Account violato from update-macros.com

[tarry]

Da alcuni giorni mi compare il messaggio di cui all'oggetto ed altri simili, tipo "Sistema Mac OS infetto"," Avviso virus critico"," Il sistema è in pericolo" ed altri, tutti seguiti: "from update-macs.com".
Nel frattempo i collegamenti ai vari siti si sono rallentati di molto, rendendo il Mac molto lento.
A questo punto mi rivolgo a Voi visto che in altra occasione mi avete risolto un problemino.
Premetto che non sono uno smanettone ed il terminale non lo so quasi usare.
Il mio Mac:
Processore 3,7 GHz Intel Core i% 6core
Scheda grafica Radeon Pro 580X 8GB
Memoria 24 GB 2667 MHz DDR4
Mac OS Sonoma 14.3.1
Ringrazio in anticipo e porgo i doverosi saluti
Tarry

[quadret]

i messaggi ti escono sul browser?
crome oppure safari?
Hai usato detectx
cosa esce?

[Alberto.G]

ciao tarry, confermo i consigli già espressi da quadret.
Consiglio inoltre, in attesa di capire che tipo di malware si è intrufolato, di non scaricare più nulla da internet.
Ottima cosa l’utilizzo di DetectX Swift che consiglio anch’io di provare ad eseguire subito.
Per facilitare gli utenti nel postare correttamente il report PROFILE che esce, ho preparato un Tutorial che puoi leggerlo da qui

viewtopic.php?f=33&t=52394

[tarry]

I messaggi mi appaiono come notifiche, con una frequenza di circa 10 minuti.
Uso Safari.
Ho fatto una scansione con Detectx Swift, mi è uscita un sacco di roba che naturalmente non ho capito,

Codice: Seleziona tutto

A questo punto non mi appare "Modifica" nella barra dei menu

Dove sbaglio?

[Alberto.G]

I messaggi mi appaiono come notifiche, con una frequenza di circa 10 minuti.
Uso Safari.
Ho fatto una scansione con Detectx Swift, mi è uscita un sacco di roba che naturalmente non ho capito,

Codice: Seleziona tutto

A questo punto non mi appare "Modifica" nella barra dei menu

Dove sbaglio?

E' quello che supponevo!
La prima cosa da fare è inviarci quella lista... con un sacco roba.
E' importante sapere cosa comprende quella lista sia per altri che per me: tengo infatti una raccolta di tutti i file potenzialmente pericolosi per il Mac.
L'ideale dovresti fare uno screenshot della pagina che ti esce, ma se scrivi... un sacco di roba, dovresti fare più screenshot.
Poi daremo anche un controllo del report Profile, però ora è importante quell'elenco di file o elementi...

[tarry]

Ho fatto un copia incolla del Profile fino a "Running Processes"
Spero vada bene.



Timestamp (31): Wed Mar 06 22:42:27 2024
DetectX Swift v1.0983

macOS: Version 14.3.1 (Build 23D60)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Wed Mar 6 08:28:20 2024
Uptime: 14:14, 1 user

Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.

Internet: Reachable


Hardware Overview:

Model Name: iMac
Model Identifier: iMac19,1
Processor Name: 6-Core Intel Core i5
Processor Speed: 3,7 GHz
Number of Processors: 1
Total Number of Cores: 6
L2 Cache (per Core): 256 KB
L3 Cache: 9 MB
Memory: 24 GB
System Firmware Version: 2020.80.5.0.0
OS Loader Version: 580~1337
SMC Version (system): 2.46f12
Provisioning UDID: 853FA7A2-8575-531A-A84A-A055AB5EB2C6



Sharing Preferences:

File Sharing: On
Screen Sharing: On
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off


3rd Party Kexts (loaded):



$PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
/usr/local/bin
/System/Cryptexes/App/usr/bin
/usr/bin
/bin
/usr/sbin
/sbin

/etc/paths.d/:
/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin
/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin
/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin

~/.bash_profile:

~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


User Launchd processes:

PID Status Label
5406 0 application.com.sqwarq.DetectX-Swift.115307690.115307702
- 1 com.maintain.PurgeInactiveMemory
- 0 com.avg.hub
661 0 com.piriform.CCleaner
- 0 com.openssh.ssh-agent
- 0 com.piriform.ccleaner.update
1669 0 application.org.libreoffice.script.108287122.108292212


System Launchd processes:

0 - com.vix.cron
0 0 org.cups.cupsd
0 - NetworkExtension.com.avg.Antivirus.SystemExtension.10.2.256.10.2.256
321 - com.cloudflare.1dot1dot1dot1.macos.warp.daemon



User Login Items:

/Applications/Fantastical.app
/Applications/Fantastical.app/Contents/Library/LoginItems/85C27NK92C.com.flexibits.fantastical2.mac.helper.app
/Applications/Cloudflare WARP.app
/Applications/Cloudflare WARP.app/Contents/Library/LoginItems/LoginLauncherApp.app



/Library/LaunchDaemons:

com.piriform.ccleaner.services.xpc.plist
-> Program: /Applications/CCleaner.app/Contents/PlugIns/Services.framework/XPCServices/com.piriform.ccleaner.services.xpc

com.avg.hub.xpc.plist
-> Program: /Library/Application Support/AVGHUB/com.avg.hub.app/Contents/Helpers/com.avg.hub.xpc

com.microsoft.OneDriveStandaloneUpdaterDaemon.plist
-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon

com.piriform.ccleaner.engine.xpc.plist
-> Program: /Applications/CCleaner.app/Contents/Frameworks/CleaningEngine.framework/XPCServices/com.piriform.ccleaner.engine.xpc

com.microsoft.OneDriveUpdaterDaemon.plist
-> Program: /Applications/OneDrive.app/Contents/OneDriveUpdaterDaemon.xpc/Contents/MacOS/OneDriveUpdaterDaemon

com.cloudflare.1dot1dot1dot1.macos.warp.daemon.plist
--> Program Arguments: /Applications/Cloudflare WARP.app/Contents/Resources/CloudflareWARP

com.google.GoogleUpdater.wake.system.plist
--> Program Arguments: /Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/MacOS/GoogleUpdater
--> Program Arguments: --wake-all
--> Program Arguments: --enable-logging
--> Program Arguments: --vmodule=*/components/update_client/*=2,*/chrome/updater/*=2
--> Program Arguments: --system

com.piriform.ccleaner.CCleanerAgent.plist
-> Program: /Library/PrivilegedHelperTools/com.piriform.ccleaner.CCleanerAgent
--> Program Arguments: /Library/PrivilegedHelperTools/com.piriform.ccleaner.CCleanerAgent

com.avg.hub.schedule.plist
--> Program Arguments: /Library/Application Support/AVGHUB/com.avg.hub.app/Contents/scripts/schedule.sh
--> Program Arguments: --ttl
--> Program Arguments: 14400

com.google.keystone.daemon.plist

com.drbuho.BuhoCleaner.PrivilegedHelperTool.plist
-> Program: /Library/PrivilegedHelperTools/com.drbuho.BuhoCleaner.PrivilegedHelperTool
--> Program Arguments: /Library/PrivilegedHelperTools/com.drbuho.BuhoCleaner.PrivilegedHelperTool

com.piriform.ccleaner.services.submit.plist
-> Program: /Applications/CCleaner.app/Contents/PlugIns/Services.framework/Versions/Current/com.piriform.ccleaner.services.crashReporter

com.apple.installer.osmessagetracing.plist
--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer

com.avg.update.plist

com.adobe.acc.installer.v2.plist
-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2

com.maintain.CocktailScheduler.plist
--> Program Arguments: /usr/bin/osascript
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: set schedulerOwner to do shell script "defaults read /Library/'Application Support'/Cocktail/Scheduler.plist SchedulerOwner"
--> Program Arguments: -e
--> Program Arguments: do shell script "users"
--> Program Arguments: -e
--> Program Arguments: if the result contains schedulerOwner then
--> Program Arguments: -e
--> Program Arguments: do shell script "/bin/sh /Library/'Application Support'/Cocktail/Scheduler.sh"
--> Program Arguments: -e
--> Program Arguments: end if
--> Program Arguments: -e
--> Program Arguments: end try

com.piriform.ccleaner.update.xpc.plist
--> Program Arguments: /Applications/CCleaner.app/Contents/Frameworks/com.piriform.ccleaner.update.bundle/Contents/XPCServices/com.piriform.ccleaner.update.xpc/Contents/MacOS/com.piriform.ccleaner.update.xpc

net.protected.macos.AVHelper.plist
-> Program: /Library/PrivilegedHelperTools/net.protected.macos.AVHelper
--> Program Arguments: /Library/PrivilegedHelperTools/net.protected.macos.AVHelper

com.microsoft.office.licensingV2.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper

com.piriform.ccleaner.uninstall.plist
-> Program: /Applications/CCleaner.app/Contents/Uninstaller.app/Contents/XPCServices/com.piriform.ccleaner.uninstall.helper

com.avg.init.plist

com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper




/Library/LaunchAgents:

com.avg.userinit.plist

com.piriform.ccleaner.plist
--> Program Arguments: /Applications/CCleaner.app/Contents/MacOS/CCleaner
--> Program Arguments: -standaloneInstanceAllowed
--> Program Arguments: YES

com.google.keystone.xpcservice.plist

com.maintain.Restart.plist
--> Program Arguments: /usr/bin/osascript
--> Program Arguments: -e
--> Program Arguments: delay 3
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: do shell script "killall Cocktail"
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: ignoring application responses
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: tell application "System Events" to restart
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: end ignoring

com.google.keystone.agent.plist

com.maintain.LogOut.plist
--> Program Arguments: /usr/bin/osascript
--> Program Arguments: -e
--> Program Arguments: delay 3
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: do shell script "killall Cocktail"
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: ignoring application responses
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: tell application "System Events" to log out
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: end ignoring

com.microsoft.SyncReporter.plist
-> Program: /Applications/OneDrive.app/Contents/SyncReporter.app/Contents/MacOS/SyncReporter

com.maintain.PurgeInactiveMemory.plist
--> Program Arguments: /usr/sbin/purge

com.maintain.Sleep.plist
--> Program Arguments: /usr/bin/osascript
--> Program Arguments: -e
--> Program Arguments: delay 3
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: do shell script "killall Cocktail"
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: ignoring application responses
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: tell application "System Events" to sleep
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: end ignoring

com.microsoft.OneDriveStandaloneUpdater.plist
-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater

com.avg.hub.plist
-> Program: /Library/Application Support/AVGHUB/com.avg.hub.app/Contents/MacOS/com.avg.hub

com.brother.LOGINserver.plist
--> Program Arguments: /Library/Printers/Brother/Utilities/Server/LOGINserver.app/Contents/MacOS/LOGINserver

com.piriform.ccleaner.update.plist
--> Program Arguments: /Applications/CCleaner.app/Contents/Frameworks/com.piriform.ccleaner.update.bundle/Contents/MacOS/com.piriform.ccleaner.update

com.maintain.ShutDown.plist
--> Program Arguments: /usr/bin/osascript
--> Program Arguments: -e
--> Program Arguments: delay 3
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: do shell script "killall Cocktail"
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: ignoring application responses
--> Program Arguments: -e
--> Program Arguments: try
--> Program Arguments: -e
--> Program Arguments: tell application "System Events" to shut down
--> Program Arguments: -e
--> Program Arguments: end try
--> Program Arguments: -e
--> Program Arguments: end ignoring

com.brother.HttpToUsbBridge.plist
--> Program Arguments: /Library/Printers/Brother/Utilities/Server/HttpToUsbBridge.app/Contents/MacOS/HttpToUsbBridge

com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: --launchByAgent




~/Library/LaunchAgents:

com.google.keystone.xpcservice.plist

com.google.keystone.agent.plist

com.adobe.GC.Invoker-1.0.plist
-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
--> Program Arguments: -mode=scheduled

com.google.GoogleUpdater.wake.plist
--> Program Arguments: /Users/tarcisiovincenzi/Library/Application Support/Google/GoogleUpdater/Current/GoogleUpdater.app/Contents/MacOS/GoogleUpdater
--> Program Arguments: --wake-all
--> Program Arguments: --enable-logging
--> Program Arguments: --vmodule=*/components/update_client/*=2,*/chrome/updater/*=2

com.canva.availablility-check-agent.plist
--> Program Arguments: /Applications/Canva.app/Contents/MacOS/Canva
--> Program Arguments: --start-availability-check-agent


User Crontab:

No cron jobs



/etc:

rc.common
bashrc_Apple_Terminal
zshrc_Apple_Terminal
bashrc
zshrc
rc.netboot
aliases
uucp / .. children: 3
zprofile

/ $Root:

.file
.VolumeIcon.icns
opt / .. children: 0

~/ $Home:

.config / .. children: 2
Music / .. children: 5
.kodi / .. children: 1
.CFUserTextEncoding
bin / .. children: 2
Scrivania.sqlite
OneDrive
Creative Cloud Files / .. children: 2
Pictures / .. children: 13
Desktop / .. children: 4
Library / .. children: 113
.oracle_jre_usage / .. children: 2
Calibre Library / .. children: 1
.cups / .. children: 1
.bash_sessions / .. children: 10
Public / .. children: 3
.yandex / .. children: 2
Piatto induzione / .. children: 6
.cisco / .. children: 1
Movies / .. children: 5
Applications / .. children: 4
.Trash / .. children: 24
Documents / .. children: 125
Scaffale / .. children: 7
.dvdcss / .. children: 3
Downloads / .. children: 6
.cache / .. children: 0
.bash_history



~/Library:

Receipts / .. children: 2
Daemon Containers / .. children: 6
com.apple.appleaccountd / .. children: 3
CloudStorage / .. children: 2
studentd / .. children: 3
PDF Services / .. children: 0
Staging / .. children: 0
HomeKit / .. children: 37
DES / .. children: 3
com.apple.aiml.instrumentation / .. children: 3
Translation / .. children: 2
Trial / .. children: 4
UIKitSystem / .. children: 1
Google / .. children: 2
Contacts / .. children: 1
Safari Shared Data / .. children: 0
Family / .. children: 1
ResponseKit / .. children: 1
AppleMediaServices / .. children: 3
com.apple.icloud.searchpartyd / .. children: 8
DataAccess / .. children: 1
SafariSandboxBroker / .. children: 0
Personas / .. children: 3
DuetExpertCenter / .. children: 9
HTTPStorages / .. children: 97
DataDeliveryServices / .. children: 1
com.apple.AppleMediaServices / .. children: 1
FrontBoard / .. children: 3
News / .. children: 1
Biome / .. children: 7
IntelligencePlatform / .. children: 32
Shortcuts / .. children: 6
UnifiedAssetFramework / .. children: 5
Finance / .. children: 9
Weather / .. children: 21
com.apple.bluetoothuser / .. children: 1
ContainerManager / .. children: 7
ScreenRecordings / .. children: 0
Intents / .. children: 1
PersonalizationPortrait / .. children: 9
Photos / .. children: 1
Accessibility / .. children: 6
VoiceTrigger / .. children: 1
Reminders / .. children: 1
com.apple.bluetooth.services.cloud / .. children: 3
com.apple.iTunesCloud / .. children: 4
StatusKit / .. children: 1
DoNotDisturb / .. children: 1
LockdownMode / .. children: 1



~/Library/Application Support:

Apple / .. children: 1
Firefox / .. children: 5
cura / .. children: 7
com.apple.sbd / .. children: 1
com.apple.replayd / .. children: 0
SyncServices / .. children: 1
com.apple.kvs / .. children: 1
Mozilla / .. children: 2
com.piriform.ccleaner / .. children: 18
calibre / .. children: 1
networkserviceproxy / .. children: 3
com.apple.transparencyd / .. children: 6
com.apple.touristd / .. children: 10
DiskImages / .. children: 1
Steam / .. children: 0
EasyFind / .. children: 0
CoreParsec / .. children: 0
com.apple.ap.promotedcontentd / .. children: 5
CCleaner / .. children: 0
com.apple.exchangesync / .. children: 0
OneDriveStandaloneUpdater / .. children: 1
Animoji / .. children: 2
com.apple.akd / .. children: 3
zoom.us / .. children: 2
com.Brother.application / .. children: 1
MobileSync / .. children: 1
com.drbuho.BuhoCleaner / .. children: 1
com.microsoft.SharePoint-mac / .. children: 1
OneDrive / .. children: 4
Google / .. children: 4
com.apple.MediaPlayer / .. children: 1
com.ep.mac.burraco / .. children: 185
Canva / .. children: 25
McNeel / .. children: 1
PrusaSlicer / .. children: 12
com.apple.mobileAssetDesktop / .. children: 23
dmd / .. children: 0
ucr_tracker_ipsec-ikev2-ios_cache_events.db
homeenergyd / .. children: 1
SketchUp 2023 / .. children: 15
Kodi / .. children: 6
sigil-ebook / .. children: 1
com.drbuho.BuhoCleaner.StatusBarMenu / .. children: 1
CleanMyMac X HealthMonitor / .. children: 0
SketchUp 2022 / .. children: 15
Adapter / .. children: 1
com.microsoft.OneDriveStandaloneUpdater / .. children: 1
com.apple.NewDeviceOutreach / .. children: 1
CEF / .. children: 1
JetBrains / .. children: 0
AVGHUB / .. children: 1
com.apple.AssistiveControl / .. children: 1
com.microsoft.OneDrive / .. children: 2
CleanMyMac X Menu / .. children: 0
calibre-ebook.com / .. children: 1
TrustedPeersHelper / .. children: 0
Adobe / .. children: 18
com.cloudflare.1dot1dot1dot1.macos / .. children: 1
com.apple.desktop.photos / .. children: 1
org.videolan.vlc / .. children: 1
com.apple.desktop.iCloud / .. children: 5
.ACCC_Lock
com.operasoftware.Opera / .. children: 63
com.sqwarq.DetectX-Swift / .. children: 4
com.brother.utility.USBAppControlServer / .. children: 0
System Preferences / .. children: 0
Aperture / .. children: 0
Sky Go / .. children: 136
AVGAntivirus / .. children: 2
com.apple.ContextStoreAgent / .. children: 1
Yandex / .. children: 2
FileProvider / .. children: 12
FaceTime / .. children: 3
Microsoft Edge / .. children: 1
.sum
com.apple.AMPLibraryAgent / .. children: 2
CleanMyMac X / .. children: 12
com.apple.windowmanager / .. children: 1
LibreOffice / .. children: 1
Logoist 3 / .. children: 2
DVD Player / .. children: 1
com.brother.utility.NETserver / .. children: 1
com.apple.wallpaper / .. children: 1
com.brother.utility.USBserver / .. children: 1
3DBazaar / .. children: 4
Microsoft Update Assistant / .. children: 2
Trimble Connect for SketchUp / .. children: 1
com.apple.avfoundation / .. children: 1
transparencyd / .. children: 0
com.drbuho.statusbarmenu.pidlock / .. children: 1
Microsoft AutoUpdate / .. children: 2
Kobo / .. children: 2
.logg
TorBrowser-Data / .. children: 3
com.apple.synapse / .. children: 3
syncdefaultsd / .. children: 0
Google Earth / .. children: 3
com.apple.iTunesCloud / .. children: 1
com.apple.RemoteManagementAgent / .. children: 3
ru.keepcoder.Telegram / .. children: 1
com.brother.utility.WorkflowAppControlServer / .. children: 1
.ADCS_Lock



~/Library/Safari/Extensions:

*-- Folder doesn't exist or is inaccessible --*



~/Library/Internet Plug-Ins:

ZoomUsPlugIn.plugin



/Users/Shared:

Previously Relocated Items 8 / .. children: 3
Previously Relocated Items 1 / .. children: 3
Previously Relocated Items 6 / .. children: 3
adi / .. children: 0
Previously Relocated Items 7 / .. children: 3
SC Info / .. children: 0
Previously Relocated Items 9 / .. children: 3
Previously Relocated Items 15 / .. children: 2
Previously Relocated Items 12 / .. children: 3
CCleaner / .. children: 1
Previously Relocated Items 13 / .. children: 2
Previously Relocated Items 14 / .. children: 2
CleanMyMac X HealthMonitor / .. children: 0
Relocated Items / .. children: 2
CleanMyMac X Menu / .. children: 0
Previously Relocated Items 5 / .. children: 3
Previously Relocated Items 2 / .. children: 3
Adobe / .. children: 2
Previously Relocated Items 3 / .. children: 3
Previously Relocated Items 4 / .. children: 3
Previously Relocated Items 11 / .. children: 3
Previously Relocated Items 16 / .. children: 2
Previously Relocated Items 20 / .. children: 2
Previously Relocated Items 18 / .. children: 2
Previously Relocated Items 19 / .. children: 2
Previously Relocated Items 17 / .. children: 2
CorelCAD / .. children: 0
Previously Relocated Items 10 / .. children: 3
CleanMyMac X / .. children: 10
Previously Relocated Items / .. children: 1
AdobeGCData / .. children: 2
.betamigrated



/Applications:

Tor Browser.app
Adblock Plus.app
Brother / .. children: 1
VLC.app
DuckDuckGo Privacy for Safari.app
Google Earth Pro.app
Geekbench 5.app
burracoepinelle.app
Gemini.app
UltiMaker Cura 2.app
EasyFind.app
Blackmagic Disk Speed Test.app
Brother iPrint&Scan.app
Google Chrome.app
AdBlock Pro.app
OkaMirrorForChromecast.app
Luminar 4.app
Android File Transfer.app
Telegram.app
OnyX.app
Original Prusa Drivers / .. children: 5
Einstein Brain Training.app
OneDrive.app
DetectX Swift.app
SketchUp 2023 / .. children: 5
Classic Solitaire.app
JDownloader2.app
SketchUp 2022 / .. children: 5
Cocktail.app
Cloudflare WARP.app
HotKey.app
Logoist 3.app
Inko.app
AdBlock.app
RAR Extractor.app
calibre.app
zoom.us.app
UnRarX.app
Yandex.app
WhatsApp.app
Chromecast.app
CalcTape.app
BuhoCleaner.app
UltiMaker Cura.app
LibreOffice.app
CCleaner.app
Rhino 7.app
Extra / .. children: 3
Google Docs.app
Music Converter.app
CorelCAD 2020.app
Tayasui Sketches.app
Google Sheets.app
Pixelmator Pro.app
Kobo.app
Google Slides.app
SenaBluetoothDeviceManager.app
Agenda.app
Bind.app
WeTransfer.app
HolaVPN.app
Code Reader - QR Reader.app
The Unarchiver.app
MagicUnarchiver.app
iZip.app
Firefox.app
Kodi.app
Install Google Earth Pro 7.3.3.7786.pkg
OmniDiskSweeper.app
Post-it®.app
Adapter.app
Twitter.app
Opera.app



/Library:

Apple / .. children: 3
OSAnalytics / .. children: 2
StagedDriverExtensions / .. children: 0
Trial / .. children: 3
Google / .. children: 3
InstallerSandboxes / .. children: 2
KernelCollections / .. children: 2
DriverExtensions / .. children: 0
Bluetooth / .. children: 7
User Template / .. children: 41
SystemExtensions / .. children: 5
Managed Preferences / .. children: 1



/Library/Application Support:

com.apple.backgroundassets.user / .. children: 0
Mozilla / .. children: 1
com.piriform.ccleaner / .. children: 3
com.apple.TVIdleScreen / .. children: 1
Macromedia / .. children: 1
Mica / .. children: 1
Google / .. children: 2
Microsoft / .. children: 1
BTServer / .. children: 11
Cloudflare / .. children: 21
com.apple.idleassetsd / .. children: 5
AVGHUB / .. children: 4
Adobe / .. children: 22
AVGAntivirus / .. children: 8
livefsd / .. children: 0
Cocktail / .. children: 3
regid.1986-12.com.adobe / .. children: 0



/Library/Extensions:

AppleMobileDevice.kext
usbserial.kext



/Library/Internet Plug-Ins:

AdobeAAMDetect.plugin
PepperFlashPlayer / .. children: 0



/Library/Managed Preferences:

tarcisiovincenzi / .. children: 3



/Library/PrivilegedHelperTools:

com.drbuho.BuhoCleaner.PrivilegedHelperTool
com.microsoft.autoupdate.helper
com.microsoft.office.licensingV2.helper
com.piriform.ccleaner.CCleanerAgent
com.adobe.acc.installer.v2
net.protected.macos.AVHelper



/Library/ScriptingAdditions:





/Library/StartupItems:





/Library/Updates:

ProductMetadata.plist
index.plist



Top Processes:

%CPU PID COMMAND
9.0 172 WindowServer
1.4 598 NotificationCent
1.1 0 kernel_task
0.8 558 ControlCenter
0.5 1873 Safari
0.3 5406 DetectX Swift
0.3 661 CCleaner
0.3 166 bluetoothd
0.2 321 CloudflareWARP
0.1 587 nearbyd

[Alberto.G]

Ok per il report Profile che hai postato... l'ho vedrò più tardi.
Ma ti chiedo la lista dei file che DetectX ti ha trovato facendo la ricerca... per noi ma per me è importante.
Poi ti darò le istruzioni di cosa fare.
Attendo...

[tarry]

Questo è quello che dice lo "Status", dopo poco scompare e rimane solo la scritta dell'allegato



macOS: Version 14.3.1 (Build 23D60)
File System: apfs
Temp: The thermal state is slightly elevated, fans may be audible.

Boot time: Wed Mar 6 08:28:20 2024
Uptime: 14:31, 1 user

Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.

Internet: Reachable
Search definitions are up-to-date.

[Alberto.G]

Molto strano... perché la lista non deve scomparire!
La traduzione dice che la "ricerca ha trovato 1 elemento in lista bianca!
Devi entrare in Preferenze di DetectX, cliccare su opzione Search, cliccare su Repoort di Whitelist e vedere cosa contiene.
Poi... mi hai spaventato quando hai scritto "molta roba" credendo fosse un lungo elenco di file potenzialmente pericolosi da eliminare.
Puoi dirci cosa contiene la lista bianca?

[tarry]

Nella finestra di status appaiono solamente questi due messaggi: il primo che ho postato quindi scompare sostituito dallo screenshot che ti ho inviato.
Il risultato della withe List è il seguente:
"Check the item to be acted on, then click the (x) or (bandierina) button to delete or whitwlist."
non appare altro.

[Alberto.G]

Altra cosa da verificare: la search ha dato, come risultato di Status, l'OK ?
Se viene fuori OK vuol dire che non ha trovato alcun file da eliminare!

[tarry]

Una lista di elementi cancellati da Detectx

[Alberto.G]

vedi che cominciamo a vedere qualcosa!
Non mi risulta che DetectX cancelli file in automatico!
Propone sempre all'utente di valutare se cancellare o trasferire in lista bianca.
Mi confermi che li hai cancellati (eliminati) tu prima?

Poi, ultima cosa, vedo che in lista è "stranamente", e non so spiegarmi il perché, indicato in ultima riga quanto segue:

~/Library/LaunchAgents/com.sqwarq.DetectX-Swift.observer.plist

...ma se è un file proprio dell'app DetectX Swift perché viene riportato in lista??

Dovrò indagare!

[tarry]

Penso che li ho cancellati io senza però sapere ciò che facevo, cioè si cancellano premendo la x nella White list.
L'ultima riga mi pare che ha una data diversa dalle altre; avevo fatto girare DetectX alcuni giorni fa ma non ci avevo capito granché (niente)

[J.T.Kirk]

Comincia col togliere dal Mac CCleaner, CleanMyMac X, BuhoCleaner, AVG e tutto quello a loro correlato.