Avanti, senza vergogna, con DetectX/Profile

[faxus]

@ Visualdrome

Puoi anche cancellare i file incriminati da Recovery.
Ma non c'è bisogno di disabilitare il SIP.

Ma devi saperlo fare.

Altrimenti fai come detto.
Disabilita il SIP in Recovery e riavvia dall'utente.
Cancella
Riavvia da Recovery e riabilita il SIP

[visualdrome]

Cancellazione dei files "cisco" eseguita.
Per ora sembra tutto ok: non si riavvia più.

Una curiosità: nella risposta data all'altro utente "BlackDerfel" hai detto di eliminare EtreCheck definendolo, assieme ad altri, "software inutili, inadeguati, pericolosi, inservibili o semplicemente fuffa": come mai? Ricordo che anche qui sul forum lo avevate consigliato come software di controllo; non è più affidabile?

[faxus]

Cancellazione dei files "cisco" eseguita.
Per ora sembra tutto ok: non si riavvia più...

Ottimo

... hai detto di eliminare EtreCheck definendolo, assieme ad altri, "software inutili, inadeguati, pericolosi, inservibili o semplicemente fuffa": come mai? Ricordo che anche qui sul forum lo avevate consigliato come software di controllo; non è più affidabile?

È poco utile e fuffa.

Lo consigliavamo fino a tre anni fa, quando era un buon software.
Fino alla versione 3.7.

Abbiamo spiegato più volte i motivi

[visualdrome]

Abbiamo spiegato più volte i motivi

Azz, il mio sesto senso mi diceva che stavo per fare una domanda di troppo: avrei dovuto prima informarmi...
Grazie, come sempre, di tutto!

[BlackDerfel]

Buongiorno Fabio!
Grazie per la risposta, pensavo di aver letto bene le indicazioni ma ho toppato!
Ho disinstallato tutta la lista.
Pensa che di SetApp ho fatto anche l'abbonamento mensile perchè mi sembrava vantaggioso per alcuni software...

Non c'è stato un vero e proprio inizio con i problemi, il Mac ha cominciato a rallentare un mesto fa, per ogni comando dato impiega sempre troppo tempo..

*Allego lo screenshot della finestra Search
*Il contenuto di System/Library/CacheDelete/ dove lo trovo?

*iStat Menu l'ho reinstallato e disinstallato sempre tramite SetApp (faceva parte del pacchetto...)
*non sapevo nemmeno di aver disabilitato Spotlight, ho risolto grazie ad un tuo comando via terminale.

[BlackDerfel]

Ecco! Riposto il resoconto.
Fabio




Timestamp (11): Sat Jul 18 12:27:22 2020
DetectX Swift v1.096

macOS: Version 10.15.6 (Build 19G73)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Fri Jul 17 20:36:11 2020
Uptime: 15:51, 1 user

Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.

Internet: Reachable


Hardware Overview:

Model Name: iMac
Model Identifier: iMac16,2
Processor Name: Quad-Core Intel Core i5
Processor Speed: 2,8 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 4 MB
Memory: 8 GB
Boot ROM Version: 236.0.0.0.0
SMC Version (system): 2.32f21



Sharing Preferences:

File Sharing: On
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off


3rd Party Kexts (loaded):

com.disc-soft.DAEMONTools.VirtualSCSIBus


$PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin

/etc/paths.d/:

~/.bash_profile:

~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


User Launchd processes:

PID Status Label
- 0 uk.co.serialangels.loginHelper
2227 0 com.sqwarq.DetectX-Swift.9108
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
1523 0 net.freemacsoft.AppCleaner.8096
515 0 com.getdropbox.dropbox.7792
630 0 uk.co.serialangels.AppKiller.7848


System Launchd processes:

0 - com.vix.cron
176 - com.disc-soft.DAEMONTools.DAEMONToolsService
0 - com.microsoft.teams.TeamsUpdaterDaemon
184 - com.mice.360Daemon
0 0 com.microsoft.autoupdate.helper
0 - com.disc-soft.DAEMONTools.PrivilegedHelper
0 0 org.cups.cupsd



User Login Items:

/Applications/Dropbox.app
/Applications/AppKiller.app
/Applications/AppKiller.app/Contents/Library/LoginItems/loginHelper.app



/Library/LaunchDaemons:

com.microsoft.teams.TeamsUpdaterDaemon.plist

com.disc-soft.DAEMONTools.DAEMONToolsService.plist
-> Program: /Library/Application Support/DAEMONTools/DAEMONToolsService.app/Contents/MacOS/DAEMONToolsService

com.disc-soft.DAEMONTools.PrivilegedHelper.plist
-> Program: /Library/PrivilegedHelperTools/com.disc-soft.DAEMONTools.PrivilegedHelper
--> Program Arguments: /Library/PrivilegedHelperTools/com.disc-soft.DAEMONTools.PrivilegedHelper

com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper

com.mice.360Daemon.plist
--> Program Arguments: /Library/Application Support/MICE/360Daemon.app/Contents/MacOS/360Daemon




/Library/LaunchAgents:

com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: -checkForUpdates




~/Library/LaunchAgents:

com.google.keystone.xpcservice.plist
--> Program Arguments: /Users/Fabio/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost

com.google.keystone.agent.plist
--> Program Arguments: /Users/Fabio/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded

com.valvesoftware.steamclean.plist
-> Program: /Users/Fabio/Library/Application Support/Steam/SteamApps/steamclean
--> Program Arguments: /Users/Fabio/Library/Application Support/Steam/SteamApps/steamclean
--> Program Arguments: Public


User Crontab:

No cron jobs



/etc:

rc.common
bashrc_Apple_Terminal
zshrc_Apple_Terminal
bashrc
zshrc
rc.netboot
efax.rc~previous
php.ini.default-previous~orig
aliases
zprofile

/ $Root:

.file
.VolumeIcon.icns
opt / .. children: 0

~/ $Home:

.config / .. children: 2
Music / .. children: 263
.SMVolumes / .. children: 0
.511011.padl
iCloud Drive (Archivio) - 1 / .. children: 6
.CFUserTextEncoding
bin / .. children: 1
iCloud Drive (Archivio) / .. children: 7
OneDrive / .. children: 49
.local / .. children: 1
Pictures / .. children: 145
Samsung / .. children: 2
W61F8EB6F0E55F06B5
.zsh_history
Desktop / .. children: 3
Library / .. children: 97
(null)
Parallels / .. children: 2
.android / .. children: 3
.cups / .. children: 1
.bash_sessions / .. children: 44
Public / .. children: 4
.dropbox / .. children: 12
.cisco / .. children: 1
iCloud Drive (Archivio) - 2 / .. children: 6
iCloud Drive (Archivio) - 3 / .. children: 7
Movies / .. children: 7
Applications / .. children: 7
Dropbox / .. children: 28
.Trash / .. children: 270
Documents / .. children: 63
.hushlogin
.mono / .. children: 1
.dvdcss / .. children: 2
Downloads / .. children: 614
.bash_history



~/Library:

Receipts / .. children: 8
SafariTechnologyPreview / .. children: 12
Saved Searches / .. children: 3
studentd / .. children: 3
PDF Services / .. children: 0
HomeKit / .. children: 10
DES / .. children: 2
QuickLook / .. children: 1
UIKitSystem / .. children: 1
QuickTime / .. children: 2
Google / .. children: 2
Safari Shared Data / .. children: 1
Family / .. children: 1
Cisco / .. children: 1
com.apple.icloud.searchpartyd / .. children: 4
Parallels / .. children: 1
Personas / .. children: 3
LaunchAgents (Disabled) / .. children: 1
FrontBoard / .. children: 3
News / .. children: 3
MediaStream / .. children: 7
Icons / .. children: 3
instance
Dropbox / .. children: 1
com.amplitude.plist
Fonts Disabled / .. children: 0
ApplicationaContents / .. children: 2
Frameworks / .. children: 2
PersonalizationPortrait / .. children: 5
VoiceTrigger / .. children: 1
Reminders / .. children: 2
com.amplitude.database



~/Library/Application Support:

.gdmID
BackupTrans / .. children: 1
Wondershare TunesGocom.vodafone.messaging_ic_launcher_callplus_messageplus.png
com.apple.sbd / .. children: 1
com.apple.replayd / .. children: 0
SyncServices / .. children: 1
com.nevercenter.camerabagcinema / .. children: 2
com.apple.kvs / .. children: 1
SyncMate / .. children: 1
Wondershare TunesGocom.facebook.katana_icon_katana.png
Mozilla / .. children: 1
com.apple.transparencyd / .. children: 5
AirDroid / .. children: 4
com.apple.touristd / .. children: 18
DiskImages / .. children: 1
Microsoft AU Daemon / .. children: 2
Wondershare TunesGocom.avira.optimizer_ic_launcher.png
Steam / .. children: 11
Wondershare TunesGocom.instagram.layout_app_icon.png
CoreParsec / .. children: 0
Wondershare TunesGoco.squidapp.squid_ic_launcher_squid.png
HP / .. children: 1
Wondershare TunesGocom.hungrybolo.remotemouseandroid_remote_mouse.png
Nikon / .. children: 2
OneDriveStandaloneUpdater / .. children: 1
Wondershare TunesGoair.lovby_ic_launcher.png
com.apple.akd / .. children: 1
PhantomVPN / .. children: 1
com.iMobie.SilentCleanServer / .. children: 1
Wondershare TunesGocom.niksoftware.snapseed_quantum_logo_snapseed_launcher_color_48.png
MobileSync / .. children: 1
Wondershare TunesGocom.apalon.relaxing.sounds.sleep.timer_ic_launcher.png
Wondershare TunesGocom.vodafone.backupplus_ic_launcher_backupplus.png
Wondershare TunesGoit.vodafone.wallet.mobileticketing_ic_launcher.png
Sports Interactive / .. children: 5
OneDrive / .. children: 5
Wondershare TunesGocom.microsoft.office.word_word.png
Wondershare TunesGotwoxteam.tagomatic_ic_launcher.png
Google / .. children: 4
Microsoft / .. children: 3
Spotify / .. children: 4
Wondershare TunesGocom.netflix.mediaclient_icon.png
com.microsoft.teams / .. children: 1
MacUpdate / .. children: 2
Wondershare TunesGocom.neuralprisma_ic_launcher.png
Wondershare TunesGoit.payback.client.android_ic_launcher.png
URBrowser / .. children: 26
OneDriveUpdater / .. children: 1
Wondershare TunesGoit.esselunga.mobile_app_icon.png
Wondershare TunesGoit.rcs.gazzettadigitaledition_ic_launcher.png
dmd / .. children: 0
de.iplabs.pgx.photosi.op31000784.osx / .. children: 4
AppKiller / .. children: 2
Wondershare TunesGoit.soluzione1.tplmobile_ic_launcher.png
Wondershare TunesGoit.mediaset.infinitytv_ic_launcher.png
Wondershare TunesGocom.truecaller_ic_launcher.png
silverlightOnChrome / .. children: 4
Wondershare TunesGoit.bnl.apps.enterprise.hellobankyoupass_ic_launcher.png
Wondershare TunesGoit.lispa.siss.app.mobile.salutile.ps_icon.png
Wondershare TunesGocom.avira.android_ic_launcher.png
Agent / .. children: 0
com.microsoft.OneDriveStandaloneUpdater / .. children: 1
Nokia / .. children: 1
CEF / .. children: 1
JetBrains / .. children: 0
Wondershare TunesGoit.eone.skinucicard_icon.png
com.apple.AssistiveControl / .. children: 2
com.imobie.AnyTrans-for-Android-setapp / .. children: 2
com.microsoft.OneDrive / .. children: 1
VLC / .. children: 1
Airflow / .. children: 6
TrustedPeersHelper / .. children: 0
Wondershare TunesGocom.instagram.android_icon.png
EtreCheck / .. children: 1
Adobe / .. children: 3
VLCStreamer / .. children: 1
org.videolan.vlc / .. children: 1
Wondershare TunesGocom.foodracers.app_icon.png
Wondershare TunesGoit.bnl.apps.enterprise.hellobank_ic_launcher.png
Wondershare TunesGocom.real.RealPlayerCloud_ic_launcher.png
Wondershare TunesGocom.quoord.tapatalkpro.activity_appicon.png
Wondershare TunesGocom.whatsapp_icon.png
Wondershare TunesGocom.microsoft.office.excel_ic_excel.png
Wondershare TunesGoit.creaweb.ucicinemas_ic_launcher.png
Wondershare TunesGocom.amazon.mShop.android.shopping_app_icon.png
com.sqwarq.DetectX-Swift / .. children: 4
Wondershare TunesGocom.facebook.orca_launcher_icon.png
Wondershare TunesGocom.google.android.talk_product_logo_hangouts_launcher_color_48.png
System Preferences / .. children: 0
Shimo-Setapp / .. children: 1
com.apple.ContextStoreAgent / .. children: 1
FileProvider / .. children: 2
MacPhun Software / .. children: 3
Wondershare TunesGocom.vodafone.mwallet_ic_launcher.png
WAF / .. children: 4
Dropbox / .. children: 4
NOW TV Player / .. children: 5
com.apple.AMPLibraryAgent / .. children: 3
Wondershare TunesGocom.ripl.android_ic_launcher.png
Wondershare TunesGoit.sky.nowtv_ic_launcher.png
Preview / .. children: 0
com.imobie.PhoneClean / .. children: 2
Wondershare TunesGocom.spotify.music_icon.png
Wondershare TunesGocom.microsoft.office.outlook_ic_launcher.png
Wondershare TunesGoorg.mopria.printplugin_mopria_ic_launcher.png
Wondershare TunesGocom.everimaging.photoeffectstudio_fotor_icon.png
wondershare / .. children: 3
Wondershare TunesGocom.microsoft.skydrive_icon.png
Skype / .. children: 1
Wondershare TunesGocom.sand.airdroid_ad_app_icon.png
SyncMate5 / .. children: 9
Wondershare TunesGoit.lispa.siss.gp.salutile_icon.png
com.apple.siri.inference / .. children: 1
Wondershare TunesGoit.lispa.siss.app.mobile.salutile.referti_icon.png
Microsoft Update Assistant / .. children: 2
Wondershare TunesGocom.ttxapps.onesyncv2_ic_launcher.png
com.microsoft.OneDriveUpdater / .. children: 1
Wondershare TunesGocom.joelapenna.foursquared_ic_launcher.png
transparencyd / .. children: 0
ThinkTimeCreations / .. children: 0
Helper / .. children: 1
Wondershare TunesGoit.froggy.android.radio105_ic_launcher.png
Microsoft AutoUpdate / .. children: 3
Wondershare TunesGocom.teammt.gmanrainy.huaweifirmwarefinder_ic_launcher.png
org.openemu.OEXPCCAgent.Agents / .. children: 0
Wondershare TunesGocom.musement.android_ic_launcher.png
TorBrowser-Data / .. children: 3
syncdefaultsd / .. children: 0
Google Earth / .. children: 3
WhatsApp / .. children: 37
Nik Software / .. children: 1
com.apple.accounts.dom / .. children: 0
Eltima Software / .. children: 1
Caches / .. children: 1



~/Library/Safari/Extensions:

*-- Could not read Folder --*



~/Library/Internet Plug-Ins:





/Users/Shared:

Previously Relocated Items 8 / .. children: 3
Previously Relocated Items 1 / .. children: 3
Previously Relocated Items 6 / .. children: 3
adi / .. children: 4
Previously Relocated Items 7 / .. children: 3
SC Info / .. children: 2
App_F18BC462-A212-4381-81C1-6C83BB129697-8475-00000C2699CDE599.tar.gz
Sports Interactive / .. children: 2
Parallels / .. children: 1
Relocated Items / .. children: 3
Previously Relocated Items 5 / .. children: 3
Previously Relocated Items 2 / .. children: 3
Previously Relocated Items 3 / .. children: 3
Previously Relocated Items 4 / .. children: 3
sf.plist
wondershare.plist
Catch! / .. children: 0
Previously Relocated Items / .. children: 4
.wondershare_Fabio.dat
a_12E52331-481E-475E-9005-03581E6C721E-8475-00000C265771E99A
Paragon Software / .. children: 1



/Applications:

App 32bit / .. children: 3
Tor Browser.app
VLC.app
FotoJet Collage Maker.app
AirDroid.app
Gemini.app
Filters for Photos.app
Steam.app
Airflow.app
Google Chrome.app
AndroidTransfer.app
VLCStreamer.app
Dropbox.app
Android File Transfer.app
AppKiller copia.app
OnyX.app
OneDrive.app
DAEMON Tools.app
Spotify.app
Maintenance.app
DetectX Swift.app
Microsoft Word.app
Joystick Doctor.app
NOW TV.app
Fishdom.app
Microsoft Excel.app
Nokia Photo Transfer.app
Microsoft Silverlight
Football Manager 2014.app
WhatsApp.app
Microsoft Outlook.app
Nik Collection / .. children: 9
Setapp / .. children: 3
Microsoft To Do.app
Nikon Software / .. children: 4
The Unarchiver.app
PhotoSi - MyComposer.app
Microsoft OneNote.app
SyncMate.app
Skype.app
AppCleaner.app
Encrypto.app
LEGO® MARVEL's Avengers.app
Snapseed.app
Fotor Photo Editor.app
Microsoft PowerPoint.app
Unarchiver.app
AppKiller.app
Microsoft Teams.app



/Library:

Apple / .. children: 3
DropboxHelperTools / .. children: 2
OSAnalytics / .. children: 2
StagedDriverExtensions / .. children: 0
Google / .. children: 1
InstallerSandboxes / .. children: 2
DriverExtensions / .. children: 0
HostUUID
Automator / .. children: 95
User Template / .. children: 41
Fonts Disabled / .. children: 16
SystemExtensions / .. children: 1



/Library/Application Support:

54F3DE4E-B7BA-4EBD-8B3B-385D272CC583 / .. children: 19
DAEMONTools / .. children: 2
Nikon / .. children: 4
PhantomVPN / .. children: 5
Macromedia / .. children: 1
Mica / .. children: 1
Microsoft / .. children: 2
com.apple.icloud.searchpartyd / .. children: 3
Adobe / .. children: 1
Aperture / .. children: 1
MacPhun Software / .. children: 7
MICE / .. children: 1
Paragon Software / .. children: 1



/Library/Extensions:

ufsd_NTFS.kext
360Controller.kext
AppleMobileDevice.kext
Wireless360Controller.kext
WirelessGamingReceiver.kext
hp_io_enabler_compound.kext
ssuddrv.kext
WirelessOneController.kext



/Library/Internet Plug-Ins:

SharePointBrowserPlugin.plugin
Silverlight.plugin
flashplayer.xpt
SharePointWebKitPlugin.webplugin



/Library/Managed Preferences:

*-- Folder doesn't exist or is inaccessible --*



/Library/PrivilegedHelperTools:

com.disc-soft.DAEMONTools.PrivilegedHelper
uk.co.serialangels.AppKillerHelper
com.microsoft.autoupdate.helper



/Library/ScriptingAdditions:





/Library/StartupItems:





/Library/Updates:

ProductMetadata.plist
PPDVersions.plist
index.plist



Top Processes:

%CPU PID COMMAND
2.7 327 WindowServer
2.2 0 kernel_task
0.7 222 hidd
0.2 221 bluetoothd
0.2 1515 com.apple.WebKit
0.1 560 com.apple.geod
0.1 191 mds

[faxus]

... Il contenuto di System/Library/CacheDelete/ dove lo trovo? ...

È un percorso.

Dice che sta nella cartella Sistema, alla radice del disco.
Nella libreria.

Postane il contenuto.

Dopo vediamo il resoconto.
C'è del malware

[BlackDerfel]

Ho trovato il percorso!
Ecco lo screenshot!

[faxus]

Sarebbe stato meglio postare come testo, le leggo a malapena...

Comunque sono regolari.
Evidentemente il problema Istat Menus lo hai risolto.

Un po' di pazienza per la pulizia dei file critici e il malware.
Ci vuole tempo, entro domani, spero

[BlackDerfel]

Grazie mille!

[BlackDerfel]

Sarebbe stato meglio postare come testo, le leggo a malapena...

com.apple.AssetCache.builtin.CacheDelete.plist
com.apple.bird.CacheDelete.plist
com.apple.cloudd.CacheDelete.plist
com.apple.commerce.cachedelete.plist
com.apple.coresymbolicationd.CacheDelete.plist
com.apple.DeletedHelper.plist
com.apple.desktoppicture.CacheDelete.plist
com.apple.FileProvider.CacheDelete.plist
com.apple.imagent.CacheDelete.plist
com.apple.installd.CacheDelete.plist
com.apple.logd.cachedelete.plist
com.apple.metadata.mds.cachedelete.plist
com.apple.MobileAsset.plist
com.apple.nsurlsessiond.cachedelete.plist
com.apple.osanalytics.user.cachedelete.plist
com.apple.photolibraryd.CacheDelete.plist
com.apple.quicklook.ThumbnailsAgent.CacheDelete.plist
com.apple.replayd.CacheDelete.plist
com.apple.ReportMemoryException.CacheDelete.plist
com.apple.revisiond.CacheDelete.plist
com.apple.symptomsd-diag.CacheDelete.plist
com.apple.sysdiagnose.CacheDelete.plist
com.apple.system_installd.CacheDelete.plist
com.apple.TMCacheDeleteService.plist

Fatto!

[faxus]

Annoto questo.
(preferisco asciare qualcosa in più che meno)

Da cancellare (o da indagare, se indicato)

~/ $Home:
W61F8EB6F0E55F06B5 - sembra sospetto
.hushlogin - è una pratica antichissima con poco senso
Samsung - ti Serve Samsung Kies?

~/Library/Application Support:
.gdmID - cosè?
Wondershare TunesGocom.vodafone.messaging_ic_launcher_callplus_messageplus.png
Wondershare TunesGocom.facebook.katana_icon_katana.png
Wondershare TunesGocom.avira.optimizer_ic_launcher.png
Wondershare TunesGocom.instagram.layout_app_icon.png
Wondershare TunesGoco.squidapp.squid_ic_launcher_squid.png
Wondershare TunesGocom.hungrybolo.remotemouseandroid_remote_mouse.png
Wondershare TunesGoair.lovby_ic_launcher.png
Wondershare TunesGocom.niksoftware.snapseed_quantum_logo_snapseed_launcher_color_48.png
Wondershare TunesGocom.apalon.relaxing.sounds.sleep.timer_ic_launcher.png
Wondershare TunesGocom.vodafone.backupplus_ic_launcher_backupplus.png
Wondershare TunesGoit.vodafone.wallet.mobileticketing_ic_launcher.png
Wondershare TunesGocom.microsoft.office.word_word.png
Wondershare TunesGotwoxteam.tagomatic_ic_launcher.png
Wondershare TunesGocom.netflix.mediaclient_icon.png
MacUpdate
Wondershare TunesGocom.neuralprisma_ic_launcher.png
Wondershare TunesGoit.payback.client.android_ic_launcher.png
Wondershare TunesGoit.esselunga.mobile_app_icon.png
Wondershare TunesGoit.rcs.gazzettadigitaledition_ic_launcher.png
Wondershare TunesGoit.soluzione1.tplmobile_ic_launcher.png
Wondershare TunesGoit.mediaset.infinitytv_ic_launcher.png
Wondershare TunesGocom.truecaller_ic_launcher.png
Wondershare TunesGoit.bnl.apps.enterprise.hellobankyoupass_ic_launcher.png
Wondershare TunesGoit.lispa.siss.app.mobile.salutile.ps_icon.png
Wondershare TunesGocom.avira.android_ic_launcher.png
Agent
Wondershare TunesGocom.instagram.android_icon.png
EtreCheck
Wondershare TunesGocom.foodracers.app_icon.png
Wondershare TunesGoit.bnl.apps.enterprise.hellobank_ic_launcher.png
Wondershare TunesGocom.real.RealPlayerCloud_ic_launcher.png
Wondershare TunesGocom.quoord.tapatalkpro.activity_appicon.png
Wondershare TunesGocom.whatsapp_icon.png
Wondershare TunesGocom.microsoft.office.excel_ic_excel.png
Wondershare TunesGoit.creaweb.ucicinemas_ic_launcher.png
Wondershare TunesGocom.amazon.mShop.android.shopping_app_icon.png
Wondershare TunesGocom.facebook.orca_launcher_icon.png
Wondershare TunesGocom.google.android.talk_product_logo_hangouts_launcher_color_48.png
Shimo-Setapp
Wondershare TunesGocom.vodafone.mwallet_ic_launcher.png
Wondershare TunesGocom.ripl.android_ic_launcher.png
Wondershare TunesGoit.sky.nowtv_ic_launcher.png
Wondershare TunesGocom.spotify.music_icon.png
Wondershare TunesGocom.microsoft.office.outlook_ic_launcher.png
Wondershare TunesGoorg.mopria.printplugin_mopria_ic_launcher.png
Wondershare TunesGocom.everimaging.photoeffectstudio_fotor_icon.png
wondershare
Wondershare TunesGocom.microsoft.skydrive_icon.png
Wondershare TunesGocom.sand.airdroid_ad_app_icon.png
Wondershare TunesGoit.lispa.siss.gp.salutile_icon.png
Wondershare TunesGoit.lispa.siss.app.mobile.salutile.referti_icon.png
Wondershare TunesGocom.ttxapps.onesyncv2_ic_launcher.png
Wondershare TunesGocom.joelapenna.foursquared_ic_launcher.png
Wondershare TunesGoit.froggy.android.radio105_ic_launcher.png
Wondershare TunesGocom.teammt.gmanrainy.huaweifirmwarefinder_ic_launcher.png
Wondershare TunesGocom.musement.android_ic_launcher.png

/Users/Shared:
Previously Relocated Items 8 / .. children: 3
Previously Relocated Items 1 / .. children: 3
Previously Relocated Items 6 / .. children: 3
Previously Relocated Items 7 / .. children: 3
App_F18BC462-A212-4381-81C1-6C83BB129697-8475-00000C2699CDE599.tar.gz - sembra sospetto
Relocated Items / .. children: 3
Previously Relocated Items 5 / .. children: 3
Previously Relocated Items 2 / .. children: 3
Previously Relocated Items 3 / .. children: 3
Previously Relocated Items 4 / .. children: 3
sf.plist
wondershare.plist
Previously Relocated Items / .. children: 4
.wondershare_Fabio.dat
a_12E52331-481E-475E-9005-03581E6C721E-8475-00000C265771E99A - sembra sospetto

/Applications:
App 32bit - le puoi eliminare se non le tieni per nostalgia...
Maintenance.app - Ti consiglio di sostituirla con OnyX
Setapp

/Library:
Fonts Disabled - prendono solo spazio, anche se poco

/Library/Application Support:
54F3DE4E-B7BA-4EBD-8B3B-385D272CC583 - sembra sospetto

/Library/Extensions:
ssuddrv.kext - ti Serve Samsung Kies?

[BlackDerfel]

Buonasera Fabio!
Ho seguito le indicazioni e ho cancellato tutto!
Ecco il nuovo resoconto:

Screenshot 2020-07-19 21.07.33.png (245.23 KiB) Visto 250 volte

Timestamp (16): Sun Jul 19 21:07:36 2020
DetectX Swift v1.096

macOS: Version 10.15.6 (Build 19G73)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Sun Jul 19 20:50:41 2020
Uptime: 17 mins, 1 user

Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.

Internet: Reachable


Hardware Overview:

Model Name: iMac
Model Identifier: iMac16,2
Processor Name: Quad-Core Intel Core i5
Processor Speed: 2,8 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 4 MB
Memory: 8 GB
Boot ROM Version: 236.0.0.0.0
SMC Version (system): 2.32f21



Sharing Preferences:

File Sharing: On
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off


3rd Party Kexts (loaded):

com.disc-soft.DAEMONTools.VirtualSCSIBus


$PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin

/etc/paths.d/:

~/.bash_profile:

~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


User Launchd processes:

PID Status Label
- 0 uk.co.serialangels.loginHelper
746 0 com.sqwarq.DetectX-Swift.9108
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
500 0 com.getdropbox.dropbox.7792
577 0 uk.co.serialangels.AppKiller.7848


System Launchd processes:

0 - com.vix.cron
176 - com.disc-soft.DAEMONTools.DAEMONToolsService
0 - com.microsoft.teams.TeamsUpdaterDaemon
184 - com.mice.360Daemon
0 0 com.microsoft.autoupdate.helper
0 - com.disc-soft.DAEMONTools.PrivilegedHelper
0 - org.cups.cupsd



User Login Items:

/Applications/Dropbox.app
/Applications/AppKiller.app
/Applications/AppKiller.app/Contents/Library/LoginItems/loginHelper.app



/Library/LaunchDaemons:

com.microsoft.teams.TeamsUpdaterDaemon.plist

com.disc-soft.DAEMONTools.DAEMONToolsService.plist
-> Program: /Library/Application Support/DAEMONTools/DAEMONToolsService.app/Contents/MacOS/DAEMONToolsService

com.disc-soft.DAEMONTools.PrivilegedHelper.plist
-> Program: /Library/PrivilegedHelperTools/com.disc-soft.DAEMONTools.PrivilegedHelper
--> Program Arguments: /Library/PrivilegedHelperTools/com.disc-soft.DAEMONTools.PrivilegedHelper

com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper

com.mice.360Daemon.plist
--> Program Arguments: /Library/Application Support/MICE/360Daemon.app/Contents/MacOS/360Daemon




/Library/LaunchAgents:

com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: -checkForUpdates




~/Library/LaunchAgents:

com.google.keystone.xpcservice.plist
--> Program Arguments: /Users/Fabio/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost

com.google.keystone.agent.plist
--> Program Arguments: /Users/Fabio/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded

com.valvesoftware.steamclean.plist
-> Program: /Users/Fabio/Library/Application Support/Steam/SteamApps/steamclean
--> Program Arguments: /Users/Fabio/Library/Application Support/Steam/SteamApps/steamclean
--> Program Arguments: Public


User Crontab:

No cron jobs



/etc:

rc.common
bashrc_Apple_Terminal
zshrc_Apple_Terminal
bashrc
zshrc
rc.netboot
efax.rc~previous
php.ini.default-previous~orig
aliases
zprofile

/ $Root:

.file
.VolumeIcon.icns
opt / .. children: 0

~/ $Home:

.config / .. children: 2
Music / .. children: 263
.SMVolumes / .. children: 0
.511011.padl
iCloud Drive (Archivio) - 1 / .. children: 6
.CFUserTextEncoding
bin / .. children: 1
iCloud Drive (Archivio) / .. children: 7
OneDrive / .. children: 49
.local / .. children: 1
Pictures / .. children: 193
.zsh_history
Desktop / .. children: 3
Library / .. children: 97
(null)
Parallels / .. children: 2
.android / .. children: 3
.cups / .. children: 1
.bash_sessions / .. children: 44
Public / .. children: 4
.dropbox / .. children: 12
.cisco / .. children: 1
iCloud Drive (Archivio) - 2 / .. children: 6
iCloud Drive (Archivio) - 3 / .. children: 7
Movies / .. children: 14
Applications / .. children: 5
Dropbox / .. children: 29
.Trash / .. children: 0
Documents / .. children: 51
.mono / .. children: 1
.dvdcss / .. children: 2
Downloads / .. children: 30
.bash_history



~/Library:

Receipts / .. children: 8
SafariTechnologyPreview / .. children: 12
Saved Searches / .. children: 3
studentd / .. children: 3
PDF Services / .. children: 0
HomeKit / .. children: 10
DES / .. children: 2
QuickLook / .. children: 1
UIKitSystem / .. children: 1
QuickTime / .. children: 2
Google / .. children: 2
Safari Shared Data / .. children: 1
Family / .. children: 1
Cisco / .. children: 1
com.apple.icloud.searchpartyd / .. children: 4
Parallels / .. children: 1
Personas / .. children: 3
LaunchAgents (Disabled) / .. children: 1
FrontBoard / .. children: 3
News / .. children: 3
MediaStream / .. children: 7
Icons / .. children: 3
instance
Dropbox / .. children: 1
com.amplitude.plist
Fonts Disabled / .. children: 0
ApplicationaContents / .. children: 2
Frameworks / .. children: 2
PersonalizationPortrait / .. children: 5
VoiceTrigger / .. children: 1
Reminders / .. children: 2
com.amplitude.database



~/Library/Application Support:

BackupTrans / .. children: 1
com.apple.sbd / .. children: 1
com.apple.replayd / .. children: 0
SyncServices / .. children: 1
com.nevercenter.camerabagcinema / .. children: 2
com.apple.kvs / .. children: 1
SyncMate / .. children: 1
Mozilla / .. children: 1
com.apple.transparencyd / .. children: 5
AirDroid / .. children: 4
com.apple.touristd / .. children: 18
DiskImages / .. children: 1
Microsoft AU Daemon / .. children: 2
Steam / .. children: 11
CoreParsec / .. children: 0
HP / .. children: 1
Nikon / .. children: 2
OneDriveStandaloneUpdater / .. children: 1
com.apple.akd / .. children: 1
PhantomVPN / .. children: 1
com.iMobie.SilentCleanServer / .. children: 1
MobileSync / .. children: 1
Sports Interactive / .. children: 5
OneDrive / .. children: 5
Google / .. children: 4
Microsoft / .. children: 3
Spotify / .. children: 4
com.microsoft.teams / .. children: 1
MacUpdate / .. children: 2
URBrowser / .. children: 26
OneDriveUpdater / .. children: 1
dmd / .. children: 0
de.iplabs.pgx.photosi.op31000784.osx / .. children: 4
AppKiller / .. children: 2
silverlightOnChrome / .. children: 4
Agent / .. children: 0
com.microsoft.OneDriveStandaloneUpdater / .. children: 1
Nokia / .. children: 1
CEF / .. children: 1
JetBrains / .. children: 0
com.apple.AssistiveControl / .. children: 2
com.microsoft.OneDrive / .. children: 1
VLC / .. children: 1
Airflow / .. children: 6
TrustedPeersHelper / .. children: 0
EtreCheck / .. children: 1
Adobe / .. children: 3
VLCStreamer / .. children: 1
org.videolan.vlc / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 4
System Preferences / .. children: 0
Shimo-Setapp / .. children: 1
com.apple.ContextStoreAgent / .. children: 1
FileProvider / .. children: 2
MacPhun Software / .. children: 3
WAF / .. children: 4
Dropbox / .. children: 4
NOW TV Player / .. children: 5
com.apple.AMPLibraryAgent / .. children: 3
Preview / .. children: 0
com.imobie.PhoneClean / .. children: 2
wondershare / .. children: 3
Skype / .. children: 1
SyncMate5 / .. children: 9
com.apple.siri.inference / .. children: 1
Microsoft Update Assistant / .. children: 2
com.microsoft.OneDriveUpdater / .. children: 1
transparencyd / .. children: 0
ThinkTimeCreations / .. children: 0
Helper / .. children: 1
Microsoft AutoUpdate / .. children: 3
org.openemu.OEXPCCAgent.Agents / .. children: 0
TorBrowser-Data / .. children: 3
syncdefaultsd / .. children: 0
Google Earth / .. children: 3
WhatsApp / .. children: 37
Nik Software / .. children: 1
com.apple.accounts.dom / .. children: 0
Eltima Software / .. children: 1
Caches / .. children: 1



~/Library/Safari/Extensions:

*-- Could not read Folder --*



~/Library/Internet Plug-Ins:





/Users/Shared:

adi / .. children: 4
SC Info / .. children: 2
Sports Interactive / .. children: 2
Parallels / .. children: 1
Relocated Items / .. children: 3
Catch! / .. children: 0
Paragon Software / .. children: 1



/Applications:

App 32bit / .. children: 3
Tor Browser.app
VLC.app
FotoJet Collage Maker.app
AirDroid.app
Gemini.app
Filters for Photos.app
Steam.app
Airflow.app
Google Chrome.app
AndroidTransfer.app
VLCStreamer.app
Dropbox.app
Android File Transfer.app
AppKiller copia.app
OnyX.app
OneDrive.app
DAEMON Tools.app
Spotify.app
DetectX Swift.app
Microsoft Word.app
Joystick Doctor.app
NOW TV.app
Fishdom.app
Microsoft Excel.app
Nokia Photo Transfer.app
Microsoft Silverlight
Football Manager 2014.app
WhatsApp.app
Microsoft Outlook.app
Nik Collection / .. children: 9
Microsoft To Do.app
Nikon Software / .. children: 4
The Unarchiver.app
PhotoSi - MyComposer.app
Microsoft OneNote.app
SyncMate.app
Skype.app
AppCleaner.app
Encrypto.app
LEGO® MARVEL's Avengers.app
Snapseed.app
Fotor Photo Editor.app
Microsoft PowerPoint.app
Unarchiver.app
AppKiller.app
Microsoft Teams.app



/Library:

Apple / .. children: 3
DropboxHelperTools / .. children: 2
OSAnalytics / .. children: 2
StagedDriverExtensions / .. children: 0
Google / .. children: 1
InstallerSandboxes / .. children: 2
DriverExtensions / .. children: 0
HostUUID
Automator / .. children: 95
User Template / .. children: 41
Fonts Disabled / .. children: 0
SystemExtensions / .. children: 1



/Library/Application Support:

DAEMONTools / .. children: 2
Nikon / .. children: 4
PhantomVPN / .. children: 5
Macromedia / .. children: 1
Mica / .. children: 1
Microsoft / .. children: 2
com.apple.icloud.searchpartyd / .. children: 3
Adobe / .. children: 1
Aperture / .. children: 1
MacPhun Software / .. children: 7
MICE / .. children: 1
Paragon Software / .. children: 1



/Library/Extensions:

ufsd_NTFS.kext
360Controller.kext
AppleMobileDevice.kext
Wireless360Controller.kext
WirelessGamingReceiver.kext
hp_io_enabler_compound.kext
WirelessOneController.kext



/Library/Internet Plug-Ins:

SharePointBrowserPlugin.plugin
Silverlight.plugin
flashplayer.xpt
SharePointWebKitPlugin.webplugin



/Library/Managed Preferences:

*-- Folder doesn't exist or is inaccessible --*



/Library/PrivilegedHelperTools:

com.disc-soft.DAEMONTools.PrivilegedHelper
uk.co.serialangels.AppKillerHelper
com.microsoft.autoupdate.helper



/Library/ScriptingAdditions:





/Library/StartupItems:





/Library/Updates:

ProductMetadata.plist
PPDVersions.plist
index.plist



Top Processes:

%CPU PID COMMAND
3.7 334 WindowServer
3.4 500 Dropbox
3.0 0 kernel_task
1.2 235 tccd
1.0 201 launchservicesd
0.9 954 com.apple.quickl
0.9 296 trustd
0.8 236 loginwindow
0.7 1 launchd
0.6 222 hidd
EOF

[faxus]

Uh, hai ancora della roba Wondershare.

Usa EasyFind
http://www.devontechnologies.com/products/freeware/
Cerca wondershare e distruggi tutto quello che trovi

[BlackDerfel]

Eccomi!!
Ho tolto tutto con EasyFind!

Screenshot 2020-07-19 22.48.06.png (223.53 KiB) Visto 243 volte

Mentre questo è l'ultimo resoconto:

Timestamp (19): Sun Jul 19 22:48:53 2020
DetectX Swift v1.096

macOS: Version 10.15.6 (Build 19G73)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Sun Jul 19 20:50:42 2020
Uptime: 1:58, 1 user

Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.

Internet: Reachable


Hardware Overview:

Model Name: iMac
Model Identifier: iMac16,2
Processor Name: Quad-Core Intel Core i5
Processor Speed: 2,8 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 4 MB
Memory: 8 GB
Boot ROM Version: 236.0.0.0.0
SMC Version (system): 2.32f21



Sharing Preferences:

File Sharing: On
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off


3rd Party Kexts (loaded):

com.disc-soft.DAEMONTools.VirtualSCSIBus


$PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin

/etc/paths.d/:

~/.bash_profile:

~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


User Launchd processes:

PID Status Label
- 0 uk.co.serialangels.loginHelper
1316 0 com.sqwarq.DetectX-Swift.9108
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
1228 0 org.grunenberg.EasyFind.11360
500 0 com.getdropbox.dropbox.7792


System Launchd processes:

0 - com.vix.cron
176 - com.disc-soft.DAEMONTools.DAEMONToolsService
0 - com.microsoft.teams.TeamsUpdaterDaemon
184 - com.mice.360Daemon
0 0 com.microsoft.autoupdate.helper
0 - com.disc-soft.DAEMONTools.PrivilegedHelper
0 - org.cups.cupsd



User Login Items:

/Applications/Dropbox.app
/Applications/AppKiller.app
/Applications/AppKiller.app/Contents/Library/LoginItems/loginHelper.app



/Library/LaunchDaemons:

com.microsoft.teams.TeamsUpdaterDaemon.plist

com.disc-soft.DAEMONTools.DAEMONToolsService.plist
-> Program: /Library/Application Support/DAEMONTools/DAEMONToolsService.app/Contents/MacOS/DAEMONToolsService

com.disc-soft.DAEMONTools.PrivilegedHelper.plist
-> Program: /Library/PrivilegedHelperTools/com.disc-soft.DAEMONTools.PrivilegedHelper
--> Program Arguments: /Library/PrivilegedHelperTools/com.disc-soft.DAEMONTools.PrivilegedHelper

com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper

com.mice.360Daemon.plist
--> Program Arguments: /Library/Application Support/MICE/360Daemon.app/Contents/MacOS/360Daemon




/Library/LaunchAgents:

com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: -checkForUpdates




~/Library/LaunchAgents:

com.google.keystone.xpcservice.plist
--> Program Arguments: /Users/Fabio/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost

com.google.keystone.agent.plist
--> Program Arguments: /Users/Fabio/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded

com.valvesoftware.steamclean.plist
-> Program: /Users/Fabio/Library/Application Support/Steam/SteamApps/steamclean
--> Program Arguments: /Users/Fabio/Library/Application Support/Steam/SteamApps/steamclean
--> Program Arguments: Public


User Crontab:

No cron jobs



/etc:

rc.common
bashrc_Apple_Terminal
zshrc_Apple_Terminal
bashrc
zshrc
rc.netboot
efax.rc~previous
php.ini.default-previous~orig
aliases
zprofile

/ $Root:

.file
.VolumeIcon.icns
opt / .. children: 0

~/ $Home:

.config / .. children: 2
Music / .. children: 262
.SMVolumes / .. children: 0
.511011.padl
iCloud Drive (Archivio) - 1 / .. children: 6
.CFUserTextEncoding
bin / .. children: 1
iCloud Drive (Archivio) / .. children: 7
OneDrive / .. children: 49
.local / .. children: 1
Pictures / .. children: 192
.zsh_history
Desktop / .. children: 3
Library / .. children: 97
(null)
Parallels / .. children: 2
.android / .. children: 3
.cups / .. children: 1
.bash_sessions / .. children: 44
Public / .. children: 4
.dropbox / .. children: 12
.cisco / .. children: 1
iCloud Drive (Archivio) - 2 / .. children: 6
iCloud Drive (Archivio) - 3 / .. children: 7
Movies / .. children: 14
Applications / .. children: 6
Dropbox / .. children: 29
.Trash / .. children: 0
Documents / .. children: 50
.mono / .. children: 1
.dvdcss / .. children: 2
Downloads / .. children: 31
.bash_history



~/Library:

Receipts / .. children: 8
SafariTechnologyPreview / .. children: 12
Saved Searches / .. children: 3
studentd / .. children: 4
PDF Services / .. children: 0
HomeKit / .. children: 10
DES / .. children: 2
QuickLook / .. children: 1
UIKitSystem / .. children: 1
QuickTime / .. children: 2
Google / .. children: 2
Safari Shared Data / .. children: 1
Family / .. children: 1
Cisco / .. children: 1
com.apple.icloud.searchpartyd / .. children: 4
Parallels / .. children: 1
Personas / .. children: 3
LaunchAgents (Disabled) / .. children: 0
FrontBoard / .. children: 3
News / .. children: 3
MediaStream / .. children: 7
Icons / .. children: 3
instance
Dropbox / .. children: 1
com.amplitude.plist
Fonts Disabled / .. children: 0
ApplicationaContents / .. children: 2
Frameworks / .. children: 2
PersonalizationPortrait / .. children: 5
VoiceTrigger / .. children: 1
Reminders / .. children: 2
com.amplitude.database



~/Library/Application Support:

BackupTrans / .. children: 1
com.apple.sbd / .. children: 1
com.apple.replayd / .. children: 0
SyncServices / .. children: 1
com.nevercenter.camerabagcinema / .. children: 2
com.apple.kvs / .. children: 1
SyncMate / .. children: 1
Mozilla / .. children: 1
com.apple.transparencyd / .. children: 5
AirDroid / .. children: 4
com.apple.touristd / .. children: 18
DiskImages / .. children: 1
Microsoft AU Daemon / .. children: 2
Steam / .. children: 11
EasyFind / .. children: 0
CoreParsec / .. children: 0
HP / .. children: 1
Nikon / .. children: 2
OneDriveStandaloneUpdater / .. children: 1
com.apple.akd / .. children: 1
PhantomVPN / .. children: 1
com.iMobie.SilentCleanServer / .. children: 1
MobileSync / .. children: 1
Sports Interactive / .. children: 5
OneDrive / .. children: 5
Google / .. children: 4
Microsoft / .. children: 3
Spotify / .. children: 4
com.microsoft.teams / .. children: 1
MacUpdate / .. children: 2
URBrowser / .. children: 26
OneDriveUpdater / .. children: 1
dmd / .. children: 0
de.iplabs.pgx.photosi.op31000784.osx / .. children: 4
AppKiller / .. children: 2
silverlightOnChrome / .. children: 4
Agent / .. children: 0
com.microsoft.OneDriveStandaloneUpdater / .. children: 1
Nokia / .. children: 1
CEF / .. children: 1
JetBrains / .. children: 0
com.apple.AssistiveControl / .. children: 2
com.microsoft.OneDrive / .. children: 1
VLC / .. children: 1
Airflow / .. children: 6
TrustedPeersHelper / .. children: 0
EtreCheck / .. children: 1
Adobe / .. children: 3
VLCStreamer / .. children: 1
org.videolan.vlc / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 4
System Preferences / .. children: 0
Shimo-Setapp / .. children: 1
com.apple.ContextStoreAgent / .. children: 1
FileProvider / .. children: 2
MacPhun Software / .. children: 3
WAF / .. children: 4
Dropbox / .. children: 4
NOW TV Player / .. children: 5
com.apple.AMPLibraryAgent / .. children: 3
Preview / .. children: 0
com.imobie.PhoneClean / .. children: 2
Skype / .. children: 1
SyncMate5 / .. children: 9
com.apple.siri.inference / .. children: 1
Microsoft Update Assistant / .. children: 2
com.microsoft.OneDriveUpdater / .. children: 1
transparencyd / .. children: 0
ThinkTimeCreations / .. children: 0
Helper / .. children: 0
Microsoft AutoUpdate / .. children: 3
org.openemu.OEXPCCAgent.Agents / .. children: 0
TorBrowser-Data / .. children: 3
syncdefaultsd / .. children: 0
Google Earth / .. children: 3
WhatsApp / .. children: 37
Nik Software / .. children: 1
com.apple.accounts.dom / .. children: 0
Eltima Software / .. children: 1
Caches / .. children: 1



~/Library/Safari/Extensions:

*-- Could not read Folder --*



~/Library/Internet Plug-Ins:





/Users/Shared:

adi / .. children: 4
SC Info / .. children: 2
Sports Interactive / .. children: 2
Parallels / .. children: 1
Relocated Items / .. children: 3
Catch! / .. children: 0
Paragon Software / .. children: 1



/Applications:

App 32bit / .. children: 3
Tor Browser.app
VLC.app
FotoJet Collage Maker.app
AirDroid.app
Gemini.app
Filters for Photos.app
Steam.app
Airflow.app
Google Chrome.app
AndroidTransfer.app
VLCStreamer.app
Dropbox.app
Android File Transfer.app
AppKiller copia.app
OnyX.app
OneDrive.app
DAEMON Tools.app
Spotify.app
DetectX Swift.app
Microsoft Word.app
Joystick Doctor.app
NOW TV.app
Fishdom.app
Microsoft Excel.app
Nokia Photo Transfer.app
Microsoft Silverlight
Football Manager 2014.app
WhatsApp.app
Microsoft Outlook.app
Nik Collection / .. children: 9
Microsoft To Do.app
Nikon Software / .. children: 4
The Unarchiver.app
PhotoSi - MyComposer.app
Microsoft OneNote.app
SyncMate.app
Skype.app
AppCleaner.app
Encrypto.app
LEGO® MARVEL's Avengers.app
Snapseed.app
Fotor Photo Editor.app
Microsoft PowerPoint.app
Unarchiver.app
AppKiller.app
Microsoft Teams.app



/Library:

Apple / .. children: 3
DropboxHelperTools / .. children: 2
OSAnalytics / .. children: 2
StagedDriverExtensions / .. children: 0
Google / .. children: 1
InstallerSandboxes / .. children: 2
DriverExtensions / .. children: 0
HostUUID
Automator / .. children: 95
User Template / .. children: 41
Fonts Disabled / .. children: 0
SystemExtensions / .. children: 1



/Library/Application Support:

DAEMONTools / .. children: 2
Nikon / .. children: 4
PhantomVPN / .. children: 5
Macromedia / .. children: 1
Mica / .. children: 1
Microsoft / .. children: 2
com.apple.icloud.searchpartyd / .. children: 3
Adobe / .. children: 1
Aperture / .. children: 1
MacPhun Software / .. children: 7
MICE / .. children: 1
Paragon Software / .. children: 1



/Library/Extensions:

ufsd_NTFS.kext
360Controller.kext
AppleMobileDevice.kext
Wireless360Controller.kext
WirelessGamingReceiver.kext
hp_io_enabler_compound.kext
WirelessOneController.kext



/Library/Internet Plug-Ins:

SharePointBrowserPlugin.plugin
Silverlight.plugin
flashplayer.xpt
SharePointWebKitPlugin.webplugin



/Library/Managed Preferences:

*-- Folder doesn't exist or is inaccessible --*



/Library/PrivilegedHelperTools:

com.disc-soft.DAEMONTools.PrivilegedHelper
uk.co.serialangels.AppKillerHelper
com.microsoft.autoupdate.helper



/Library/ScriptingAdditions:





/Library/StartupItems:





/Library/Updates:

ProductMetadata.plist
PPDVersions.plist
index.plist



Top Processes:

%CPU PID COMMAND
3.3 334 WindowServer
2.1 0 kernel_task
0.8 1316 DetectX Swift
0.7 222 hidd
0.5 223 sandboxd
0.2 191 mds
0.2 1 launchd
0.1 500 Dropbox
0.1 199 opendirectoryd
0.1 376 mds_stores