Avanti, senza vergogna, con DetectX/Profile

Moderatore: ModiMaccanici

Avatar utente
Jethro
Stato: Non connesso
Expert Retrogamer
Expert Retrogamer
Avatar utente
Iscritto il: sab, 04 lug 2009 22:26
Messaggi: 4261

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da Jethro »

paolinoweb-due- ha scritto:
sab, 23 ott 2021 00:05
Ciao a tutti, tocca a me con i report. :D
...
Uhm... nomi a caso dal dizionario... Mi sa che è Pirrit: viewtopic.php?p=407057#p407057
Oppure una sua variante più moderna :?
...
Bon, se ormai vi è entrata la porcheria nel Mac, sappiate che non possiamo nenache dare un nome fisso ai files che crea, perchè il furbo programmino si va a prelevare dal file del dizionario del Mac alcune parole a caso (ma sono tutte nel dizionario, quindi noi possiamo sgamarlo!) e le usa come nome per i suoi files, utenti (sì, crea nuovi utenti fantasma!), script e .plist. Simpatico, no?

Immagine MacBook Pro Retina 15" - macOS Mojave 10.14.6
i7 quad-core 2.6GHz, 16GB RAM, SSD 1TB, Iris Pro/GeForce GT 750M

Immagine MacBook Air 11" - macOS Mojave 10.14.6
i7 dual-core 1.7GHz, 8GB RAM, SSD 128GB, HD Graphics 5000

8) La mia piccola collezione di "giochini" :
https://www.flickr.com/photos/140997970@N07/albums

Avatar utente
paolinoweb-due-
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: gio, 19 nov 2020 21:40
Messaggi: 1515
Località: Genova

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da paolinoweb-due- »

Jethro ha scritto:
sab, 23 ott 2021 00:13
paolinoweb-due- ha scritto:
sab, 23 ott 2021 00:05
Ciao a tutti, tocca a me con i report. :D
...
Uhm... nomi a caso dal dizionario... Mi sa che è Pirrit: viewtopic.php?p=407057#p407057
Oppure una sua variante più moderna :?
...
Bon, se ormai vi è entrata la porcheria nel Mac, sappiate che non possiamo nenache dare un nome fisso ai files che crea, perchè il furbo programmino si va a prelevare dal file del dizionario del Mac alcune parole a caso (ma sono tutte nel dizionario, quindi noi possiamo sgamarlo!) e le usa come nome per i suoi files, utenti (sì, crea nuovi utenti fantasma!), script e .plist. Simpatico, no?
Ciao Jethro, si pieno di nomi a casaccio.
Mi guardo il topic, grazie
Nel frattempo sto facendo girare malwarebytes, troppe cose da cancellare vediamo se da una mano...
Macbook Air 2020
i5 quad core 8 GB Ram
512 SSD

Avatar utente
paolinoweb-due-
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: gio, 19 nov 2020 21:40
Messaggi: 1515
Località: Genova

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da paolinoweb-due- »

Mi sembra molto meglio anche se non capisco..malwarebytes mi ha rilevato due estensioni di google chrome, eliminate, riavviato,
riapro detectx per fare profilo e vedo che in history 50ina di cambiamenti... guardo... quasi tutti i nomi casuali cancellati... ma
perchè li ha cancellati dopo la scansione e riavvio di malwarebytes? lo avevo già riavviato detectX, non credo che le due estensioni abbiano creato tutte quelle voci... gli erano rimaste sul groppone a detectX forse... cmq bene cancello i nomi a caso e forse me la cavo.
poi c'è l'altro mac... :D ma sonno....


Codice: Seleziona tutto

\f0\fs24 \cf0 Timestamp (8): Sat Oct 23 00:18:18 2021\
DetectX Swift v1.0981\
\
macOS: Version 10.14.6 (Build 18G9323)\
File System: apfs\
Temp: The thermal state is within normal limits.\
\
Boot time: Sat Oct 23 00:12:16 2021\
Uptime: up 6 mins, 1 user\
\
Spotlight status for /:\
	Indexing enabled. \
System Integrity Protection status: enabled.\
Gatekeeper status: enabled for App Store and identified developers.\
FileVault is Off.\
\
Internet:	Reachable\
\
\
    Hardware Overview:\
\
      Model Name: MacBook Pro\
      Model Identifier: MacBookPro11,1\
      Processor Name: Intel Core i5\
      Processor Speed: 2,6 GHz\
      Number of Processors: 1\
      Total Number of Cores: 2\
      L2 Cache (per Core): 256 KB\
      L3 Cache: 3 MB\
      Hyper-Threading Technology: Enabled\
      Memory: 8 GB\
      Boot ROM Version: 431.140.6.0.0\
      SMC Version (system): 2.16f68\
\
\
\
  Sharing Preferences:\
\
	File Sharing:  Off\
	Screen Sharing:  Off\
	Remote Management:  Off\
	Back To My Mac:  Off\
	Remote Login:  Off\
	Remote Apple Events:  Off\
\
\
3rd Party Kexts (loaded):\
\
	com.malwarebytes.mbam.rtprotection\
\
\
 $PATH:\
\
PATH=/usr/bin:/bin:/usr/sbin:/sbin\
\
\
/etc/paths:\
	/usr/bin\
	/bin\
	/usr/sbin\
	/sbin\
	/usr/local/bin\
\
/etc/paths.d/:\
\
~/.bash_profile:\
	\
~/.bashrc:\
\
~/.bash_login:\
\
~/.profile:\
\
~/.bash_logout:\
\
\
PID	Status	Label\
492	0	com.microsoft.Word.2840\
497	0	com.microsoft.autoupdate.fba.1532\
438	0	com.google.Chrome.2792\
385	0	com.malwarebytes.mbam.frontend.agent\
-	0	com.openssh.ssh-agent\
-	0	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae\
-	0	com.google.keystone.system.agent\
683	0	com.sqwarq.DetectX-Swift.4328\
-	0	com.spotify.client.startuphelper\
-	0	com.google.keystone.system.xpcservice\
387	0	com.spotify.webhelper\
498	0	com.microsoft.Office365Service.2832\
\
\
 System Launchd processes:\
\
60      - 	com.malwarebytes.mbam.rtprotection.daemon\
181      - 	com.vix.cron\
0      - 	com.microsoft.office.licensing.helper\
0      - 	org.postfix.master\
0      - 	com.google.keystone.daemon\
0      - 	com.teamviewer.Helper\
174      - 	org.cups.cupsd\
224      - 	com.malwarebytes.mbam.settings.daemon\
\
\
\
 User Login Items:\
 \
	/Applications/Adobe Reader.app/Contents/Support/AdobeResourceSynchronizer.app\
	/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app\
	/Users/[U501]/.Trash/Spotify.app\
	/Applications/Spotify.app\
	/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app\
\
\
\
 /Library/LaunchDaemons:\
\
	com.malwarebytes.mbam.settings.daemon.plist\
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon\
	\
	com.malwarebytes.mbam.rtprotection.daemon.plist\
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
		--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
		--> Program Arguments: -i\
		--> Program Arguments: Malwarebytes-Mac-4.13.5.4414.pkg\
	\
	com.google.keystone.daemon.plist\
		--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon\
	\
	com.apple.installer.osmessagetracing.plist\
		--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer\
	\
	com.teamviewer.Helper.plist\
		-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
		--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
	\
	com.teamviewer.teamviewer_service.plist\
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service\
		--> Program Arguments: -Module\
		--> Program Arguments: Full\
	\
	com.microsoft.office.licensing.helper.plist\
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper\
	\
\
\
\
 /Library/LaunchAgents:\
\
	com.google.keystone.xpcservice.plist\
		--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
		--> Program Arguments: -runMode\
		--> Program Arguments: xpchost\
	\
	com.teamviewer.teamviewer_desktop.plist\
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop_Proxy\
		--> Program Arguments: -RunAsAgent\
		--> Program Arguments: YES\
		--> Program Arguments: -Module\
		--> Program Arguments: Full\
	\
	com.google.keystone.agent.plist\
		--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
		--> Program Arguments: -runMode\
		--> Program Arguments: ifneeded\
	\
	com.teamviewer.teamviewer.plist\
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer\
		--> Program Arguments: -RunAsAgent\
		--> Program Arguments: YES\
	\
	com.malwarebytes.mbam.frontend.agent.plist\
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent\
	\
\
\
\
 ~/Library/LaunchAgents:\
\
	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist\
		--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper\
		--> Program Arguments: semi-auto\
	\
	com.spotify.webhelper.plist\
		-> Program: /Users/[U501]/Library/Application Support/Spotify/SpotifyWebHelper\
	\
\
 User Crontab:\
\
	No cron jobs\
\
\
\
 /etc:\
\
	kcpassword\
	rc.common\
	php.ini.default-5.2-previous~orig\
	bashrc_Apple_Terminal\
	bashrc\
	zshrc\
	ssh_config~orig\
	moduli~previous\
	rc.netboot\
	efax.rc~previous\
	php.ini.default-5.2-previous\
	sshd_config~previous\
	aliases\
	zprofile\
\
 / $Root:\
\
	.HFS+ Private Directory Data\
 / .. children: 0\
	.PKInstallSandboxManager / .. children: 0\
	file\
	installer.failurerequests\
	Informazioni utente\
	.file\
	.MobileBackups.trash / .. children: 1\
	.Trashes / .. children: 0\
	.OSInstallerMessages\
	model\
\
 ~/ $Home:\
\
	Music / .. children: 4\
	.CFUserTextEncoding\
	Pictures / .. children: 7\
	.rnd\
	Desktop / .. children: 22\
	Library / .. children: 65\
	.cups / .. children: 1\
	Public / .. children: 3\
	Movies / .. children: 3\
	Applications / .. children: 2\
	.Trash / .. children: 86\
	Documents / .. children: 46\
	Downloads / .. children: 8\
	.bash_history\
\
\
\
 ~/Library:\
\
	Filters / .. children: 0\
	studentd / .. children: 4\
	HomeKit / .. children: 5\
	Google / .. children: 1\
	Family / .. children: 1\
	Fonts Disabled / .. children: 0\
	PersonalizationPortrait / .. children: 1\
\
\
\
 ~/Library/Application Support:\
\
	MPlayerX / .. children: 2\
	com.apple.touristd / .. children: 3\
	DiskImages / .. children: 1\
	EasyFind / .. children: 0\
	CoreParsec / .. children: 0\
	com.apple.QuickLook / .. children: 1\
	Google / .. children: 2\
	Microsoft / .. children: 1\
	Spotify / .. children: 4\
	dmd / .. children: 0\
	CEF / .. children: 1\
	Adobe / .. children: 2\
	NotificationCenter / .. children: 1\
	TeamViewer / .. children: 1\
	Ubiquity / .. children: 1\
	com.sqwarq.DetectX-Swift / .. children: 4\
	Aperture / .. children: 0\
	com.malwarebytes.mbam / .. children: 1\
	Preview / .. children: 0\
	cacaoweb / .. children: 4\
\
\
\
 ~/Library/Safari/Extensions:\
\
	*-- Folder doesn't exist or is inaccessible --*\
\
\
\
 ~/Library/Internet Plug-Ins:\
\
	\
\
\
\
 /Users/Shared:\
\
	adi / .. children: 3\
	SC Info / .. children: 0\
	\
\
\
\
 /Applications:\
\
	cacaoweb.app\
	Books.app\
	TeamViewer.app\
	EasyFind.app\
	Home.app\
	Google Chrome.app\
	Microsoft Office 2011 / .. children: 10\
	Adobe Reader.app\
	News.app\
	Install macOS Big Sur.app\
	Spotify.app\
	DetectX Swift.app\
	Stocks.app\
	Paint S.app\
	Malwarebytes.app\
	Remote Desktop Connection.app\
	VoiceMemos.app\
	iPhoto.app\
	Microsoft Messenger.app\
\
\
\
 /Library:\
\
	grysbok / .. children: 1\
	settings.dat\
	sacken / .. children: 1\
	diedric / .. children: 1\
	sesquibasic / .. children: 1\
	foreshoe / .. children: 1\
	underwarmthUpd / .. children: 1\
	duodecane / .. children: 1\
	stammel / .. children: 1\
	doggone / .. children: 1\
	unwrongful / .. children: 1\
	embed / .. children: 1\
	panax / .. children: 1\
	MacInstallfe\
	anxious / .. children: 1\
	salubrious / .. children: 1\
	astony / .. children: 1\
	Google / .. children: 2\
	numerist / .. children: 1\
	blessing / .. children: 1\
	pseudostomatousUpd / .. children: 1\
	congregation / .. children: 1\
	hypnosporangium / .. children: 1\
	unspontaneousUpd / .. children: 1\
	beasthood / .. children: 1\
	outcross / .. children: 1\
	stumpiness / .. children: 1\
	ethal / .. children: 1\
	ukimathen / .. children: 1\
	Itys / .. children: 1\
	Coniferae / .. children: 1\
	MacInstallfe8\
	forepredicament / .. children: 1\
	ragamuffin / .. children: 1\
	Pegasus / .. children: 1\
	radman-Boston / .. children: 1\
	backup.zip\
	ApplicationContents / .. children: 4\
	preaccusation / .. children: 1\
	Cedric / .. children: 1\
	Automator / .. children: 94\
	untreading / .. children: 1\
	negligible / .. children: 1\
	crinated / .. children: 1\
	Laparosticti / .. children: 1\
	superscript / .. children: 1\
	dibasicity / .. children: 1\
	GottliebUpd / .. children: 1\
	perchlorinate / .. children: 1\
	herbicolous / .. children: 1\
	desight / .. children: 1\
	womanwise-chanceled / .. children: 1\
	quizzism / .. children: 1\
	heptylic / .. children: 1\
	Fonts Disabled / .. children: 16\
	platelet / .. children: 1\
	whimling / .. children: 1\
	ostectomyUpd / .. children: 1\
	hardiment / .. children: 1\
	Lampsilis / .. children: 1\
	unspecific / .. children: 1\
	paginary / .. children: 1\
	finfoot / .. children: 1\
	churchful / .. children: 1\
	crocoisite / .. children: 1\
	pfutil\
\
Ultima modifica di paolinoweb-due- il sab, 23 ott 2021 02:21, modificato 1 volta in totale.
Macbook Air 2020
i5 quad core 8 GB Ram
512 SSD

Avatar utente
paolinoweb-due-
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: gio, 19 nov 2020 21:40
Messaggi: 1515
Località: Genova

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da paolinoweb-due- »

Se vedete qualcosa... ho troppo sonno... ne vedo ancora un paio ma non convinto...

Codice: Seleziona tutto

(14): Sat Oct 23 01:34:57 2021\
DetectX Swift v1.0981\
\
macOS: Version 10.14.6 (Build 18G9323)\
File System: apfs\
Temp: The thermal state is within normal limits.\
\
Boot time: Sat Oct 23 00:12:19 2021\
Uptime: up  1:23, 1 user\
\
Spotlight status for /:\
	Indexing enabled. \
System Integrity Protection status: enabled.\
Gatekeeper status: enabled for App Store and identified developers.\
FileVault is Off.\
\
Internet:	Reachable\
\
\
    
\f0\b \cf2 Hardware Overview:
\f1\b0 \cf0 \
\
      Model Name: MacBook Pro\
      Model Identifier: MacBookPro11,1\
      Processor Name: Intel Core i5\
      Processor Speed: 2,6 GHz\
      Number of Processors: 1\
      Total Number of Cores: 2\
      L2 Cache (per Core): 256 KB\
      L3 Cache: 3 MB\
      Hyper-Threading Technology: Enabled\
      Memory: 8 GB\
      Boot ROM Version: 431.140.6.0.0\
      SMC Version (system): 2.16f68\
\
\
\
  
\f0\b \cf2 Sharing Preferences:
\f1\b0 \cf0 \
\
	File Sharing:  Off\
	Screen Sharing:  Off\
	Remote Management:  Off\
	Back To My Mac:  Off\
	Remote Login:  Off\
	Remote Apple Events:  Off\
\
\

\f0\b \cf2 3rd Party Kexts (loaded):
\f1\b0 \cf0 \
\
	com.malwarebytes.mbam.rtprotection\
\
\

\f0\b \cf2  $PATH:
\f1\b0 \cf0 \
\
PATH=/usr/bin:/bin:/usr/sbin:/sbin\
\
\
\cf3 /etc/paths:\cf0 \
	/usr/bin\
	/bin\
	/usr/sbin\
	/sbin\
	/usr/local/bin\
\
\cf3 /etc/paths.d/:\cf0 \
\
\cf3 ~/.bash_profile:\cf0 \
	\
\cf3 ~/.bashrc:\cf0 \
\
\cf3 ~/.bash_login:\cf0 \
\
\cf3 ~/.profile:\cf0 \
\
\cf3 ~/.bash_logout:\cf0 \
\
\
 
\f0\b \cf2 User Launchd processes:
\f1\b0 \cf0 \
\

\f0\b \cf4 PID	Status	Label
\f1\b0 \cf0 \
492	0	com.microsoft.Word.2840\
497	0	com.microsoft.autoupdate.fba.1532\
438	0	com.google.Chrome.2792\
385	0	com.malwarebytes.mbam.frontend.agent\
-	0	com.openssh.ssh-agent\
-	0	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae\
-	0	com.google.keystone.system.agent\
2361	0	com.sqwarq.DetectX-Swift.4328\
-	0	com.spotify.client.startuphelper\
-	0	com.google.keystone.system.xpcservice\
387	0	com.spotify.webhelper\
\
\
 
\f0\b \cf2 System Launchd processes:
\f1\b0 \cf0 \
\
60      - 	com.malwarebytes.mbam.rtprotection.daemon\
181      - 	com.vix.cron\
0      - 	com.microsoft.office.licensing.helper\
0      - 	org.postfix.master\
0      - 	com.google.keystone.daemon\
0      - 	com.teamviewer.Helper\
174      - 	org.cups.cupsd\
224      - 	com.malwarebytes.mbam.settings.daemon\
\
\
\

\f0\b \cf2  User Login Items:
\f1\b0 \cf0 \
 \
	/Applications/Spotify.app\
	/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app\
\
\
\

\f0\b \cf2  /Library/LaunchDaemons:
\f1\b0 \cf0 \
\
	com.malwarebytes.mbam.settings.daemon.plist\
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon\
	\
	com.malwarebytes.mbam.rtprotection.daemon.plist\
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
		--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
		--> Program Arguments: -i\
		--> Program Arguments: Malwarebytes-Mac-4.13.5.4414.pkg\
	\
	com.google.keystone.daemon.plist\
		--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon\
	\
	com.apple.installer.osmessagetracing.plist\
		--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer\
	\
	com.teamviewer.Helper.plist\
		-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
		--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
	\
	com.teamviewer.teamviewer_service.plist\
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service\
		--> Program Arguments: -Module\
		--> Program Arguments: Full\
	\
	com.microsoft.office.licensing.helper.plist\
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper\
	\
\
\
\

\f0\b \cf2  /Library/LaunchAgents:
\f1\b0 \cf0 \
\
	com.google.keystone.xpcservice.plist\
		--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
		--> Program Arguments: -runMode\
		--> Program Arguments: xpchost\
	\
	com.teamviewer.teamviewer_desktop.plist\
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop_Proxy\
		--> Program Arguments: -RunAsAgent\
		--> Program Arguments: YES\
		--> Program Arguments: -Module\
		--> Program Arguments: Full\
	\
	com.google.keystone.agent.plist\
		--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
		--> Program Arguments: -runMode\
		--> Program Arguments: ifneeded\
	\
	com.teamviewer.teamviewer.plist\
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer\
		--> Program Arguments: -RunAsAgent\
		--> Program Arguments: YES\
	\
	com.malwarebytes.mbam.frontend.agent.plist\
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent\
	\
\
\
\

\f0\b \cf2  ~/Library/LaunchAgents:
\f1\b0 \cf0 \
\
	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist\
		--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper\
		--> Program Arguments: semi-auto\
	\
	com.spotify.webhelper.plist\
		-> Program: /Users/davide/Library/Application Support/Spotify/SpotifyWebHelper\
	\
\

\f0\b \cf2  User Crontab:
\f1\b0 \cf0 \
\
	No cron jobs\
\
\
\

\f0\b \cf2  /etc:
\f1\b0 \cf0 \
\
	kcpassword\
	rc.common\
	php.ini.default-5.2-previous~orig\
	bashrc_Apple_Terminal\
	bashrc\
	zshrc\
	ssh_config~orig\
	moduli~previous\
	rc.netboot\
	efax.rc~previous\
	php.ini.default-5.2-previous\
	sshd_config~previous\
	aliases\
	zprofile\
\NON FATE CASO A QUELLO EVIDENZIATO IN NERO CHE SI TROVA SPESSO.. PASSAGGIO FILE TEXTEDIT A WINDOWS....
[b]
\f0\b \cf2 [/b] / $Root:
[b]\f1\b0 \cf0 \[/b]
\
	.HFS+ Private Directory Data\
 \cf3 / .. children: 0\cf0 \
	.PKInstallSandboxManager \cf3 / .. children: 0\cf0 \
	file\
	installer.failurerequests\
	Informazioni utente\
	.file\
	.MobileBackups.trash \cf3 / .. children: 1\cf0 \
	.Trashes \cf3 / .. children: 0\cf0 \
	.OSInstallerMessages\
	model\
\

\f0\b \cf2  ~/ $Home:
\f1\b0 \cf0 \
\
	Music \cf3 / .. children: 4\cf0 \
	.CFUserTextEncoding\
	Pictures \cf3 / .. children: 7\cf0 \
	.rnd\
	Desktop \cf3 / .. children: 21\cf0 \
	Library \cf3 / .. children: 65\cf0 \
	.cups \cf3 / .. children: 1\cf0 \
	.bash_sessions \cf3 / .. children: 7\cf0 \
	Public \cf3 / .. children: 3\cf0 \
	Movies \cf3 / .. children: 3\cf0 \
	Applications \cf3 / .. children: 2\cf0 \
	.Trash \cf3 / .. children: 0\cf0 \
	Documents \cf3 / .. children: 46\cf0 \
	Downloads \cf3 / .. children: 8\cf0 \
	.bash_history\
\
\
\

\f0\b \cf2  ~/Library:
\f1\b0 \cf0 \
\
	Filters \cf3 / .. children: 0\cf0 \
	studentd \cf3 / .. children: 4\cf0 \
	HomeKit \cf3 / .. children: 5\cf0 \
	Google \cf3 / .. children: 1\cf0 \
	Family \cf3 / .. children: 1\cf0 \
	Fonts Disabled \cf3 / .. children: 0\cf0 \
	PersonalizationPortrait \cf3 / .. children: 1\cf0 \
\
\
\

\f0\b \cf2  ~/Library/Application Support:
\f1\b0 \cf0 \
\
	MPlayerX \cf3 / .. children: 2\cf0 \
	com.apple.touristd \cf3 / .. children: 3\cf0 \
	DiskImages \cf3 / .. children: 1\cf0 \
	EasyFind \cf3 / .. children: 0\cf0 \
	CoreParsec \cf3 / .. children: 0\cf0 \
	com.apple.QuickLook \cf3 / .. children: 1\cf0 \
	Google \cf3 / .. children: 2\cf0 \
	Microsoft \cf3 / .. children: 1\cf0 \
	Spotify \cf3 / .. children: 4\cf0 \
	dmd \cf3 / .. children: 0\cf0 \
	CEF \cf3 / .. children: 1\cf0 \
	Adobe \cf3 / .. children: 2\cf0 \
	NotificationCenter \cf3 / .. children: 1\cf0 \
	TeamViewer \cf3 / .. children: 1\cf0 \
	Ubiquity \cf3 / .. children: 1\cf0 \
	com.sqwarq.DetectX-Swift \cf3 / .. children: 4\cf0 \
	Aperture \cf3 / .. children: 0\cf0 \
	com.malwarebytes.mbam \cf3 / .. children: 1\cf0 \
	Preview \cf3 / .. children: 0\cf0 \
	cacaoweb \cf3 / .. children: 4}
Macbook Air 2020
i5 quad core 8 GB Ram
512 SSD

Avatar utente
Alberto.G
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: dom, 22 gen 2017 20:34
Messaggi: 1464

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da Alberto.G »

paolinoweb-due- ha scritto:
sab, 23 ott 2021 02:19
Se vedete qualcosa... ho troppo sonno... ne vedo ancora un paio ma non convinto...
Ciao paolinoweb-due- vedo che sei riuscito, sia con DetectX che con “la mano” di Malwarebytes, a cancellare tutti quei nomi a caso!
Se DetectX ti ha rilevato ancora un paio di nomi, ritengo evidenziati in finestra STATUS, una volta eliminati con questa app, dovresti essere arrivato alla conclusione.
Analizzando anche l’ultimo Profile che hai postato, non vedo app “sospette” o presenza di programmi antivirus.
Certamente tu che hai il MBP (Model 11,1) sotto gli occhi, puoi valutare ancora meglio la situazione.
Ultima cosa: scrivi
\NON FATE CASO A QUELLO EVIDENZIATO IN NERO CHE SI TROVA SPESSO.. PASSAGGIO FILE TEXTEDIT A WINDOWS....
ma non vedo nessuna riga o parola evidenziata in nero; probabilmente inserendo il testo di Profile come Codice si saranno perse…

iMac (Retina 4K, 21.5-inch, Late 2015) Mod.16,2 - Processore 3,1 GHz Intel Core i5 (i5-5675R) CPU 4-core
Memoria 8 GB 1867 MHz DDR3 - Scheda grafica Intel Iris Pro Graphics 6200 1536 MB
sistema presente: macOS MONTEREY versione 12.1 (21C52) dal 14.12.2021 ore 14:34

Avatar utente
paolinoweb-due-
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: gio, 19 nov 2020 21:40
Messaggi: 1515
Località: Genova

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da paolinoweb-due- »

Alberto.G ha scritto:
sab, 23 ott 2021 10:38
paolinoweb-due- ha scritto:
sab, 23 ott 2021 02:19
Se vedete qualcosa... ho troppo sonno... ne vedo ancora un paio ma non convinto...
Ciao paolinoweb-due- vedo che sei riuscito, sia con DetectX che con “la mano” di Malwarebytes, a cancellare tutti quei nomi a caso!
Se DetectX ti ha rilevato ancora un paio di nomi, ritengo evidenziati in finestra STATUS, una volta eliminati con questa app, dovresti essere arrivato alla conclusione.
Analizzando anche l’ultimo Profile che hai postato, non vedo app “sospette” o presenza di programmi antivirus.
Certamente tu che hai il MBP (Model 11,1) sotto gli occhi, puoi valutare ancora meglio la situazione.
Ultima cosa: scrivi
\NON FATE CASO A QUELLO EVIDENZIATO IN NERO CHE SI TROVA SPESSO.. PASSAGGIO FILE TEXTEDIT A WINDOWS....
ma non vedo nessuna riga o parola evidenziata in nero; probabilmente inserendo il testo di Profile come Codice si saranno perse…
Buongiorno Alberto,
grazie, speravo anche in tuo intervento oltre degli altri amici del forum

non fare caso alla mia frase sono solo \f0\b \cf2 \f1\b0 \cf0 ad esempio che si trovano nel report ma non sono stringhe o file, sono caratteri casuali nel report.
Per DetectX e MB tutto pulito ma :

mdm e
cacaoweb
in
~/Library/Application Support ti sembrano buoni?

cacaoweb era un software per vedere film o un sito un qualcosa tanti anni fa. toglierei... mdm non trovo nulla...sarà casuale anche questa da togliere?

Malwarebytes questa volta ha dato il meglio di sè.

Immagine
Immagine

Ho un altro Mac un Air 2011 da finire di pulire, mi permetto di postare un nuovo profilo, poi se ne avete voglia ben venga vostro aiuto
Macbook Air 2020
i5 quad core 8 GB Ram
512 SSD

Avatar utente
paolinoweb-due-
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: gio, 19 nov 2020 21:40
Messaggi: 1515
Località: Genova

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da paolinoweb-due- »

Nuovo profilo su altro Macbook Air 2011 stavolta i5 con 4GB/256GB

Immagine
Immagine

Primo screenshot Detectx Swift, parte delle minacce tolte.
Secondo screenshot fatto pochi minuti fa quando ho acceso l' Air.. apro DetectX per postare profilo che segue e mi aggiunge quel file vedo da history
C'è qualcosa che crea spazzatura all'accensione..
C'è avast da togliere, non ho l'ausilio di MB perchè non compatibile con El Capitan, dovrei avere versioni vecchie ma qui si va di mano!!
Help.. ora comincio a levare... se vedete segnalate!!

Codice: Seleziona tutto

macOS: Version 10.11.6 (Build 15G31) 
	-- a security update for El Capitan may be available in the App Store

File System: hfs
Temp: The thermal state is within normal limits.

Boot time: Sat Oct 23 13:17:54 2021
Uptime: 2 mins, 1 user

Spotlight status for /:
	Indexing enabled. 
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.

Internet:	Reachable


    Hardware Overview:

      Model Name: MacBook Air
      Model Identifier: MacBookAir4,2
      Processor Name: Intel Core i5
      Processor Speed: 1.7 GHz
      Number of Processors: 1
      Total Number of Cores: 2
      L2 Cache (per Core): 256 KB
      L3 Cache: 3 MB
      Memory: 4 GB
      Boot ROM Version: MBA41.0077.B14
      SMC Version (system): 1.73f66



  Sharing Preferences:

	File Sharing:  Off
	Screen Sharing:  Off
	Remote Management:  Off
	Back To My Mac:  Off
	Remote Login:  Off
	Remote Apple Events:  Off


3rd Party Kexts (loaded):

	com.avast.FileShield
	com.avast.PacketForwarder


 $PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
	/usr/bin
	/bin
	/usr/sbin
	/sbin
	/usr/local/bin

/etc/paths.d/:

~/.bash_profile:
	
~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


PID	Status	Label
-	0	com.google.keystone.user.xpcservice
-	0	com.avast.userinit
-	0	org.openbsd.ssh-agent
-	0	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae
748	0	com.avast.Antivirus
901	0	com.avast.hub
-	0	com.oracle.java.Java-Updater
354	0	com.google.GoogleDrive.50592
318	0	com.spotify.webhelper
775	0	com.sqwarq.DetectX-Swift.119392
-	1	com.google.keystone.user.agent
348	0	com.epson.USB_Display_Agent.107872


 System Launchd processes:

0      - 	com.avast.hub.xpc
0      - 	com.vix.cron
0      - 	com.microsoft.office.licensing.helper
0      - 	com.avast.hub.schedule
0      - 	org.postfix.master
0      - 	com.teamviewer.Helper
0      - 	com.avast.update
608      - 	com.avast.securedns
189      - 	com.avast.daemon
762      - 	com.avast.api.xpc
218      - 	org.cups.cupsd
0      - 	com.avast.uninstall
0      - 	com.adobe.fpsaud
0      0 	com.avast.init
0      - 	com.avast.submit
534      - 	com.avast.proxy
0      - 	com.oracle.java.Helper-Tool
0      0 	org.postfix.newaliases
220      - 	org.ntp.ntpd
500      - 	com.avast.service
617      - 	com.avast.hns
495      - 	com.avast.fileshield



 User Login Items:
 iTunesHelper
 AdobeResourceSynchronizer
 Google Drive
 Spotify
 ZoomOpener




 /Library/LaunchDaemons:

	com.adobe.fpsaud.plist
		--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
	
	com.avast.hub.schedule.plist
		--> Program Arguments: /Library/Application Support/AvastHUB/com.avast.hub.app/Contents/scripts/schedule.sh
		--> Program Arguments: --ttl
		--> Program Arguments: 14400
	
	com.avast.hub.xpc.plist
		-> Program: /Library/Application Support/AvastHUB/com.avast.hub.app/Contents/Helpers/com.avast.hub.xpc
	
	com.avast.init.plist
		--> Program Arguments: /Applications/Avast.app/Contents/Backend/hub/init.sh
	
	com.avast.uninstall.plist
		--> Program Arguments: /Library/Application Support/Avast/autouninstall/autouninstall.sh
	
	com.avast.update.plist
		--> Program Arguments: /Applications/Avast.app/Contents/Backend/scripts/update/update.sh
	
	com.microsoft.office.licensing.helper.plist
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
	
	com.oracle.java.Helper-Tool.plist
		--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
	
	com.teamviewer.Helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper
	
	com.teamviewer.teamviewer_service.plist
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service
		--> Program Arguments: -Module
		--> Program Arguments: Full
	
	PPPMonitord.plist
	



 /Library/LaunchAgents:

	com.avast.hub.plist
		-> Program: /Library/Application Support/AvastHUB/com.avast.hub.app/Contents/MacOS/com.avast.hub
	
	com.avast.userinit.plist
		-> Program: /Applications/Avast.app/Contents/Backend/hub/userinit.sh
	
	com.oracle.java.Java-Updater.plist
		--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
		--> Program Arguments: -bgcheck
	
	com.teamviewer.teamviewer.plist
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer
		--> Program Arguments: -RunAsAgent
		--> Program Arguments: YES
	
	com.teamviewer.teamviewer_desktop.plist
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop
		--> Program Arguments: -RunAsAgent
		--> Program Arguments: YES
		--> Program Arguments: -Module
		--> Program Arguments: Full
	
	Swapper.plist
	



 ~/Library/LaunchAgents:

	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist
		--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper
	
	com.google.keystone.agent.plist
		--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
		--> Program Arguments: -runMode
		--> Program Arguments: ifneeded
	
	com.google.keystone.xpcservice.plist
		--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
		--> Program Arguments: -runMode
		--> Program Arguments: xpchost
	
	com.spotify.webhelper.plist
		-> Program: /Users/[U501]/Library/Application Support/Spotify/SpotifyWebHelper
	

 User Crontab:

	No cron jobs



 /etc:

	aliases
	authorization.deprecated
	bashrc
	bashrc_Apple_Terminal
	efax.rc
	kcpassword
	moduli~previous
	php.ini.default-5.2-previous
	rc.common
	rc.netboot
	zprofile
	zshrc

 / $Root:

	.file
	.MobileBackups / .. children: 1
	.svn / .. children: 6
	.Trashes / .. children: 0
	DamagedFiles / .. children: 1
	Incompatible Software / .. children: 4
	installer.failurerequests
	lost+found / .. children: 1
	Manuali utente e informazioni
	model

 ~/ $Home:

	.android / .. children: 2
	.bash_history
	.CFUserTextEncoding
	.cups / .. children: 1
	.filezilla / .. children: 6
	.fontconfig / .. children: 3
	.InstallAnywhere / .. children: 0
	.oracle_jre_usage / .. children: 1
	.rnd
	.Trash / .. children: 445
	.Xauthority
	.zoomus / .. children: 0
	Applications / .. children: 2
	CALENDARIO LEZ-16-17 / .. children: 3
	Desktop / .. children: 72
	Di Napoli et al., 2016.pdf
	Documents / .. children: 202
	Downloads / .. children: 334
	Google Drive / .. children: 1
	Library / .. children: 58
	Movies / .. children: 2
	Music / .. children: 21
	Pictures / .. children: 109
	Public / .. children: 4



 ~/Library:

	Address Book Plug-Ins / .. children: 2
	com.apple.nsurlsessiond / .. children: 0
	Filters / .. children: 0
	Fonts Disabled / .. children: 0
	Frameworks / .. children: 1
	Google / .. children: 1
	Icons / .. children: 1
	InstallData / .. children: 2
	Mail Downloads / .. children: 46
	Widgets / .. children: 1



 ~/Library/Application Support:

	Adobe / .. children: 4
	Aperture / .. children: 0
	audacity / .. children: 7
	Avast / .. children: 2
	AvastHUB / .. children: 2
	cacaoweb / .. children: 4
	CEF / .. children: 1
	com.apple.QuickLook / .. children: 1
	com.sqwarq.DetectX-Swift / .. children: 4
	DVD Player / .. children: 1
	eSellerate / .. children: 1
	Firefox / .. children: 3
	GarageBand / .. children: 3
	Google / .. children: 4
	Google Earth / .. children: 4
	Hewlett-Packard / .. children: 1
	iLifePageLayout / .. children: 1
	iMovie / .. children: 2
	Java / .. children: 0
	JREInstaller / .. children: 1
	Mail / .. children: 1
	Microsoft / .. children: 2
	MindVision / .. children: 0
	MobileMeSyncClient / .. children: 0
	MobileSync / .. children: 1
	Mozilla / .. children: 1
	MPlayerX / .. children: 2
	NCH Software / .. children: 2
	Oracle / .. children: 1
	org.videolan.vlc / .. children: 1
	Preview / .. children: 0
	RealNetworks / .. children: 1
	Skype / .. children: 11
	Spotify / .. children: 5
	SyncServices / .. children: 1
	TeamViewer / .. children: 1
	Ubiquity / .. children: 4
	zoom.us / .. children: 2



 ~/Library/Safari/Extensions:

	Extensions.plist
	wrc.safariextz



 ~/Library/Internet Plug-Ins:

	RealPlayer Plugin.plugin
	ZoomUsPlugIn.plugin



 /Users/Shared:

	.com.hp.Installer.plist
	adi / .. children: 0
	Adobe / .. children: 0
	Hewlett-Packard / .. children: 1
	Library / .. children: 1
	SC Info / .. children: 0



 /Applications:

	Adobe Reader.app
	Android File Transfer.app
	Audacity.app
	Avast.app
	Chiavetta Internet MT191UP.app
	Contratti di Locazione 9.5.4 / .. children: 13
	DetectX Swift.app
	djvulibre-3.5.22+djview-4.5-universal / .. children: 7
	FileZilla.app
	Final Music Converter.app
	Firefox.app
	Google Chrome.app
	Google Drive.app
	Google Earth.app
	Hewlett-Packard / .. children: 8
	iPhoto.app
	MacTutorial Viewer.app
	Microsoft Messenger.app
	Microsoft Office 2011 / .. children: 10
	Microsoft Silverlight
	partita iva / .. children: 2
	RealPlayer.app
	Remote Desktop Connection.app
	Scratch 1.4 / .. children: 11
	Spotify.app
	Switch.app
	TeamViewer.app
	The Unarchiver.app
	Uninstall Chiavetta Internet MT191UP.app
	USB Display / .. children: 2
	VLC.app
	WinDjView-2.0.2-Setup (1) / .. children: 4



 /Library:

	.svn / .. children: 6
	Automator / .. children: 96
	Fonts Disabled / .. children: 16
	Google / .. children: 2
	Mozilla / .. children: 1
	Server / .. children: 1



 /Library/Application Support:

	.BcJztTv_ud
	Adobe / .. children: 6
	Avast / .. children: 8
	AvastHUB / .. children: 4
	Hewlett-Packard / .. children: 6
	Join Air / .. children: 2
	laser / .. children: 3
	Macromedia / .. children: 2
	Microsoft / .. children: 4
	Oracle / .. children: 1



 /Library/Extensions:

	EPSONUSBPrintClass.kext
	hp_io_enabler_compound.kext



 /Library/Internet Plug-Ins:

	AdobePDFViewer.plugin
	AdobePDFViewerNPAPI.plugin
	Default Browser.plugin
	DirectorShockwave.plugin
	Disabled Plug-Ins / .. children: 2
	Flash Player.plugin
	flashplayer.xpt
	JavaAppletPlugin.plugin
	Quartz Composer.webplugin
	SharePointBrowserPlugin.plugin
	SharePointWebKitPlugin.webplugin
	Silverlight.plugin



 /Library/Managed Preferences:

	*-- Folder doesn't exist or is inaccessible --*



 /Library/PrivilegedHelperTools:

	com.microsoft.office.licensing.helper
	com.teamviewer.Helper



 /Library/ScriptingAdditions:

	



 /Library/StartupItems:

	



 /Library/Updates:

	041-88548 / .. children: 3
	041-88740 / .. children: 18
	041-88833 / .. children: 3
	041-89046 / .. children: 3
	041-89069 / .. children: 3
	041-89073 / .. children: 5
	041-90802 / .. children: 5
	index.plist
	PPDVersions.plist
	ProductMetadata.plist
	zzzz041-94863 / .. children:


Macbook Air 2020
i5 quad core 8 GB Ram
512 SSD

Avatar utente
paolinoweb-due-
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: gio, 19 nov 2020 21:40
Messaggi: 1515
Località: Genova

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da paolinoweb-due- »

Dopo lunga pulizia a mano - causa avast che era ovunque -
sono giunto qui.
/Library/Updates
che ne pensate di tutte le cartelle che
contengono un'infinità di pkg difficili da definire?

Vi chiedo.. questo air arriva a High Sierra, io l'ho portato a El Capitan da 10.7 Lion ... ha solo 4 GB di Ram... Temo perdita reattività con HS con 4 GB
Avesse 8 Gb lo avrei portato a HS ... che fareste? El C o HS ?

Codice: Seleziona tutto

Timestamp (15): sab ott 23 14:16:04 2021
DetectX Swift v1.0981

macOS: Version 10.11.6 (Build 15G31) 
	-- a security update for El Capitan may be available in the App Store

File System: hfs
Temp: The thermal state is within normal limits.

Boot time: Sat Oct 23 14:15:13 2021
Uptime: 51 secs, 1 user

Spotlight status for /:
	Indexing enabled. 
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.

Internet:	Reachable


    Hardware Overview:

      Model Name: MacBook Air
      Model Identifier: MacBookAir4,2
      Processor Name: Intel Core i5
      Processor Speed: 1.7 GHz
      Number of Processors: 1
      Total Number of Cores: 2
      L2 Cache (per Core): 256 KB
      L3 Cache: 3 MB
      Memory: 4 GB
      Boot ROM Version: MBA41.0077.B14
      SMC Version (system): 1.73f66



  Sharing Preferences:

	File Sharing:  Off
	Screen Sharing:  Off
	Remote Management:  Off
	Back To My Mac:  Off
	Remote Login:  Off
	Remote Apple Events:  Off


3rd Party Kexts (loaded):



 $PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
	/usr/bin
	/bin
	/usr/sbin
	/sbin
	/usr/local/bin

/etc/paths.d/:

~/.bash_profile:
	
~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


PID	Status	Label
324	0	com.google.keystone.user.xpcservice
-	0	org.openbsd.ssh-agent
-	0	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae
-	0	com.oracle.java.Java-Updater
308	0	com.google.GoogleDrive.50592
285	0	com.spotify.webhelper
394	0	com.sqwarq.DetectX-Swift.119392
-	0	com.google.keystone.user.agent
299	0	com.epson.USB_Display_Agent.107872


 System Launchd processes:

0      - 	com.vix.cron
0      - 	com.microsoft.office.licensing.helper
0      - 	org.postfix.master
0      - 	com.teamviewer.Helper
192      - 	org.cups.cupsd
0      - 	com.adobe.fpsaud
0      - 	com.oracle.java.Helper-Tool
0      0 	org.postfix.newaliases
190      - 	org.ntp.ntpd



 User Login Items:
 iTunesHelper
 AdobeResourceSynchronizer
 Google Drive
 Spotify
 ZoomOpener




 /Library/LaunchDaemons:

	com.adobe.fpsaud.plist
		--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
	
	com.microsoft.office.licensing.helper.plist
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
	
	com.oracle.java.Helper-Tool.plist
		--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
	
	com.teamviewer.Helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper
	
	com.teamviewer.teamviewer_service.plist
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service
		--> Program Arguments: -Module
		--> Program Arguments: Full
	
	PPPMonitord.plist
	



 /Library/LaunchAgents:

	com.oracle.java.Java-Updater.plist
		--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
		--> Program Arguments: -bgcheck
	
	com.teamviewer.teamviewer.plist
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer
		--> Program Arguments: -RunAsAgent
		--> Program Arguments: YES
	
	com.teamviewer.teamviewer_desktop.plist
		--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop
		--> Program Arguments: -RunAsAgent
		--> Program Arguments: YES
		--> Program Arguments: -Module
		--> Program Arguments: Full
	
	Swapper.plist
	



 ~/Library/LaunchAgents:

	com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist
		--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper
	
	com.google.keystone.agent.plist
		--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
		--> Program Arguments: -runMode
		--> Program Arguments: ifneeded
	
	com.google.keystone.xpcservice.plist
		--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
		--> Program Arguments: -runMode
		--> Program Arguments: xpchost
	
	com.spotify.webhelper.plist
		-> Program: /Users/[U501]/Library/Application Support/Spotify/SpotifyWebHelper
	

 User Crontab:

	No cron jobs



 /etc:

	aliases
	authorization.deprecated
	bashrc
	bashrc_Apple_Terminal
	efax.rc
	kcpassword
	moduli~previous
	php.ini.default-5.2-previous
	rc.common
	rc.netboot
	zprofile
	zshrc

 / $Root:

	.file
	.MobileBackups / .. children: 1
	.MobileBackups.trash / .. children: 1
	.svn / .. children: 6
	.Trashes / .. children: 0
	installer.failurerequests
	lost+found / .. children: 1
	Manuali utente e informazioni

 ~/ $Home:

	.android / .. children: 2
	.bash_history
	.bash_sessions / .. children: 6
	.CFUserTextEncoding
	.cups / .. children: 1
	.filezilla / .. children: 6
	.fontconfig / .. children: 3
	.InstallAnywhere / .. children: 0
	.oracle_jre_usage / .. children: 1
	.rnd
	.Trash / .. children: 0
	.Xauthority
	.zoomus / .. children: 0
	Applications / .. children: 2
	CALENDARIO LEZ-16-17 / .. children: 3
	Desktop / .. children: 72
	Di Napoli et al., 2016.pdf
	Documents / .. children: 202
	Downloads / .. children: 333
	Google Drive / .. children: 1
	Library / .. children: 58
	Movies / .. children: 2
	Music / .. children: 21
	Pictures / .. children: 109
	Public / .. children: 4



 ~/Library:

	Address Book Plug-Ins / .. children: 2
	com.apple.nsurlsessiond / .. children: 0
	Filters / .. children: 0
	Fonts Disabled / .. children: 0
	Frameworks / .. children: 1
	Google / .. children: 1
	Icons / .. children: 1
	InstallData / .. children: 2
	Mail Downloads / .. children: 46
	Widgets / .. children: 1



 ~/Library/Application Support:

	Adobe / .. children: 4
	Aperture / .. children: 0
	audacity / .. children: 7
	CEF / .. children: 1
	com.apple.QuickLook / .. children: 1
	com.sqwarq.DetectX-Swift / .. children: 4
	DVD Player / .. children: 1
	EasyFind / .. children: 0
	eSellerate / .. children: 1
	Firefox / .. children: 3
	GarageBand / .. children: 3
	Google / .. children: 4
	Google Earth / .. children: 4
	Hewlett-Packard / .. children: 1
	iLifePageLayout / .. children: 1
	iMovie / .. children: 2
	Java / .. children: 0
	JREInstaller / .. children: 1
	Mail / .. children: 1
	Microsoft / .. children: 2
	MindVision / .. children: 0
	MobileMeSyncClient / .. children: 0
	MobileSync / .. children: 1
	Mozilla / .. children: 1
	MPlayerX / .. children: 2
	NCH Software / .. children: 2
	Oracle / .. children: 1
	org.videolan.vlc / .. children: 1
	Preview / .. children: 0
	RealNetworks / .. children: 1
	Skype / .. children: 11
	Spotify / .. children: 5
	SyncServices / .. children: 1
	TeamViewer / .. children: 1
	Ubiquity / .. children: 4
	zoom.us / .. children: 2



 ~/Library/Safari/Extensions:

	Extensions.plist
	wrc.safariextz



 ~/Library/Internet Plug-Ins:

	RealPlayer Plugin.plugin
	ZoomUsPlugIn.plugin



 /Users/Shared:

	.com.hp.Installer.plist
	adi / .. children: 0
	Adobe / .. children: 0
	Hewlett-Packard / .. children: 1
	Library / .. children: 1
	SC Info / .. children: 0



 /Applications:

	Adobe Reader.app
	Android File Transfer.app
	Audacity.app
	Chiavetta Internet MT191UP.app
	Contratti di Locazione 9.5.4 / .. children: 13
	DetectX Swift.app
	djvulibre-3.5.22+djview-4.5-universal / .. children: 7
	EasyFind.app
	FileZilla.app
	Final Music Converter.app
	Firefox.app
	Google Chrome.app
	Google Drive.app
	Google Earth.app
	Hewlett-Packard / .. children: 8
	iPhoto.app
	MacTutorial Viewer.app
	Microsoft Messenger.app
	Microsoft Office 2011 / .. children: 10
	Microsoft Silverlight
	partita iva / .. children: 2
	RealPlayer.app
	Remote Desktop Connection.app
	Scratch 1.4 / .. children: 11
	Spotify.app
	Switch.app
	TeamViewer.app
	The Unarchiver.app
	Uninstall Chiavetta Internet MT191UP.app
	USB Display / .. children: 2
	VLC.app
	WinDjView-2.0.2-Setup (1) / .. children: 4



 /Library:

	.svn / .. children: 6
	Automator / .. children: 96
	Fonts Disabled / .. children: 16
	Google / .. children: 2
	Mozilla / .. children: 1
	Server / .. children: 1



 /Library/Application Support:

	Hewlett-Packard / .. children: 6
	Macromedia / .. children: 2
	Microsoft / .. children: 4
	Oracle / .. children: 1



 /Library/Extensions:

	EPSONUSBPrintClass.kext
	hp_io_enabler_compound.kext



 /Library/Internet Plug-Ins:

	AdobePDFViewer.plugin
	AdobePDFViewerNPAPI.plugin
	Default Browser.plugin
	DirectorShockwave.plugin
	Disabled Plug-Ins / .. children: 2
	JavaAppletPlugin.plugin
	Quartz Composer.webplugin
	SharePointBrowserPlugin.plugin
	SharePointWebKitPlugin.webplugin



 /Library/Managed Preferences:

	*-- Folder doesn't exist or is inaccessible --*



 /Library/PrivilegedHelperTools:

	com.microsoft.office.licensing.helper
	com.teamviewer.Helper



 /Library/ScriptingAdditions:

	



 /Library/StartupItems:

	



 /Library/Updates:

	041-88548 / .. children: 3
	041-88740 / .. children: 18
	041-88833 / .. children: 3
	041-89046 / .. children: 3
	041-89069 / .. children: 3
	041-89073 / .. children: 5
	041-90802 / .. children: 5
	index.plist
	PPDVersions.plist
	ProductMetadata.plist
	zzzz041-94863 / .. children: 7
Macbook Air 2020
i5 quad core 8 GB Ram
512 SSD

Avatar utente
Alberto.G
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: dom, 22 gen 2017 20:34
Messaggi: 1464

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da Alberto.G »

Risposta a paolinoweb-due-

Profile di Model Name: MacBook Air
Model Identifier: MacBookAir4,2

Anche per me portare a El Capitan 10.11.6.

Consigli su /Library/Updates:
ho verificato il mio Profile. In questa Libreria ho solo:
- ProductMetadata.plist
- index.plist
Sarà roba vecchia (chissà da quanto?) scaricata dal cliente.
Per me, da eliminare tutto (esclusi i due .plist che ho anch’io).
Non penso che l’eliminazione possa creare danni.

iMac (Retina 4K, 21.5-inch, Late 2015) Mod.16,2 - Processore 3,1 GHz Intel Core i5 (i5-5675R) CPU 4-core
Memoria 8 GB 1867 MHz DDR3 - Scheda grafica Intel Iris Pro Graphics 6200 1536 MB
sistema presente: macOS MONTEREY versione 12.1 (21C52) dal 14.12.2021 ore 14:34

Avatar utente
Jethro
Stato: Non connesso
Expert Retrogamer
Expert Retrogamer
Avatar utente
Iscritto il: sab, 04 lug 2009 22:26
Messaggi: 4261

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da Jethro »

paolinoweb-due- ha scritto:
sab, 23 ott 2021 14:31

Codice: Seleziona tutto

	Downloads / .. children: 333
Farei un po' di pulizia anche qui... fosse anche solo per liberare spazio.

Immagine MacBook Pro Retina 15" - macOS Mojave 10.14.6
i7 quad-core 2.6GHz, 16GB RAM, SSD 1TB, Iris Pro/GeForce GT 750M

Immagine MacBook Air 11" - macOS Mojave 10.14.6
i7 dual-core 1.7GHz, 8GB RAM, SSD 128GB, HD Graphics 5000

8) La mia piccola collezione di "giochini" :
https://www.flickr.com/photos/140997970@N07/albums

Avatar utente
Alberto.G
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: dom, 22 gen 2017 20:34
Messaggi: 1464

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da Alberto.G »

paolinoweb-due- ha scritto:
sab, 23 ott 2021 13:16
Per DetectX e MB tutto pulito ma :

mdm e
cacaoweb
in
~/Library/Application Support ti sembrano buoni?

cacaoweb era un software per vedere film o un sito un qualcosa tanti anni fa. toglierei... mdm non trovo nulla...sarà casuale anche questa da togliere?
Per MDM avrei trovato invece questi link
https://www.cybersecurity360.it/soluzio ... e-aziende/
anche Apple ne parla nel suo support.apple:
https://support.apple.com/it-it/guide/m ... f9e668/web

Ti riporto questo breve stralcio che chiarisce cosa è (MDM)
"Grazie ad un Mobile Device Management è possibile semplificare e migliorare la gestione dei device mobile in dotazione a dipendenti e collaboratori, con evidenti vantaggi per le aziende che usano lo smart working (e non solo). Ecco i pro e i contro di una soluzione MDM"

Per cacaoweb, se è un vecchio software, come dici, sono anch’io dell’idea di eliminarlo.

iMac (Retina 4K, 21.5-inch, Late 2015) Mod.16,2 - Processore 3,1 GHz Intel Core i5 (i5-5675R) CPU 4-core
Memoria 8 GB 1867 MHz DDR3 - Scheda grafica Intel Iris Pro Graphics 6200 1536 MB
sistema presente: macOS MONTEREY versione 12.1 (21C52) dal 14.12.2021 ore 14:34

Avatar utente
paolinoweb-due-
Stato: Non connesso
Expert
Expert
Avatar utente
Iscritto il: gio, 19 nov 2020 21:40
Messaggi: 1515
Località: Genova

Top

Oggetto del messaggio: Re: Avanti, senza vergogna, con DetectX/Profile

Messaggio da paolinoweb-due- »

Grazie ragazzi, non ho più ringraziato e risposto, ho fatto ferie dalla tecnologia da sabato sera ad oggi... mac e smartphone spenti. riposo assoluto :D
Non ho poi eliminato MDM, si cacaoweb, si download.

Cliente sentito oggi, mi dice che sul macbook pro che ho aggiornato a Mojave da 10.9 word 2011 gli dà qualche problemino. Gira rotella...
Sull'altro macbook air ho aggiornato a el capitan e 2011 ok
Gli ho fatto subito ricordare che non aggiornavo a Big Sur perchè il 2011 è a 32 bit ma Big Sur vuole solo app 64 bit
e che comunque non ero sicuro della massima compatibilità anche con Mojave anche se girano le app 32 bit.
Problema risolto mentre scrivevo queste righe. E' un professore - ha diritto a 365 Education gratuitamente dall'istituto dove insegna - forse è solo online.. mmm...
non credo sarà problema. sennò openoffice o similari
Macbook Air 2020
i5 quad core 8 GB Ram
512 SSD