Moderatore: ModiMaccanici
Codice: Seleziona tutto
Timestamp (4): dom feb 23 11:35:39 2020
DetectX Swift v1.093
macOS: Version 10.13.6 (Build 17G11023)
File System: hfs
Temp: The thermal state is within normal limits.
Boot time: Sun Feb 23 10:32:47 2020
Uptime: 1:03, 1 user
Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.
Internet: Reachable
Hardware Overview:
Model Name: MacBook Pro
Model Identifier: MacBookPro9,2
Processor Name: Intel Core i5
Processor Speed: 2,5 GHz
Number of Processors: 1
Total Number of Cores: 2
L2 Cache (per Core): 256 KB
L3 Cache: 3 MB
Memory: 4 GB
Boot ROM Version: 230.0.0.0.0
SMC Version (system): 2.2f44
Sudden Motion Sensor:
State: Enabled
Sharing Preferences:
File Sharing: On
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off
3rd Party Kexts (loaded):
$PATH:
PATH=/usr/bin:/bin:/usr/sbin:/sbin
/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin
/etc/paths.d/:
/opt/X11/bin
~/.bash_profile:
~/.bashrc:
~/.bash_login:
~/.profile:
~/.bash_logout:
User Launchd processes:
PID Status Label
- 0 com.google.keystone.user.xpcservice
- 0 com.LeadingSignSearch
- 0 com.cisco.videoguard10
- 0 com.cisco.videoguard10.uninstall
- 78 com.malwarebytes.mbam.frontend.agent
351 0 com.cisco.videoguardmonitor
554 0 com.google.Chrome.7380
- 0 com.openssh.ssh-agent
- 0 org.macosforge.xquartz.startx
552 0 com.movavi.photoeditorappstore.5656
388 0 com.spotify.webhelper
- 0 com.google.keystone.user.agent
System Launchd processes:
(dp) 78 com.malwarebytes.mbam.rtprotection.daemon
219 - com.vix.cron
0 - org.macosforge.xquartz.privileged_startx
0 - com.microsoft.office.licensing.helper
0 1 org.postfix.master
0 0 com.LeadingSignSearchDaemon
0 - org.cups.cupsd
0 - com.adobe.fpsaud
0 - com.malwarebytes.mbam.settings.daemon
0 0 com.TabHelperDaemon.app
User Login Items:
/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app
/Applications/Mac Cleanup Pro.app
/System/Library/CoreServices/System Events.app
/Applications/Skype for Business.app
/Library/LaunchDaemons:
com.adobe.fpsaud.plist
--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
com.apple.installer.osmessagetracing.plist
--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer
com.LeadingSignSearchDaemon.plist
--> Program Arguments: /Library/Application Support/com.LeadingSignSearchDaemon/LeadingSignSearch
--> Program Arguments: r
com.malwarebytes.mbam.rtprotection.daemon.plist
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
--> Program Arguments: -i
--> Program Arguments: Malwarebytes-Mac-3.6.20.2054.pkg
com.malwarebytes.mbam.settings.daemon.plist
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
com.microsoft.office.licensing.helper.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
com.TabHelperDaemon.plist
-> Program: /Library/TabHelperDaemon/TabHelperDaemon.app/Contents/MacOS/TabHelperDaemon
org.macosforge.xquartz.privileged_startx.plist
--> Program Arguments: /opt/X11/libexec/privileged_startx
--> Program Arguments: -d
--> Program Arguments: /opt/X11/lib/X11/xinit/privileged_startx.d
/Library/LaunchAgents:
com.malwarebytes.mbam.frontend.agent.plist
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
org.macosforge.xquartz.startx.plist
--> Program Arguments: /opt/X11/libexec/launchd_startx
--> Program Arguments: /opt/X11/bin/startx
--> Program Arguments: --
--> Program Arguments: /opt/X11/bin/Xquartz
~/Library/LaunchAgents:
com.cisco.videoguard10.plist
--> Program Arguments: sh
--> Program Arguments: -c
--> Program Arguments: $HOME/Library/Cisco/VideoGuardPlayer/VideoGuard10/VideoGuard10.bundle/Contents/Resources/setupServer.sh
com.cisco.videoguard10.uninstall.plist
--> Program Arguments: sh
--> Program Arguments: /Users/Enrica/.cisco/VideoGuard/uninstall/cisco_videoguard10/condUninstall.sh
com.cisco.videoguardmonitor.plist
--> Program Arguments: sh
--> Program Arguments: -c
--> Program Arguments: $HOME/Library/Cisco/VideoGuardPlayer/VideoGuardMonitor/VideoGuardMonitor.bundle/Contents/Resources/launch.sh
com.google.keystone.agent.plist
--> Program Arguments: /Users/Enrica/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded
com.google.keystone.xpcservice.plist
--> Program Arguments: /Users/Enrica/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost
com.LeadingSignSearch.plist
--> Program Arguments: /Users/Enrica/Library/Application Support/com.LeadingSignSearch/LeadingSignSearch
--> Program Arguments: r
com.spotify.webhelper.plist
-> Program: /Users/Enrica/Library/Application Support/Spotify/SpotifyWebHelper
User Crontab:
18 * * * * /Users/Enrica/Library/monosiphonic.ew/monosiphonic.ew cr
2 */2 * * * /Users/Enrica/Library/Application\ Support/3949A88A-36C5-4A6A-89EA-E16E07CFC45B/3545D771-6F58-41FB-85EE-6BDF34996510 h >/dev/null 2>&1
/etc:
aliases
bashrc
bashrc_Apple_Terminal
efax.rc~previous
moduli~previous
php.ini.default-previous~orig
rc.common
rc.netboot
zprofile
zshrc
/ $Root:
.file
.hotfiles.btree
.OSInstallerMessages
.Trashes / .. children: 0
installer.failurerequests
opt / .. children: 1
vm / .. children: 1
~/ $Home:
.android / .. children: 2
.bash_history
.bash_sessions / .. children: 1
.cache / .. children: 1
.CFUserTextEncoding
.cisco / .. children: 1
.config / .. children: 1
.cups / .. children: 1
.local / .. children: 1
.Trash / .. children: 0
.wine / .. children: 6
Applications / .. children: 3
Desktop / .. children: 7
Documents / .. children: 13
Downloads / .. children: 7
Library / .. children: 73
Movies / .. children: 1
Music / .. children: 2
Pictures / .. children: 6
Public / .. children: 2
~/Library:
.pper
ApplicationSavedData / .. children: 4
ApplicationSupport / .. children: 1
ApplicationTh / .. children: 0
Cisco / .. children: 1
Family / .. children: 1
Google / .. children: 2
instance
Receipts / .. children: 6
Saved Searches / .. children: 1
SavedDataFiles / .. children: 2
TabHelper / .. children: 1
talky.ah / .. children: 1
utilityData / .. children: 0
~/Library/Application Support:
3949A88A-36C5-4A6A-89EA-E16E07CFC45B / .. children: 1
Adobe / .. children: 0
com.apple.touristd / .. children: 29
com.LeadingSignSearch / .. children: 1
com.malwarebytes.mbam.frontend.agent / .. children: 1
com.malwarebytes.mbam.frontend.application / .. children: 1
com.movavi.photoeditor5 / .. children: 1
com.sqwarq.DetectX / .. children: 2
com.sqwarq.DetectX-Swift / .. children: 4
com.yourcompany.yourapp_153669244115155 / .. children: 7
DetectX Swift / .. children: 3
DiskImages / .. children: 1
eMuleTorrentgeoip / .. children: 1
EtreCheck / .. children: 1
Facebook / .. children: 1
Google / .. children: 2
Microsoft / .. children: 1
MobileSync / .. children: 2
Movavi / .. children: 1
org.videolan.vlc / .. children: 1
Preview / .. children: 0
Spotify / .. children: 5
SyncServices / .. children: 1
WineBottler / .. children: 2
~/Library/Safari/Extensions:
*-- Folder doesn't exist or is inaccessible --*
~/Library/Internet Plug-Ins:
/Users/Shared:
a_0216C41E-22E0-410B-BF4C-8C223AC27843-594-000000AE19130F5D
a_0CA1FB5B-8497-45B4-AAFD-6C2096621783-952-000000828EF274AC
a_10754B67-807F-49F1-A1A6-B678104D5C4D-440-0000005972E7716C
a_17D21361-7E33-46B2-A145-FF171FE1ED59-97108-0000B38129042F31
a_1CEC5380-74BC-4984-AC4D-D769F946A030-27911-00000C297DE4474A
a_31C36ED3-2178-412F-8542-DA47F7AF2CB0-417-00000058A5A77569
a_392EC896-6C94-4628-BC71-6A9BF2855D1D-1985-00000069576CB7AA
a_3B26FCF0-5392-44FC-9022-DA1E235B2764-70663-000101E0FA1C8271
a_41F93EFB-C0FD-4B3C-A66D-BF4E6275858B-12380-000005869A7EB2FF
a_5A58DED0-145C-425D-8E41-D6CF80780107-7447-000005CD4953D57C
a_6959BD7D-C58C-49B6-BA73-138822D75626-7373-00000288EAB07C64
a_6A73346F-5E5C-4907-A86F-76B73B4E7625-983-000000576595F868
a_6ADA41F8-E191-499C-B325-548C86B95C9C-38664-00001D0898F211B4
a_70781E95-0CBB-470D-9A4B-FC7EF528E34F-1011-0000006137E99477
a_77990E3E-B3CD-4C56-A2F5-477471E52664-928-000000558618BD2A
a_8FA4F2F2-E520-4A3F-A646-71E791589122-2552-0000005782B5837A
a_953DD788-46AA-4047-BCE6-A4676148E24E-96270-0000228F477181B8
a_968FFABA-F63A-4007-A2F5-F40427E0ECEA-67996-00001EFD65EFB7DD
a_A947F157-A869-4A16-BC06-E7C7DD36440C-1048-0000007429DC6DAB
a_B2CC2575-D501-41EF-8690-C990DE6494AD-2567-00002E34F6471084
a_B95F5424-7486-499C-955F-6E1FE01955E2-698-0000005627C0C0DC
a_BAE91701-B6B2-4C7D-B899-29B275A90259-1794-000001281D0D37E9
a_CBC2CF27-B373-45A0-B4D2-775D34B1AD0C-448-00000065D5939714
a_CD89C9F5-D9D9-4164-B6FF-B0A9427558F2-447-00000059976B9839
a_D0C89B55-82AD-4358-BBFC-462B3B2E479F-712-000000647E701844
a_E281E5FA-F05A-4398-B825-04ECCCFE4FF2-89516-000027B22D7B2D5B
a_F2E8CF5B-4223-4A29-AF06-F6548CB064BB-33349-00003C9EBF58D48E
a_FCB8C8D9-95B6-479D-AC20-E3CA02F78A3B-867-00000066EE703188
adi / .. children: 1
SC Info / .. children: 0
sf.plist
/Applications:
AppCleaner.app
DetectX Swift.app
Google Chrome.app
iWork '09 / .. children: 3
Microsoft Office 2011 / .. children: 9
Photo Editor Movavi.app
Spotify.app
uTorrent.app
VLC.app
Wine Devel.app
/Library:
.B92c0853ecfc
.Dc3r
ApplicationTh / .. children: 2
Automator / .. children: 95
Fonts Disabled / .. children: 16
Managed Preferences / .. children: 1
TabHelperDaemon / .. children: 1
UpdateMac / .. children: 0
/Library/Application Support:
Adobe / .. children: 1
com.LeadingSignSearchDaemon / .. children: 1
iWork '09 / .. children: 2
Macromedia / .. children: 1
Malwarebytes / .. children: 1
Microsoft / .. children: 2
ResearchSoft / .. children: 1
Samsung / .. children: 1
/Library/Extensions:
/Library/Internet Plug-Ins:
Disabled Plug-Ins / .. children: 2
Flash Player.plugin
flashplayer.xpt
SharePointBrowserPlugin.plugin
SharePointWebKitPlugin.webplugin
/Library/Managed Preferences:
Enrica / .. children: 2
/Library/PrivilegedHelperTools:
com.microsoft.office.licensing.helper
/Library/ScriptingAdditions:
/Library/StartupItems:
/Library/Updates:
061-79887 / .. children: 3
index.plist
PPDVersions.plist
ProductMetadata.plist
Top Processes:
%CPU PID COMMAND
12.3 1033 mdworker
12.2 1034 mdworker
6.8 170 WindowServer
5.6 795 DetectX Swift
4.9 0 kernel_task
2.5 234 mds_stores
0.4 294 trustd
0.4 445 trustd
0.3 81 mds
0.3 116 hidd
Codice: Seleziona tutto
crontab -l
Codice: Seleziona tutto
Crontab -r
Codice: Seleziona tutto
sudo rm -r /.Trash*
Grazie Mille mi è stato UTILISSIMO.faxus ha scritto: ↑mar, 18 feb 2020 13:34Scarica ed esegui DetectX
https://sqwarq.com/detectx/
Vedi se ti segnala qualcosa ed eventualmente riporta il contenuto, per favore come codice (</>)
Dopo cancella quello che c'è, con l'applicazione
Anche questo consiglio è stato preziosissimo!mauripucci ha scritto: ↑sab, 22 feb 2020 14:42Noto che non è stato seguito il consiglio di Faxus (che dovresti eseguire)...
Detto questo -e considerato che non hai fornito alcuna indicazione- se il problema fosse "SMART SEARCH"
questa dovrebbe essere la soluzione, apri terminale, copia e incolla una ad una le seguenti righe (dando ogni volta invio):
defaults write com.google.Chrome HomepageIsNewTabPage -bool false
defaults write com.google.Chrome NewTabPageLocation -string "https://www.google.com/"
defaults write com.google.Chrome HomepageLocation -string "https://www.google.com/"
defaults delete com.google.Chrome DefaultSearchProviderSearchURL
defaults delete com.google.Chrome DefaultSearchProviderNewTabURL
defaults delete com.google.Chrome DefaultSearchProviderName
Riavvia il Mac e... Chrome dovrebbe essere "disinfettato";
Riprendo questo messaggio di faxus ancora di data 23 feb 2020 14:34, che mi ha molto colpito, perché contiene una lunghissima serie di istruzioni per eliminare tutto il malware presente… e non solo.faxus ha scritto: ↑dom, 23 feb 2020 14:34Il tuo problema è generato dall’installazione di Mac Cleanup Pro.
È un software ingannevole e fraudolento, un malware che installi dando privilegi di amministrazione.
....
Fai tutto con calma ed estrema cura, fino a che non sei sicura di aver eseguito tutto.
Se non esegui meticolosamente, rischi di ricominciare daccapo.
Quindi riavvia e verifica che tutto vada bene
Visitano il forum: Nessuno e 0 ospiti