Etrecheck vs Activity Monitor
Hi,
I've noticed (and not for the first time, BTW) that the results of Etrecheck don't match those of Activity Monitor on my Mac (the pics below). For example, Etrecheck displays CPU use percentage as followings: for WindowServer 3% while Activity Monitor shows 0.7%, further on, for Activity Monitor utility these figures are 0% and 0.9% respectively, etc (the others you may want to compare on your own). If you look at the Memory use then you'll see these figures determined in a unknown way but tied somehow up with just Virtual Memory, however judging from Apple's notes on the subject of the latter OS X Mavericks: About Activity Monitor This is not an actual consumption of RAM resources and it size is determined by the author of the app.
So why it's decided to go with this parameter is totally unclear for me, and how to draw conclusions with regard to AM utility is unclear too. It gives different values for all types of RAM than AM does. Make sure yourselves:
How can I be sure Etrcheck displays data correctly?
Activity Monitor updates every 5 seconds or so. The CPU % will fluctuate over time. The EtreCheck is a single slice of time. Your observations are meaningless.
If you monitor the WindowServer percentage, you will see that it fluctuates up and down, especially if you move the cursor around.
P.S.
You would benefit by adding more RAM:
Similar Messages
-
So I am really unsure where to start but I def need a little help getting to where I want to be or feel I should be. I understand that I am pretty much filled when it comes to the RAM on this machine but I need to figure out how to lower it. I back up my machine about once a week which is longer than I would prefer but due to the way Mavericks has been acting I cant deal with the long backup process.... WHY?!?? may be your response to that and I will fill you in. My external Hard Drive is a 1tb Lacie and its about 2 years old. In that time I have dropped, lost, threw and slept ontop of it. Causeing minor damage (each time) to the casing. So now becomes rather hot and I kinda dont want it to burn out. When I first updated to Mavericks the backups were fast and went along mb by mb...now though, the updates drag out for 3-5 hours and update kb by kb. Tried some of the "solutions" posted on here but none seem to work any more than me consistantly purging my system while the backup happens...kinda why I dont have time to do it everyday like I'd like.
ANYWAY can someone please fill me in on a way, program, application, anything that will help me lower my RAM? Because in the spirit of honesty I just dont have the extra funds to snag some new RAM or another HD. I am almost at the point of saying "F**K IT" and wiping everything off the computer so its as close to empty as can be and manually, one by one redownloading what I want/need. But I dont have the time to accomplish that either. PLEASE lend me your ear and help a brudda out with some information from that exceptional brain of yours.
Below is a copy of my machines "report" from EtreCHECK and I am including screen shots of what the (Mavericks) Activity Monitor currently looks like in ALL PROCESSES. PLUS it kinda seems that I have WAY TOOO MANY processes going on in the ACTIVITY MONITOR and have NO clue how to lower the amount. Will truly appreciate any help anyone can toss my way.
THANK YOU
TommyTheTuna
Hardware Information:
MacBook Pro (15-inch, Mid 2010)
MacBook Pro - model: MacBookPro6,2
1 2.4 GHz Intel Core i5 CPU: 2 cores
4 GB RAM
Video Information:
Intel HD Graphics - VRAM: 288 MB
NVIDIA GeForce GT 330M - VRAM: 256 MB
Audio Plug-ins:
BluetoothAudioPlugIn: Version: 1.0
AirPlay: Version: 1.9
AppleAVBAudio: Version: 2.0.0
iSightAudio: Version: 7.7.3
System Software:
OS X 10.9 (13A603) - Uptime: 0 days 0:12:4
Disk Information:
TOSHIBA MK3255GSXF disk0 : (320.07 GB)
EFI (disk0s1) <not mounted>: 209.7 MB
Macintosh HD (disk0s2) /: 319.21 GB (194.65 GB free)
Recovery HD (disk0s3) <not mounted>: 650 MB
MATSHITADVD-R UJ-898
USB Information:
Apple Internal Memory Card Reader
Apple Inc. BRCM2070 Hub
Apple Inc. Bluetooth USB Host Controller
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Inc. Built-in iSight
Apple Computer, Inc. IR Receiver
FireWire Information:
Thunderbolt Information:
Kernel Extensions:
Problem System Launch Daemons:
Problem System Launch Agents:
Launch Daemons:
[loaded] com.adobe.fpsaud.plist
[not loaded] com.adobe.SwitchBoard.plist
[not loaded] com.google.keystone.daemon.plist
[not loaded] com.livescribe.PenCommService.plist
[not loaded] com.luthresearch.scservice.plist
[not loaded] com.microsoft.office.licensing.helper.plist
[not loaded] com.paceap.eden.licensed.plist
[not loaded] PACESupport.plist
Launch Agents:
[not loaded] com.adobe.AAM.Updater-1.0.plist
[not loaded] com.google.keystone.agent.plist
[not loaded] com.luthresearch.savvyconnectmenu.plist
[not loaded] com.wacom.pentablet.plist
User Launch Agents:
[not loaded] com.adobe.ARM.[...].plist
[not loaded] com.facebook.videochat.[redacted].plist
[not loaded] com.google.keystone.agent.plist
[not loaded] com.Livestation.plist
[not loaded] com.spotify.webhelper.plist
User Login Items:
iTunesHelper
3rd Party Preference Panes:
Flash Player
Internet Plug-ins:
AdobePDFViewer.plugin
AdobePDFViewerNPAPI.plugin
Default Browser.plugin
Flash Player.plugin
FlashPlayer-10.6.plugin
Google Earth Web Plug-in.plugin
googletalkbrowserplugin.plugin
iPhotoPhotocast.plugin
JavaAppletPlugin.plugin
npgtpo3dautoplugin.plugin
o1dbrowserplugin.plugin
QuickTime Plugin.plugin
SharePointBrowserPlugin.plugin
WacomNetscape.plugin
User Internet Plug-ins:
Unity Web Player.plugin
Bad Fonts:
None
Time Machine:
Skip System Files: NO
Mobile backups: OFF
Auto backup: NO
Volumes being backed up:
Macintosh HD: Disk size: 319.21 GB Disk used: 124.57 GB
Destinations:
Tuna's MacBook Pro Hard Drive [Local] (Last used)
Total size: 999.86 GB
Total number of backups: 2
Oldest backup: 2013-11-07 13:34:08 +0000
Last backup: 2013-11-26 05:08:40 +0000
Size of backup disk: Excellent
Backup size 999.86 GB > (Disk size 319.21 GB X 3)
Time Machine details may not be accurate.
All volumes being backed up may not be listed.
Top Processes by CPU:
2% WindowServer
1% EtreCheck
0% SystemUIServer
0% fontd
0% Finder
0% Microsoft Word
0% aosnotifyd
Top Processes by Memory:
156 MB com.apple.WebKit.WebContent
111 MB Finder
106 MB Microsoft Word
94 MB Safari
82 MB Preview
74 MB WindowServer
61 MB CalendarAgent
57 MB com.apple.IconServicesAgent
57 MB com.apple.internetaccounts
53 MB SystemUIServer
Virtual Memory Statistics:
1.07 GB Free RAM
1.92 GB Active RAM
237 MB Inactive RAM
662 MB Wired RAM
223 MB Page-ins
0 B Page-outsMavericks is designed to use as much RAM as possible. Free RAM is wasted RAM... it's RAM that's not working for you, not doing anything helpful. Seeing your RAM full is not an indication that there is a problem. Seeing your memory pressure graph spike would be.
As for the performance issues, see my Mac Performance Guide.
Note that you've got a lot of third-party software loaded:
Launch Daemons:
[loaded] com.adobe.fpsaud.plist
[not loaded] com.adobe.SwitchBoard.plist
[not loaded] com.google.keystone.daemon.plist
[not loaded] com.livescribe.PenCommService.plist
[not loaded] com.luthresearch.scservice.plist
[not loaded] com.microsoft.office.licensing.helper.plist
[not loaded] com.paceap.eden.licensed.plist
[not loaded] PACESupport.plist
Launch Agents:
[not loaded] com.adobe.AAM.Updater-1.0.plist
[not loaded] com.google.keystone.agent.plist
[not loaded] com.luthresearch.savvyconnectmenu.plist
[not loaded] com.wacom.pentablet.plist
User Launch Agents:
[not loaded] com.adobe.ARM.[...].plist
[not loaded] com.facebook.videochat.[redacted].plist
[not loaded] com.google.keystone.agent.plist
[not loaded] com.Livestation.plist
[not loaded] com.spotify.webhelper.plist
You should probably try to weed some of that out, if possible, or at least make sure it's all updated and compatible with Mavericks. -
Tips on managing Activity Monitor?
I'm getting a new MacBook Pro next week. Until then, I'm running my current machine off an external hard drive. However, it's very hard keeping it going. It sometimes works fine for a while, but it always freezes eventually, apparently a victim of insufficient memory.
I just wondered if anyone has any tips on key processes I can close in Activity Monitor to keep it going? I've freed up some memory by using Safari and TextWrangler instead of Chrome and Dreamweaver. In fact, the only programs I have open at the moment are Safari, TextWrangler, MAMP PRO, Activity Monitor and Finder.
Surprisingly, Finder appears to be another major memory hog; it freezes all the time (though not at the moment).
Thanks.I have a 1 TB hard drive, and it's just half full. Here are the results of the EtreCheck scan...
Hardware Information:
MacBook Pro (13-inch, Late 2011)
MacBook Pro - model: MacBookPro8,1
1 2.8 GHz Intel Core i7 CPU: 2 cores
4 GB RAM
Video Information:
Intel HD Graphics 3000 - VRAM: 384 MB
System Software:
OS X 10.9.2 (13C1021) - Uptime: 0 days 0:3:10
Disk Information:
TOSHIBA MK7559GSXF disk0 : (750.16 GB)
EFI (disk0s1) <not mounted>: 209.7 MB
Macintosh HD (disk0s2) /Volumes/Macintosh HD: 749.3 GB (173.47 GB free)
Recovery HD (disk0s3) <not mounted>: 650 MB
OPTIARC DVD RW AD-5970H
USB Information:
Apple Inc. FaceTime HD Camera (Built-in)
Apple Inc. Apple Internal Keyboard / Trackpad
Seagate Backup+ Mac SL 1 TB
EFI (disk1s1) <not mounted>: 209.7 MB
Seagate Backup Plus Drive (disk1s2) / [Startup]: 999.35 GB (500.02 GB free)
Recovery HD (disk1s3) <not mounted>: 650 MB
Apple Inc. BRCM2070 Hub
Apple Inc. Bluetooth USB Host Controller
Apple Computer, Inc. IR Receiver
Thunderbolt Information:
Apple Inc. thunderbolt_bus
Configuration files:
/etc/hosts - Count: 41
Gatekeeper:
Mac App Store and identified developers
Launch Daemons:
[loaded] com.adobe.fpsaud.plist Support
[loaded] com.barebones.textwrangler.plist Support
[loaded] com.bombich.ccc.plist Support
Launch Agents:
[not loaded] com.adobe.AAM.Updater-1.0.plist Support
[running] com.adobe.AdobeCreativeCloud.plist Support
User Launch Agents:
[loaded] com.adobe.AAM.Updater-1.0.plist Support
[loaded] com.google.keystone.agent.plist Support
User Login Items:
iTunesHelper
Google Chrome
Internet Plug-ins:
FlashPlayer-10.6: Version: 13.0.0.201 - SDK 10.6 Support
Flash Player: Version: 13.0.0.201 - SDK 10.6 Support
QuickTime Plugin: Version: 7.7.3
JavaAppletPlugin: Version: 14.9.0 - SDK 10.7 Check version
AdobeAAMDetect: Version: AdobeAAMDetect 2.0.0.0 - SDK 10.7 Support
Default Browser: Version: 537 - SDK 10.9
Audio Plug-ins:
BluetoothAudioPlugIn: Version: 1.0 - SDK 10.9
AirPlay: Version: 2.0 - SDK 10.9
AppleAVBAudio: Version: 203.2 - SDK 10.9
iSightAudio: Version: 7.7.3 - SDK 10.9
iTunes Plug-ins:
Quartz Composer Visualizer: Version: 1.4 - SDK 10.9
3rd Party Preference Panes:
Flash Player Support
Time Machine:
Time Machine not configured!
Top Processes by CPU:
6% mds
5% Creative Cloud
3% WindowServer
2% Activity Monitor
1% mds_stores
Top Processes by Memory:
172 MB com.apple.IconServicesAgent
98 MB mds_stores
74 MB Creative Cloud
49 MB Finder
45 MB WindowServer
Virtual Memory Information:
1.61 GB Free RAM
1.15 GB Active RAM
273 MB Inactive RAM
994 MB Wired RAM
302 MB Page-ins
0 B Page-outs -
Activity Monitor/RAM/Slowness
I updated to Mavericks the day of the update, and I switched to Safari (from Firefox) immediately too (Safari now my default and Firefox having various other tabs open simultaneously).
For the first time ever, my Mac (2011 iMac) gets really slow - hangs, spinning wheel, unresponsiveness. This is often having one of the browsers open too long, with Safari in particular being a massive memory hog, and restarting them fixes it. But poking around activity monitor I've seen some peculiarities.
For instance, my used memory keeps going up, with nothing happening. This morning the computer was using 11.99gb of my 12gb memory, with swap increasing too. So I rebooted, telling it to NOT reopen windows on bootup. With nothing running, ram usage was 3gb, then 4gb, climbing continuously and it's now over 5 with just Firefox running to type this request. App memory is 1.75 and file cache 2.35, which from looking at other threads seem to be pretty high - this is less than 5 minutes after a total restart by the way.
Prior to rebooting I had a few 'not responding' items in AM, soagent and QTKit web content for Safari, no idea if they have any impact on the slowing down (their memory usage was tiny and the computer generally ran fine with them flagged red) but the reboot has got rid of them.
Here's a screenshot of AM taken as soon as the computer restarted, with Firefox the only open program.I'm afraid Steve is right, your memory is fine.
The symptoms you describe are not memory related (at least that isn't shown in those screenshots).
Here is a great article that shows how the 10.9 memory system has been changed…
http://arstechnica.com/apple/2013/10/os-x-10-9/17/#compressed-memory
See the 2 graphs, only the second one is showing signs that are bad - the thin red edge is indicating the increase in 'Swap used'.
You can witness this for yourself via a built in Apple commands…
Reboot to see the system in it's default state.
Open Activity Monitor & Terminal from /Applications/Utilities.
Select the Memory tab in Activity Monitor
In Terminal enter the following command
memory_pressure -l critical
# note that is a lowercase L
RAM usage will climb, compression will begin the VM will become way more than the system has installed.
Eventually the system will start swapping (look for RED) - Watch the 'memory pressure' & 'Swap used' as this happens.
In Terminal & hit ctrl+c to stop the process.
Watch the VM & memory pressure return to normal levels.
I'm afraid you will need to look at what is using CPU or disk IO (or both) to see what is causing your issues.
Also don't forget to test in Safe mode (hold shift after the chime until the spinning 'cog' appears). Ensure the login window says 'safe mode'.
https://support.apple.com/kb/HT1455
It will disable all third party extensions & startup items.
If the Mac is better in safe mode it is time to get a system report and look at the third party items. Be aware that some features will be disabled like wifi on some models, graphics drivers will be in a reduced mode - this is normal in safe mode.
Reboot to go back to normal.
Use EtreCheck to see what is running in a normal boot & post it here if you want to look at the running software.
http://www.etresoft.com/etrecheck -
I am trying to get my macbook pro (2010 i5 4gb) running faster like it used to. I came across the activity monitor and have noticed lots of things I don't recognise. Can someone just tell me if I get rid of them will that help or damage my computer?
Do not touch any of the 'root' applications.
I suggest that you download an Etrecheck report as a start for possible trouble shooting.
http://www.etresoft.com/etrecheck
Ciao. -
I've installed CS6 and web Premium on a Mac running 10.9.5, and Dreamweaver,Flash and Illustrator wont launch. All other components work normally. In Activity monitor it says Adobe switchboard failed to respond. Can anyone help solve this issue?
Release: 4/25/2012
http://support.amd.com/us/gpudownload/windows/Pages/radeonmob_win7-64.aspx -
Can not find my Program in Lion Activity Monitor until reboot again
Hi,
I have tried to installed the datacard driver and user interface program in Lion and reboot; however, the resident program to detect the device of datacard does not exist in Activity Monitor. I need to reboot again, then I can find it exits in Activity Monitor of Lion. This issue does not happen in Mac Snow/Snow Leopard(32-bit/64-bit). I use the Metapackage or terminal command line to install and both need to reboot one more time. My script is
sudo defaults write /Library/Preferences/loginwindow AutoLaunchedApplicationDictionary -array-add '{"Path" = "/opt/data/Monitor.app";"Hide" = "0";}'
Is it a side effect of finder known issue in Lion ? Or I need to use another way like "Launch Daemon" or "Launch Agent" to do?
Many thanks for your comment.
JasonI suspect it's Photoshop Express, the Adobe Touch App from the App Store
http://www.photoshop.com/tools/expresseditor
http://itunes.apple.com/us/app/adobe-photoshop-express/id331975235?mt=8&ls=1
Express forum
http://forums.adobe.com/community/psexpress -
Activity Monitor and Network Usage??
I'd like to get an idea of my network usage per month prior to signing up for a service plan, and I notice that the Network tab of Activity Monitor will track Data received. When or how does the number shown there get reset to zero? What would be the best way to track the network usage over a period of a week or so?
I believe the number is from your last login, but it shouldn't be too hard to test whether that is the starting point or the last restart.
Neither will help you track network usage over a specific period. For that, you will have to hunt down a utility on macupdate.com or versiontracker.com. I'm pretty sure I've seen some go by. You might search using terms like "ISP", "bandwidth", "network", and "meter". -
No data in the activity monitor
All of a sudden I don't have any data in the activity monitor. Here's what happened. I was using safari viewing online pictures. I kept getting the rolling ball between pictures and noticed that safari was using 100%+ in processor usage and safari seemed slow. So I rebooted and opened the activity monitor and no data shows up. I run a quick hardware test and all pass. I havn't gone back to the pictures yet but normal browsing seems to be fine. I watch a few 1080P trailers and they work fine too.
All ideas on why the monitor doesn't show data?
RayHmm...let's try this:
Go to User/Library/Preferences and drag the com.apple.ActivityMonitor.plist file to your Desktop. Then try launching Activity Monitor again to see if that makes anything show up. If so, then it was a corrupted preferences file, and you can then trash the one on your Desktop.
If that doesn't solve the problem, the only thing I can suggest is to Trash the application and the preferences file, then reinstall it from your 10.4 DVDs.
Mulder -
Application Sudo listed in Activity Monitor - Is this a default app that should be running?
First Question: Do other MBP users have an application Sudo listed in Activity Monitor from start up of their mac or with typical use?
Second Question: If you have Sudo process listed in your Activity Monitor, do you also use an Huawei USB wireless modem?
Third Question: For those experienced in relevant coding domains and given the more technical details below - your thoughts?
(Technical)
Using MBP Retina, mid 2012, OSX 10.8.4
I understand sudo is a unix root level access command.
I have used Terminal and become familiar with some basic unix commands, including using the sudo command in very limited single action command circumstances. I have not used Terminal for many weeks, and the sudo command probably twice several months ago.
Sudo showing in Activity Monitor as an active process is to my understanding an entirely different situation to it being used in Terminal. It appears the sudo process is being activated by some other application or process not of my direct use or actions.
I remain a little concerned about this in view of the purchase of this particular MBP. It has a story to it. I was told this MBP was available as new on discount as it had been purchased by a man for his wife, the wife then left him, and subsequently he returned it unused to the store. I was aware that there was a slim risk the laptop had been used for some other activities, and returned so any come back comes back to the new owner.
I noted later with use that the MBP lower keys were sticky as if something has been spilt on them, so I do wonder if the laptop was previously used, then wiped, in which case the story presented to the retailer is likely not true and a more concerning scenario becomes possible.
All the same, I felt a clean install should remove any risk. The MBP arrived in standard ready to set up and go mode, so OS loaded but no activation. So it seemed a clean install to me. I did not wipe the HD and do a fresh OS install from scratch. A decision I now regret.
Some months after using this new MBP, my concerns were raised when I had one day of inexplicable internet usage on a wireless internet connection. Not only did the level of data upload and data load, about 4 GB out of 20 GB for the month not make sense with actual usage, but also the MBP system logs did not tally with the internet providers accounting of usage on that day. There have been two or three other anomalies in usage since. The internet service provider reimbursed me on my evidence of OSX system logs. Not sure if the service provider has people joy riding other users accounts or something suss this end was going on. Never resolved. The ISP was not exactly forthcoming, and I had to press hard to get some collaboration on resolve the anomaly of unexplained data usage.
On the less suspicious side, the existence of this sudo program tracked down as in part coming from the install software from a Huawei modem provided by my internet provider. However, while widely used and therefore likely not a security risk, I still feel need for some better explanation and resolution of the persistent sudo process.
I have inquired to Apple Support about this sudo app running, and it apparently was not seen as an issue of concern by the front line support staff. I took up some further concerns with them but checks indicate no issues of concern with the MBP from their assessment. I trusted that as fairly likely a definitive view, and so left the questions and anomalies as unexplained but harmless.
It is now several months later and I still find the existence of sudo as a running application or process in Activity Monitor troubling, and decided to try and resolve once again how typical and for what reason it is active on my MBP. Which brings us to this post.
I have again spent a few hours searching on Google and Apple Support Forums. All search results I find relate to the use of sudo as a unix command in Terminal to resolve a problem. I can not find any indication of sudo as an app being open routinely in Activity Monitor with or without Terminal being opened or used.
The only way I can think of to resolve if this is unusal or not is to get on this forum and ask the first two questions at the top of this post.
More technical details follow.
For some more technically minded the details may be of interest, hence below here I have added details for further comment. I am hoping some MBP users on this forum may also be coders, and hence have some idea of the internal mac coding environment. Enough to shed some light on this situation.
As mentioned, I think the sudo Activity Monitor may originate from the running of the Internet Providers USB Wireless Modem and software (Huawei E 169? modem). The USB modem has the install software on it. You install that software on your HD as an application.
On this USB Wireless Modem front I have done some checking.
Killing sudo in Activity Monitor does not stop an internet connection mid session.
When the USB modem is removed, the sudo process remains running and listed in Activity Monitor.
If I remove the Modem icon, unplug modem, close all apps, restart without the modem connected, the sudo process is still loaded and running in Activity Monitor.
Months ago on a previous check if I deleted (uninstalled) the modem software, removed associated start up files installed by the modem installation, took out the USB Modem and did a restart, there was no return of the sudo process in Activity Monitor. When the modem software was reinstalled or the start up files restored directly, the sudo process returns to Activity Monitor. One of the software bits installed in start up files calls sudo (or so it appears having a peak in BBedit at the files.)
This seems to fairly much establish the source of the sudo application. However it does not resolve why it needs to be open all the time, and if this is unique to this modem, my modem, modems in general, or if permanent running sudo processes are fairly 'normal' in general. Since sudo is a root level access process, I do feel a little concerned of the situation. Let's say the sudo process is needed to initiate the modem under some justification. Does the sudo process in remaining running permanently from there on, with or without the USB modem connected leave an open access way and vulnerability that can or is used later? i do not know enough of the coding level architecture to form a view. Still, seeing a permanent sudo process operating does niggle by sense of suspicion. Hence, I continue to raise this issue and ask the questions I do.
In Activity Monitor:
sudo as a process when running is not very active.
Real Mem 8 KB, Virtual Mem 9.4 MB, Sent Msgs 75, Rcved Mesgs 26, Ports 25, Intel (64 bit).
The sudo process:
Using Sample Process in Activity Monitor: sudo appears to be a running of the actual sudo command from within the unix command files.
Path: /usr/bin/sudo (Master Library, not the one in the User files)
Load Address: (removed)
Identifier: sudo
Version: ??? (???)
Code Type: X86-64 (Native)
Parent Process: launchd [1]
Call graph
2nd line is 2656 start (in libdyld.dylib) + 1 [(removed)]
Binary Images:
Includes reference to lots of .dylib files. eg libcache.dylib, libquarantine.dylib, libremovefile.dylib, libcompiler_rt.dylib, libcorecrypto.dylib
The parent process is launchd[1]
Process: launchd [1]
Path: /sbin/launchd
Load Address: (removed)
Identifier: launchd
Version: ??? (???)
Code Type: X86-64 (Native)
Parent Process: ??? [Unknown]
It seems all of the activity of launchd[1] is from the sudo process.
Again reference to .dylib files as captured in call graph and Binary images.
I hope the details are valued by someone with an interest to assist with resolving concerns.Thanks,
I usually use the OS connection option. So as you suggest, connect without the ISP connection software. Doing so does not by-pass the sudo command being active in Activity Monitor however.
On reading my post I see my failure to link the concerns of the laptop purchase with the sudo and modem. My thought here is of an intersection of known vulnerability with this widely used modem/software (via permanent sudo process activated) and that vulnerability then being known and utilised by another party(s).
I am pursuing the issue in part with consideration to a broader possible issue of vulnerability.
Thanks again for your thoughts and suggestions. Valued. -
I spent all night trying to fix this. It seems to me that someone has been trying to hack into my system with all of the random codes/lines in my terminal and i have all of his foreign IP addresses. And now i get this strange message that popped up in my terminal. Idk what it entirely means? I would very appreciate if someone could just walk me through this. Thank you very much.
First time poster. I have Macbook Pro. OSX. Just downloaded the new mavericks. I'm i have my firewall on. I stay secure. I run Netbarrier, Virusbarrier, IdentityScrubber.
I know something is a little odd or just doesn't make since about my activity monitor. Then my WiFi was hacked last night and this person was writing tons lines of commands/codes that i found in my terminal and my activity monitor doesn't look normal, and I've only been a mac owner for about a year now and i'm learning more and more but while trying to figure out what was going on this message popped up which concerned me the most. Any help would be most appreciated, thanks guys. I have my terminal full of his foreign ip addresses i noticed, and a lot of other commands and lines he wrote out that i definitely did not type myself. Can anyone give me a hand on this? Thanks
--- 192.168.1.103 ping statistics ---
10 packets transmitted, 0 packets received, 100.0% packet loss
Extol:~ FBI$ who
FBI console Nov 7 02:14
FBI ttys000 Nov 7 04:33
Extol:~ FBI$ whois
usage: whois [-aAbdgiIlmQrR6] [-c country-code | -h hostname] [-p port] name ...
Extol:~ FBI$ whois 192.168.1.103
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
# Query terms are ambiguous. The query is assumed to be:
# "n 192.168.1.103"
# Use "?" to get help.
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=192.168.1.103?showDetails=true&showARIN=false& ext=netref2
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
OriginAS:
NetName: PRIVATE-ADDRESS-CBLK-RFC1918-IANA-RESERVED
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
Comment: These addresses are in use by many millions of independently operated networks, which might be as small as a single computer connected to a home gateway, and are automatically configured in hundreds of millions of devices. They are only intended for use within a private context and traffic that needs to cross the Internet will need to use a different, unique address.
Comment:
Comment: These addresses can be used by anyone without any need to coordinate with IANA or an Internet registry. The traffic from these addresses does not come from ICANN or IANA. We are not the source of activity you may see on logs or in e-mail records. Please refer to http://www.iana.org/abuse/answers
Comment:
Comment: These addresses were assigned by the IETF, the organization that develops Internet protocols, in the Best Current Practice document, RFC 1918 which can be found at:
Comment: http://datatracker.ietf.org/doc/rfc1918
RegDate: 1994-03-15
Updated: 2013-08-30
Ref: http://whois.arin.net/rest/net/NET-192-168-0-0-1
OrgName: Internet Assigned Numbers Authority
RegDate:
Updated: 2012-08-31
Ref: http://whois.arin.net/rest/org/IANA
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone:
OrgTechEmail:
OrgTechRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone
OrgAbuseEmail:
OrgAbuseRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
Extol:~ FBI$
Extol:~ FBI$ hosts
-bash: hosts: command not found
Extol:~ FBI$ who
FBI console Nov 7 02:14
FBI ttys000 Nov 7 04:33
Extol:~ FBI$ whois
usage: whois [-aAbdgiIlmQrR6] [-c country-code | -h hostname] [-p port] name ...
Extol:~ FBI$ whois 192.168.0.0 - 192.168.255.255
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
# Query terms are ambiguous. The query is assumed to be:
# "n 192.168.0.0"
# Use "?" to get help.
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=192.168.0.0?showDetails=true&showARIN=false&ex t=netref2
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
OriginAS:
NetName: PRIVATE-ADDRESS-CBLK-RFC1918-IANA-RESERVED
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
Comment: These addresses are in use by many millions of independently operated networks, which might be as small as a single computer connected to a home gateway, and are automatically configured in hundreds of millions of devices. They are only intended for use within a private context and traffic that needs to cross the Internet will need to use a different, unique address.
Comment:
Comment: These addresses can be used by anyone without any need to coordinate with IANA or an Internet registry. The traffic from these addresses does not come from ICANN or IANA. We are not the source of activity you may see on logs or in e-mail records. Please refer to http://www.iana.org/abuse/answers
Comment:
Comment: These addresses were assigned by the IETF, the organization that develops Internet protocols, in the Best Current Practice document, RFC 1918 which can be found at:
Comment: http://datatracker.ietf.org/doc/rfc1918
RegDate: 1994-03-15
Updated: 2013-08-30
Ref: http://whois.arin.net/rest/net/NET-192-168-0-0-1
OrgName: Internet Assigned Numbers Authority
OrgId: IANA
Updated: 2012-08-31
Ref: http://whois.arin.net/rest/org/IANA
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone:
OrgTechEmail
OrgTechRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone:
OrgAbuseEmail:
OrgAbuseRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
No match for "-".
>>> Last update of whois database: Thu, 07 Nov 2013 13:19:14 UTC <<<
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
# Query terms are ambiguous. The query is assumed to be:
# "n 192.168.255.255"
# Use "?" to get help.
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=192.168.255.255?showDetails=true&showARIN=fals e&ext=netref2
NetRange: 192.168.0.0 - 192.168.255.255
CIDR: 192.168.0.0/16
OriginAS:
NetName: PRIVATE-ADDRESS-CBLK-RFC1918-IANA-RESERVED
NetHandle: NET-192-168-0-0-1
Parent: NET-192-0-0-0-0
NetType: IANA Special Use
Comment: These addresses are in use by many millions of independently operated networks, which might be as small as a single computer connected to a home gateway, and are automatically configured in hundreds of millions of devices. They are only intended for use within a private context and traffic that needs to cross the Internet will need to use a different, unique address.
Comment:
Comment: These addresses can be used by anyone without any need to coordinate with IANA or an Internet registry. The traffic from these addresses does not come from ICANN or IANA. We are not the source of activity you may see on logs or in e-mail records. Please refer to http://www.iana.org/abuse/answers
Comment:
Comment: These addresses were assigned by the IETF, the organization that develops Internet protocols, in the Best Current Practice document, RFC 1918 which can be found at:
Comment: http://datatracker.ietf.org/doc/rfc1918
RegDate: 1994-03-15
Updated: 2013-08-30
Ref: http://whois.arin.net/rest/net/NET-192-168-0-0-1
OrgName: Internet Assigned Numbers Authority
OrgId: IANA
RegDate:
Updated: 2012-08-31
Ref: http://whois.arin.net/rest/org/IANA
OrgTechHandle: IANA-IP-ARIN
OrgTechName: Internet Corporation for Assigned Names and Number
OrgTechPhone:
OrgTechEmail
OrgTechRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName: Internet Corporation for Assigned Names and Number
OrgAbusePhone:
OrgAbuseEmail:
OrgAbuseRef: http://whois.arin.net/rest/poc/IANA-IP-ARIN
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
<Personal Information Edited by Host>haha, so now i'm thinking. I'm learning the terminal as fast as i can but there are several lines of codes and commands in there that throws up red flags to me that i don't fully understand. It just looks fishy too me. It would be highly appreciated if someone could just check this out just to tell me that i don't need to worry about it. Or point me in the right direction. I just feel un easy about this. ha.
-
Hide fields for activities when they are opened via Activity Monitor
Hi,
In CRM 5.0, my requirement was to hide a number of fields from activity display via transaction CRMD_ORDER & CIC0 (SAPGUI based transactions). I achieved it by using screen variant. I assigned my screen variant to different transactions (CRMD_ORDER, CIC0 etc.), and things were working fine.
But when I open activity monitoring report (transaction S_AE2_89000019), search for some activities and open an activity by double-clicking in the report, the hidden fields become visible. Although, the transaction being displayed in CRMD_ORDER.
I couldn't enable my transaction variant for transaction S_AE2_89000019, obviously because this is a report transaction which in turn opens activity when we double-click on the grid.
Any idea how to avoid these hidden fields being displayed via S_AE2_89000019?
Regards,
KaushalHey Kaushal,
Let me first inform you the following:
1) Transaction Variant are associatated to Dialog transactions only......Which means when u call report which eventually refers the same transaction even then the transaction variants is not called....
For the whole transaction variant to workout, you need CALL transaction " ..."....
2) The transaction S_AE2_89000019 is not a dialog transaction, its a parameter transaction which eventually calls a report AQZZ/SAPQUERY/SMCRM_REP_ACT1==
3)This report in turn uses the call to FM CRM_1O_CALL_FOREIGN which launches that crmd_order transaction screen and not crmd_order transaction..
You can enchance that report by creating a z report and inside that z report you can fulfill your requirement..
Inspire ppl by reqwarding..
Regards,
Anand... -
ACTIVITY MONITOR WONT OPEN! PLEASE HELP
How come everytime I open ACTIVITY MONITOR i just get the color wheel and it never opens?
Date/Time: 2012-02-10 18:00:55 -0500
OS Version: 10.6.8 (Build 10K549)
Architecture: x86_64
Report Version: 7
Command: Activity Monitor
Path: /Users/katie/Desktop/Activity Monitor.app/Contents/MacOS/Activity Monitor
Version: 10.6 (212)
Build Version: 551
Project Name: ActivityMonitor
Source Version: 2120000
Parent: launchd [99]
PID: 151
Event: hang
Duration: 6.68s (sampling started after 2 seconds)
Steps: 27 (100ms sampling interval)
Pageins: 21
Pageouts: 0
Process: Activity Monitor [151]
Path: /Users/katie/Desktop/Activity Monitor.app/Contents/MacOS/Activity Monitor
UID: 502
Thread 47c DispatchQueue 1
User stack:
27 ??? (in Activity Monitor + 6996) [0x100001b54]
27 NSApplicationMain + 364 (in AppKit) [0x7fff811c23b0]
27 -[NSApplication run] + 395 (in AppKit) [0x7fff811c968f]
27 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155 (in AppKit) [0x7fff81203801]
27 _DPSNextEvent + 1191 (in AppKit) [0x7fff81204095]
27 AEProcessAppleEvent + 48 (in HIToolbox) [0x7fff877f0619]
27 aeProcessAppleEvent + 210 (in AE) [0x7fff821dc12b]
27 dispatchEventAndSendReply(AEDesc const*, AEDesc*) + 32 (in AE) [0x7fff821dc224]
27 aeDispatchAppleEvent(AEDesc const*, AEDesc*, unsigned int, unsigned char*) + 162 (in AE) [0x7fff821dc32b]
27 _NSAppleEventManagerGenericHandler + 114 (in Foundation) [0x7fff85133f06]
27 -[NSAppleEventManager dispatchRawAppleEvent:withRawReply:handlerRefCon:] + 360 (in Foundation) [0x7fff851340d6]
27 -[NSApplication(NSAppleEventHandling) _handleCoreEvent:withReplyEvent:] + 77 (in AppKit) [0x7fff812fefd9]
27 -[NSApplication(NSAppleEventHandling) _handleAEOpen:] + 219 (in AppKit) [0x7fff812ff35d]
27 -[NSApplication _sendFinishLaunchingNotification] + 66 (in AppKit) [0x7fff8123437f]
27 -[NSApplication _postDidFinishNotification] + 100 (in AppKit) [0x7fff8123444a]
27 -[NSNotificationCenter postNotificationName:object:userInfo:] + 101 (in Foundation) [0x7fff850fca36]
27 _CFXNotificationPostNotification + 200 (in CoreFoundation) [0x7fff874da548]
27 __CFXNotificationPost + 1008 (in CoreFoundation) [0x7fff874edfd0]
27 _nsnote_callback + 167 (in Foundation) [0x7fff85105ad5]
27 ??? (in Activity Monitor + 38377) [0x1000095e9]
27 ??? (in Activity Monitor + 39148) [0x1000098ec]
27 ??? (in Activity Monitor + 39892) [0x100009bd4]
27 ??? (in Activity Monitor + 41655) [0x10000a2b7]
27 read + 10 (in libSystem.B.dylib) [0x7fff80aba466]
Kernel stack:
27 lo64_unix_scall + 77 [0x2a251d]
27 unix_syscall64 + 617 [0x4f82fb]
27 read_nocancel + 158 [0x49fd75]
27 write + 312 [0x49f5f9]
27 pipeinit + 2205 [0x4a154f]
27 soreceive + 1134 [0x4b959f]
27 sbwait + 150 [0x4bb742]
27 msleep + 157 [0x49149d]
27 wakeup + 334 [0x490daa]
27 lck_mtx_sleep + 87 [0x221d42]
27 thread_block + 33 [0x227654]
27 thread_block_reason + 331 [0x2275c6]
27 thread_dispatch + 1966 [0x227327]
27 machine_switch_context + 659 [0x2a9adb]
Thread 485 DispatchQueue 2
User stack:
27 start_wqthread + 13 (in libSystem.B.dylib) [0x7fff80ac9aa5]
27 _pthread_wqthread + 353 (in libSystem.B.dylib) [0x7fff80ac9c08]
27 _dispatch_worker_thread2 + 252 (in libSystem.B.dylib) [0x7fff80aca2de]
27 _dispatch_queue_invoke + 185 (in libSystem.B.dylib) [0x7fff80aca7b4]
27 kevent + 10 (in libSystem.B.dylib) [0x7fff80ac8c0a]
Kernel stack:
27 kevent + 97 [0x47a699]
Binary Images:
0x100000000 - 0x10002dff7 com.apple.ActivityMonitor 10.6 (212) <1A887794-51A5-8C1B-D06A-FB0E7B5E6B93> /Users/katie/Desktop/Activity Monitor.app/Contents/MacOS/Activity Monitor
0x7fff80aaf000 - 0x7fff80c70fef libSystem.B.dylib ??? (???) <9AB4F1D1-89DC-0E8A-DC8E-A4FE4D69DB69> /usr/lib/libSystem.B.dylib
0x7fff811c0000 - 0x7fff81bbaff7 com.apple.AppKit 6.6.8 (1038.36) <4CFBE04C-8FB3-B0EA-8DDB-7E7D10E9D251> /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x7fff821d9000 - 0x7fff82214fff com.apple.AE 496.5 (496.5) <208DF391-4DE6-81ED-C697-14A2930D1BC6> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.fram ework/Versions/A/AE
0x7fff850f5000 - 0x7fff85377fff com.apple.Foundation 6.6.8 (751.63) <E10E4DB4-9D5E-54A8-3FB6-2A82426066E4> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x7fff87495000 - 0x7fff8760cfe7 com.apple.CoreFoundation 6.6.6 (550.44) <BB4E5158-E47A-39D3-2561-96CB49FA82D4> /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x7fff877bc000 - 0x7fff87abafff com.apple.HIToolbox 1.6.5 (???) <AD1C18F6-51CB-7E39-35DD-F16B1EB978A8> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.fra mework/Versions/A/HIT -
Mail hang and is not responding in activity monitor after mavericks update
I click on the mail icon in my dock it just hangs and wont open. The activity monitor says it is just not responding. Any suggestions?
You have a program running that is incompatible. What third-party sound or audio applications are you running? It will be one of those. If you quit them the problem should disappear. You will have to force quit coreaudio and UserEventAgent via Activity Monitor or restart the computer but do not run the third-party application(s).
-
I'm running a Macbook Pro circa 2007 with OSX 10.6.8 and Firefox 27.0.1, and just had a circumstance that really puzzled me. I have a Hughesnet satellite modem with wireless router that I connect to via the airport, and I use Little Snitch software in the demo mode so I know and have to approve which software can send info through the internet connection., but the demo mode had just timed out and terminated and within a half hour of that the computer fans started speeding up to max and the CPU got blazing hot (+200 degF).
Worried, I looked at the activity monitor and it was showing lots of internet activity even though I wasn't doing anything on the internet at the time, and I have all my software updates set to manual because otherwise they would use up my allotted daytime bandwidth and leave none for me. I'd already completed manual software updates during the nightly free time recently. Fearing my computer was hijacked & out of my control, I turned the airport off to terminate the internet connection, BUT IT DIDN'T TURN OFF, and though the indicator in the top right of the screen said it was off, packets were still streaming back & forth like crazy on the activity monitor, and the poor thing was still overheating. So I rebooted the computer, and when it came back up there was no internet activity, and things started cooling down, back to normal again.
Though I'm no techie, this seems to me like my computer has been hijacked by some virus that has taken control of the airport and is feeding me lies about the internet connection status, so that it can use my computer for sending out its own messages. Has anyone heard of a virus that prevents the airport from being turned off, and what should I do about it? I'm afraid to back up my data with my time machine, though its been months since that was done, for fear I'd overwrite a virus-free state of the time machine files with a virus laden one, but I also hate to do something to clean up the machine without backing up my files, and lose a bunch of data. Is there virus protection software that could surgically search out and remove only the virus from my machine and leave most everything else untouched?
Any advice is welcome,
ChristinaHI and Welcome to Apple Discussions...
Try Changing the Airport Channel
Open AirPort Utility, located in the Utilities folder in the Applications folder on a computer using Mac OS X.
Select the device you’re setting up, and then click Manual Setup. Enter the base station password if necessary
Click AirPort in the toolbar, and then click Wireless.
Choose a new channel from the Channel pop-up menu.
Carolyn
Maybe you are looking for
-
Entourage 2008/Leopard/iSync/Palm Treo/Missing Sync
I have been over all the "boards" and everyone is having the same problem syncing Entourage 2008 or even iCal with their Palms. I have been working at it for three days, and have come to the conclusion that I can get everything to sync to the Palm bu
-
BPC copy package doesnt consider selections
Hi all, we work with BPC 7.5 Frontend- & Backendpatch 07 on NetWeaver. We use normaly load_infoprovider package on process chain "/CPMB/LOAD_INFOPROV_UI" to load initial data in our BPC-System. After that loading process we copy the loaded data to ot
-
I think I have said. When I close with Firefox 4, I no longer get to keep my tabs for the next time I start up. I think your new version lost it, because it worked until the moment I upgraded.
-
URGENT!!! oracle_apache.conf
can anyone please post (or send me, but a post is better), the content of oracle_apache.conf file? I've accidently deleted it, and dont have a backup.... (The Oracle Portal is not working without it!) Thanks! Dan
-
I have installed Archicad v10 (by Graphisoft) on my Powerbook and desktop G5. The CADD software utilizes the SHIFT, OPTION and APPLE keys quite a bit for drafting functions and keyboard shortcuts. These keyes work fine on my desktop (using Max OS 10.