug 2016 10:46 <DIR> ea4ae7af-3895-0
21 Aug 2016 04:46 <DIR> ea4ae7af-39a1-1
07 Aug 2016 23:32 <DIR> ea4ae7af-3b67-1
22 Aug 2016 16:46 <DIR> ea4ae7af-3de5-0
07 Aug 2016 22:46 <DIR> ea4ae7af-40e3-1
03 Oct 2016 10:46 <DIR> ea4ae7af-4123-1
07 Aug 2016 16:46 <DIR> ea4ae7af-4131-1
04 Oct 2016 07:00 <DIR> ea4ae7af-4263-0
25 Oct 2016 23:42 <DIR> ea4ae7af-42c3-0
26 Oct 2016 07:53 <DIR> ea4ae7af-42d1-1
24 Aug 2016 04:46 <DIR> ea4ae7af-4473-1
23 Oct 2016 23:42 <DIR> ea4ae7af-46e5-0
24 Aug 2016 16:46 <DIR> ea4ae7af-4757-0
25 Oct 2016 08:42 <DIR> ea4ae7af-47e1-1
29 Jun 2016 10:46 <DIR> ea4ae7af-4b83-1
23 Aug 2016 04:46 <DIR> ea4ae7af-4bc5-0
23 Oct 2016 23:37 <DIR> ea4ae7af-4e53-0
14 Aug 2016 22:46 <DIR> ea4ae7af-4f17-1
08 Aug 2016 22:46 <DIR> ea4ae7af-4f31-1
24 Oct 2016 23:42 <DIR> ea4ae7af-4f87-0
21 Aug 2016 10:46 <DIR> ea4ae7af-5075-1
24 Oct 2016 08:06 <DIR> ea4ae7af-5153-1
06 Aug 2016 22:46 <DIR> ea4ae7af-5167-1
04 Oct 2016 16:46 <DIR> ea4ae7af-51c7-1
07 Aug 2016 22:46 <DIR> ea4ae7af-52a3-0
24 Aug 2016 22:46 <DIR> ea4ae7af-5681-0
08 Aug 2016 10:46 <DIR> ea4ae7af-56b3-1
09 Aug 2016 16:46 <DIR> ea4ae7af-5727-1
28 Jun 2016 16:46 <DIR> ea4ae7af-58c1-0
27 Jun 2016 11:06 <DIR> ea4ae7af-5ab7-0
28 Jun 2016 22:46 <DIR> ea4ae7af-5ac7-0
24 Oct 2016 08:06 <DIR> ea4ae7af-5ae3-0
27 Jun 2016 22:46 <DIR> ea4ae7af-5e15-1
23 Aug 2016 22:46 <DIR> ea4ae7af-6121-1
30 Sep 2016 19:34 <DIR> ea4ae7af-6131-0
14 Aug 2016 16:46 <DIR> ea4ae7af-6261-0
27 Jun 2016 22:46 <DIR> ea4ae7af-6401-0
03 Oct 2016 22:46 <DIR> ea4ae7af-6437-0
28 Jun 2016 10:46 <DIR> ea4ae7af-6507-1
22 Aug 2016 22:46 <DIR> ea4ae7af-6521-0
23 Aug 2016 16:46 <DIR> ea4ae7af-6675-0
13 Aug 2016 16:46 <DIR> ea4ae7af-6697-1
27 Jun 2016 16:46 <DIR> ea4ae7af-66b1-0
09 Aug 2016 10:46 <DIR> ea4ae7af-67c5-1
28 Jun 2016 22:46 <DIR> ea4ae7af-6821-1
21 Aug 2016 22:46 <DIR> ea4ae7af-6855-0
14 Aug 2016 16:46 <DIR> ea4ae7af-6867-1
24 Oct 2016 23:42 <DIR> ea4ae7af-68f1-1
28 Jun 2016 10:46 <DIR> ea4ae7af-69a5-0
24 Aug 2016 10:46 <DIR> ea4ae7af-6ae5-1
24 Jul 2016 10:46 <DIR> ea4ae7af-6b47-1
03 Oct 2016 22:46 <DIR> ea4ae7af-6be5-1
03 Oct 2016 16:46 <DIR> ea4ae7af-6c83-0
20 Aug 2016 15:42 <DIR> ea4ae7af-6dd5-0
24 Jul 2016 10:46 <DIR> ea4ae7af-6e21-0
13 Aug 2016 22:46 <DIR> ea4ae7af-6e67-1
21 Aug 2016 16:46 <DIR> ea4ae7af-6e85-1
29 Jun 2016 22:46 <DIR> ea4ae7af-6f37-1
23 Aug 2016 10:46 <DIR> ea4ae7af-6fd7-1
25 Oct 2016 23:42 <DIR> ea4ae7af-70f7-1
04 Oct 2016 16:46 <DIR> ea4ae7af-7227-0
23 Aug 2016 04:46 <DIR> ea4ae7af-72e5-1
29 Jun 2016 16:46 <DIR> ea4ae7af-73c3-1
25 Nov 2016 21:49 <DIR> ea4ae7af-76a5-0
29 Jun 2016 13:39 <DIR> ea4ae7af-7743-0
13 Aug 2016 12:01 <DIR> ea4ae7af-7855-0
20 Aug 2016 22:46 <DIR> ea4ae7af-7897-0
07 Aug 2016 16:46 <DIR> ea4ae7af-78f5-0
08 Aug 2016 23:46 <DIR> ea4ae7af-7a27-1
08 Aug 2016 16:46 <DIR> ea4ae7af-7a75-0
07 Aug 2016 10:46 <DIR> ea4ae7af-7d55-0
24 Aug 2016 16:46 <DIR> ea4ae7af-7d71-1
20 Aug 2016 16:46 <DIR> ea4ae7af-7e41-0
20 Aug 2016 22:46 <DIR> ea4ae7af-7fc1-1
13 Apr 2016 16:13 <DIR> Emailchemy
01 Dec 2016 21:36 0 files.txt
30 Nov 2016 18:42 <DIR> FLEXnet
24 Jan 2016 18:32 <DIR> Garmin
30 Nov 2016 18:42 <DIR> Google
17 May 2016 17:37 <DIR> Hewlett-Packard
16 May 2016 22:03 <DIR> HP
16 May 2016 22:03 <DIR> HP Photo Creations
16 May 2016 22:03 <DIR> HP Product Assistant
16 May 2016 22:08 6,293 hpzinstall.log
13 May 2016 21:26 <DIR> InstallShield
19 Jan 2016 11:12 <DIR> Intel
16 May 2016 16:57 <DIR> Macrovision
21 Jan 2016 19:04 <DIR> Microsoft Help
24 Sep 2016 17:04 <DIR> Microsoft OneDrive
20 Jan 2016 18:24 <DIR> Nalpeiron
27 Jan 2016 11:37 <DIR> Nero
16 May 2016 16:57 <DIR> Nuance
01 Dec 2016 16:39 <DIR> NVIDIA
30 Nov 2016 18:41 <DIR> NVIDIA Corporation
20 Jan 2016 18:24 <DIR> onOne Software
23 Oct 2016 21:03 <DIR> Oracle
05 Nov 2016 01:11 <DIR> Package Cache
21 Jan 2016 17:48 <DIR> Protexis
11 Aug 2016 21:19 <DIR> Protexis64
17 Nov 2016 23:54 <DIR> regid.1991-06.com.microsoft
20 Jan 2016 20:45 <DIR> RootsMagic
20 Jan 2016 20:45 <DIR> RootsMagic Shared
26 Jan 2016 17:07 <DIR> Samsung
16 May 2016 16:57 <DIR> ScanSoft
12 Oct 2016 19:50 <DIR> Shared Space
16 Nov 2016 00:30 <DIR> Skype
16 Jul 2016 11:47 <DIR> SoftwareDistribution
27 Jan 2016 21:33 <DIR> Sony
30 Nov 2016 13:57 <DIR> Spybot - Search & Destroy
01 Dec 2016 16:39 <DIR> TEMP
16 Mar 2016 18:58 <DIR> UniqueId
24 Sep 2016 17:03 <DIR> USOPrivate
24 Sep 2016 17:03 <DIR> USOShared
01 Dec 2016 16:39 <DIR> VMware
16 Mar 2016 19:30 <DIR> VsTelemetry
01 Feb 2016 12:59 <DIR> WEBREG
20 Jan 2016 20:49 <DIR> Wrensoft
16 May 2016 16:57 <DIR> zeon
4 File(s) 431,025 bytes
199 Dir(s) 105,623,052,288 bytes free
I can confirm that DNSUnlocker was the culprit, but I have no idea what program installed it. Although Hitman Pro was not as effective as I hoped, the following two programs were excellent, identifying and quarantining much malware:
[Malwarebytes AdwCleaner][1] (free)
Malwarebytes (free version) It's shame the premium version is so expensive.
I do exactly as #Alex K say in How to install MIT Scheme on Mac?
But I get this:
scheme: can't find a readable default for option --band.
searched for file all.com in these directories:
/usr/local/lib/mit-scheme-i386
Anyone can solve this problem?
when i solve this problem,another happen:
$ cd /usr/local/lib/mit-scheme-x86-64/
-rw-r--r--# 1 zhangxiaolin admin 13M 5 17 2014 all.com
-rw-r--r--# 1 zhangxiaolin admin 420K 12 23 2009 appIcon.icns
drwxr-xr-x# 12 zhangxiaolin admin 408B 5 17 2014 compiler
drwxr-xr-x# 21 zhangxiaolin admin 714B 5 17 2014 cref
drwxr-xr-x# 191 zhangxiaolin admin 6.3K 5 17 2014 edwin
drwxr-xr-x# 16 zhangxiaolin admin 544B 5 17 2014 ffi
drwxr-xr-x# 30 zhangxiaolin admin 1.0K 5 17 2014 imail
drwxr-xr-x# 5 zhangxiaolin admin 170B 5 17 2014 lib
-rwxr-xr-x# 1 zhangxiaolin admin 530K 5 17 2014 mit-scheme
-rw-r--r--# 1 zhangxiaolin admin 3.7K 5 17 2014 mit-scheme.h
-rw-r--r--# 1 zhangxiaolin admin 3.9K 5 17 2014 optiondb.scm
drwxr-xr-x# 206 zhangxiaolin admin 6.8K 5 17 2014 runtime
drwxr-xr-x# 43 zhangxiaolin admin 1.4K 5 17 2014 sf
-rw-r--r--# 1 zhangxiaolin admin 936B 5 17 2014 shim-config.scm
drwxr-xr-x# 18 zhangxiaolin admin 612B 5 17 2014 sos
drwxr-xr-x# 14 zhangxiaolin admin 476B 5 17 2014 ssp
drwxr-xr-x# 12 zhangxiaolin admin 408B 5 17 2014 star-parser
drwxr-xr-x# 28 zhangxiaolin admin 952B 5 17 2014 xml
$./mit-scheme
unable to mmap executable heap -- native code will probably failRequested allocation is too large.
Try again with a smaller argument to '--heap'.
$ scheme is alias of $ ./mit-scheme how could they do different thing?