DetectX in versione trial https://sqwarq.com/detectx/
Moderatore: ModiMaccanici
DetectX in versione trial https://sqwarq.com/detectx/
Certamente che c’è.
Codice: Seleziona tutto
Search complete. No threats or problems found.
Codice: Seleziona tutto
Timestamp (7): Wed Nov 25 08:38:24 2020
DetectX Swift v1.0971
macOS: Version 10.15.7 (Build 19H15)
File System: apfs
Temp: The thermal state is slightly elevated, fans may be audible.
Boot time: Mon Nov 23 14:42:54 2020
Uptime: up 1 day, 17:56
Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.
Internet: Reachable
Hardware Overview:
Model Name: MacBook Pro
Model Identifier: MacBookPro13,3
Processor Name: Quad-Core Intel Core i7
Processor Speed: 2,6 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 6 MB
Hyper-Threading Technology: Enabled
Memory: 16 GB
Boot ROM Version: 428.0.0.0.0
SMC Version (system): 2.38f11
Sharing Preferences:
File Sharing: Off
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off
3rd Party Kexts (loaded):
com.paragon-software.filesystems.ntfs
$PATH:
PATH=/usr/bin:/bin:/usr/sbin:/sbin
/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin
/etc/paths.d/:
~/.bash_profile:
~/.bashrc:
~/.bash_login:
~/.profile:
~/.bash_logout:
User Launchd processes:
PID Status Label
- 78 com.Musophagidae.zr.app
- 0 com.Uriel.app
429 0 com.paragon-software.ntfs.notification-agent
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
- 0 com.google.keystone.system.agent
90434 0 com.microsoft.Outlook.60264
- 111 com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d
416 0 bc20
775 0 com.SearchUp
- 0 com.google.keystone.system.xpcservice
44395 0 com.google.Chrome.61124
430 0 /Library/fishwoman_unhushed/WbIOEaLX/LmRaCnjy/XGCwvhdu/hyne-zoomantist
411 0 LinkBranch
System Launchd processes:
(dp) 0 HSlZc
637 - com.paragon-software.installer
0 - com.vix.cron
0 - com.microsoft.teams.TeamsUpdaterDaemon
0 0 com.google.keystone.daemon
628 - com.paragon-software.ntfsd
0 - com.teamviewer.Helper
0 - com.microsoft.office.licensingV2.helper
0 0 com.microsoft.autoupdate.helper
0 78 com.PowerLiftDaemon.app
0 0 org.cups.cupsd
0 0 com.adobe.fpsaud
0 - com.adobe.ARMDC.Communicator
0 0 com.TestDateDaemon.app
0 - com.microsoft.OneDriveUpdaterDaemon
0 - com.adobe.ARMDC.SMJobBlessHelper
(dp) 0 com.paragon-software.ntfs.loader
189 - com.cleverfiles.cfbackd
User Login Items:
/Users/Shared/Apowersoft/Mac Apowersoft Helper/ApowersoftHelper.app
/Users/xxxxxxxxxx/Downloads/AppCleaner.app
/Users/xxxxxxxxxx/Downloads/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app
/Library/LaunchDaemons:
com.paragon-software.ntfs.loader.plist
--> Program Arguments: /sbin/kextload
--> Program Arguments: /Library/Extensions/ufsd_NTFS.kext
com.microsoft.office.licensingV2.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
com.adobe.ARMDC.Communicator.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.ARMDC.Communicator
com.cleverfiles.cfbackd.plist
--> Program Arguments: /Library/Application Support/CleverFiles/BackService.app/Contents/MacOS/cfbackd
com.google.keystone.daemon.plist
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon
com.microsoft.teams.TeamsUpdaterDaemon.plist
com.PowerLiftDaemon.plist
-> Program: /Library/PowerLiftDaemon/PowerLiftDaemon.app/Contents/MacOS/PowerLiftDaemon
com.apple.installer.osmessagetracing.plist
--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer
com.TestDateDaemon.plist
-> Program: /Library/TestDateDaemon/TestDateDaemon.app/Contents/MacOS/TestDateDaemon
com.paragon-software.installer.plist
-> Program: /Library/PrivilegedHelperTools/com.paragon-software.installer
com.teamviewer.teamviewer_service.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service
--> Program Arguments: -Module
--> Program Arguments: Full
com.adobe.fpsaud.plist
--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
com.teamviewer.Helper.plist
-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper
com.microsoft.OneDriveUpdaterDaemon.plist
com.paragon-software.ntfsd.plist
--> Program Arguments: /Library/Application Support/Paragon Software/com.paragon-software.ntfsd
com.oracle.java.Helper-Tool.plist
com.adobe.ARMDC.SMJobBlessHelper.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.ARMDC.SMJobBlessHelper
com.HSlZc.plist
-> Program: /Library/yYfUF/x9vQN
com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
/Library/LaunchAgents:
com.hyne-zoomantist.plist
com.google.keystone.xpcservice.plist
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost
com.Musophagidae.zr.plist
-> Program: /Library/Musophagidae.zr/Musophagidae.zr.app/Contents/MacOS/Musophagidae.zr
com.teamviewer.teamviewer_desktop.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
--> Program Arguments: -Module
--> Program Arguments: Full
com.google.keystone.agent.plist
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded
com.paragon-software.ntfs.notification-agent.plist
--> Program Arguments: /Library/Application Support/Paragon Software/com.paragon-software.ntfs.notification-agent.app/Contents/MacOS/NotificationAgent
com.teamviewer.teamviewer.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist
--> Program Arguments: /Library/Application Support/Adobe/ARMDC/Application/Acrobat Update Helper.app/Contents/MacOS/Acrobat Update Helper
com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: -checkForUpdates
~/Library/LaunchAgents:
com.SearchUp.plist
--> Program Arguments: /Users/xxxxxxxxxx/Library/Application Support/com.SearchUp/SearchUp
com.LinkBranch.plist
-> Program: /Users/xxxxxxxxxx/Library/FileFinder/LinkBranch/LinkBranch
com.ReplayInfo.plist
--> Program Arguments: /Users/xxxxxxxxxx/Library/Application Support/com.ReplayInfo/ReplayInfo
com.Uriel.plist
--> Program Arguments: /Users/xxxxxxxxxx/Library/Uriel/Uriel.app/Contents/MacOS/Uriel
com.bc20.plist
-> Program: /Users/xxxxxxxxxx/Library/bc20/bc20
User Crontab:
No cron jobs
/etc:
rc.common
bashrc
zshrc
rc.netboot
fstab
aliases
bashrc_Apple_Terminal
zprofile
zshrc_Apple_Terminal
/ $Root:
com.apple.TimeMachine.localsnapshots / .. children: 1
.file
.VolumeIcon.icns
opt / .. children: 0
~/ $Home:
iCloud Drive (Archivio) / .. children: 9
.config / .. children: 3
.java / .. children: 1
.DDPreview / .. children: 0
Downloads / .. children: 319
Pictures / .. children: 45
Documents / .. children: 40
.local / .. children: 1
Music / .. children: 6
Movies / .. children: 4
Library / .. children: 89
Desktop / .. children: 42
Samsung / .. children: 2
.oracle_jre_usage / .. children: 2
Public / .. children: 2
.android / .. children: 3
.cups / .. children: 1
.bash_sessions / .. children: 7
.cisco / .. children: 1
.CFUserTextEncoding
.librtc
.mono / .. children: 1
.Trash / .. children: 0
Applications / .. children: 4
.bash_history
~/Library:
Reminders / .. children: 2
studentd / .. children: 3
bc20 / .. children: 3
PowerLift / .. children: 1
Address Book Plug-Ins / .. children: 4
PDF Expert / .. children: 3
com.apple.icloud.searchpartyd / .. children: 4
Uriel / .. children: 1
HomeKit / .. children: 11
ApplicationMor / .. children: 2
Receipts / .. children: 2
utilityData / .. children: 0
FrontBoard / .. children: 3
MediaStream / .. children: 7
PersonalizationPortrait / .. children: 5
Google / .. children: 1
VoiceTrigger / .. children: 1
PDF Services / .. children: 0
.focGw3
Family / .. children: 1
com.amplitude.plist
UIKitSystem / .. children: 1
.SavedStamps / .. children: 0
com.amplitude.database
Personas / .. children: 3
FileFinder / .. children: 10
~/Library/Application Support:
com.apple.sbd / .. children: 2
Movavi / .. children: 1
com.apple.replayd / .. children: 0
Mozilla / .. children: 2
Helper / .. children: 0
DetectX Swift / .. children: 3
com.guidedways.TodoMac / .. children: 1
com.apple.kvs / .. children: 1
com.paragon-software.ntfs.fsapp / .. children: 1
com.ReplayInfo / .. children: 0
com.apple.transparencyd / .. children: 5
com.microsoft.teams.helper / .. children: 1
com.apple.touristd / .. children: 5
Firefox / .. children: 5
com.wondershare.PDFelement / .. children: 5
SyncServices / .. children: 1
EtreCheck / .. children: 2
Cisco / .. children: 1
Microsoft Update Assistant / .. children: 2
TeamViewer / .. children: 1
com.apple.akd / .. children: 1
zoom.us / .. children: 2
com.apple.AMPLibraryAgent / .. children: 3
PDF Expert / .. children: 6
XLD / .. children: 2
MobileSync / .. children: 2
Sky Go / .. children: 38
Telegram Desktop / .. children: 2
uTorrent / .. children: 34
com.microsoft.teams / .. children: 1
Apple / .. children: 1
dmd / .. children: 0
uTorrent Web / .. children: 10
OxygenXMLEditor / .. children: 1
com.SearchUp / .. children: 1
iCareFone for WhatsApp Transfer / .. children: 2
com.paragon-software.ntfs.notification-agent / .. children: 1
Disk Drill / .. children: 1
WAF / .. children: 4
AnyMP4 Studio / .. children: 1
2Do / .. children: 2
SyncMate5 / .. children: 11
TrustedPeersHelper / .. children: 0
com.readdle.PDFExpert-Mac / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 4
TorBrowser-Data / .. children: 3
DiskDrill / .. children: 1
ABBYY / .. children: 1
DiskImages / .. children: 1
CoreParsec / .. children: 0
System Preferences / .. children: 0
Skype / .. children: 6
µTorrent / .. children: 1
FileProvider / .. children: 2
org.videolan.vlc / .. children: 1
WebEx Folder / .. children: 4
com.wondershare.PDFelement6.Professional / .. children: 5
com.Uriel / .. children: 1
MediaHuman / .. children: 1
Combo Cleaner / .. children: 3
CEF / .. children: 1
com.wondershare.Installer / .. children: 1
Google / .. children: 4
Microsoft AU Daemon / .. children: 2
Microsoft / .. children: 2
Webex Meetings / .. children: 3
Oracle / .. children: 1
com.lighting.huesync / .. children: 7
Microsoft AutoUpdate / .. children: 2
2DoLogFile.log
com.movavi.pdfeditor2 / .. children: 1
JREInstaller / .. children: 1
Adobe / .. children: 5
SAlt-TOne / .. children: 1
transparencyd / .. children: 0
Movavi PDF Editor 2 / .. children: 1
syncdefaultsd / .. children: 0
LibreOffice / .. children: 1
com.apple.ContextStoreAgent / .. children: 1
Google Earth / .. children: 3
Morph Age / .. children: 1
PDFelement / .. children: 2
Backups / .. children: 1
com.tenorshare.iCareFoneForWhatsAppTransfer / .. children: 1
com.eltima.cmd1 / .. children: 1
~/Library/Safari/Extensions:
*-- Folder doesn't exist or is inaccessible --*
~/Library/Internet Plug-Ins:
WebEx64.plugin
/Users/Shared:
Key-Base / .. children: 1
adi / .. children: 0
Apowersoft / .. children: 1
Previously Relocated Items / .. children: 1
fl
sf.plist
Combo Cleaner / .. children: 0
SC Info / .. children: 0
AdvanceKeyBase / .. children: 3
/Applications:
Firefox.app
Blackmagic Disk Speed Test.app
MediaHuman YouTube Downloader.app
PDFelement.app
Tor Browser.app
LibreOffice.app
Google Earth Pro.app
Commander One.app
Skype.app
DetectX Swift.app
Google Chrome.app
uTorrent Web.app
Caffeine.app
Microsoft PowerPoint.app
AxCrypt.app
zoom.us.app
Movavi PDF Editor 2.app
Microsoft Excel.app
Adobe Acrobat Reader DC.app
EtreCheckPro.app
VLC.app
Microsoft OneNote.app
ApowerREC / .. children: 2
TeamViewer.app
Microsoft Word.app
The Unarchiver.app
Skype for Business.app
Hue Sync.app
OneDrive.app
Microsoft Teams.app
Skype 2.app
Microsoft Outlook.app
PDF Expert.app
/Library:
ApplicationContents / .. children: 2
bc20 / .. children: 3
HostUUID
ApplicationaContents / .. children: 2
Catacomb / .. children: 1
fishwoman_unhushed / .. children: 1
InstallerSandboxes / .. children: 2
Apple / .. children: 3
OSAnalytics / .. children: 2
ApplicationMor / .. children: 2
User Template / .. children: 41
.Dc3r
TestDateDaemon / .. children: 1
.B92c0853ecfc
yYfUF / .. children: 2
DriverExtensions / .. children: 0
Google / .. children: 3
Musophagidae.zr / .. children: 0
UpdatesMac / .. children: 0
ApowerREC / .. children: 0
.c3sh4R
StagedDriverExtensions / .. children: 0
PowerLiftDaemon / .. children: 0
SystemExtensions / .. children: 1
SavedDataFiles / .. children: 2
/Library/Application Support:
Mozilla / .. children: 2
Macromedia / .. children: 1
TeamViewer / .. children: 1
com.TestDateDaemon / .. children: 1
Pulse Secure / .. children: 1
Mica / .. children: 1
Google / .. children: 1
Microsoft / .. children: 2
Oracle / .. children: 0
Paragon Software / .. children: 5
CleverFiles / .. children: 2
Adobe / .. children: 6
/Library/Extensions:
AppleMobileDevice.kext
ufsd_NTFS.kext
ssuddrv.kext
/Library/Internet Plug-Ins:
ZoomUsPlugIn.plugin
PepperFlashPlayer / .. children: 2
flashplayer.xpt
Flash Player.plugin
/Library/Managed Preferences:
*-- Folder doesn't exist or is inaccessible --*
/Library/PrivilegedHelperTools:
com.microsoft.office.licensingV2.helper
com.adobe.ARMDC.Communicator
com.paragon-software.installer
com.teamviewer.Helper
com.adobe.ARMDC.SMJobBlessHelper
com.microsoft.autoupdate.helper
/Library/ScriptingAdditions:
/Library/StartupItems:
/Library/Updates:
ProductMetadata.plist
index.plist
PreflightContainers / .. children: 1
Top Processes:
%CPU PID COMMAND
51.0 274 WindowServer
23.8 44408 Google Chrome He
21.2 44415 Google Chrome He
13.4 0 kernel_task
6.6 214 loginwindow
6.1 173 launchservicesd
4.0 775 SearchUp
4.0 88561 com.apple.WebKit
3.9 57814 com.apple.WebKit
3.0 294 runningboardd
Sì, hai postato in modo perfetto!
Tentar non nuoce.... come faccio ad eliminarlo ?!!Jethro ha scritto: ↑mer, 25 nov 2020 23:20Uhm... non sono sicuro ma questo elemento mi sembra sospetto:
User Launchd processes:
...
775 0 com.SearchUp
Però, dico la verità, non lo so per certo... è solo una mia impressione. A volte una cosa non mi ispira fiducia così a naso... qualche volta ci ho azzeccato. Però non ci scommetterei dei soldi.
No Gigy71, non è l’approccio giusto; assolutamente. Non si elimina qualcosa che non si sa cosa sia.
Certo sono consapevole di quanto dici, ed hai assolutamente ragione !!Jethro ha scritto: ↑gio, 26 nov 2020 08:58No Gigy71, non è l’approccio giusto; assolutamente. Non si elimina qualcosa che non si sa cosa sia.
L’ideale sarebbe indagare e informarsi il più possibile fino ad avere un quadro esatto e “sicuro” della situazione. Purtroppo per tempo e capacità non posso aiutarti in questo momento.
Però, proprio come regola generale, non si cancellano cose che non si sa per certo cosa siamo e che funzione abbiano.
Eccomi !!! E ancora grazie per il tempo dedicatoAlberto.G ha scritto: ↑gio, 26 nov 2020 08:56gigy71 fai prima questa prova.
Ho indagato sul web ed ho appurato che quello che ti succede è da addebitarsi ad un adware/malware che si è installato sulla tua macchina; molte persone si sono lamentate, da più anni, di trovarsi con finestre o pagine che si aprono da sole su diversi browser, quindi non solo esclusivamente con Chrome.
Perché DetectX non ti ha evidenziato in STATUS alcun file “sospetto”?
Ti chiedo:
- accendi il tuo MBP
- apri Chrome
- esegui ancora DetectX Swift
- posta quello che ti appare nella finestra STATUS
- posta anche il contenuto della finestra PROFILE, come già detto fino al titolo "Running Processes”.
Codice: Seleziona tutto
Search complete. No threats or problems found.
Codice: Seleziona tutto
Timestamp (10): Thu Nov 26 09:29:19 2020
DetectX Swift v1.0971
macOS: Version 10.15.7 (Build 19H15)
File System: apfs
Temp: The thermal state is within normal limits.
Boot time: Thu Nov 26 09:26:28 2020
Uptime: up 3 mins, 1 user
Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.
Internet: Reachable
Hardware Overview:
Model Name: MacBook Pro
Model Identifier: MacBookPro13,3
Processor Name: Quad-Core Intel Core i7
Processor Speed: 2,6 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 6 MB
Hyper-Threading Technology: Enabled
Memory: 16 GB
Boot ROM Version: 428.0.0.0.0
SMC Version (system): 2.38f11
Sharing Preferences:
File Sharing: Off
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off
3rd Party Kexts (loaded):
com.paragon-software.filesystems.ntfs
$PATH:
PATH=/usr/bin:/bin:/usr/sbin:/sbin
/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin
/etc/paths.d/:
~/.bash_profile:
~/.bashrc:
~/.bash_login:
~/.profile:
~/.bash_logout:
User Launchd processes:
PID Status Label
1194 0 com.sqwarq.DetectX-Swift.61208
- 0 com.Musophagidae.zr.app
- 0 com.Uriel.app
437 0 com.paragon-software.ntfs.notification-agent
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
- 0 com.google.keystone.system.agent
- 111 com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d
425 0 bc20
642 0 com.SearchUp
- 0 com.google.keystone.system.xpcservice
558 0 com.google.Chrome.61124
449 0 com.apowersoft.ApowersoftHelper.61224
438 0 /Library/fishwoman_unhushed/WbIOEaLX/LmRaCnjy/XGCwvhdu/hyne-zoomantist
420 0 LinkBranch
1469 0 com.microsoft.Word.60516
System Launchd processes:
(dp) 0 HSlZc
544 - com.paragon-software.installer
0 - com.vix.cron
0 - com.microsoft.teams.TeamsUpdaterDaemon
0 0 com.google.keystone.daemon
542 - com.paragon-software.ntfsd
0 - com.teamviewer.Helper
0 - com.microsoft.office.licensingV2.helper
1483 0 com.microsoft.autoupdate.helper
0 - com.PowerLiftDaemon.app
0 0 org.cups.cupsd
0 - com.adobe.ARMDC.Communicator
0 - com.TestDateDaemon.app
0 - com.microsoft.OneDriveUpdaterDaemon
0 - com.adobe.ARMDC.SMJobBlessHelper
(dp) 0 com.paragon-software.ntfs.loader
189 - com.cleverfiles.cfbackd
User Login Items:
/Users/Shared/Apowersoft/Mac Apowersoft Helper/ApowersoftHelper.app
/Users/xxxxxxxxxx/Downloads/AppCleaner.app
/Users/xxxxxxxxxx/Downloads/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app
/Library/LaunchDaemons:
com.paragon-software.ntfs.loader.plist
--> Program Arguments: /sbin/kextload
--> Program Arguments: /Library/Extensions/ufsd_NTFS.kext
com.microsoft.office.licensingV2.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
com.adobe.ARMDC.Communicator.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.ARMDC.Communicator
com.cleverfiles.cfbackd.plist
--> Program Arguments: /Library/Application Support/CleverFiles/BackService.app/Contents/MacOS/cfbackd
com.google.keystone.daemon.plist
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon
com.microsoft.teams.TeamsUpdaterDaemon.plist
com.PowerLiftDaemon.plist
-> Program: /Library/PowerLiftDaemon/PowerLiftDaemon.app/Contents/MacOS/PowerLiftDaemon
com.apple.installer.osmessagetracing.plist
--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer
com.TestDateDaemon.plist
-> Program: /Library/TestDateDaemon/TestDateDaemon.app/Contents/MacOS/TestDateDaemon
com.paragon-software.installer.plist
-> Program: /Library/PrivilegedHelperTools/com.paragon-software.installer
com.teamviewer.teamviewer_service.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service
--> Program Arguments: -Module
--> Program Arguments: Full
com.teamviewer.Helper.plist
-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper
com.microsoft.OneDriveUpdaterDaemon.plist
com.paragon-software.ntfsd.plist
--> Program Arguments: /Library/Application Support/Paragon Software/com.paragon-software.ntfsd
com.oracle.java.Helper-Tool.plist
com.adobe.ARMDC.SMJobBlessHelper.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.ARMDC.SMJobBlessHelper
com.HSlZc.plist
-> Program: /Library/yYfUF/x9vQN
com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
/Library/LaunchAgents:
com.hyne-zoomantist.plist
com.google.keystone.xpcservice.plist
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost
com.Musophagidae.zr.plist
-> Program: /Library/Musophagidae.zr/Musophagidae.zr.app/Contents/MacOS/Musophagidae.zr
com.teamviewer.teamviewer_desktop.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
--> Program Arguments: -Module
--> Program Arguments: Full
com.google.keystone.agent.plist
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded
com.paragon-software.ntfs.notification-agent.plist
--> Program Arguments: /Library/Application Support/Paragon Software/com.paragon-software.ntfs.notification-agent.app/Contents/MacOS/NotificationAgent
com.teamviewer.teamviewer.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist
--> Program Arguments: /Library/Application Support/Adobe/ARMDC/Application/Acrobat Update Helper.app/Contents/MacOS/Acrobat Update Helper
com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: -checkForUpdates
~/Library/LaunchAgents:
com.SearchUp.plist
--> Program Arguments: /Users/xxxxxx/Library/Application Support/com.SearchUp/SearchUp
com.LinkBranch.plist
-> Program: /Users/xxxxxxx/Library/FileFinder/LinkBranch/LinkBranch
com.ReplayInfo.plist
--> Program Arguments: /Users/xxxxxxxx/Library/Application Support/com.ReplayInfo/ReplayInfo
com.Uriel.plist
--> Program Arguments: /Users/xxxxxxxx/Library/Uriel/Uriel.app/Contents/MacOS/Uriel
com.bc20.plist
-> Program: /Users/xxxxxxx/Library/bc20/bc20
User Crontab:
No cron jobs
/etc:
rc.common
bashrc
zshrc
rc.netboot
fstab
aliases
bashrc_Apple_Terminal
zprofile
zshrc_Apple_Terminal
/ $Root:
com.apple.TimeMachine.localsnapshots / .. children: 1
.file
.VolumeIcon.icns
opt / .. children: 0
~/ $Home:
iCloud Drive (Archivio) / .. children: 9
.config / .. children: 3
.java / .. children: 1
.DDPreview / .. children: 0
Downloads / .. children: 321
Pictures / .. children: 45
Documents / .. children: 40
.local / .. children: 1
Music / .. children: 6
Movies / .. children: 5
Library / .. children: 89
Desktop / .. children: 42
Samsung / .. children: 2
.oracle_jre_usage / .. children: 2
Public / .. children: 2
.android / .. children: 3
.cups / .. children: 1
.bash_sessions / .. children: 7
.cisco / .. children: 1
.CFUserTextEncoding
.librtc
.mono / .. children: 1
.Trash / .. children: 0
Applications / .. children: 4
.bash_history
~/Library:
Reminders / .. children: 2
studentd / .. children: 3
bc20 / .. children: 3
PowerLift / .. children: 1
Address Book Plug-Ins / .. children: 4
PDF Expert / .. children: 3
com.apple.icloud.searchpartyd / .. children: 4
Uriel / .. children: 1
HomeKit / .. children: 11
ApplicationMor / .. children: 2
Receipts / .. children: 2
utilityData / .. children: 0
FrontBoard / .. children: 3
MediaStream / .. children: 7
PersonalizationPortrait / .. children: 5
Google / .. children: 1
VoiceTrigger / .. children: 1
PDF Services / .. children: 0
.focGw3
Family / .. children: 1
com.amplitude.plist
UIKitSystem / .. children: 1
.SavedStamps / .. children: 0
com.amplitude.database
Personas / .. children: 3
FileFinder / .. children: 10
~/Library/Application Support:
com.apple.sbd / .. children: 2
Movavi / .. children: 1
com.apple.replayd / .. children: 0
Mozilla / .. children: 2
Helper / .. children: 0
DetectX Swift / .. children: 3
com.guidedways.TodoMac / .. children: 1
com.apple.kvs / .. children: 1
com.paragon-software.ntfs.fsapp / .. children: 1
com.ReplayInfo / .. children: 0
com.apple.transparencyd / .. children: 5
com.microsoft.teams.helper / .. children: 1
com.apple.touristd / .. children: 5
Firefox / .. children: 5
com.wondershare.PDFelement / .. children: 5
SyncServices / .. children: 1
EtreCheck / .. children: 2
Cisco / .. children: 1
Microsoft Update Assistant / .. children: 2
TeamViewer / .. children: 1
com.apple.akd / .. children: 1
zoom.us / .. children: 2
com.apple.AMPLibraryAgent / .. children: 3
PDF Expert / .. children: 6
XLD / .. children: 2
MobileSync / .. children: 2
Sky Go / .. children: 38
Telegram Desktop / .. children: 2
uTorrent / .. children: 34
com.microsoft.teams / .. children: 1
Apple / .. children: 1
dmd / .. children: 0
uTorrent Web / .. children: 10
OxygenXMLEditor / .. children: 1
com.SearchUp / .. children: 1
iCareFone for WhatsApp Transfer / .. children: 2
com.paragon-software.ntfs.notification-agent / .. children: 1
Disk Drill / .. children: 1
WAF / .. children: 4
AnyMP4 Studio / .. children: 1
2Do / .. children: 2
SyncMate5 / .. children: 11
TrustedPeersHelper / .. children: 0
com.readdle.PDFExpert-Mac / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 4
TorBrowser-Data / .. children: 3
DiskDrill / .. children: 1
ABBYY / .. children: 1
DiskImages / .. children: 1
CoreParsec / .. children: 0
System Preferences / .. children: 0
Skype / .. children: 6
µTorrent / .. children: 1
FileProvider / .. children: 2
org.videolan.vlc / .. children: 1
WebEx Folder / .. children: 4
com.wondershare.PDFelement6.Professional / .. children: 5
com.Uriel / .. children: 1
MediaHuman / .. children: 1
Combo Cleaner / .. children: 3
CEF / .. children: 1
com.wondershare.Installer / .. children: 1
Google / .. children: 4
Microsoft AU Daemon / .. children: 2
Microsoft / .. children: 2
Webex Meetings / .. children: 3
Oracle / .. children: 1
com.lighting.huesync / .. children: 7
Microsoft AutoUpdate / .. children: 2
2DoLogFile.log
com.movavi.pdfeditor2 / .. children: 1
JREInstaller / .. children: 1
Adobe / .. children: 5
SAlt-TOne / .. children: 1
transparencyd / .. children: 0
Movavi PDF Editor 2 / .. children: 1
syncdefaultsd / .. children: 0
LibreOffice / .. children: 1
com.apple.ContextStoreAgent / .. children: 1
Google Earth / .. children: 3
Morph Age / .. children: 1
PDFelement / .. children: 2
Backups / .. children: 1
com.tenorshare.iCareFoneForWhatsAppTransfer / .. children: 1
com.eltima.cmd1 / .. children: 1
~/Library/Safari/Extensions:
*-- Folder doesn't exist or is inaccessible --*
~/Library/Internet Plug-Ins:
WebEx64.plugin
/Users/Shared:
Key-Base / .. children: 1
adi / .. children: 0
Apowersoft / .. children: 1
Previously Relocated Items / .. children: 1
fl
sf.plist
Combo Cleaner / .. children: 0
SC Info / .. children: 0
AdvanceKeyBase / .. children: 3
/Applications:
Firefox.app
Blackmagic Disk Speed Test.app
MediaHuman YouTube Downloader.app
PDFelement.app
Tor Browser.app
LibreOffice.app
Google Earth Pro.app
Commander One.app
Skype.app
DetectX Swift.app
Google Chrome.app
uTorrent Web.app
Caffeine.app
Microsoft PowerPoint.app
AxCrypt.app
zoom.us.app
Movavi PDF Editor 2.app
Microsoft Excel.app
Adobe Acrobat Reader DC.app
EtreCheckPro.app
VLC.app
Microsoft OneNote.app
ApowerREC / .. children: 2
TeamViewer.app
Microsoft Word.app
The Unarchiver.app
Skype for Business.app
Hue Sync.app
OneDrive.app
Microsoft Teams.app
Skype 2.app
Microsoft Outlook.app
PDF Expert.app
/Library:
ApplicationContents / .. children: 2
bc20 / .. children: 3
HostUUID
ApplicationaContents / .. children: 2
Catacomb / .. children: 1
fishwoman_unhushed / .. children: 1
InstallerSandboxes / .. children: 2
Apple / .. children: 3
OSAnalytics / .. children: 2
ApplicationMor / .. children: 2
User Template / .. children: 41
.Dc3r
TestDateDaemon / .. children: 1
.B92c0853ecfc
yYfUF / .. children: 2
DriverExtensions / .. children: 0
Google / .. children: 3
Musophagidae.zr / .. children: 0
UpdatesMac / .. children: 0
ApowerREC / .. children: 0
.c3sh4R
StagedDriverExtensions / .. children: 0
PowerLiftDaemon / .. children: 0
SystemExtensions / .. children: 1
SavedDataFiles / .. children: 2
/Library/Application Support:
Mozilla / .. children: 2
Macromedia / .. children: 1
TeamViewer / .. children: 1
com.TestDateDaemon / .. children: 1
Pulse Secure / .. children: 1
Mica / .. children: 1
Google / .. children: 1
Microsoft / .. children: 2
Oracle / .. children: 0
Paragon Software / .. children: 5
CleverFiles / .. children: 2
Adobe / .. children: 6
/Library/Extensions:
AppleMobileDevice.kext
ufsd_NTFS.kext
ssuddrv.kext
/Library/Internet Plug-Ins:
ZoomUsPlugIn.plugin
PepperFlashPlayer / .. children: 0
/Library/Managed Preferences:
*-- Folder doesn't exist or is inaccessible --*
/Library/PrivilegedHelperTools:
com.microsoft.office.licensingV2.helper
com.adobe.ARMDC.Communicator
com.paragon-software.installer
com.teamviewer.Helper
com.adobe.ARMDC.SMJobBlessHelper
com.microsoft.autoupdate.helper
/Library/ScriptingAdditions:
/Library/StartupItems:
/Library/Updates:
ProductMetadata.plist
index.plist
PreflightContainers / .. children: 1
Top Processes:
%CPU PID COMMAND
22.0 278 WindowServer
8.3 364 Dock
5.7 572 Google Chrome He
4.6 1179 Google Chrome He
4.5 0 kernel_task
2.3 1469 Microsoft Word
2.0 361 trustd
1.3 558 Google Chrome
1.2 173 launchservicesd
0.8 294 runningboardd
Grazie Alberto valuterò il tuo suggerimento !!!Alberto.G ha scritto: ↑gio, 26 nov 2020 14:59Molto strano il tuo caso.
In effetti, dopo ben 2 volte, DetectX NON segnala nulla: per lui è tutto normale.
Per cui sul tuo MBP non è installato nulla che possa rientrare in un adware o malware.
E perché hai quel fastidio delle finestre?
Già altre volte sul nostro Forum vennero segnalate situazioni molto simili alla tua e, immancabilmente, DetectX rilevò file “pericolosi” presenti nei Mac.
A meno che non sia presente un programma o altro che, secondo DetectX non è riconosciuto come adware, ma che ti crea quel fastidio.
Non saprei come aiutarti nella ricerca.
Comunque esiste, come sempre, la soluzione “classica” : inizializzare tutto il disco e ripartire da zero.
Hai scritto che hai sufficienti “paracadute” per cui vedo che sei a posto.
Come ho fatto io, già alcune volte, da Recovery scegli l’opzione di “Reinstallazione macOS”, dopo aver prima inizializzato il disco, infine importi dall’ultimo backup di TM tutti i tuoi dati.
Codice: Seleziona tutto
com.Musophagidae.zr.app
Codice: Seleziona tutto
com.Musophagidae.zr.plist
-> Program: /Library/Musophagidae.zr/Musophagidae.zr.app/Contents/MacOS/Musophagidae.zr
Codice: Seleziona tutto
com.Musophagidae.zr.plist
-> Program: /Library/Musophagidae.zr/Musophagidae.zr.app/Contents/MacOS/Musophagidae.zr
Visitano il forum: Nessuno e 3 ospiti