Pagina 32 di 33
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 00:13
da Jethro
paolinoweb-due- ha scritto: ↑sab, 23 ott 2021 00:05
Ciao a tutti, tocca a me con i report.
...
Uhm... nomi a caso dal dizionario... Mi sa che è Pirrit:
viewtopic.php?p=407057#p407057
Oppure una sua variante più moderna
...
Bon, se ormai vi è entrata la porcheria nel Mac, sappiate che non possiamo nenache dare un nome fisso ai files che crea, perchè il furbo programmino si va a prelevare dal file del dizionario del Mac alcune parole a caso (ma sono tutte nel dizionario, quindi noi possiamo sgamarlo!) e le usa come nome per i suoi files, utenti (sì, crea nuovi utenti fantasma!), script e .plist. Simpatico, no?
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 00:37
da paolinoweb
Jethro ha scritto: ↑sab, 23 ott 2021 00:13
paolinoweb-due- ha scritto: ↑sab, 23 ott 2021 00:05
Ciao a tutti, tocca a me con i report.
...
Uhm... nomi a caso dal dizionario... Mi sa che è Pirrit:
viewtopic.php?p=407057#p407057
Oppure una sua variante più moderna
...
Bon, se ormai vi è entrata la porcheria nel Mac, sappiate che non possiamo nenache dare un nome fisso ai files che crea, perchè il furbo programmino si va a prelevare dal file del dizionario del Mac alcune parole a caso (ma sono tutte nel dizionario, quindi noi possiamo sgamarlo!) e le usa come nome per i suoi files, utenti (sì, crea nuovi utenti fantasma!), script e .plist. Simpatico, no?
Ciao Jethro, si pieno di nomi a casaccio.
Mi guardo il topic, grazie
Nel frattempo sto facendo girare malwarebytes, troppe cose da cancellare vediamo se da una mano...
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 01:06
da paolinoweb
Mi sembra molto meglio anche se non capisco..malwarebytes mi ha rilevato due estensioni di google chrome, eliminate, riavviato,
riapro detectx per fare profilo e vedo che in history 50ina di cambiamenti... guardo... quasi tutti i nomi casuali cancellati... ma
perchè li ha cancellati dopo la scansione e riavvio di malwarebytes? lo avevo già riavviato detectX, non credo che le due estensioni abbiano creato tutte quelle voci... gli erano rimaste sul groppone a detectX forse... cmq bene cancello i nomi a caso e forse me la cavo.
poi c'è l'altro mac...
ma sonno....
Codice: Seleziona tutto
\f0\fs24 \cf0 Timestamp (8): Sat Oct 23 00:18:18 2021\
DetectX Swift v1.0981\
\
macOS: Version 10.14.6 (Build 18G9323)\
File System: apfs\
Temp: The thermal state is within normal limits.\
\
Boot time: Sat Oct 23 00:12:16 2021\
Uptime: up 6 mins, 1 user\
\
Spotlight status for /:\
Indexing enabled. \
System Integrity Protection status: enabled.\
Gatekeeper status: enabled for App Store and identified developers.\
FileVault is Off.\
\
Internet: Reachable\
\
\
Hardware Overview:\
\
Model Name: MacBook Pro\
Model Identifier: MacBookPro11,1\
Processor Name: Intel Core i5\
Processor Speed: 2,6 GHz\
Number of Processors: 1\
Total Number of Cores: 2\
L2 Cache (per Core): 256 KB\
L3 Cache: 3 MB\
Hyper-Threading Technology: Enabled\
Memory: 8 GB\
Boot ROM Version: 431.140.6.0.0\
SMC Version (system): 2.16f68\
\
\
\
Sharing Preferences:\
\
File Sharing: Off\
Screen Sharing: Off\
Remote Management: Off\
Back To My Mac: Off\
Remote Login: Off\
Remote Apple Events: Off\
\
\
3rd Party Kexts (loaded):\
\
com.malwarebytes.mbam.rtprotection\
\
\
$PATH:\
\
PATH=/usr/bin:/bin:/usr/sbin:/sbin\
\
\
/etc/paths:\
/usr/bin\
/bin\
/usr/sbin\
/sbin\
/usr/local/bin\
\
/etc/paths.d/:\
\
~/.bash_profile:\
\
~/.bashrc:\
\
~/.bash_login:\
\
~/.profile:\
\
~/.bash_logout:\
\
\
PID Status Label\
492 0 com.microsoft.Word.2840\
497 0 com.microsoft.autoupdate.fba.1532\
438 0 com.google.Chrome.2792\
385 0 com.malwarebytes.mbam.frontend.agent\
- 0 com.openssh.ssh-agent\
- 0 com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae\
- 0 com.google.keystone.system.agent\
683 0 com.sqwarq.DetectX-Swift.4328\
- 0 com.spotify.client.startuphelper\
- 0 com.google.keystone.system.xpcservice\
387 0 com.spotify.webhelper\
498 0 com.microsoft.Office365Service.2832\
\
\
System Launchd processes:\
\
60 - com.malwarebytes.mbam.rtprotection.daemon\
181 - com.vix.cron\
0 - com.microsoft.office.licensing.helper\
0 - org.postfix.master\
0 - com.google.keystone.daemon\
0 - com.teamviewer.Helper\
174 - org.cups.cupsd\
224 - com.malwarebytes.mbam.settings.daemon\
\
\
\
User Login Items:\
\
/Applications/Adobe Reader.app/Contents/Support/AdobeResourceSynchronizer.app\
/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app\
/Users/[U501]/.Trash/Spotify.app\
/Applications/Spotify.app\
/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app\
\
\
\
/Library/LaunchDaemons:\
\
com.malwarebytes.mbam.settings.daemon.plist\
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon\
\
com.malwarebytes.mbam.rtprotection.daemon.plist\
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
--> Program Arguments: -i\
--> Program Arguments: Malwarebytes-Mac-4.13.5.4414.pkg\
\
com.google.keystone.daemon.plist\
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon\
\
com.apple.installer.osmessagetracing.plist\
--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer\
\
com.teamviewer.Helper.plist\
-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
\
com.teamviewer.teamviewer_service.plist\
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service\
--> Program Arguments: -Module\
--> Program Arguments: Full\
\
com.microsoft.office.licensing.helper.plist\
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper\
\
\
\
\
/Library/LaunchAgents:\
\
com.google.keystone.xpcservice.plist\
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
--> Program Arguments: -runMode\
--> Program Arguments: xpchost\
\
com.teamviewer.teamviewer_desktop.plist\
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop_Proxy\
--> Program Arguments: -RunAsAgent\
--> Program Arguments: YES\
--> Program Arguments: -Module\
--> Program Arguments: Full\
\
com.google.keystone.agent.plist\
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
--> Program Arguments: -runMode\
--> Program Arguments: ifneeded\
\
com.teamviewer.teamviewer.plist\
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer\
--> Program Arguments: -RunAsAgent\
--> Program Arguments: YES\
\
com.malwarebytes.mbam.frontend.agent.plist\
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent\
\
\
\
\
~/Library/LaunchAgents:\
\
com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist\
--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper\
--> Program Arguments: semi-auto\
\
com.spotify.webhelper.plist\
-> Program: /Users/[U501]/Library/Application Support/Spotify/SpotifyWebHelper\
\
\
User Crontab:\
\
No cron jobs\
\
\
\
/etc:\
\
kcpassword\
rc.common\
php.ini.default-5.2-previous~orig\
bashrc_Apple_Terminal\
bashrc\
zshrc\
ssh_config~orig\
moduli~previous\
rc.netboot\
efax.rc~previous\
php.ini.default-5.2-previous\
sshd_config~previous\
aliases\
zprofile\
\
/ $Root:\
\
.HFS+ Private Directory Data\
/ .. children: 0\
.PKInstallSandboxManager / .. children: 0\
file\
installer.failurerequests\
Informazioni utente\
.file\
.MobileBackups.trash / .. children: 1\
.Trashes / .. children: 0\
.OSInstallerMessages\
model\
\
~/ $Home:\
\
Music / .. children: 4\
.CFUserTextEncoding\
Pictures / .. children: 7\
.rnd\
Desktop / .. children: 22\
Library / .. children: 65\
.cups / .. children: 1\
Public / .. children: 3\
Movies / .. children: 3\
Applications / .. children: 2\
.Trash / .. children: 86\
Documents / .. children: 46\
Downloads / .. children: 8\
.bash_history\
\
\
\
~/Library:\
\
Filters / .. children: 0\
studentd / .. children: 4\
HomeKit / .. children: 5\
Google / .. children: 1\
Family / .. children: 1\
Fonts Disabled / .. children: 0\
PersonalizationPortrait / .. children: 1\
\
\
\
~/Library/Application Support:\
\
MPlayerX / .. children: 2\
com.apple.touristd / .. children: 3\
DiskImages / .. children: 1\
EasyFind / .. children: 0\
CoreParsec / .. children: 0\
com.apple.QuickLook / .. children: 1\
Google / .. children: 2\
Microsoft / .. children: 1\
Spotify / .. children: 4\
dmd / .. children: 0\
CEF / .. children: 1\
Adobe / .. children: 2\
NotificationCenter / .. children: 1\
TeamViewer / .. children: 1\
Ubiquity / .. children: 1\
com.sqwarq.DetectX-Swift / .. children: 4\
Aperture / .. children: 0\
com.malwarebytes.mbam / .. children: 1\
Preview / .. children: 0\
cacaoweb / .. children: 4\
\
\
\
~/Library/Safari/Extensions:\
\
*-- Folder doesn't exist or is inaccessible --*\
\
\
\
~/Library/Internet Plug-Ins:\
\
\
\
\
\
/Users/Shared:\
\
adi / .. children: 3\
SC Info / .. children: 0\
\
\
\
\
/Applications:\
\
cacaoweb.app\
Books.app\
TeamViewer.app\
EasyFind.app\
Home.app\
Google Chrome.app\
Microsoft Office 2011 / .. children: 10\
Adobe Reader.app\
News.app\
Install macOS Big Sur.app\
Spotify.app\
DetectX Swift.app\
Stocks.app\
Paint S.app\
Malwarebytes.app\
Remote Desktop Connection.app\
VoiceMemos.app\
iPhoto.app\
Microsoft Messenger.app\
\
\
\
/Library:\
\
grysbok / .. children: 1\
settings.dat\
sacken / .. children: 1\
diedric / .. children: 1\
sesquibasic / .. children: 1\
foreshoe / .. children: 1\
underwarmthUpd / .. children: 1\
duodecane / .. children: 1\
stammel / .. children: 1\
doggone / .. children: 1\
unwrongful / .. children: 1\
embed / .. children: 1\
panax / .. children: 1\
MacInstallfe\
anxious / .. children: 1\
salubrious / .. children: 1\
astony / .. children: 1\
Google / .. children: 2\
numerist / .. children: 1\
blessing / .. children: 1\
pseudostomatousUpd / .. children: 1\
congregation / .. children: 1\
hypnosporangium / .. children: 1\
unspontaneousUpd / .. children: 1\
beasthood / .. children: 1\
outcross / .. children: 1\
stumpiness / .. children: 1\
ethal / .. children: 1\
ukimathen / .. children: 1\
Itys / .. children: 1\
Coniferae / .. children: 1\
MacInstallfe8\
forepredicament / .. children: 1\
ragamuffin / .. children: 1\
Pegasus / .. children: 1\
radman-Boston / .. children: 1\
backup.zip\
ApplicationContents / .. children: 4\
preaccusation / .. children: 1\
Cedric / .. children: 1\
Automator / .. children: 94\
untreading / .. children: 1\
negligible / .. children: 1\
crinated / .. children: 1\
Laparosticti / .. children: 1\
superscript / .. children: 1\
dibasicity / .. children: 1\
GottliebUpd / .. children: 1\
perchlorinate / .. children: 1\
herbicolous / .. children: 1\
desight / .. children: 1\
womanwise-chanceled / .. children: 1\
quizzism / .. children: 1\
heptylic / .. children: 1\
Fonts Disabled / .. children: 16\
platelet / .. children: 1\
whimling / .. children: 1\
ostectomyUpd / .. children: 1\
hardiment / .. children: 1\
Lampsilis / .. children: 1\
unspecific / .. children: 1\
paginary / .. children: 1\
finfoot / .. children: 1\
churchful / .. children: 1\
crocoisite / .. children: 1\
pfutil\
\
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 02:19
da paolinoweb
Se vedete qualcosa... ho troppo sonno... ne vedo ancora un paio ma non convinto...
Codice: Seleziona tutto
(14): Sat Oct 23 01:34:57 2021\
DetectX Swift v1.0981\
\
macOS: Version 10.14.6 (Build 18G9323)\
File System: apfs\
Temp: The thermal state is within normal limits.\
\
Boot time: Sat Oct 23 00:12:19 2021\
Uptime: up 1:23, 1 user\
\
Spotlight status for /:\
Indexing enabled. \
System Integrity Protection status: enabled.\
Gatekeeper status: enabled for App Store and identified developers.\
FileVault is Off.\
\
Internet: Reachable\
\
\
\f0\b \cf2 Hardware Overview:
\f1\b0 \cf0 \
\
Model Name: MacBook Pro\
Model Identifier: MacBookPro11,1\
Processor Name: Intel Core i5\
Processor Speed: 2,6 GHz\
Number of Processors: 1\
Total Number of Cores: 2\
L2 Cache (per Core): 256 KB\
L3 Cache: 3 MB\
Hyper-Threading Technology: Enabled\
Memory: 8 GB\
Boot ROM Version: 431.140.6.0.0\
SMC Version (system): 2.16f68\
\
\
\
\f0\b \cf2 Sharing Preferences:
\f1\b0 \cf0 \
\
File Sharing: Off\
Screen Sharing: Off\
Remote Management: Off\
Back To My Mac: Off\
Remote Login: Off\
Remote Apple Events: Off\
\
\
\f0\b \cf2 3rd Party Kexts (loaded):
\f1\b0 \cf0 \
\
com.malwarebytes.mbam.rtprotection\
\
\
\f0\b \cf2 $PATH:
\f1\b0 \cf0 \
\
PATH=/usr/bin:/bin:/usr/sbin:/sbin\
\
\
\cf3 /etc/paths:\cf0 \
/usr/bin\
/bin\
/usr/sbin\
/sbin\
/usr/local/bin\
\
\cf3 /etc/paths.d/:\cf0 \
\
\cf3 ~/.bash_profile:\cf0 \
\
\cf3 ~/.bashrc:\cf0 \
\
\cf3 ~/.bash_login:\cf0 \
\
\cf3 ~/.profile:\cf0 \
\
\cf3 ~/.bash_logout:\cf0 \
\
\
\f0\b \cf2 User Launchd processes:
\f1\b0 \cf0 \
\
\f0\b \cf4 PID Status Label
\f1\b0 \cf0 \
492 0 com.microsoft.Word.2840\
497 0 com.microsoft.autoupdate.fba.1532\
438 0 com.google.Chrome.2792\
385 0 com.malwarebytes.mbam.frontend.agent\
- 0 com.openssh.ssh-agent\
- 0 com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae\
- 0 com.google.keystone.system.agent\
2361 0 com.sqwarq.DetectX-Swift.4328\
- 0 com.spotify.client.startuphelper\
- 0 com.google.keystone.system.xpcservice\
387 0 com.spotify.webhelper\
\
\
\f0\b \cf2 System Launchd processes:
\f1\b0 \cf0 \
\
60 - com.malwarebytes.mbam.rtprotection.daemon\
181 - com.vix.cron\
0 - com.microsoft.office.licensing.helper\
0 - org.postfix.master\
0 - com.google.keystone.daemon\
0 - com.teamviewer.Helper\
174 - org.cups.cupsd\
224 - com.malwarebytes.mbam.settings.daemon\
\
\
\
\f0\b \cf2 User Login Items:
\f1\b0 \cf0 \
\
/Applications/Spotify.app\
/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app\
\
\
\
\f0\b \cf2 /Library/LaunchDaemons:
\f1\b0 \cf0 \
\
com.malwarebytes.mbam.settings.daemon.plist\
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon\
\
com.malwarebytes.mbam.rtprotection.daemon.plist\
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon\
--> Program Arguments: -i\
--> Program Arguments: Malwarebytes-Mac-4.13.5.4414.pkg\
\
com.google.keystone.daemon.plist\
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon\
\
com.apple.installer.osmessagetracing.plist\
--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer\
\
com.teamviewer.Helper.plist\
-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper\
\
com.teamviewer.teamviewer_service.plist\
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service\
--> Program Arguments: -Module\
--> Program Arguments: Full\
\
com.microsoft.office.licensing.helper.plist\
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper\
\
\
\
\
\f0\b \cf2 /Library/LaunchAgents:
\f1\b0 \cf0 \
\
com.google.keystone.xpcservice.plist\
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
--> Program Arguments: -runMode\
--> Program Arguments: xpchost\
\
com.teamviewer.teamviewer_desktop.plist\
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop_Proxy\
--> Program Arguments: -RunAsAgent\
--> Program Arguments: YES\
--> Program Arguments: -Module\
--> Program Arguments: Full\
\
com.google.keystone.agent.plist\
--> Program Arguments: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent\
--> Program Arguments: -runMode\
--> Program Arguments: ifneeded\
\
com.teamviewer.teamviewer.plist\
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer\
--> Program Arguments: -RunAsAgent\
--> Program Arguments: YES\
\
com.malwarebytes.mbam.frontend.agent.plist\
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent\
\
\
\
\
\f0\b \cf2 ~/Library/LaunchAgents:
\f1\b0 \cf0 \
\
com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist\
--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper\
--> Program Arguments: semi-auto\
\
com.spotify.webhelper.plist\
-> Program: /Users/davide/Library/Application Support/Spotify/SpotifyWebHelper\
\
\
\f0\b \cf2 User Crontab:
\f1\b0 \cf0 \
\
No cron jobs\
\
\
\
\f0\b \cf2 /etc:
\f1\b0 \cf0 \
\
kcpassword\
rc.common\
php.ini.default-5.2-previous~orig\
bashrc_Apple_Terminal\
bashrc\
zshrc\
ssh_config~orig\
moduli~previous\
rc.netboot\
efax.rc~previous\
php.ini.default-5.2-previous\
sshd_config~previous\
aliases\
zprofile\
\NON FATE CASO A QUELLO EVIDENZIATO IN NERO CHE SI TROVA SPESSO.. PASSAGGIO FILE TEXTEDIT A WINDOWS....
[b]
\f0\b \cf2 [/b] / $Root:
[b]\f1\b0 \cf0 \[/b]
\
.HFS+ Private Directory Data\
\cf3 / .. children: 0\cf0 \
.PKInstallSandboxManager \cf3 / .. children: 0\cf0 \
file\
installer.failurerequests\
Informazioni utente\
.file\
.MobileBackups.trash \cf3 / .. children: 1\cf0 \
.Trashes \cf3 / .. children: 0\cf0 \
.OSInstallerMessages\
model\
\
\f0\b \cf2 ~/ $Home:
\f1\b0 \cf0 \
\
Music \cf3 / .. children: 4\cf0 \
.CFUserTextEncoding\
Pictures \cf3 / .. children: 7\cf0 \
.rnd\
Desktop \cf3 / .. children: 21\cf0 \
Library \cf3 / .. children: 65\cf0 \
.cups \cf3 / .. children: 1\cf0 \
.bash_sessions \cf3 / .. children: 7\cf0 \
Public \cf3 / .. children: 3\cf0 \
Movies \cf3 / .. children: 3\cf0 \
Applications \cf3 / .. children: 2\cf0 \
.Trash \cf3 / .. children: 0\cf0 \
Documents \cf3 / .. children: 46\cf0 \
Downloads \cf3 / .. children: 8\cf0 \
.bash_history\
\
\
\
\f0\b \cf2 ~/Library:
\f1\b0 \cf0 \
\
Filters \cf3 / .. children: 0\cf0 \
studentd \cf3 / .. children: 4\cf0 \
HomeKit \cf3 / .. children: 5\cf0 \
Google \cf3 / .. children: 1\cf0 \
Family \cf3 / .. children: 1\cf0 \
Fonts Disabled \cf3 / .. children: 0\cf0 \
PersonalizationPortrait \cf3 / .. children: 1\cf0 \
\
\
\
\f0\b \cf2 ~/Library/Application Support:
\f1\b0 \cf0 \
\
MPlayerX \cf3 / .. children: 2\cf0 \
com.apple.touristd \cf3 / .. children: 3\cf0 \
DiskImages \cf3 / .. children: 1\cf0 \
EasyFind \cf3 / .. children: 0\cf0 \
CoreParsec \cf3 / .. children: 0\cf0 \
com.apple.QuickLook \cf3 / .. children: 1\cf0 \
Google \cf3 / .. children: 2\cf0 \
Microsoft \cf3 / .. children: 1\cf0 \
Spotify \cf3 / .. children: 4\cf0 \
dmd \cf3 / .. children: 0\cf0 \
CEF \cf3 / .. children: 1\cf0 \
Adobe \cf3 / .. children: 2\cf0 \
NotificationCenter \cf3 / .. children: 1\cf0 \
TeamViewer \cf3 / .. children: 1\cf0 \
Ubiquity \cf3 / .. children: 1\cf0 \
com.sqwarq.DetectX-Swift \cf3 / .. children: 4\cf0 \
Aperture \cf3 / .. children: 0\cf0 \
com.malwarebytes.mbam \cf3 / .. children: 1\cf0 \
Preview \cf3 / .. children: 0\cf0 \
cacaoweb \cf3 / .. children: 4}
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 10:38
da Alberto.G
paolinoweb-due- ha scritto: ↑sab, 23 ott 2021 02:19
Se vedete qualcosa... ho troppo sonno... ne vedo ancora un paio ma non convinto...
Ciao paolinoweb-due- vedo che sei riuscito, sia con DetectX che con
“la mano” di Malwarebytes, a cancellare tutti quei nomi a caso!
Se DetectX ti ha rilevato ancora un paio di nomi, ritengo evidenziati in finestra STATUS, una volta eliminati con questa app, dovresti essere arrivato alla conclusione.
Analizzando anche l’ultimo Profile che hai postato, non vedo app “sospette” o presenza di programmi antivirus.
Certamente tu che hai il MBP (Model 11,1) sotto gli occhi, puoi valutare ancora meglio la situazione.
Ultima cosa: scrivi
\NON FATE CASO A QUELLO EVIDENZIATO IN NERO CHE SI TROVA SPESSO.. PASSAGGIO FILE TEXTEDIT A WINDOWS....
ma non vedo nessuna riga o parola evidenziata in nero; probabilmente inserendo il testo di Profile come Codice si saranno perse…
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 13:16
da paolinoweb
Alberto.G ha scritto: ↑sab, 23 ott 2021 10:38
paolinoweb-due- ha scritto: ↑sab, 23 ott 2021 02:19
Se vedete qualcosa... ho troppo sonno... ne vedo ancora un paio ma non convinto...
Ciao paolinoweb-due- vedo che sei riuscito, sia con DetectX che con
“la mano” di Malwarebytes, a cancellare tutti quei nomi a caso!
Se DetectX ti ha rilevato ancora un paio di nomi, ritengo evidenziati in finestra STATUS, una volta eliminati con questa app, dovresti essere arrivato alla conclusione.
Analizzando anche l’ultimo Profile che hai postato, non vedo app “sospette” o presenza di programmi antivirus.
Certamente tu che hai il MBP (Model 11,1) sotto gli occhi, puoi valutare ancora meglio la situazione.
Ultima cosa: scrivi
\NON FATE CASO A QUELLO EVIDENZIATO IN NERO CHE SI TROVA SPESSO.. PASSAGGIO FILE TEXTEDIT A WINDOWS....
ma non vedo nessuna riga o parola evidenziata in nero; probabilmente inserendo il testo di Profile come Codice si saranno perse…
Buongiorno Alberto,
grazie, speravo anche in tuo intervento oltre degli altri amici del forum
non fare caso alla mia frase sono solo
\f0\b \cf2 \f1\b0 \cf0 ad esempio che si trovano nel report ma non sono stringhe o file, sono caratteri casuali nel report.
Per DetectX e MB tutto pulito ma :
mdm e
cacaoweb
in
~/Library/Application Support ti sembrano buoni?
cacaoweb era un software per vedere film o un sito un qualcosa tanti anni fa. toglierei... mdm non trovo nulla...sarà casuale anche questa da togliere?
Malwarebytes questa volta ha dato il meglio di sè.
Ho un altro Mac un Air 2011 da finire di pulire, mi permetto di postare un nuovo profilo, poi se ne avete voglia ben venga vostro aiuto
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 13:38
da paolinoweb
Nuovo profilo su altro Macbook Air 2011 stavolta i5 con 4GB/256GB
Primo screenshot Detectx Swift, parte delle minacce tolte.
Secondo screenshot fatto pochi minuti fa quando ho acceso l' Air.. apro DetectX per postare profilo che segue e mi aggiunge quel file vedo da history
C'è qualcosa che crea spazzatura all'accensione..
C'è avast da togliere, non ho l'ausilio di MB perchè non compatibile con El Capitan, dovrei avere versioni vecchie ma qui si va di mano!!
Help.. ora comincio a levare... se vedete segnalate!!
Codice: Seleziona tutto
macOS: Version 10.11.6 (Build 15G31)
-- a security update for El Capitan may be available in the App Store
File System: hfs
Temp: The thermal state is within normal limits.
Boot time: Sat Oct 23 13:17:54 2021
Uptime: 2 mins, 1 user
Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.
Internet: Reachable
Hardware Overview:
Model Name: MacBook Air
Model Identifier: MacBookAir4,2
Processor Name: Intel Core i5
Processor Speed: 1.7 GHz
Number of Processors: 1
Total Number of Cores: 2
L2 Cache (per Core): 256 KB
L3 Cache: 3 MB
Memory: 4 GB
Boot ROM Version: MBA41.0077.B14
SMC Version (system): 1.73f66
Sharing Preferences:
File Sharing: Off
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off
3rd Party Kexts (loaded):
com.avast.FileShield
com.avast.PacketForwarder
$PATH:
PATH=/usr/bin:/bin:/usr/sbin:/sbin
/etc/paths:
/usr/bin
/bin
/usr/sbin
/sbin
/usr/local/bin
/etc/paths.d/:
~/.bash_profile:
~/.bashrc:
~/.bash_login:
~/.profile:
~/.bash_logout:
PID Status Label
- 0 com.google.keystone.user.xpcservice
- 0 com.avast.userinit
- 0 org.openbsd.ssh-agent
- 0 com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae
748 0 com.avast.Antivirus
901 0 com.avast.hub
- 0 com.oracle.java.Java-Updater
354 0 com.google.GoogleDrive.50592
318 0 com.spotify.webhelper
775 0 com.sqwarq.DetectX-Swift.119392
- 1 com.google.keystone.user.agent
348 0 com.epson.USB_Display_Agent.107872
System Launchd processes:
0 - com.avast.hub.xpc
0 - com.vix.cron
0 - com.microsoft.office.licensing.helper
0 - com.avast.hub.schedule
0 - org.postfix.master
0 - com.teamviewer.Helper
0 - com.avast.update
608 - com.avast.securedns
189 - com.avast.daemon
762 - com.avast.api.xpc
218 - org.cups.cupsd
0 - com.avast.uninstall
0 - com.adobe.fpsaud
0 0 com.avast.init
0 - com.avast.submit
534 - com.avast.proxy
0 - com.oracle.java.Helper-Tool
0 0 org.postfix.newaliases
220 - org.ntp.ntpd
500 - com.avast.service
617 - com.avast.hns
495 - com.avast.fileshield
User Login Items:
iTunesHelper
AdobeResourceSynchronizer
Google Drive
Spotify
ZoomOpener
/Library/LaunchDaemons:
com.adobe.fpsaud.plist
--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
com.avast.hub.schedule.plist
--> Program Arguments: /Library/Application Support/AvastHUB/com.avast.hub.app/Contents/scripts/schedule.sh
--> Program Arguments: --ttl
--> Program Arguments: 14400
com.avast.hub.xpc.plist
-> Program: /Library/Application Support/AvastHUB/com.avast.hub.app/Contents/Helpers/com.avast.hub.xpc
com.avast.init.plist
--> Program Arguments: /Applications/Avast.app/Contents/Backend/hub/init.sh
com.avast.uninstall.plist
--> Program Arguments: /Library/Application Support/Avast/autouninstall/autouninstall.sh
com.avast.update.plist
--> Program Arguments: /Applications/Avast.app/Contents/Backend/scripts/update/update.sh
com.microsoft.office.licensing.helper.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
com.oracle.java.Helper-Tool.plist
--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
com.teamviewer.Helper.plist
-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper
com.teamviewer.teamviewer_service.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service
--> Program Arguments: -Module
--> Program Arguments: Full
PPPMonitord.plist
/Library/LaunchAgents:
com.avast.hub.plist
-> Program: /Library/Application Support/AvastHUB/com.avast.hub.app/Contents/MacOS/com.avast.hub
com.avast.userinit.plist
-> Program: /Applications/Avast.app/Contents/Backend/hub/userinit.sh
com.oracle.java.Java-Updater.plist
--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
--> Program Arguments: -bgcheck
com.teamviewer.teamviewer.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
com.teamviewer.teamviewer_desktop.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
--> Program Arguments: -Module
--> Program Arguments: Full
Swapper.plist
~/Library/LaunchAgents:
com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist
--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper
com.google.keystone.agent.plist
--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded
com.google.keystone.xpcservice.plist
--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost
com.spotify.webhelper.plist
-> Program: /Users/[U501]/Library/Application Support/Spotify/SpotifyWebHelper
User Crontab:
No cron jobs
/etc:
aliases
authorization.deprecated
bashrc
bashrc_Apple_Terminal
efax.rc
kcpassword
moduli~previous
php.ini.default-5.2-previous
rc.common
rc.netboot
zprofile
zshrc
/ $Root:
.file
.MobileBackups / .. children: 1
.svn / .. children: 6
.Trashes / .. children: 0
DamagedFiles / .. children: 1
Incompatible Software / .. children: 4
installer.failurerequests
lost+found / .. children: 1
Manuali utente e informazioni
model
~/ $Home:
.android / .. children: 2
.bash_history
.CFUserTextEncoding
.cups / .. children: 1
.filezilla / .. children: 6
.fontconfig / .. children: 3
.InstallAnywhere / .. children: 0
.oracle_jre_usage / .. children: 1
.rnd
.Trash / .. children: 445
.Xauthority
.zoomus / .. children: 0
Applications / .. children: 2
CALENDARIO LEZ-16-17 / .. children: 3
Desktop / .. children: 72
Di Napoli et al., 2016.pdf
Documents / .. children: 202
Downloads / .. children: 334
Google Drive / .. children: 1
Library / .. children: 58
Movies / .. children: 2
Music / .. children: 21
Pictures / .. children: 109
Public / .. children: 4
~/Library:
Address Book Plug-Ins / .. children: 2
com.apple.nsurlsessiond / .. children: 0
Filters / .. children: 0
Fonts Disabled / .. children: 0
Frameworks / .. children: 1
Google / .. children: 1
Icons / .. children: 1
InstallData / .. children: 2
Mail Downloads / .. children: 46
Widgets / .. children: 1
~/Library/Application Support:
Adobe / .. children: 4
Aperture / .. children: 0
audacity / .. children: 7
Avast / .. children: 2
AvastHUB / .. children: 2
cacaoweb / .. children: 4
CEF / .. children: 1
com.apple.QuickLook / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 4
DVD Player / .. children: 1
eSellerate / .. children: 1
Firefox / .. children: 3
GarageBand / .. children: 3
Google / .. children: 4
Google Earth / .. children: 4
Hewlett-Packard / .. children: 1
iLifePageLayout / .. children: 1
iMovie / .. children: 2
Java / .. children: 0
JREInstaller / .. children: 1
Mail / .. children: 1
Microsoft / .. children: 2
MindVision / .. children: 0
MobileMeSyncClient / .. children: 0
MobileSync / .. children: 1
Mozilla / .. children: 1
MPlayerX / .. children: 2
NCH Software / .. children: 2
Oracle / .. children: 1
org.videolan.vlc / .. children: 1
Preview / .. children: 0
RealNetworks / .. children: 1
Skype / .. children: 11
Spotify / .. children: 5
SyncServices / .. children: 1
TeamViewer / .. children: 1
Ubiquity / .. children: 4
zoom.us / .. children: 2
~/Library/Safari/Extensions:
Extensions.plist
wrc.safariextz
~/Library/Internet Plug-Ins:
RealPlayer Plugin.plugin
ZoomUsPlugIn.plugin
/Users/Shared:
.com.hp.Installer.plist
adi / .. children: 0
Adobe / .. children: 0
Hewlett-Packard / .. children: 1
Library / .. children: 1
SC Info / .. children: 0
/Applications:
Adobe Reader.app
Android File Transfer.app
Audacity.app
Avast.app
Chiavetta Internet MT191UP.app
Contratti di Locazione 9.5.4 / .. children: 13
DetectX Swift.app
djvulibre-3.5.22+djview-4.5-universal / .. children: 7
FileZilla.app
Final Music Converter.app
Firefox.app
Google Chrome.app
Google Drive.app
Google Earth.app
Hewlett-Packard / .. children: 8
iPhoto.app
MacTutorial Viewer.app
Microsoft Messenger.app
Microsoft Office 2011 / .. children: 10
Microsoft Silverlight
partita iva / .. children: 2
RealPlayer.app
Remote Desktop Connection.app
Scratch 1.4 / .. children: 11
Spotify.app
Switch.app
TeamViewer.app
The Unarchiver.app
Uninstall Chiavetta Internet MT191UP.app
USB Display / .. children: 2
VLC.app
WinDjView-2.0.2-Setup (1) / .. children: 4
/Library:
.svn / .. children: 6
Automator / .. children: 96
Fonts Disabled / .. children: 16
Google / .. children: 2
Mozilla / .. children: 1
Server / .. children: 1
/Library/Application Support:
.BcJztTv_ud
Adobe / .. children: 6
Avast / .. children: 8
AvastHUB / .. children: 4
Hewlett-Packard / .. children: 6
Join Air / .. children: 2
laser / .. children: 3
Macromedia / .. children: 2
Microsoft / .. children: 4
Oracle / .. children: 1
/Library/Extensions:
EPSONUSBPrintClass.kext
hp_io_enabler_compound.kext
/Library/Internet Plug-Ins:
AdobePDFViewer.plugin
AdobePDFViewerNPAPI.plugin
Default Browser.plugin
DirectorShockwave.plugin
Disabled Plug-Ins / .. children: 2
Flash Player.plugin
flashplayer.xpt
JavaAppletPlugin.plugin
Quartz Composer.webplugin
SharePointBrowserPlugin.plugin
SharePointWebKitPlugin.webplugin
Silverlight.plugin
/Library/Managed Preferences:
*-- Folder doesn't exist or is inaccessible --*
/Library/PrivilegedHelperTools:
com.microsoft.office.licensing.helper
com.teamviewer.Helper
/Library/ScriptingAdditions:
/Library/StartupItems:
/Library/Updates:
041-88548 / .. children: 3
041-88740 / .. children: 18
041-88833 / .. children: 3
041-89046 / .. children: 3
041-89069 / .. children: 3
041-89073 / .. children: 5
041-90802 / .. children: 5
index.plist
PPDVersions.plist
ProductMetadata.plist
zzzz041-94863 / .. children:
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 14:31
da paolinoweb
Dopo lunga pulizia a mano - causa avast che era ovunque -
sono giunto qui.
/Library/Updates
che ne pensate di tutte le cartelle che
contengono un'infinità di pkg difficili da definire?
Vi chiedo.. questo air arriva a High Sierra, io l'ho portato a El Capitan da 10.7 Lion ... ha solo 4 GB di Ram... Temo perdita reattività con HS con 4 GB
Avesse 8 Gb lo avrei portato a HS ... che fareste? El C o HS ?
Codice: Seleziona tutto
Timestamp (15): sab ott 23 14:16:04 2021
DetectX Swift v1.0981
macOS: Version 10.11.6 (Build 15G31)
-- a security update for El Capitan may be available in the App Store
File System: hfs
Temp: The thermal state is within normal limits.
Boot time: Sat Oct 23 14:15:13 2021
Uptime: 51 secs, 1 user
Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.
Internet: Reachable
Hardware Overview:
Model Name: MacBook Air
Model Identifier: MacBookAir4,2
Processor Name: Intel Core i5
Processor Speed: 1.7 GHz
Number of Processors: 1
Total Number of Cores: 2
L2 Cache (per Core): 256 KB
L3 Cache: 3 MB
Memory: 4 GB
Boot ROM Version: MBA41.0077.B14
SMC Version (system): 1.73f66
Sharing Preferences:
File Sharing: Off
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off
3rd Party Kexts (loaded):
$PATH:
PATH=/usr/bin:/bin:/usr/sbin:/sbin
/etc/paths:
/usr/bin
/bin
/usr/sbin
/sbin
/usr/local/bin
/etc/paths.d/:
~/.bash_profile:
~/.bashrc:
~/.bash_login:
~/.profile:
~/.bash_logout:
PID Status Label
324 0 com.google.keystone.user.xpcservice
- 0 org.openbsd.ssh-agent
- 0 com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae
- 0 com.oracle.java.Java-Updater
308 0 com.google.GoogleDrive.50592
285 0 com.spotify.webhelper
394 0 com.sqwarq.DetectX-Swift.119392
- 0 com.google.keystone.user.agent
299 0 com.epson.USB_Display_Agent.107872
System Launchd processes:
0 - com.vix.cron
0 - com.microsoft.office.licensing.helper
0 - org.postfix.master
0 - com.teamviewer.Helper
192 - org.cups.cupsd
0 - com.adobe.fpsaud
0 - com.oracle.java.Helper-Tool
0 0 org.postfix.newaliases
190 - org.ntp.ntpd
User Login Items:
iTunesHelper
AdobeResourceSynchronizer
Google Drive
Spotify
ZoomOpener
/Library/LaunchDaemons:
com.adobe.fpsaud.plist
--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
com.microsoft.office.licensing.helper.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
com.oracle.java.Helper-Tool.plist
--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
com.teamviewer.Helper.plist
-> Program: /Library/PrivilegedHelperTools/com.teamviewer.Helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.teamviewer.Helper
com.teamviewer.teamviewer_service.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Service
--> Program Arguments: -Module
--> Program Arguments: Full
PPPMonitord.plist
/Library/LaunchAgents:
com.oracle.java.Java-Updater.plist
--> Program Arguments: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater
--> Program Arguments: -bgcheck
com.teamviewer.teamviewer.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
com.teamviewer.teamviewer_desktop.plist
--> Program Arguments: /Applications/TeamViewer.app/Contents/MacOS/TeamViewer_Desktop
--> Program Arguments: -RunAsAgent
--> Program Arguments: YES
--> Program Arguments: -Module
--> Program Arguments: Full
Swapper.plist
~/Library/LaunchAgents:
com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist
--> Program Arguments: /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper
com.google.keystone.agent.plist
--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: ifneeded
com.google.keystone.xpcservice.plist
--> Program Arguments: /Users/[U501]/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent
--> Program Arguments: -runMode
--> Program Arguments: xpchost
com.spotify.webhelper.plist
-> Program: /Users/[U501]/Library/Application Support/Spotify/SpotifyWebHelper
User Crontab:
No cron jobs
/etc:
aliases
authorization.deprecated
bashrc
bashrc_Apple_Terminal
efax.rc
kcpassword
moduli~previous
php.ini.default-5.2-previous
rc.common
rc.netboot
zprofile
zshrc
/ $Root:
.file
.MobileBackups / .. children: 1
.MobileBackups.trash / .. children: 1
.svn / .. children: 6
.Trashes / .. children: 0
installer.failurerequests
lost+found / .. children: 1
Manuali utente e informazioni
~/ $Home:
.android / .. children: 2
.bash_history
.bash_sessions / .. children: 6
.CFUserTextEncoding
.cups / .. children: 1
.filezilla / .. children: 6
.fontconfig / .. children: 3
.InstallAnywhere / .. children: 0
.oracle_jre_usage / .. children: 1
.rnd
.Trash / .. children: 0
.Xauthority
.zoomus / .. children: 0
Applications / .. children: 2
CALENDARIO LEZ-16-17 / .. children: 3
Desktop / .. children: 72
Di Napoli et al., 2016.pdf
Documents / .. children: 202
Downloads / .. children: 333
Google Drive / .. children: 1
Library / .. children: 58
Movies / .. children: 2
Music / .. children: 21
Pictures / .. children: 109
Public / .. children: 4
~/Library:
Address Book Plug-Ins / .. children: 2
com.apple.nsurlsessiond / .. children: 0
Filters / .. children: 0
Fonts Disabled / .. children: 0
Frameworks / .. children: 1
Google / .. children: 1
Icons / .. children: 1
InstallData / .. children: 2
Mail Downloads / .. children: 46
Widgets / .. children: 1
~/Library/Application Support:
Adobe / .. children: 4
Aperture / .. children: 0
audacity / .. children: 7
CEF / .. children: 1
com.apple.QuickLook / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 4
DVD Player / .. children: 1
EasyFind / .. children: 0
eSellerate / .. children: 1
Firefox / .. children: 3
GarageBand / .. children: 3
Google / .. children: 4
Google Earth / .. children: 4
Hewlett-Packard / .. children: 1
iLifePageLayout / .. children: 1
iMovie / .. children: 2
Java / .. children: 0
JREInstaller / .. children: 1
Mail / .. children: 1
Microsoft / .. children: 2
MindVision / .. children: 0
MobileMeSyncClient / .. children: 0
MobileSync / .. children: 1
Mozilla / .. children: 1
MPlayerX / .. children: 2
NCH Software / .. children: 2
Oracle / .. children: 1
org.videolan.vlc / .. children: 1
Preview / .. children: 0
RealNetworks / .. children: 1
Skype / .. children: 11
Spotify / .. children: 5
SyncServices / .. children: 1
TeamViewer / .. children: 1
Ubiquity / .. children: 4
zoom.us / .. children: 2
~/Library/Safari/Extensions:
Extensions.plist
wrc.safariextz
~/Library/Internet Plug-Ins:
RealPlayer Plugin.plugin
ZoomUsPlugIn.plugin
/Users/Shared:
.com.hp.Installer.plist
adi / .. children: 0
Adobe / .. children: 0
Hewlett-Packard / .. children: 1
Library / .. children: 1
SC Info / .. children: 0
/Applications:
Adobe Reader.app
Android File Transfer.app
Audacity.app
Chiavetta Internet MT191UP.app
Contratti di Locazione 9.5.4 / .. children: 13
DetectX Swift.app
djvulibre-3.5.22+djview-4.5-universal / .. children: 7
EasyFind.app
FileZilla.app
Final Music Converter.app
Firefox.app
Google Chrome.app
Google Drive.app
Google Earth.app
Hewlett-Packard / .. children: 8
iPhoto.app
MacTutorial Viewer.app
Microsoft Messenger.app
Microsoft Office 2011 / .. children: 10
Microsoft Silverlight
partita iva / .. children: 2
RealPlayer.app
Remote Desktop Connection.app
Scratch 1.4 / .. children: 11
Spotify.app
Switch.app
TeamViewer.app
The Unarchiver.app
Uninstall Chiavetta Internet MT191UP.app
USB Display / .. children: 2
VLC.app
WinDjView-2.0.2-Setup (1) / .. children: 4
/Library:
.svn / .. children: 6
Automator / .. children: 96
Fonts Disabled / .. children: 16
Google / .. children: 2
Mozilla / .. children: 1
Server / .. children: 1
/Library/Application Support:
Hewlett-Packard / .. children: 6
Macromedia / .. children: 2
Microsoft / .. children: 4
Oracle / .. children: 1
/Library/Extensions:
EPSONUSBPrintClass.kext
hp_io_enabler_compound.kext
/Library/Internet Plug-Ins:
AdobePDFViewer.plugin
AdobePDFViewerNPAPI.plugin
Default Browser.plugin
DirectorShockwave.plugin
Disabled Plug-Ins / .. children: 2
JavaAppletPlugin.plugin
Quartz Composer.webplugin
SharePointBrowserPlugin.plugin
SharePointWebKitPlugin.webplugin
/Library/Managed Preferences:
*-- Folder doesn't exist or is inaccessible --*
/Library/PrivilegedHelperTools:
com.microsoft.office.licensing.helper
com.teamviewer.Helper
/Library/ScriptingAdditions:
/Library/StartupItems:
/Library/Updates:
041-88548 / .. children: 3
041-88740 / .. children: 18
041-88833 / .. children: 3
041-89046 / .. children: 3
041-89069 / .. children: 3
041-89073 / .. children: 5
041-90802 / .. children: 5
index.plist
PPDVersions.plist
ProductMetadata.plist
zzzz041-94863 / .. children: 7
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 17:33
da Alberto.G
Risposta a paolinoweb-due-
Profile di Model Name: MacBook Air
Model Identifier: MacBookAir4,2
Anche per me portare a El Capitan 10.11.6.
Consigli su /Library/Updates:
ho verificato il mio Profile. In questa Libreria ho solo:
- ProductMetadata.plist
- index.plist
Sarà roba vecchia (chissà da quanto?) scaricata dal cliente.
Per me, da eliminare tutto (esclusi i due .plist che ho anch’io).
Non penso che l’eliminazione possa creare danni.
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 17:46
da Jethro
Farei un po' di pulizia anche qui... fosse anche solo per liberare spazio.
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: sab, 23 ott 2021 17:50
da Alberto.G
paolinoweb-due- ha scritto: ↑sab, 23 ott 2021 13:16
Per DetectX e MB tutto pulito ma :
mdm e
cacaoweb
in
~/Library/Application Support ti sembrano buoni?
cacaoweb era un software per vedere film o un sito un qualcosa tanti anni fa. toglierei... mdm non trovo nulla...sarà casuale anche questa da togliere?
Per MDM avrei trovato invece questi link
https://www.cybersecurity360.it/soluzio ... e-aziende/
anche Apple ne parla nel suo support.apple:
https://support.apple.com/it-it/guide/m ... f9e668/web
Ti riporto questo breve stralcio che chiarisce cosa è (MDM)
"Grazie ad un Mobile Device Management è possibile semplificare e migliorare la gestione dei device mobile in dotazione a dipendenti e collaboratori, con evidenti vantaggi per le aziende che usano lo smart working (e non solo). Ecco i pro e i contro di una soluzione MDM"
Per cacaoweb, se è un vecchio software, come dici, sono anch’io dell’idea di eliminarlo.
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: mar, 26 ott 2021 02:47
da paolinoweb
Grazie ragazzi, non ho più ringraziato e risposto, ho fatto ferie dalla tecnologia da sabato sera ad oggi... mac e smartphone spenti. riposo assoluto
Non ho poi eliminato MDM, si cacaoweb, si download.
Cliente sentito oggi, mi dice che sul macbook pro che ho aggiornato a Mojave da 10.9 word 2011 gli dà qualche problemino. Gira rotella...
Sull'altro macbook air ho aggiornato a el capitan e 2011 ok
Gli ho fatto subito ricordare che non aggiornavo a Big Sur perchè il 2011 è a 32 bit ma Big Sur vuole solo app 64 bit
e che comunque non ero sicuro della massima compatibilità anche con Mojave anche se girano le app 32 bit.
Problema risolto mentre scrivevo queste righe. E' un professore - ha diritto a 365 Education gratuitamente dall'istituto dove insegna - forse è solo online.. mmm...
non credo sarà problema. sennò openoffice o similari
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: dom, 06 feb 2022 08:02
da Apfel77
Buongiorno a tutti. Da un po' ho problemi con Anteprima: se faccio una ricerca all'interno di qualunque file pdf, l'operazione si impianta, la girandolina va a vuoto e devo fare un'uscita forzata, senza ovviamente ottenere i risultati che cercavo. DetectX in Search non rileva problemi. Posto comunque il responso di Profile. Grazie a tutti per l'aiuto.
Timestamp (20): Sun Feb 06 07:55:35 2022
DetectX Swift v1.0971
macOS: Version 10.16 (Build 21D49)
File System: apfs
Temp: The thermal state is within normal limits.
Boot time: Sun Feb 6 07:07:21 2022
Uptime: up 48 mins, 1 user
Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is Off.
Internet: Reachable
Hardware Overview:
Model Name: MacBook Pro
Model Identifier: MacBookPro13,3
Processor Name: Quad-Core Intel Core i7
Processor Speed: 2,7 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 8 MB
Hyper-Threading Technology: Enabled
Memory: 16 GB
System Firmware Version: 447.80.3.0.0
OS Loader Version: 540.80.2~11
SMC Version (system): 2.38f12
Provisioning UDID: EF94E23F-DB07-5A02-A31A-223C900872BD
Sharing Preferences:
File Sharing: On
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off
3rd Party Kexts (loaded):
$PATH:
PATH=/usr/bin:/bin:/usr/sbin:/sbin
/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin
/etc/paths.d/:
~/.bash_profile:
~/.bashrc:
~/.bash_login:
~/.profile:
~/.bash_logout:
User Launchd processes:
PID Status Label
1589 0 application.com.microsoft.OneDrive.12925557364.12925557443
1575 0 us.zoom.pluginagent
1495 0 application.com.microsoft.Word.12888885678.12908554567
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
1878 0 application.org.grunenberg.EasyFind.12909661707.12909661713
2109 0 application.com.sqwarq.DetectX-Swift.12907253605.12907253615
1587 0 application.com.getdropbox.dropbox.12885982315.12925890725
1582 0 com.nektony.App-Cleaner-SII-Helper
- 0 com.dropbox.DropboxMacUpdate.agent
System Launchd processes:
0 - com.vix.cron
0 - com.microsoft.teams.TeamsUpdaterDaemon
0 - us.zoom.ZoomDaemon
0 - com.microsoft.office.licensingV2.helper
0 0 com.microsoft.autoupdate.helper
0 0 org.cups.cupsd
0 - com.microsoft.OneDriveUpdaterDaemon
User Login Items:
/Applications/OneDrive.app
/Applications/Dropbox.app
/Applications/App Cleaner 7.app
/Applications/App Cleaner 7.app/Contents/Library/LoginItems/App Cleaner Helper.app
/Library/LaunchDaemons:
com.microsoft.teams.TeamsUpdaterDaemon.plist
com.microsoft.OneDriveUpdaterDaemon.plist
com.apple.installer.osmessagetracing.plist
--> Program Arguments: /System/Library/PrivateFrameworks/OSInstaller.framework/Resources/OSMessageTracer
us.zoom.ZoomDaemon.plist
-> Program: /Library/PrivilegedHelperTools/us.zoom.ZoomDaemon
--> Program Arguments: /Library/PrivilegedHelperTools/us.zoom.ZoomDaemon
com.microsoft.office.licensingV2.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
com.oracle.java.Helper-Tool.plist
com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
/Library/LaunchAgents:
us.zoom.pluginagent.plist
--> Program Arguments: /Library/Application Support/ZoomOutlookPlugin/zOutlookPluginAgent.app/Contents/MacOS/zOutlookPluginAgent
com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: --launchByAgent
~/Library/LaunchAgents:
us.zoom.pluginagent.plist
--> Program Arguments: /Library/Application Support/ZoomOutlookPlugin/zOutlookPluginAgent.app/Contents/MacOS/zOutlookPluginAgent
com.dropbox.DropboxMacUpdate.agent.plist
--> Program Arguments: /Users/vera/Library/Dropbox/DropboxMacUpdate.app/Contents/MacOS/DropboxMacUpdate
--> Program Arguments: -check
--> Program Arguments: periodic
User Crontab:
No cron jobs
/etc:
rc.common
bashrc_Apple_Terminal
zshrc_Apple_Terminal
bashrc
zshrc
rc.netboot
aliases
uucp / .. children: 3
zprofile
/ $Root:
.file
.VolumeIcon.icns
opt / .. children: 0
~/ $Home:
Music / .. children: 7
.CFUserTextEncoding
OneDrive
.local / .. children: 1
Pictures / .. children: 74
Desktop / .. children: 16
Library / .. children: 92
.cups / .. children: 1
.bash_sessions / .. children: 55
Public / .. children: 2
.dropbox / .. children: 12
Movies / .. children: 24
Applications / .. children: 1
Dropbox / .. children: 16
.Trash / .. children: 0
Documents / .. children: 61
Downloads / .. children: 20
.bash_history
~/Library:
com.apple.appleaccountd / .. children: 1
CloudStorage / .. children: 2
Mozilla / .. children: 1
studentd / .. children: 3
Staging / .. children: 0
HomeKit / .. children: 13
DES / .. children: 2
Translation / .. children: 2
Trial / .. children: 4
Google / .. children: 2
Contacts / .. children: 1
Family / .. children: 1
com.apple.icloud.searchpartyd / .. children: 11
SafariSandboxBroker / .. children: 0
Personas / .. children: 3
DuetExpertCenter / .. children: 7
HTTPStorages / .. children: 37
DataDeliveryServices / .. children: 1
FrontBoard / .. children: 3
Biome / .. children: 3
Shortcuts / .. children: 4
Dropbox / .. children: 1
Weather / .. children: 12
ContainerManager / .. children: 3
PersonalizationPortrait / .. children: 6
Photos / .. children: 1
Accessibility / .. children: 5
VoiceTrigger / .. children: 1
Reminders / .. children: 2
com.apple.bluetooth.services.cloud / .. children: 1
Thunderbird / .. children: 5
StatusKit / .. children: 1
DoNotDisturb / .. children: 1
~/Library/Application Support:
Firefox / .. children: 6
com.apple.sbd / .. children: 1
com.nektony.App-Cleaner-SII / .. children: 7
com.apple.replayd / .. children: 0
SyncServices / .. children: 1
HP Smart / .. children: 56
Mozilla / .. children: 2
com.apple.transparencyd / .. children: 5
com.apple.touristd / .. children: 4
DiskImages / .. children: 1
Microsoft AU Daemon / .. children: 2
Steam / .. children: 0
EasyFind / .. children: 0
CoreParsec / .. children: 0
com.apple.ap.promotedcontentd / .. children: 1
com.apple.exchangesync / .. children: 0
Animoji / .. children: 3
audacity / .. children: 8
com.apple.akd / .. children: 2
zoom.us / .. children: 2
MobileSync / .. children: 2
OneDrive / .. children: 5
Google / .. children: 3
Microsoft / .. children: 3
Oracle / .. children: 0
OneDriveUpdater / .. children: 1
dmd / .. children: 0
Cisco Spark / .. children: 1
LunarEclipseMaestro / .. children: 1
Java / .. children: 0
com.apple.NewDeviceOutreach / .. children: 1
Webex Meetings / .. children: 3
Oxford Learners Bookshelf / .. children: 12
CEF / .. children: 1
JetBrains / .. children: 0
com.apple.AssistiveControl / .. children: 1
com.microsoft.OneDrive / .. children: 2
org.videolan.vlc / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 3
coconutBattery / .. children: 2
FileProvider / .. children: 7
Teams / .. children: 1
FaceTime / .. children: 3
Microsoft Edge / .. children: 29
Dropbox / .. children: 4
com.apple.AMPLibraryAgent / .. children: 3
com.hp.SmartMac / .. children: 0
Skype / .. children: 1
WebEx Folder / .. children: 2
Microsoft Update Assistant / .. children: 2
com.microsoft.OneDriveUpdater / .. children: 1
Microsoft AutoUpdate / .. children: 2
SolarEclipseMaestro / .. children: 2
DetectX Swift / .. children: 3
JREInstaller / .. children: 1
~/Library/Safari/Extensions:
*-- Folder doesn't exist or is inaccessible --*
~/Library/Internet Plug-Ins:
/Users/Shared:
adi / .. children: 0
SC Info / .. children: 0
ZoomOutlookPlugin / .. children: 1
Previously Relocated Items / .. children: 1
/Applications:
VLC.app
HP Smart.app
Lunar Eclipse Maestro.app
EasyFind.app
Solar Eclipse Maestro.app
Dropbox.app
OnyX.app
OneDrive.app
coconutBattery.app
DetectX Swift.app
Microsoft Word.app
Audacity.app
ZoomOutlookPlugin / .. children: 2
Microsoft Excel.app
zoom.us.app
Thunderbird.app
App Cleaner 7.app
EtreCheck.app
Microsoft Edge.app
The Unarchiver.app
Microsoft OneNote.app
Murus.app
Skype.app
Firefox.app
Microsoft PowerPoint.app
Webex.app
Microsoft Teams.app
OpenProj.app
/Library:
Apple / .. children: 3
DropboxHelperTools / .. children: 2
StagedDriverExtensions / .. children: 0
InstallerSandboxes / .. children: 2
KernelCollections / .. children: 2
DriverExtensions / .. children: 0
Keychains (originale) / .. children: 7
Bluetooth / .. children: 7
User Template / .. children: 41
SystemExtensions / .. children: 1
Managed Preferences / .. children: 0
/Library/Application Support:
Murus / .. children: 1
Macromedia / .. children: 1
Microsoft / .. children: 2
BTServer / .. children: 5
Oracle / .. children: 0
ZoomOutlookPlugin / .. children: 1
Adobe / .. children: 1
/Library/Extensions:
AppleMobileDevice.kext
/Library/Internet Plug-Ins:
/Library/Managed Preferences:
/Library/PrivilegedHelperTools:
us.zoom.ZoomDaemon
com.microsoft.autoupdate.helper
com.microsoft.office.licensingV2.helper
/Library/ScriptingAdditions:
zOLPluginInjection.osax
/Library/StartupItems:
/Library/Updates:
ProductMetadata.plist
index.plist
Top Processes:
%CPU PID COMMAND
15.7 155 WindowServer
7.4 0 kernel_task
3.7 2109 DetectX Swift
2.1 1811 com.apple.WebKit
1.4 1500 Finder
0.6 1496 Safari
0.4 160 loginwindow
0.3 1611 Dropbox Web Help
0.2 395 TouchBarServer
0.2 124 launchservicesd
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: dom, 06 feb 2022 17:18
da Alberto.G
Vista l'ora, buona serata Apfel77.
Ho visto il report che hai postato.
Per la mia esperienza sin qui maturata, posso dirti di non aver trovare situazioni o presenze di app “pericolose” che potrebbero aver creato problemi al sistema che, vedo dal codice, è senz’altro quello di macOS Monterey.
Tra l’altro vedo che sotto /Applications hai veramente poche applicazioni installate: in definitiva una macchina, la tua, ben tenuta!
Inoltre, sempre dal modello identificatore del tuo
MacBookPro13,3, rilevo che è un 15-inch del 2016, macchina senz’altro più recente del mio iMac in firma.
Consigli?
Mi viene da pensare che forse una reinstallazione del solo sistema macOS Monterey, versione 12.2, ovviamente da Recovery, potrebbe sortire l’effetto di sistemare il tuo problema riguardo alle ricerche all’interno di qualunque file .pdf, operazioni queste che, come dici, si impiantano sempre.
L'operazione da farsi è ben documentata su link
https://support.apple.com/it-it/HT204904
ed anche su questo
https://support.apple.com/it-it/HT201314
Re: Avanti, senza vergogna, con DetectX/Profile
Inviato: dom, 06 feb 2022 18:32
da paolinoweb
Ciao, io proverei ad eliminare la cache di anteprima, può servire.
Apri terminale e digita
dovresti ottenere questa scritta.
Riavvia il Mac e prova ad usare anterprima
come seconda possibilità, non funzionasse ripulire la cache, sarebbe da creare un altro utente e vedere se il problema si presenta anche nell'utente nuovo.