Help about Tojan or malware
Hi,
I probably downloaded and executed a malware-virus-trojan in my Mac book Pro Yosemite 10.10 (not proud of it)
I could supply ba copy of it if usefull.
It generates a fake? Adobe Flash player pop up asking permission for storage on my computer.
Scanned with Sophos and Clamxav with issues detected but no threaths found.
Hi have a pre-download and pre-problem clean time machine external HD backup available.
I booted witn the ALT key down and restored from the time machine the backup
It seem that the system files are not replaced since the cache has same data as the pre restore one.
so I think I still have my problem.
Did the restore replaced also thew system files or only everything else.
In other words, how can I use my good system files on my time machine and bring them in my running computer OR what shoul I do?
Thanks in advance
hi
version 2 from my every day user logged in with password
here is the result
Start time: 12:36:21 11/05/14
Model Identifier: MacBookPro10,2
System Version: OS X 10.10 (14A389)
Kernel Version: Darwin 14.0.0
Time since boot: 30 minutes
USB
USB Optical Mouse (Logitech Inc.)
Diagnostic reports
2014-11-04 Google Drive crash
2014-11-05 Color crash
2014-11-05 Finder crash*
2014-11-05 Google Drive crash
2014-11-05 SophosAVAgent crash
* Code injection
Log
Nov 3 23:46:26 process backupd[597] thread 15760 caught burning CPU! It used more than 50% CPU (Actual recent usage: 50%) over 180 seconds. thread lifetime cpu usage 248.063141 seconds, (91.663516 user, 156.399625 system) ledger info: balance: 90004265973 credit: 247983235885 debit: 157978969912 limit: 90000000000 (50%) period: 180000000000 time since last refill (ns): 176757670068
Nov 4 00:55:03 jnl: disk2s2: do_jnl_io: strategy err 0x6
Nov 4 00:55:03 jnl: disk2s2: end_transaction: only wrote 0 of 184832 bytes to the journal!
Nov 4 00:55:03 jnl: disk2s2: close: journal 0xffffff801adb1c20, is invalid. aborting outstanding transactions
Nov 4 00:58:11 process Creative Cloud[1107] caught causing excessive wakeups. Observed wakeups rate (per sec): 182; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45101
Nov 4 01:57:59 PM notification timeout (pid 1107, Creative Cloud)
Nov 4 01:57:59 PM notification timeout (pid 1160, Adobe CEF Helper)
Nov 4 09:10:06 jnl: b(1, 4): replay_journal: from: 3739648 to: 9994240 (joffset 0xe89000)
Nov 4 09:10:06 jnl: b(1, 4): journal replay done.
Nov 4 09:11:09 process SGProtocolServic[30] caught causing excessive wakeups. Observed wakeups rate (per sec): 715; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45187
Nov 4 09:15:30 process Creative Cloud[328] caught causing excessive wakeups. Observed wakeups rate (per sec): 181; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45009
Nov 4 13:27:49 process SGProtocolServic[30] caught causing excessive wakeups. Observed wakeups rate (per sec): 694; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45589
Nov 4 13:31:58 process Creative Cloud[308] caught causing excessive wakeups. Observed wakeups rate (per sec): 183; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45054
Nov 4 15:59:32 wl0: Roamed or switched channel, reason #2, bssid 00, last RSSI -57
Nov 4 16:30:21 PM notification timeout (pid 308, Creative Cloud)
Nov 4 16:30:21 PM notification timeout (pid 359, Adobe CEF Helper)
Nov 5 10:48:38 process SGProtocolServic[30] caught causing excessive wakeups. EXC_RESOURCE supressed due to audio playback
Nov 5 10:52:05 process Creative Cloud[306] caught causing excessive wakeups. Observed wakeups rate (per sec): 182; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45128
Nov 5 11:17:59 process SGProtocolServic[32] caught causing excessive wakeups. Observed wakeups rate (per sec): 666; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45119
Nov 5 11:21:44 process Creative Cloud[304] caught causing excessive wakeups. Observed wakeups rate (per sec): 177; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45023
Nov 5 12:06:26 jnl: b(1, 4): replay_journal: from: 1467904 to: 9360896 (joffset 0xe89000)
Nov 5 12:06:26 jnl: b(1, 4): journal replay done.
Nov 5 12:07:42 process SGProtocolServic[32] caught causing excessive wakeups. Observed wakeups rate (per sec): 611; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45804
Nov 5 12:07:49 process webfilterDNSd[284] caught causing excessive wakeups. Observed wakeups rate (per sec): 698; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 47652
Nov 5 12:10:41 process Creative Cloud[309] caught causing excessive wakeups. Observed wakeups rate (per sec): 190; Maximum permitted wakeups rate (per sec): 150; Observation period: 300 seconds; Task lifetime number of wakeups: 45437
kexts
com.digidesign.iokit.DigiDal (10.3.2f47)
com.waves.driver.soundgrid (2.0.0)
tc.tctechnologies.driver.TCNear (3.5.6 11675)
com.sophos.nke.swi (9.2.50)
com.paceap.kext.pacesupport.snowleopard (5.9)
com.sophos.kext.sav (9.2.50)
Daemons
com.sophos.webd
com.paceap.pacesupport
com.sophos.scan
com.sophos.intercheck
com.sophos.common.servicemanager
com.apple.installer.osmessagetracing
com.google.keystone.daemon
com.oracle.java.Helper-Tool
com.sophos.autoupdate
com.sophos.sxld
com.sophos.notification
com.sophos.configuration
com.waves.daemon.SoundGridProtocolService
com.paceap.eden.licensed
Agents
com.digidesign.mboxpro.helper
com.adobe.AdobeCreativeCloud
com.adobe.ARM.UUID
com.google.keystone.system.agent
com.sophos.uiserver
com.apple.photostream-agent
com.oracle.java.Java-Updater
com.adobe.ARM.UUID
com.apple.AirPortBaseStationAgent
Startup items
/Library/StartupItems/DigidesignLoader/DigidesignLoader
/Library/StartupItems/DigidesignLoader/StartupParameters.plist
/Library/StartupItems/PACESupport/PACESupport
/Library/StartupItems/PACESupport/Resources/PACESupport.plist
/Library/StartupItems/PACESupport/StartupParameters.plist
/Library/StartupItems/Qmaster/Qmaster
/Library/StartupItems/Qmaster/StartupParameters.plist
Bundles
/System/Library/Extensions/AvidMboxPro.kext
- com.avid.driver.firewire.mboxpro
/System/Library/Extensions/DigiDal.kext
- com.digidesign.iokit.DigiDal
/System/Library/Extensions/JMicronATA.kext
- com.jmicron.JMicronATA
/System/Library/Extensions/PACESupportFamily.kext
- com.paceap.kext.pacesupport.master
/System/Library/Extensions/SoundGrid.kext
- com.waves.driver.soundgrid
/System/Library/Extensions/TCNear.kext
- tc.tctechnologies.driver.TCNear
/Library/Audio/MIDI Drivers/Avid Mbox Pro MIDI.plugin
- com.avid.firewire.midi.mboxpro
/Library/Audio/MIDI Drivers/TCNearMIDIDriver.plugin
- tc.tctechnologies.TCNear.midiplugin
/Library/Audio/MIDI Drivers/WaveRiderDriver.plugin
- com.quitearts.waverider.midi
/Library/Audio/Plug-Ins/Components/Assimilator Native.component
- N/A
/Library/Audio/Plug-Ins/Components/Flip4Mac WMA Import.component
- net.telestream.wmv.import
/Library/Audio/Plug-Ins/Components/Integrator.component
- com.tcelectronic.Integrator
/Library/Audio/Plug-Ins/Components/M40 Reverb.component
- N/A
/Library/Audio/Plug-Ins/Components/ResFilter Native.component
- N/A
/Library/Audio/Plug-Ins/Components/WaveShell-AU 8.0.component
- com.WavesAudio.WaveShell-AU.8.0.0
/Library/Audio/Plug-Ins/HAL/Avid CoreAudio.plugin
- com.avid.avid.AvidCoreAudioPlugIn
/Library/Audio/Plug-Ins/HAL/DVCPROHDAudio.plugin
- com.apple.DVCPROHDAudio
/Library/Audio/Plug-Ins/VST/TC Electronic/Assimilator Native.vst
- N/A
/Library/Audio/Plug-Ins/VST/TC Electronic/Integrator.vst
- com.tcelectronic.Integrator
/Library/Audio/Plug-Ins/VST/TC Electronic/M40 Reverb.vst
- N/A
/Library/Audio/Plug-Ins/VST/TC Electronic/ResFilter Native.vst
- N/A
/Library/Audio/Plug-Ins/VST/WaveShell-VST 8.0.vst
- com.WavesAudio.WaveShell-VST.8.0.0
/Library/Audio/Plug-Ins/VST3/WaveShell-VST 8.0.vst3
- com.WavesAudio.WaveShell-VST.8.0.0
/Library/Extensions/SophosNetworkInterceptor.kext
- com.sophos.nke.swi
/Library/Extensions/SophosOnAccessInterceptor.kext
- com.sophos.kext.sav
/Library/Internet Plug-Ins/AdobeAAMDetect.plugin
- com.AdobeAAMDetectLib.AdobeAAMDetect
/Library/Internet Plug-Ins/AdobePDFViewer.plugin
- com.adobe.acrobat.pdfviewer
/Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin
- com.adobe.acrobat.pdfviewerNPAPI
/Library/Internet Plug-Ins/Flip4Mac WMV Plugin.plugin
- net.telestream.wmv.plugin
/Library/Internet Plug-Ins/googletalkbrowserplugin.plugin
- com.google.googletalkbrowserplugin
/Library/Internet Plug-Ins/JavaAppletPlugin.plugin
- com.oracle.java.JavaAppletPlugin
/Library/Internet Plug-Ins/o1dbrowserplugin.plugin
- com.google.o1dbrowserplugin
/Library/Internet Plug-Ins/Silverlight.plugin
- com.microsoft.SilverlightPlugin
/Library/PreferencePanes/Avid Mbox Pro.prefPane
- com.avid.prefpane.{UUID}
/Library/PreferencePanes/Flip4Mac WMV.prefPane
- net.telestream.wmv.prefpane
/Library/PreferencePanes/JavaControlPanel.prefPane
- com.oracle.java.JavaControlPanel
/Library/QuickTime/AppleHDVCodec.component
- com.apple.AppleHDVCodec
/Library/QuickTime/AppleProRes422.component
- com.apple.AppleProRes422
/Library/QuickTime/AvidAV1xCodec.component
- com.avid.qtcodecs.AvidAV1xCodec
/Library/QuickTime/AvidAVd1Codec.component
- com.avid.qtcodecs.AvidAVd1Codec
/Library/QuickTime/AvidAVDJCodec.component
- com.avid.qtcodecs.AvidAVDJCodec
/Library/QuickTime/AvidAVdnCodec.component
- com.avid.qtcodecs.AvidAVdnCodec
/Library/QuickTime/AvidAVdvCodec.component
- com.avid.qtcodecs.AvidAVdvCodec
/Library/QuickTime/AvidAVpkCodec.component
- com.avid.qtcodecs.AvidAVpkCodec
/Library/QuickTime/AvidAVrpCodec.component
- com.avid.qtcodecs.AvidAVrpCodec
/Library/QuickTime/AvidAVUICodec.component
- com.avid.qtcodecs.AvidAVUICodec
/Library/QuickTime/DesktopVideoOut.component
- com.apple.DesktopVideoOut
/Library/QuickTime/DVCPROHDCodec.component
- com.apple.DVCPROHDCodec
/Library/QuickTime/DVCPROHDMuxer.component
- com.apple.DVCPROHDMuxer
/Library/QuickTime/DVCPROHDVideoDigitizer.component
- com.apple.DVCPROHDVideoDigitizer
/Library/QuickTime/DVCPROHDVideoOutput.component
- com.apple.DVCPROHDVideoOutput
/Library/QuickTime/DVCPROHDVideoOutputClock.component
- com.apple.DVCPROHDVideoOutputClock
/Library/QuickTime/DVCPROHDVideoOutputCodec.component
- com.apple.DVCPROHDVideoOutputCodec
/Library/QuickTime/Flip4Mac WMV Advanced.component
- net.telestream.wmv.advanced
/Library/QuickTime/Flip4Mac WMV Export.component
- net.telestream.wmv.export
/Library/QuickTime/Flip4Mac WMV Import.component
- net.telestream.wmv.import
/Library/QuickTime/IMXCodec.component
- com.apple.IMXCodec
/Library/QuickTime/LiveType.component
- com.apple.LiveType.component
/Library/QuickTime/Motion.component
- com.apple.motion.component
Library/Address Book Plug-Ins/SkypeABDialer.bundle
- com.skype.skypeabdialer
Library/Address Book Plug-Ins/SkypeABSMS.bundle
- com.skype.skypeabsms
Library/Caches/com.apple.Safari/Extensions/iSkyDeluxe.safariextension
- com.wondershare.iskyvc
Library/Internet Plug-Ins/Google Earth Web Plug-in.plugin
- com.Google.GoogleEarthPlugin.plugin
Apps
/Applications/Google Drive.app
Contents of /etc/sysctl.conf (checksum 1254711194)
kern.ipc.maxsockbuf=512000
net.inet.tcp.sendspace=131072
net.inet.tcp.recvspace=358400
Contents of /etc/mach_init.d/IIDCVideoAssistant.plist (checksum 71678559)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Command</key>
<string>/System/Library/PrivateFrameworks/CoreMediaIOServicesPrivate.framework/ Versions/A/Resources/IIDCVideoAssistant</string>
<key>OnDemand</key>
<true/>
<key>ServiceName</key>
<string>com.apple.mio.IIDCVideoAssistant</string>
</dict>
</plist>
Contents of /etc/mach_init.d/VDCAssistant.plist (checksum 790003408)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Command</key>
<string>/System/Library/PrivateFrameworks/CoreMediaIOServicesPrivate.framework/ Versions/A/Resources/VDCAssistant</string>
<key>OnDemand</key>
<true/>
<key>ServiceName</key>
<string>com.apple.mio.VDCAssistant</string>
</dict>
</plist>
Contents of /Library/LaunchAgents/com.adobe.AdobeCreativeCloud.plist (checksum 461455494)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.adobe.AdobeCreativeCloud</string>
<key>Program</key>
<string>/Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud</string>
<key>ProgramArguments</key>
<array>
<string>/Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud</string>
<string>--showwindow=false</string>
<string>--onOSstartup=true</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
Contents of /Library/LaunchAgents/com.avid.mboxpro.helper.plist (checksum 425244676)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>KeepAlive</key>
<true/>
<key>Label</key>
<string>com.digidesign.mboxpro.helper</string>
<key>OnDemand</key>
<false/>
<key>ProgramArguments</key>
<array>
<string>/Library/Application Support/Avid/{UUID}/LaunchdDaemon</string>
<string>start</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
Contents of /Library/LaunchAgents/com.oracle.java.Java-Updater.plist (checksum 3543662088)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.oracle.java.Java-Updater</string>
<key>ProgramArguments</key>
<array>
<string>/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater</string>
<string>-bgcheck</string>
</array>
<key>StartCalendarInterval</key>
<dict>
<key>Hour</key>
<integer>21</integer>
<key>Minute</key>
<integer>21</integer>
<key>Weekday</key>
<integer>5</integer>
</dict>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>StandardOutPath</key>
<string>/dev/null</string>
</dict>
...and 1 more line(s)
Contents of /Library/LaunchAgents/com.sophos.uiserver.plist (checksum 40276757)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>KeepAlive</key>
<true/>
<key>Label</key>
<string>com.sophos.uiserver</string>
<key>ProgramArguments</key>
<array>
<string>/Library/Sophos Anti-Virus/SophosUIServer.app/Contents/MacOS/SophosUIServer</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>StandardOutPath</key>
<string>/dev/null</string>
</dict>
</plist>
Contents of /Library/LaunchDaemons/PACESupport.plist (checksum 1658798800)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.paceap.pacesupport</string>
<key>ProgramArguments</key>
<array>
<string>/System/Library/Extensions/PACESupportFamily.kext/Contents/Resources/pa ceload</string>
</array>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
Contents of /Library/LaunchDaemons/com.paceap.eden.licensed.plist (checksum 3699316858)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.paceap.eden.licensed</string>
<key>KeepAlive</key>
<true/>
<key>RunAtLoad</key>
<true/>
<key>Program</key>
<string>/Library/PrivilegedHelperTools/licenseDaemon.app/Contents/MacOS/license Daemon</string>
<key>ProgramArguments</key>
<array>
<string> </string>
</array>
<key>SoftResourceLimits</key>
<dict>
<key>NumberOfFiles</key>
<integer>1024</integer>
</dict>
<key>HardResourceLimits</key>
<dict>
<key>NumberOfFiles</key>
<integer>1024</integer>
...and 15 more line(s)
Contents of /Library/LaunchDaemons/com.sophos.common.servicemanager.plist (checksum 1792128556)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>StandardErrorPath</key>
<string>/dev/null</string>
<key>StandardOutPath</key>
<string>/dev/null</string>
<key>Label</key>
<string>com.sophos.common.servicemanager</string>
<key>ProgramArguments</key>
<array>
<string>/Library/Sophos Anti-Virus/SophosServiceManager.bundle/Contents/MacOS/SophosServiceManager</str ing>
</array>
<key>KeepAlive</key>
<true/>
</dict>
</plist>
Contents of /Library/LaunchDaemons/com.waves.daemon.SoundGridProtocolService.plist (checksum 1106189678)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.waves.daemon.SoundGridProtocolService</string>
<key>ProgramArguments</key>
<array>
<string>/System/Library/Extensions/SoundGrid.kext/Contents/MacOS/SGProtocolServ ice</string>
<string>runasservice</string>
</array>
<key>ServiceDescription</key>
<string>Waves SoundGrid Protocol Service</string>
<key>OnDemand</key>
<false/>
<key>RunAtLoad</key>
<true/>
</dict>
</plist>
Contents of /Library/LaunchDaemons/tc.tctechnologies.TCNear.plist (checksum 775818042)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>tc.tctechnologies.daemon.TCNear</string>
<key>RunAtLoad</key>
<true/>
<key>KeepAlive</key>
<false/>
<key>ProgramArguments</key>
<array>
<string>/Library/Application Support/TCNear/TCNearDaemon</string>
<string>--onDemand</string>
</array>
<key>Sockets</key>
<dict>
<key>MasterSocket</key>
<dict>
<key>SockFamily</key>
<string>Unix</string>
<key>SockPathMode</key>
<integer>438</integer>
<key>SockPathName</key>
<string>/var/run/tc.tctechnologies.daemon.TCNear</string>
...and 6 more line(s)
Contents of Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist (checksum 4071182229)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.adobe.AAM.Scheduler-1.0</string>
<key>Program</key>
<string>/Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility</string>
<key>ProgramArguments</key>
<array>
<string>/Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility</string>
<string>-mode=scheduled</string>
</array>
<key>StartCalendarInterval</key>
<dict>
<key>Minute</key>
<integer>0</integer>
<key>Hour</key>
<integer>2</integer>
</dict>
</dict>
</plist>
Contents of Library/LaunchAgents/com.adobe.ARM.UUID.plist (checksum 408149527)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.adobe.ARM.UUID</string>
<key>ProgramArguments</key>
<array>
<string>/Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>StartInterval</key>
<integer>12600</integer>
</dict>
</plist>
Contents of Library/LaunchAgents/com.adobe.ARM.UUID.plist (checksum 4116814193)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>com.adobe.ARM.UUID</string>
<key>ProgramArguments</key>
<array>
<string>/Applications/Adobe Acrobat XI Pro/Adobe Acrobat Pro.app/Contents/MacOS/Updater/Adobe Acrobat Updater Helper.app/Contents/MacOS/Adobe Acrobat Updater Helper</string>
<string>semi-auto</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>StartInterval</key>
<integer>12600</integer>
</dict>
</plist>
Bad plists
Library/Preferences/com.Fastoid.Chowder.plist
Library/Preferences/com.xiconsinc.linesupreme.plist
Firewall: On
DNS: 24.201.245.77
User login items
iTunesHelper
- /Applications/iTunes.app/Contents/MacOS/iTunesHelper.app
AdobeResourceSynchronizer
- /Applications/Adobe Reader.app/Contents/Support/AdobeResourceSynchronizer.app
Google Drive
- /Applications/Google Drive.app
Eye-Fi Helper
- /Applications/Eye-Fi/Eye-Fi Helper.app
Safari extensions
iMedia Converter Deluxe
Widgets
iCal
Restricted files: 504
Elapsed time (s): 142
Similar Messages
-
i just planned to install windows 7 on my MBP Mid-2012 using VMware Fusion,so i am bit panic about viruses and malware's affecting through vmware,is there any way to avoid from this??
usamasheikh wrote:
virus protection in vmware or on my running OS X 10.8.2??plz help me out
First, you can install Microsoft's Security Essentials in the Win 7 VM and keep it up-to-date. Second, you can turn off Sharing in Fusion's System Settings to keep the VM environment separate from your Mac. Third, you can look into Sophos Anti-Virus http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-ed ition/download.aspx for the Mac host. -
Where is the help for the latest malware attack on macs from flash player?
Where is the help for the latest malware attack from flash player? I am running mac ox x v10.7 lion, and everything that I can find says to download Java and neither of them will work. 10.6 update says its for version 10.6. java for osx date 7 says it will damage hard drive !!!
How do I know if I have this and what can I do to protect my computer? I JUST DOWNLOADED FLASH PLAYER A WEEK AGO. I deleted it from my computer but how do I know if I have malware?????????There is a new user-friendly Flashback detection-removal tool from F-Secure available here:
Flashback Removal Tool
http://www.f-secure.com/weblog/archives/00002346.html
Apple has promised one also, but it has not yet been released. See
About Flashback malware
http://support.apple.com/kb/HT5244 -
HELP about analog output video
Hello, I´m need help about analog output video in Premiere CS5 using Matrox RTX2. I need to crop a video with resolution in 1440x1080 to 4:3 in output analog. But what happens is wrong (I think). My video is in format anamorphic and the other option is 16:9 letterbox. Is there any way to crop the video without using effects. Thanks a Lot and sorry my bad english (my native language is Portuguese).
There are no 4:3 HD specifications. You'll have to put the video into a normal SD sequence, and scale it down till the top and bottom of the video meet the frame. That way the sides will be cut off.
-
Help about Warning Security IE 8.0
Hello Guys,
I need help about warning security IE 8.0.
When I try install a software from my webserver is display the following message:
I can't check the publisher.Are you sure install the software?
This file does not have a valide digital signature that verifies its publisher.
You should only install software from publishers you trust.
Well, I already enable:
Download signed ActiveX controls
Download unsigned ActiveX controls
Allow active content from CDs to run on user machines Enabled
Allow software to run or install even if the signature is invalid Enabled
Check for server certificate revocation Disabled
Check for signatures on downloaded programs Disabled
Is there somewhere I disable all settings warning's about IE or one specific GPO I need disable for this warning don't display for me?
In the same installation a lot of about file .cab are installed, only one specifc I don't have sucess.
I try some troubleshootings too:
https://social.technet.microsoft.com/Forums/windows/en-US/8f8293c4-0920-462f-9c69-0a8e3f92aa02/unknown-publishers-warning
https://www.youtube.com/watch?v=UknQn6tZZis
http://windows-3322.blogspot.com.br/2011/02/how-to-repair-activex-error.html
Thanks a lot who answer me or about any idea about my issue.This file does not have a valide digital signature that verifies its publisher.
Did you see your result
https://social.technet.microsoft.com/Forums/windows/en-US/8f8293c4-0920-462f-9c69-0a8e3f92aa02/unknown-publishers-warning
<quote>
Changing the time zone actually worked.
</quote>
Robert Aldwinckle -
This is the message when I Open Firefox:
"You're not on the latest version of Firefox. Upgrade today to get the best of the Web!"
At <Help> & <About Firefox>, it shows
Firefox
9.0.1
"Firefox is up to date"
"You are currently on the release update Channel"
One of those messages must be wrong. Either way Firefox seems to work fine otherwise. Thanks and regards, Peter SpielmanIs your homepage set to www.google.com/firefox? If so, that page is wrong. You should change your home page to about:home or some other site instead. The google.com/firefox page is no longer supported.
-
One of three user accounts on the same computer appears to not be updating to 8.0.1 correctly. One admin and one none admin user account says it is up-to-date. The other non-admin user account, under Help About Firefox says apply update, but won't.
As long as you installed MS Office into its default location (the top level /Applications folder) it will be available to all user accounts on the Mac.
As far as licensing is concerned you only have to enter the license code once, which you should do right after installing MS Office, in the same admin account you installed it from, by opening any one of the MS Office applications. There is no additional licensing required for additional user accounts on the same Mac.
Each user account is able to run the Office apps. The only thing you will have to do is go through an initial setup screen in each user account (but this setup does NOT involve entering any additional license codes).
You may have problems if you installed MS Office in a particular user account (i.e. NOT in the top level /Applications folder). -
Hi all,
DB:11.2.0.3.0
EBS:12.1.3
O/S: Sun Solaris SPARC 64 bits
I am not able to view Forms Server version in Help: About Oracle Applications after the forms upgrade 10.1.2.3.0 after the forms upgrade 10.1.2.3.0 as per note:Upgrading OracleAS 10g Forms and Reports to 10.1.2.3 (437878.1)
Java/jre upgraded to 1.7.0.45 and JAR files regenerated(without force option). Able to opne forms without any issues.
A)
$ORACLE_HOME/bin/frmcmp help=y
FRM-91500: Unable to start/complete the build.
B)
$ORACLE_HOME/bin/rwrun ?|grep Release
Report Builder: Release 10.1.2.3.0 - Production on Thu Nov
28 14:20:45 2013
Is this an issue? Could anyone please share the fix if faced the similar issue earlier.
Thank You for your time
Regards,Hi Hussein,
You mean reboot the solaris server and then start database and applications services. We have two databases running on this solaris server.
DBWR Trace file shows:
Read of datafile '+ASMDG002/test1/datafile/system.823.828585081' (fno 1) header failed with ORA-01206
Rereading datafile 1 header failed with ORA-01206
V10 STYLE FILE HEADER:
Compatibility Vsn = 186646528=0xb200000
Db ID=0=0x0, Db Name='TEST1'
Activation ID=0=0x0
Control Seq=31739=0x7bfb, File size=230400=0x38400
File Number=1, Blksiz=8192, File Type=3 DATA
Tablespace #0 - SYSTEM rel_fn:1
Creation at scn: 0x0000.00000004 04/27/2000 23:14:44
Backup taken at scn: 0x0001.db8e5a1a 04/17/2010 04:16:14 thread:1
reset logs count:0x316351ab scn: 0x0938.0b32c3b1
prev reset logs count:0x31279a4c scn: 0x0938.08469022
recovered at 11/28/2013 19:43:22
status:0x2004 root dba:0x00c38235 chkpt cnt: 364108 ctl cnt:364107
begin-hot-backup file size: 230400
Checkpointed at scn: 0x0938.0cb9fe5a 11/28/2013 15:04:52
thread:1 rba:(0x132.49a43.10)
enabled threads: 01000000 00000000 00000000 00000000 00000000 00000000
Hot Backup end marker scn: 0x0000.00000000
aux_file is NOT DEFINED
Plugged readony: NO
Plugin scnscn: 0x0000.00000000
Plugin resetlogs scn/timescn: 0x0000.00000000 01/01/1988
00:00:00
Foreign creation scn/timescn: 0x0000.00000000 01/01/1988
00:00:00
Foreign checkpoint scn/timescn: 0x0000.00000000 01/01/1988
00:00:00
Online move state: 0
DDE rules only execution for: ORA 1110
----- START Event Driven Actions Dump ----
---- END Event Driven Actions Dump ----
----- START DDE Actions Dump -----
Executing SYNC actions
----- START DDE Action: 'DB_STRUCTURE_INTEGRITY_CHECK' (Async) -----
Successfully dispatched
----- END DDE Action: 'DB_STRUCTURE_INTEGRITY_CHECK'
(SUCCESS, 0 csec) -----
Executing ASYNC actions
----- END DDE Actions Dump (total 0 csec) -----
ORA-01186: file 1 failed verification tests
ORA-01122: database file 1 failed verification check
ORA-01110: data file 1:
'+ASMDG002/test1/datafile/system.823.828585081'
ORA-01206: file is not part of this database - wrong
database id
Thanks, -
How to Disable Check for updates button in Help/About in firefox 5.0
Hi the user should not manually check for updates so we want to disable the Check for updates button also in Help/About.
Thanks in advancedYou can hide that button with code in userChrome.css below the @namespace line.
* http://kb.mozillazine.org/userChrome.css
* http://kb.mozillazine.org/Editing_configuration
You can use the ChromEdit Plus or Stylish extension to have easier access to the customization files.
* ChromEdit Plus: http://webdesigns.ms11.net/chromeditp.html
<pre><nowiki>@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"); /* only needed once */
#aboutDialog #updateBox { display:none!important; }</nowiki></pre>
You can also choose to lock the related update pref(s) to false if you want to make sure.
See:
* http://kb.mozillazine.org/Locking_preferences
* http://kb.mozillazine.org/about:config -
Help about W2K Apache plug-in for WLS
Hi,everybody.
I want to use the W2K apache http server for redirect the dynamic request to
WLS. But i don't have the corresponding plug-in. Who can help me? or Who can
give me some hint about this?
Thanks in advance.
BR
Steven ZhaoHi Steven,
as far as I know there is no Apache Plugin for Windows Platform. Your
choice is either Unix->Apache or Windows->IIS. I think there is a
Netscape Plugin as well, but I don't know for which platforms.
Daniel
-----Original Message-----
From: Steven Zhao [mailto:[email protected]]
Posted At: Friday, October 20, 2000 6:02 AM
Posted To: management
Conversation: Help about W2K Apache plug-in for WLS
Subject: Help about W2K Apache plug-in for WLS
Hi,everybody.
I want to use the W2K apache http server for redirect the dynamic
request to
WLS. But i don't have the corresponding plug-in. Who can help me? or Who
can
give me some hint about this?
Thanks in advance.
BR
Steven Zhao -
Need help about Hidden Markov Model model
I want to make classification for EEG signal using Hidden Markov Model
algorithm based on neural network.
plz need help about how to implement this algorithm using LABVIEW.
if not I want another thing to make classification.
any one know information about this topic, send me a reply
thanksHave you derrived the HMM that you want to implement?
If so, post the algorithm and we can provide comments on how to implement it using LabVIEW.
Message Edited by Ray.R on 04-12-2010 12:54 PM -
Help about location based classes
Helo. i need some help about location classes(i use J2ME). i want to develop a gps compass application. when i connected to gps, orientation is shown on a compass.(for example if i go to northeast direction, compass indicator shows the direction between nort and east).
I made connecting GPS. Now i must draw a compass and show the direction informations on it. For doing this, which location classes i can use?
(i do search about this,but i didn't decide which class i should use. I thought that i can use Orientation class for this. I found a source code and tried it. According to this snippet source code about orientation class, my phone doesn't support Orientation class.But i found an application about gps compass, it works on phone. )i write this question CLDC{MIDP part.
Thanks... -
How do i see what beta ver i'm at - deeper than Help | About Firefox - registry .. ?
i am enrolled in the beta channel but because the notification popups are so quick i someties do not see that a new beta ver is available. i consult filehippo regularly to see what updates are out there but i want to have a way i can find what beta i'm at - Help|About Firefox doesn't get it - how can i find that? looked in registry but haven't found what i want
any idees?
ciao
sawI'm not trying to discredit your work. But I did actually read the workaround and it is valid. That is true. But still that's not an answer to my question nor an explanation for that design choice. It's a workaround for a software not displaying the exact version.
So why not jump in this thread if it exists? Why create a new thread with the same question? Also to apply your logic, why didn't anybody tell the user to use the stable version if he's incapable of figuring out the obvious? -
Which file in Omni.ja contains the version number in HELP | ABOUT
We are using Firefox in a corporate locked down environment.
we have made a number of changes to files in the OMNI.JA file to configure Firefox accordingly.
We now have a newer version of firefox to install/package however, when we replace the default omni.ja file in FF 10.0.10 and go into HELP | ABOUT it shows the version number of FF that the omni.ja file came from, ie 10.0.4.
Which file(s) need to be replaced in omni.ja so that when we select HELP | ABOUT it shows the correct version of 10.0.10 ?
regards
Billhello biffal, which changes to the omnia.ja file have you done originally? maybe there's a better way to do it, because this file will be overwritten by each & every firefox update...
-
9.5.3 Help / About reports version as 9.0.0
After downloading AcrobatUpd953_all_incr.msp, installing it to patch Acrobat from 9.5.2 to 9.5.3, and rebooting, when I select Help / About in Acrobat, the dialog shows the version of Acrobat as 9.0.0. When I open Control Panel / Programs and Features, it shows the version of Acrobat as 9.5.3, when I look at the properties of acrobat.exe the file version is 9.5.3.305, and in Acrobat if I open Help / About Adobe Plugins, all the plugin versions are shown as 9.5.3.305. So it looks as though it's just the About dialog that is screwed.
I checked with a friend who also has Acrobat 9, and he sees exactly the same bug. OS on both machines is Windows 7 x64.I tried this on my Win7 64 bit machine and its working fine.Please try repairing your Acrobat from control panel and see if it works.
Maybe you are looking for
-
Performance issue showing read by other session Event
Hi All, we are having a severe performance issue in my database when we are running batch jobs. This was a new database(11.2.0.2) and we are testing the performance by running some batch jobs. These batch jobs included some inserts and updates. I am
-
Can information in cache accessed outside of Oracle DB after shutdown?
Hi All, I read that the information in caches can be accessed outside of Oracle DB and the buffered Cache must be emptied at shut down of Oracle DB. Questions: 1. Is it possible to access cache outside of Oracle DB? If yes, how can one read it? 2. Is
-
ThinkPad W530: Blank Screen/Weird Colorful screen on Lid Open
Please see the picture below. This error happens randomly when I close my lid, and/or move my laptop fast from one place to the other. I get either the error screen below or a blank screen. Both the error screen below and blank screen require me to h
-
Share screen button not appearing when remote from office
When I am in the office connected via the local LAN the share screen button in Finder is displayed. When I am at home anc connected via broadband I can still see the server and shares but I have no share screen button. Is there a preference that need
-
Power cut / itunes update leads to itunes memory loss :-(
I am running a mac mini only 6 months old with 2.5ghz intel I5 Core. Where i live we suffer many power cuts. Everything was working fine with itunes, but now itunes is having real issues with locating many of my files. I have around 260gb in music al