| |
04.05.2021, 11:43
| #16 | ||
| /// Mac Expert    |  Ursnif Trojaner auf MacZitat:
Zitat:
 Code:
ATTFilter The operation can’t be completed because you don’t have permission to access some of the items.
Wenn du im Terminal Code:
ATTFilter sudo su
Ach so, falls es geklappt hat, dann mit exit den Admin-Bereich verlassen. Nebenbei gesagt: Das Terminal welches du benutzt benötigt in diesem Fall auf Festplattenvorllzugriff  Zum Überprüfen: Lade dir bitte die Programme KnockKnock und KextViewr herunter. Enpacken und in den Programm-Ordner verschieben. Beide Programme benötigen volle Festplattenvollzugriffs-Rechte. 1. KnockKnock Klicke auf Start Scan du kannst jetzt selbst nach den betroffenen Daten suchen sofern diese noch vorhanden sind, werden die angezeigt. Mit klick auf das Auge auf der rechten Seite wird der Speicherort geöffnet. Versuche es manuell zu löschen. Du brauchst Admin-Rechte wenn du nicht als Admin eingeloggt bist funktioniert das nicht. Wenn du alles überprüft hast dann klicke unten links auf das Download-Symbol (Pfeil nach unten). Speichere das Log auf deinem Desktop und füge es hier als Anhang ein. 2. KextViewr Diese App scannt beim Start automatisch nach Systemerweiterungen. Standardmäßig werden auch die Apple-Systemerweiterungen angezeigt. Klicke unten rechts auf Show OS Kexts um es abzuwählen, dann werden nur noch Dritt-Anbieter Erweiterungen angezeigt. Wie bei KnockKnock speichere bitte das Log und füge es hier als Anhang ein.
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche?  Spende fürs trojaner-board? Geändert von Dante12 (04.05.2021 um 12:13 Uhr) |
|
05.05.2021, 12:44
| #17 |
 | Ursnif Trojaner auf Mac Auch mit Admin Rechten, kann ich die vorher angegebene Datei nicht löschen, weil ich anscheinend keine Rechte habe, was mir doch sehr suspekt vorkommt!!
__________________jedenfalls hier die Logs knockknock Code:
ATTFilter {"Authorization Plugins":[],"Browser Extensions":[],"Cron Jobs":[],"Dir. Services Plugins":[],"Event Rules":[],"Extensions and Widgets":[],"Kernel Extensions":[{"name": "NIUSBAudio2DJ", "path": "/Library/Extensions/NIUSBAudio2DJ.kext/Contents/MacOS/NIUSBAudio2DJ", "plist": "n/a", "hashes": {"md5":"98210C3CCAD613AD4CA35B7106C9A0DC","sha1":"3A90B3B7728AA1057332A2B1F38C4DD290B079C3"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/57"},{"name": "NIUSBAudio4DJ", "path": "/Library/Extensions/NIUSBAudio4DJ.kext/Contents/MacOS/NIUSBAudio4DJ", "plist": "n/a", "hashes": {"md5":"AA6D5E3052E82EE4B82032F7D69E012C","sha1":"41A1ACE59F7C607B3F54BFE49872C95A441DA048"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/72"},{"name": "SiLabsUSBDriver64", "path": "/Library/Extensions/SiLabsUSBDriver64.kext/Contents/MacOS/SiLabsUSBDriver64", "plist": "n/a", "hashes": {"md5":"56C99F64D44F0D4BD8EA893FD18920B3","sha1":"F44DB2F03C339C2E66B8F992A5A6E32BC244BB87"}, "signature(s)": {"signatureIdentifier":"com.silabs.driver.CP210xVCPDriver64","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Wacom Technology Corp. (EG27766DY7)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "JMicron JMB368 CF Card Reader Driver", "path": "/Library/Extensions/JMicronATA.kext/Contents/MacOS/JMicronATA", "plist": "n/a", "hashes": {"md5":"9C8207D44446861A5B40E2AC4C6F5DBA","sha1":"D7894CA7F78BBC970CE45A249FF72ED26843F557"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/75"},{"name": "fabio", "path": "/Library/Extensions/fabio.kext/Contents/MacOS/fabio", "plist": "n/a", "hashes": {"md5":"E50B80668C3F90C0FC7BA0F1220B9F71","sha1":"E9897F21C4D9EE92CC4B3CE63F64BFCC4B50319A"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/71"},{"name": "NIUSBTraktorKontrolX1", "path": "/Library/Extensions/NIUSBTraktorKontrolX1.kext/Contents/MacOS/NIUSBTraktorKontrolX1", "plist": "n/a", "hashes": {"md5":"0CB272D07C6618CD30DD990D9272AFC7","sha1":"8202BD54CB0135932164A4F22AC1280D222FCB6F"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/70"},{"name": "Dropbox", "path": "/Library/Extensions/Dropbox.kext/Contents/MacOS/Dropbox", "plist": "n/a", "hashes": {"md5":"30F16183AF38E316CD4B967266F9A311","sha1":"BEDF28C13F447D3B0D3056AEFC05A23DF291BB99"}, "signature(s)": {"signatureIdentifier":"com.getdropbox.dropbox.kext","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Dropbox, Inc. (G7HH3F8CAK)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "NIUSBDeviceHelper", "path": "/Library/Extensions/NIUSBDeviceHelper.kext/Contents/MacOS/NIUSBDeviceHelper", "plist": "n/a", "hashes": {"md5":"F0758EFD1952A9AFE6E9F782003DDBC1","sha1":"0E67D544AFC35C088358C8A94C609648020E91A2"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/64"},{"name": "NIUSBAudioDriver", "path": "/Library/Extensions/NIUSBAudioDriver.kext/Contents/MacOS/NIUSBAudioDriver", "plist": "n/a", "hashes": {"md5":"41E041DD75B812532565296060E84500","sha1":"67B3342FCA90A9C4073DEED688ED7B72B90BCEC9"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/71"}],"Launch Items":[{"name": "hdjsd", "path": "/var/hercules/hdjsd", "plist": "/Library/LaunchDaemons/hdjsd.plist", "hashes": {"md5":"C18C0952364B8D508B389CBDCD6B6A8D","sha1":"CC44D393B25ABEF08964C2D1D43B0533957551B0"}, "signature(s)": {"signatureIdentifier":"hdjsd","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Guillemot Research & Development Inc.","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "AGSService", "path": "/Library/Application Support/Adobe/AdobeGCClient/AGSService", "plist": "/Library/LaunchDaemons/com.adobe.agsservice.plist", "hashes": {"md5":"ED95303A6CC42352F29596A981911F14","sha1":"3BEFEC4C251006163689D25040F310E6B66B7FE2"}, "signature(s)": {"signatureIdentifier":"com.adobe.ags","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Adobe Systems, Inc. (JQ525L2MZD)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "RTProtectionDaemon", "path": "/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon", "plist": "/Library/LaunchDaemons/com.malwarebytes.mbam.rtprotection.daemon.plist", "hashes": {"md5":"D7BFB433D6712EE4E6CCD62811C06A4E","sha1":"827125BCE92F991054036580C0754027FB3F7295"}, "signature(s)": {"signatureIdentifier":"com.malwarebytes.mbam.rtprotection.daemon","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{"com.apple.developer.team-identifier":"GVZRY6KDKR","com.apple.application-identifier":"GVZRY6KDKR.com.malwarebytes.mbam.rtprotection.daemon","com.apple.developer.endpoint-security.client":true},"signatureAuthorities":["Developer ID Application: Malwarebytes Corporation (GVZRY6KDKR)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "VirtualBoxStartup.sh", "path": "/Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh", "plist": "/Library/LaunchDaemons/org.virtualbox.startup.plist", "hashes": {"md5":"A0FBEB6091D67DD0727139B47587E77E","sha1":"010ADE81031AA87C0A83544A4E772F3ABE986CD7"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/74"},{"name": "com.wacom.UpdateHelper", "path": "/Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper", "plist": "/Library/LaunchDaemons/com.wacom.UpdateHelper.plist", "hashes": {"md5":"44BF989386F352BAFE043332D247FB96","sha1":"E609248A6C21FFCA3D6CF19370B9AC0185B2D193"}, "signature(s)": {"signatureIdentifier":"com.wacom.UpdateHelper","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{"com.apple.security.network.client":true,"com.apple.security.temporary-exception.mach-register.global-name":["com.wacom.UpdateHelper"],"com.apple.security.temporary-exception.sbpl":["(allow file-write*)","(allow file-read-xattr)","(allow file-write-xattr)","(allow hid-control)","(allow file-write-create)","(allow file-write-owner)","(allow file-write-setugid)","(allow file-write-data)","(allow file-write-mode)","(allow file-read* file-write* (subpath \"\/private\/tmp\"))","(allow file-read* file-write* (subpath \"\/tmp\/\"))","(allow file-read* file-write* (subpath \"\/private\/tmp\/Wacom\"))","(allow file-read* (regex #\"FirmwareUpdater\\.app\"))","(allow file-write-unlink (literal \"\/Library\/Application Support\/Tablet\/\"))","(allow file-write-unlink (literal \"\/Library\/LaunchAgents\/com.wacom.TabletKeyHelper.plist\"))","(allow file-write-unlink (literal \"\/Library\/LaunchDaemons\/com.wacom.DisplayHelper.plist\"))","(allow file-write-unlink (literal \"\/Library\/LaunchDaemons\/com.wacom.displayhelper.plist\"))","(allow file-write-unlink (literal \"\/Library\/LaunchDaemons\/com.wacom.TabletHelper.plist\"))","(allow file-write-unlink (literal \"\/Library\/PrivilegedHelperTools\/com.wacom.TabletHelper.app\"))","(allow file-write-unlink (literal \"\/System\/Library\/Extensions\/FTDIKext.kext\/\"))","(allow file-write-unlink (literal \"\/System\/Library\/Extensions\/SiLabsUSBDriver.kext\/\"))","(allow file-write-unlink (literal \"\/System\/Library\/Extensions\/SiLabsUSBDriver64.kext\/\"))","(allow file-write-unlink (literal \"\/System\/Library\/Extensions\/Wacom Tablet.kext\/\"))","(allow file-read-data)","(allow process-fork)","(allow process-exec (literal \"\/bin\/ps\")(literal \"\/usr\/bin\/sudo\")(literal \"\/usr\/bin\/xattr\")(literal \"\/usr\/bin\/tar\")(with no-sandbox))","(allow appleevent-send (appleevent-destination \"com.wacom.WacomTouchDriver\")(appleevent-destination \"com.wacom.wacomtablet\"))","(allow signal)"],"com.apple.security.temporary-exception.file.absolute-path.read-write":["\/Applications\/","\/Applications\/Wacom Tablet.localized\/","\/Library\/Application Support\/Tablet\/","\/Library\/Application Support\/Tablet\/UserHelp\/","\/Library\/Extensions\/","\/Library\/Frameworks\/","\/Library\/LaunchDaemons\/","\/Library\/PreferencePanes","\/Library\/Preferences\/Tablet\/","\/Library\/Preferences\/Tablet\/Wacom App Specific Settings\/","\/Library\/Preferences\/Tablet\/foo.plist","\/Library\/Preferences\/Tablet\/too.plist","\/Library\/PrivilegedHelperTools\/com.wacom.TabletHelper.app\/","\/System\/Library\/Extensions\/","\/System\/Library\/Extensions\/FTDIKext.kext\/","\/System\/Library\/Extensions\/SiLabsUSBDriver.kext\/","\/System\/Library\/Extensions\/SiLabsUSBDriver64.kext\/","\/System\/Library\/Extensions\/Wacom Tablet.kext\/","\/private\/tmp","\/private\/tmp\/Wacom"],"com.apple.security.temporary-exception.shared-preference.read-write":["com.wacom.Wacom-Desktop-Center.plist","com.wacom.wacomtablet.prefs","com.wacom.wacomtouch.prefs"],"com.apple.security.app-sandbox":true,"com.apple.security.network.server":true,"com.apple.security.application-groups":["group.EG27766DY7.com.wacom.WacomTabletDriver"],"com.apple.security.temporary-exception.file.home-relative-path.read-write":["\/Library\/Preferences\/","\/Library\/Group Containers\/group.EG27766DY7.com.wacom.WacomTabletDriver\/","\/Library\/Containers\/com.wacom.RemoveWacomTablet\/","\/Library\/Containers\/com.wacom.Wacom-Desktop-Center\/","\/Library\/Containers\/com.wacom.Wacom-Display-Settings\/"],"com.apple.security.inherit":false,"com.apple.security.temporary-exception.mach-lookup.global-name":["com.apple.windowserver","com.wacom.TabletUtility","com.wacom.TabletHelper","com.wacom.Tester","com.wacom.TabletDriver","com.wacom.wacomtablet","com.wacom.WacomTouchDriver","com.wacom.WacomMultiTouch","com.wacom.WacomDeskTopCenterMessageServer"]},"signatureAuthorities":["Developer ID Application: Wacom Technology Corp. (EG27766DY7)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Creative Cloud", "path": "/Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud", "plist": "/Library/LaunchAgents/com.adobe.AdobeCreativeCloud.plist", "hashes": {"md5":"6011DA94767CA1C0A5B5745AF1636749","sha1":"BD7C861C4AA76683AFD9D8105D1D943F172F6E2A"}, "signature(s)": {"signatureIdentifier":"com.adobe.acc.AdobeCreativeCloud","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Adobe Systems, Inc. (JQ525L2MZD)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "com.wacom.DataStoreMgr", "path": "/Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr", "plist": "/Library/LaunchAgents/com.wacom.DataStoreMgr.plist", "hashes": {"md5":"73D193403CB0F6A9DA371596C56C2D04","sha1":"F03AEAC7086DB787F0545364D585D9C19F93B2D9"}, "signature(s)": {"signatureIdentifier":"com.wacom.DataStoreMgr","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{"com.apple.security.network.client":true,"com.apple.security.temporary-exception.mach-register.global-name":["com.wacom.DataStoreMgr"],"com.apple.security.temporary-exception.sbpl":["(allow file-write-create)","(allow file-write-owner)","(allow file-write-setugid)","(allow file-write-data)","(allow file-write-mode)","(allow file-write*)","(allow file-read-data)"],"com.apple.security.temporary-exception.file.absolute-path.read-write":["\/tmp","\/private\/tmp","\/private\/tmp\/Wacom"],"com.apple.security.app-sandbox":true,"com.apple.security.network.server":true,"com.apple.security.application-groups":["group.EG27766DY7.com.wacom.WacomTabletDriver"],"com.apple.security.temporary-exception.file.home-relative-path.read-write":["\/","\/Library\/Preferences\/.wacom","\/Library\/Group Containers\/group.EG27766DY7.com.wacom.WacomTabletDriver\/"],"com.apple.security.inherit":false,"com.apple.security.temporary-exception.mach-lookup.global-name":["com.apple.windowserver","EG27766DY7.com.wacom.TabletUtility","EG27766DY7.com.wacom.TabletHelper","EG27766DY7.com.wacom.Tester","EG27766DY7.com.wacom.TabletDriver","EG27766DY7.com.wacom.WacomMultiTouch","EG27766DY7.com.wacom.Wacom-Desktop-Center","EG27766DY7.com.wacom.WacomDesktopCenter"]},"signatureAuthorities":["Developer ID Application: Wacom Technology Corp. (EG27766DY7)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AGMService", "path": "/Library/Application Support/Adobe/AdobeGCClient/AGMService", "plist": "/Library/LaunchAgents/com.adobe.GC.AGM.plist", "hashes": {"md5":"A44AB3900C5F0475E3F426254AEA3AE1","sha1":"651E5EAF817A5CD8295FCF972E0DBEEB9506430B"}, "signature(s)": {"signatureIdentifier":"com.adobe.ags","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Adobe Systems, Inc. (JQ525L2MZD)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "FrontendAgent", "path": "/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent", "plist": "/Library/LaunchAgents/com.malwarebytes.mbam.frontend.agent.plist", "hashes": {"md5":"F0A3C0D907669D7C7F705DF102F1F70C","sha1":"58EEF4ADDA2AE8A2B064D81DB467E2406372C117"}, "signature(s)": {"signatureIdentifier":"com.malwarebytes.mbam.frontend.agent","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Malwarebytes Corporation (GVZRY6KDKR)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "UpdaterStartupUtility", "path": "/Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility", "plist": "/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist", "hashes": {"md5":"7DDD9BC75345BD2BEDCD17DE0D41A45A","sha1":"543CB1504C2EF234F1D469160818ED2CF7344FE3"}, "signature(s)": {"signatureIdentifier":"com.adobe.AAM.AdobeUpdaterStartupUtility","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Adobe Systems, Inc.","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/66"},{"name": "agcinvokerutility", "path": "/Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility", "plist": "/Library/LaunchAgents/com.adobe.GC.Invoker-1.0.plist", "hashes": {"md5":"1BACA43BEA1513862B7EC9ACCF66F5EA","sha1":"4812D1A1EF8308B50203D31CF80449482A85C552"}, "signature(s)": {"signatureIdentifier":"com.adobe.gcinvokerutility","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Adobe Systems, Inc. (JQ525L2MZD)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "StandaloneUpdater", "path": "/Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater", "plist": "/Library/LaunchAgents/com.microsoft.OneDriveStandaloneUpdater.plist", "hashes": {"md5":"071CB12A9253786178CE3C7E027023EF","sha1":"0306D0EF636B753511C0622762E50F2A6ACD9475"}, "signature(s)": {"signatureIdentifier":"com.microsoft.OneDriveStandaloneUpdater","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{"com.apple.security.application-groups":["UBF8T346G9.OneDriveStandaloneSuite"],"com.apple.security.app-sandbox":false},"signatureAuthorities":["Developer ID Application: Microsoft Corporation (UBF8T346G9)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/73"},{"name": "WacomTabletDriver", "path": "/Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver", "plist": "/Library/LaunchAgents/com.wacom.wacomtablet.plist", "hashes": {"md5":"8BA0F605120F264D102C587390F5918E","sha1":"5BA53D3FAED24BC03101A5B3E24B6D813DADF308"}, "signature(s)": {"signatureIdentifier":"com.wacom.wacomtablet","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{"com.apple.security.temporary-exception.files.home-relative-path.read-write":["\/Library\/Preferences\/","\/Library\/Group Containers\/group.EG27766DY7.com.wacom.WacomTabletDriver\/"],"com.apple.security.temporary-exception.mach-register.global-name":["Wacom_Driver","com.wacom.WacomTabletDriverMessageServer","com.wacom.wacomtablet.WacomTouch"],"com.apple.security.network.server":true,"com.apple.security.temporary-exception.mach-lookup.global-name":["com.apple.sysmond","com.wacom.TabletDriver","com.wacom.tabletdriver","com.wacom.WacomDeskTopCenterMessageServer","com.wacom.DataStoreMgr","com.wacom.CoordinatorMessageServer","com.wacom.ProfessionalTouchDriverMessageServer","com.wacom.IOManager"],"com.apple.security.automation.apple-events":true,"com.apple.security.device.bluetooth":true,"com.apple.security.network.client":true,"com.apple.security.temporary-exception.sbpl":["(allow file-read* file-write* (subpath \"\/Library\/Application Support\/Tablet\"))","(allow file-read* file-write* (subpath \"\/Library\/Preferences\/Tablet\"))","(allow file-read* (subpath \"\/\"))","(allow file-read-xattr)","(allow process-exec (subpath \"\/Applications\"))","(allow file-write-data (subpath \"\/dev\"))","(allow iokit-open)","(allow hid-control)","(allow distributed-notification-post)","(allow appleevent-send)","(allow process-exec (literal \"\/usr\/bin\/osascript\")(with no-sandbox))"],"com.apple.security.device.usb":true,"com.apple.security.application-groups":["group.EG27766DY7.com.wacom.WacomTabletDriver","group.com.wacom.TabletDriver"],"com.apple.security.files.user-selected.read-only":true,"com.apple.security.temporary-exception.shared-preference.read-write":["com.wacom."],"com.apple.security.app-sandbox":true},"signatureAuthorities":["Developer ID Application: Wacom Technology Corp. (EG27766DY7)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/73"},{"name": "Microsoft Update Assistant", "path": "/Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant", "plist": "/Library/LaunchAgents/com.microsoft.update.agent.plist", "hashes": {"md5":"044C89DCECBE1C93FE8E52AF383DCABB","sha1":"280016D3D3A34253454B304161662BDB7B63BCC4"}, "signature(s)": {"signatureIdentifier":"com.microsoft.autoupdate.fba","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{"com.apple.security.automation.apple-events":true,"com.apple.security.app-sandbox":false},"signatureAuthorities":["Developer ID Application: Microsoft Corporation (UBF8T346G9)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "agcinvokerutility", "path": "/Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility", "plist": "/Users/admin/Library/LaunchAgents/com.adobe.GC.Invoker-1.0.plist", "hashes": {"md5":"1BACA43BEA1513862B7EC9ACCF66F5EA","sha1":"4812D1A1EF8308B50203D31CF80449482A85C552"}, "signature(s)": {"signatureIdentifier":"com.adobe.gcinvokerutility","signatureStatus":0,"signatureSigner":3,"signatureAuthorities":["Developer ID Application: Adobe Systems, Inc. (JQ525L2MZD)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "bstupdater", "path": "/Applications/BlueStacks.app/Contents/MacOS/bstupdater", "plist": "/Users/admin/Library/LaunchAgents/com.BlueStacks.AppPlayer.Updater.plist", "hashes": {"md5":"F3C3242045353BFEABEE925080B26D2E","sha1":"A11BDEA2F334218D63094597C0D58E22AA9572C5"}, "signature(s)": {"signatureIdentifier":"bstupdater","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{"com.apple.security.cs.disable-executable-page-protection":true,"com.apple.security.cs.disable-library-validation":true,"com.apple.security.cs.allow-unsigned-executable-memory":true,"com.apple.security.personal-information.calendars":true,"com.apple.security.cs.allow-dyld-environment-variables":true,"com.apple.security.device.audio-input":true,"com.apple.security.cs.debugger":true,"com.apple.security.personal-information.photos-library":true,"com.apple.security.automation.apple-events":true,"com.apple.security.cs.allow-jit":true,"com.apple.security.device.camera":true,"com.apple.security.get-task-allow":true,"com.apple.security.personal-information.addressbook":true,"com.apple.security.personal-information.location":true},"signatureAuthorities":["Developer ID Application: BlueStack Systems, Inc. (QX5T8D6EDU)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/76"}],"Library Inserts":[],"Library Proxies":[],"Login Items":[],"Login/Logout Hooks":[],"Periodic Scripts":[{"name": "periodic.conf", "path": "/etc/defaults/periodic.conf", "plist": "n/a", "hashes": {"md5":"62842E4978D878DA44697BA81EAC797C","sha1":"8F1B8862248D44EF2EE23D22FD80813CF5777954"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/74"}],"Quicklook Plugins":[{"name": "PaintQuickLook", "path": "/Applications/Paint S.app/Contents/Library/QuickLook/PaintQuickLook.qlgenerator/Contents/MacOS/PaintQuickLook", "plist": "n/a", "hashes": {"md5":"3E36AE835E7ABCDF47E532B48BB9FB20","sha1":"74D0E41CBDE10716EEC75D167123B29210CBD6AD"}, "signature(s)": {"signatureIdentifier":"com.TryBest.PaintDocQuickLook","signatureStatus":0,"signatureSigner":2,"signatureEntitlements":{},"signatureAuthorities":["Apple Mac OS Application Signing","Apple Worldwide Developer Relations Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "EtreCheckProQL", "path": "/Applications/EtreCheckPro.app/Contents/Library/QuickLook/EtreCheckProQL.qlgenerator/Contents/MacOS/EtreCheckProQL", "plist": "n/a", "hashes": {"md5":"C7FCC04EC5A5F90564EE2110510AF9F2","sha1":"7C12827EA98357609160EE506199740A8B6C9214"}, "signature(s)": {"signatureIdentifier":"com.etresoft.EtreCheck4QL","signatureStatus":0,"signatureSigner":3,"signatureEntitlements":{},"signatureAuthorities":["Developer ID Application: Etresoft, Inc. (U87NE528LC)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "Toucan", "path": "/Applications/Rhinoceros.app/Contents/Library/QuickLook/Toucan.qlgenerator/Contents/MacOS/Toucan", "plist": "n/a", "hashes": {"md5":"F4B6FDD6433E256823CED08FFF4A3E11","sha1":"D60F71EE85918CCBB106EE2E724BFC5181E41741"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/55"},{"name": "Rhinoceros", "path": "/Applications/Rhinoceros.app/Contents/Library/QuickLook/Rhinoceros.qlgenerator/Contents/MacOS/Rhinoceros", "plist": "n/a", "hashes": {"md5":"F2C67A91E8843E554ACAD7FD756C90A6","sha1":"F2D9DE6BC1F7593E5D3439A6312B103127F33E04"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/56"},{"name": "RhinoRender", "path": "/Applications/Rhinoceros.app/Contents/Library/QuickLook/RhinoRender.qlgenerator/Contents/MacOS/RhinoRender", "plist": "n/a", "hashes": {"md5":"A32D9D4A20D2E07A7E4A6A716C7E7873","sha1":"DCF1D9292562255DCAC64FCBFFAABDD2AAACFF0B"}, "signature(s)": {"signatureStatus":-67062}, "VT detection": "0/56"}],"Spotlight Importers":[],"Startup Scripts":[]}
kextviewr Code:
ATTFilter {"kexts:":[{"name": "BSD Kernel Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/BSDKernel.kext/BSDKernel", "hashes": {"md5":"505606020B0211194D883ED619B91034","sha1":"E9B6C720056FA24011D514F9182CA667CE4E4A34"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "MAC Framework Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/MACFramework.kext/MACFramework", "hashes": {"md5":"7FAB4B82020D8484E3D413CA26F9DBBE","sha1":"A2DFEDB807E476885C08577305FC246C489B55EB"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "I/O Kit Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/IOKit.kext/IOKit", "hashes": {"md5":"BAC7D6B474E8CC33D77FD879B595B62A","sha1":"D49F644D2E37E81F7C10C2359C8389182B72C414"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/71"},{"name": "Kasan Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/Kasan.kext/Kasan", "hashes": {"md5":"3A40D71B5D2222B62031905356A6E7F4","sha1":"595A2D9361B491234B8FCD3990B1B0E9839F0699"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/72"},{"name": "Libkern Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/Libkern.kext/Libkern", "hashes": {"md5":"FABEC0B21C2682C2E6371189752C47CE","sha1":"A38D5D4A4204D8378E69C7AE1D505C622AF8C768"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Mach Kernel Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/Mach.kext/Mach", "hashes": {"md5":"D2B96B4192CD8D02A4527A51AE592A2E","sha1":"1F1B490879986FEA2B6986E7A91D5340457A5ED9"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Private Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/Private.kext/Private", "hashes": {"md5":"01512059B5D4392C3DE695911D2AFC7C","sha1":"5DD79B1B726AD828250C9B51897D5FD7E4978D18"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Unsupported Pseudoextension", "path": "/System/Library/Extensions/System.kext/PlugIns/Unsupported.kext/Unsupported", "hashes": {"md5":"E9A897E2FD4DB554AA0B1E5E6DF9FE10","sha1":"31A904FC357EDC7B1F434959BEA6353B0D747CE1"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "Libm.kext", "path": "/System/Library/Extensions/Libm.kext/Contents/MacOS/Libm", "hashes": {"md5":"07EB8566F9B1F86ECB73983CE1A17D81","sha1":"44AC41FFFD18CA2E8F44A166B05ACE25F1C174B2"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "corecrypto", "path": "/System/Library/Extensions/corecrypto.kext/Contents/MacOS/corecrypto", "hashes": {"md5":"2D758AEF15217FC4A8F0B2F556CEE1D5","sha1":"03A4616B2520AE1FDA67BCC2ECD49D7618FDD0B0"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "pthread", "path": "/System/Library/Extensions/pthread.kext/Contents/MacOS/pthread", "hashes": {"md5":"BC00D9B4DFB3414477635351C0AF1489","sha1":"66F6935F3723ACAC12874E4F6B2EC7315534E2B1"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit ACPI Family", "path": "/System/Library/Extensions/IOACPIFamily.kext/Contents/MacOS/IOACPIFamily", "hashes": {"md5":"533CB14D05845FC2048880DCA88F488C","sha1":"235F37EC5902CAA6C2D0556A1E63CA74A8EA9E73"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit PCI Family", "path": "/System/Library/Extensions/IOPCIFamily.kext/IOPCIFamily", "hashes": {"md5":"FFAC535A965973FF6790334663B67974","sha1":"4C8F8C7928D98871F10C04A39CE2EB124A6CE911"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "watchdog", "path": "/System/Library/Extensions/watchdog.kext/Contents/MacOS/watchdog", "hashes": {"md5":"C87650F9364D480DD3E5B92186F33208","sha1":"6045C3054D6CC778F4709DD55BC933AD1975BFD3"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSMC", "path": "/System/Library/Extensions/AppleSMC.kext/Contents/MacOS/AppleSMC", "hashes": {"md5":"7845487FC5BFD6AA619695D8B92419E3","sha1":"483A4A1F35D56A5B4641EF9FA1D238C2B7A40E03"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "AppleACPIPlatform", "path": "/System/Library/Extensions/AppleACPIPlatform.kext/Contents/MacOS/AppleACPIPlatform", "hashes": {"md5":"A90739B8C01FFABF99643E21EFEF2F58","sha1":"6FB03080E49C70BA2F8394C4C5B35FFDD502A319"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOReportFamily", "path": "/System/Library/Extensions/IOReportFamily.kext/Contents/MacOS/IOReportFamily", "hashes": {"md5":"1E28F6FE44DA98E9115AED8D52B8DE12","sha1":"A4CE59BC0C79FE70503C7CC81C5B6691C8F1C5D7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit Networking Family", "path": "/System/Library/Extensions/IONetworkingFamily.kext/Contents/MacOS/IONetworkingFamily", "hashes": {"md5":"AB6FEE0C2906959C471C34412C76C41F","sha1":"E1BFD3A50F98917CF496FB4A12C5922B99B55D9B"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOTimeSyncFamily", "path": "/System/Library/Extensions/IOTimeSyncFamily.kext/Contents/MacOS/IOTimeSyncFamily", "hashes": {"md5":"DA1CC95854E0D4B07B234520FF35CCA8","sha1":"00E126A6B4A4A8B14178E117374EA82AC3B070E2"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "CoreTrust", "path": "/System/Library/Extensions/CoreTrust.kext/Contents/MacOS/CoreTrust", "hashes": {"md5":"B48A6836E712D4C51234C8EA794C0598","sha1":"411A57110FB900F9A363695791AED33EBC5B4CE7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleMobileFileIntegrity", "path": "/System/Library/Extensions/AppleMobileFileIntegrity.kext/Contents/MacOS/AppleMobileFileIntegrity", "hashes": {"md5":"798FB938ED0BABEC21CC109304601149","sha1":"C03A3687F6E2C5F8A7BE2BF169FDC909993E329A"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "EndpointSecurity", "path": "/System/Library/Extensions/EndpointSecurity.kext/Contents/MacOS/EndpointSecurity", "hashes": {"md5":"72341A5B80717489831EE6FB33E4CB93","sha1":"D37945E90AC2CF9486B6ACF3BFDBC981422048AA"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "CoreAnalyticsFamily", "path": "/System/Library/Extensions/CoreAnalyticsFamily.kext/Contents/MacOS/CoreAnalyticsFamily", "hashes": {"md5":"E872909BD5A711488510C6BF296B796D","sha1":"45B9E5BCBA3E8685DD44F4ECEBFCCF3131F63808"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleBusPowerController", "path": "/System/Library/Extensions/AppleBusPowerController.kext/Contents/MacOS/AppleBusPowerController", "hashes": {"md5":"0703DE77E7169095F3966E23DFB89ACF","sha1":"0B95E88C3C8617A0EC182FA3FE04630BD05D5A23"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/72"},{"name": "AppleUSBCommon", "path": "/System/Library/Extensions/AppleUSBCommon.kext/Contents/MacOS/AppleUSBCommon", "hashes": {"md5":"4DA1A4D63B69037D6D837A19B6D6E4BB","sha1":"FED82700063D15DBDF44EBF90BEA362FC698E603"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit Driver for USB Devices", "path": "/System/Library/Extensions/IOUSBHostFamily.kext/Contents/PlugIns/AppleUSBHostMergeProperties.kext/Contents/MacOS/AppleUSBHostMergeProperties", "hashes": {"md5":"D5D846C106E01937080FDC5B833298BF","sha1":"CD0D6289357952A82286C32CDCF200179B5EA5A6"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOKit USB host family", "path": "/System/Library/Extensions/IOUSBHostFamily.kext/Contents/MacOS/IOUSBHostFamily", "hashes": {"md5":"8D148177990CD4381ADABE3E2C705608","sha1":"DA40CBFDD809D4685A4BB38ED695B98794C1E95C"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit Storage Family", "path": "/System/Library/Extensions/IOStorageFamily.kext/Contents/MacOS/IOStorageFamily", "hashes": {"md5":"A6C61AAC5D32B2DF87B65E41A77E2E6A","sha1":"376492A5AF5F6F94E84CCCBC8E6B49AF0FDF2461"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOSCSIArchitectureModelFamily", "path": "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/MacOS/IOSCSIArchitectureModelFamily", "hashes": {"md5":"73998253D681BFD584E32E883BF9C0B1","sha1":"50C5FD87A1300DACFDD03407B70A67FAB6E40043"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOUSBMassStorageDriver", "path": "/System/Library/Extensions/IOUSBMassStorageDriver.kext/Contents/MacOS/IOUSBMassStorageDriver", "hashes": {"md5":"CA258CE47BDEF3E6CC9660C372EC211F","sha1":"B2A9188D2C95C9EBA9CBAE0D5A929A82EEB31700"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOSlaveProcessor", "path": "/System/Library/Extensions/IOSlaveProcessor.kext/Contents/MacOS/IOSlaveProcessor", "hashes": {"md5":"2B1939254B83ACE6DC00998AB0988369","sha1":"D74B1F499921859BDA09D01D8ADFD8BA17639244"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSEPManager", "path": "/System/Library/Extensions/AppleSEPManager.kext/Contents/MacOS/AppleSEPManager", "hashes": {"md5":"E0AB97697C8AB558D332182D8710D89F","sha1":"136D7C996CA744FADC18C4D6DEDD503C9D7961BC"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "KernelRelayHost", "path": "/System/Library/Extensions/KernelRelayHost.kext/Contents/MacOS/KernelRelayHost", "hashes": {"md5":"E931F6F5BD9FAD047047A0AB4A386FD0","sha1":"6E8185A2F014D2DB9C4367FC7A9FB46CF0612795"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleCredentialManager", "path": "/System/Library/Extensions/AppleCredentialManager.kext/Contents/MacOS/AppleCredentialManager", "hashes": {"md5":"13E17E9DFCE85A3E90DF11D8A4B42570","sha1":"6AEE817D6C2E5DEB41F2C095FFD22334A61E3371"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOSCSIBlockCommandsDevice", "path": "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/IOSCSIBlockCommandsDevice.kext/Contents/MacOS/IOSCSIBlockCommandsDevice", "hashes": {"md5":"44A73969C76534A46F583B29329A0A15","sha1":"8CF46371E4B990D7EE180FB1A2CE22E94BD79ABF"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleUSBTDM", "path": "/System/Library/Extensions/AppleStorageDrivers.kext/Contents/PlugIns/AppleUSBTDM.kext/Contents/MacOS/AppleUSBTDM", "hashes": {"md5":"176F11ABF168BA1C37BCC74C6129F4F3","sha1":"AF5A013989495B234135EDB54840D01DDF83A5D5"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleKeyStore", "path": "/System/Library/Extensions/AppleKeyStore.kext/Contents/MacOS/AppleKeyStore", "hashes": {"md5":"CBA711C243E100225F167F4360C9EB0D","sha1":"DFDC1AB9E4F03AD9048AC7B3C6AC1EF5919CE786"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSSE", "path": "/System/Library/Extensions/AppleSSE.kext/Contents/MacOS/AppleSSE", "hashes": {"md5":"5A91871B6E1FBF08BB820B8B0776669C","sha1":"1FA4811D880C069CC7866B556148EF01A3326D20"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleEffaceableStorage", "path": "/System/Library/Extensions/AppleEffaceableStorage.kext/Contents/MacOS/AppleEffaceableStorage", "hashes": {"md5":"9CEE6A0D1B314AD6B0F1D7559B78D992","sha1":"B242CE5FE64E19E23CC5233804BFB0829276E152"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleFDEKeyStore", "path": "/System/Library/Extensions/AppleFDEKeyStore.kext/Contents/MacOS/AppleFDEKeyStore", "hashes": {"md5":"185479BC231E83939BDA5AA839A05E35","sha1":"21E1459B7E5C9EFC622CCD6EB9B2D1EA28455ADA"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Intel CPU Low Level Power Management", "path": "/System/Library/Extensions/AppleIntelCPUPowerManagement.kext/Contents/MacOS/AppleIntelCPUPowerManagement", "hashes": {"md5":"E3AA7592DCB7B8DBD5BB57D2CCEE223A","sha1":"74F3836EBC4E49EA1A2EE33644DD11FC27084AB7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "AppleDiskImageDriver", "path": "/System/Library/Extensions/IOHDIXController.kext/Contents/MacOS/IOHDIXController", "hashes": {"md5":"81D88291FBD420C012E45778317252B7","sha1":"DCC614762F2E1433B57374294D6639FEAFA840B7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Regular Expression Matching Engine", "path": "/System/Library/Extensions/AppleMatch.kext/Contents/MacOS/AppleMatch", "hashes": {"md5":"8EA2ABF57A2EFD0AF06EAF8D6925A3B0","sha1":"EFFBEADA27DD267856C310CCA7C522AA8C5EE5E7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Seatbelt sandbox policy", "path": "/System/Library/Extensions/Sandbox.kext/Contents/MacOS/Sandbox", "hashes": {"md5":"308378ED078625717C0816594BD4A692","sha1":"B560BC99CFB97D2FF6B1F531B8B20A9FBEE44F04"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Quarantine policy", "path": "/System/Library/Extensions/Quarantine.kext/Contents/MacOS/Quarantine", "hashes": {"md5":"31B6CED0D0331D8B2BDBFA45ED240571","sha1":"D543D7A6C6787FEE48DDAEFFF6490BF4EF44FE26"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSystemPolicy", "path": "/System/Library/Extensions/AppleSystemPolicy.kext/Contents/MacOS/AppleSystemPolicy", "hashes": {"md5":"A2211F59E3878018C29555E71DEA7DEB","sha1":"B0E4A99DF75A1D2D79E05566B13FBDED15DBF93B"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "TMSafetyNet", "path": "/System/Library/Extensions/TMSafetyNet.kext/Contents/MacOS/TMSafetyNet", "hashes": {"md5":"11E73EEB8B464C58E0D3EE2D32277AD9","sha1":"0A9514AB3ADC3BE3115727A69F069589D6DAC2B8"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "ALF", "path": "/System/Library/Extensions/ALF.kext/Contents/MacOS/ALF", "hashes": {"md5":"CB2F3516F12708C14D996A90FC8F9B40","sha1":"1FAC6A7F94115C496E79544E0C4AC56B968BE93E"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleImage4", "path": "/System/Library/Extensions/AppleImage4.kext/Contents/MacOS/AppleImage4", "hashes": {"md5":"70CFF0F9FEE2AC1DE145E28385244A5A","sha1":"E5A492E6A9C7C829A5EA6AAC5943ED42CAC2AEF2"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Intel CPU Power Management Interfaces", "path": "/System/Library/Extensions/AppleIntelCPUPowerManagementClient.kext/Contents/MacOS/AppleIntelCPUPowerManagementClient", "hashes": {"md5":"BEB1DF97BCD850CC94CC9FEFE0D8F30F","sha1":"612BB237E897057E5797880C2F910AC547A7C599"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "I/O APIC Interrupt Controller Driver", "path": "/System/Library/Extensions/AppleAPIC.kext/Contents/MacOS/AppleAPIC", "hashes": {"md5":"A5357FBED46E83098EFD02E900B636DA","sha1":"5A2514F802CC257F5770816CA2F0ADE78585C53D"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOHIDFamily", "path": "/System/Library/Extensions/IOHIDFamily.kext/Contents/MacOS/IOHIDFamily", "hashes": {"md5":"EF2C527F4C27543A6E475DF755CAD338","sha1":"0210F27C3448D76AFC7A98B7F77725E878EFA732"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOSMBusFamily", "path": "/System/Library/Extensions/IOSMBusFamily.kext/Contents/MacOS/IOSMBusFamily", "hashes": {"md5":"A1A0055BB0774E159D50715330D150A9","sha1":"25EFED8F3AA072ED06EA4574BB67E3489E9C90A1"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleACPIEC", "path": "/System/Library/Extensions/AppleACPIPlatform.kext/Contents/PlugIns/AppleACPIEC.kext/Contents/MacOS/AppleACPIEC", "hashes": {"md5":"4ED69569A4E7FD0F192B3B0FE83854BB","sha1":"FCAECECEDED70CB7CCC4541E5C55C2B1E00B24CC"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "System Management BIOS Driver", "path": "/System/Library/Extensions/AppleSMBIOS.kext/Contents/MacOS/AppleSMBIOS", "hashes": {"md5":"A8E438CC55702109C1AB5FBC0D100843","sha1":"CFBA86ED4E969F73F2A33201FDCDCCA2F1E5CC21"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "High Precision Event Timer Driver", "path": "/System/Library/Extensions/AppleHPET.kext/Contents/MacOS/AppleHPET", "hashes": {"md5":"724A88AEC11F2E02DB17C08E1DD2E41F","sha1":"B991A5F8BA3C1972228CC057B704EC6D87B7DA65"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleACPIButtons", "path": "/System/Library/Extensions/AppleACPIPlatform.kext/Contents/PlugIns/AppleACPIButtons.kext/Contents/MacOS/AppleACPIButtons", "hashes": {"md5":"A61B3D9C4CF6EA52295EFC9D133DB4C7","sha1":"DD250D846F75974FF03E8A14DE21182F8D03A4D1"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Apple RTC Driver", "path": "/System/Library/Extensions/AppleRTC.kext/Contents/MacOS/AppleRTC", "hashes": {"md5":"6E0357905FBC3197BFF54ECB1CC00366","sha1":"095B9E2C44A1B7EF48E6AEEBFB644A2B9FEFF225"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleEFIRuntime", "path": "/System/Library/Extensions/AppleEFIRuntime.kext/Contents/MacOS/AppleEFIRuntime", "hashes": {"md5":"46E211D7EDCC27D8DA3ABBC76394B46A","sha1":"38629585D5E5B8C754E956DFAFFFBE8E8C3A12F9"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSmartBatteryManagerKEXT", "path": "/System/Library/Extensions/AppleSmartBatteryManager.kext/Contents/MacOS/AppleSmartBatteryManager", "hashes": {"md5":"42720E7C6FE97F7EA0DD72A316015C94","sha1":"21C4238E687102079C993AA33CB9BFC97258D738"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleEFINVRAM", "path": "/System/Library/Extensions/AppleEFIRuntime.kext/Contents/PlugIns/AppleEFINVRAM.kext/Contents/MacOS/AppleEFINVRAM", "hashes": {"md5":"9110FC357EEC1F1654B58BF48A81D69B","sha1":"02C808F2F97E42B4FD8005B9BEB4A5AD8AC754AA"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit USB Family", "path": "/System/Library/Extensions/IOUSBFamily.kext/Contents/MacOS/IOUSBFamily", "hashes": {"md5":"01EB9EECF8DA457645781344E0C38273","sha1":"51746861AFAA8B512B5C3AE0B15BCF4ADC86B3F5"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "I/O Kit Driver for USB EHCI Controllers", "path": "/System/Library/Extensions/IOUSBHostFamily.kext/Contents/PlugIns/AppleUSBEHCIPCI.kext/Contents/MacOS/AppleUSBEHCIPCI", "hashes": {"md5":"17429470FE523D043984393026B51834","sha1":"2E8AB660B78559FC3EDE184F65803AFB04C5759E"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "I/O Kit Driver for USB XHCI Controllers", "path": "/System/Library/Extensions/IOUSBHostFamily.kext/Contents/PlugIns/AppleUSBXHCIPCI.kext/Contents/MacOS/AppleUSBXHCIPCI", "hashes": {"md5":"94A1F05B396061E43FF7DBAA68F0B3F9","sha1":"FE2A87BC650C0414D4950AFCCD4187EFD51538B4"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOAHCIFamily", "path": "/System/Library/Extensions/IOAHCIFamily.kext/Contents/MacOS/IOAHCIFamily", "hashes": {"md5":"493CA5D95873F72B4DD72C2D65FF91F0","sha1":"B532901704C9A8D0BB281957909ABDB12109AFD5"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleAHCI", "path": "/System/Library/Extensions/AppleAHCIPort.kext/Contents/MacOS/AppleAHCIPort", "hashes": {"md5":"6E4A98F7501D9C8EE1D3F398FA307355","sha1":"5C12DC4192B6FF736F4DCB7955A61B1553F605B0"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "corecapture", "path": "/System/Library/Extensions/corecapture.kext/Contents/MacOS/corecapture", "hashes": {"md5":"448F4A0EA8E589C32CF0B1F2ECB2A297","sha1":"857AFF5FE41C8C2FE37F4A93A55A1F0D802C68F3"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "mDNSOffloadUserClient", "path": "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/mDNSOffloadUserClient.kext/Contents/MacOS/mDNSOffloadUserClient", "hashes": {"md5":"841B6F69AA104753366DBA54BDDD0274","sha1":"80725F9137096EA86EEC9772446B965B4D83286F"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOSkywalkFamily", "path": "/System/Library/Extensions/IOSkywalkFamily.kext/Contents/MacOS/IOSkywalkFamily", "hashes": {"md5":"F638425979A71899187738577638D9F2","sha1":"1702AE3695DFD00952A5315221EEA4D427B24552"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IO80211Family", "path": "/System/Library/Extensions/IO80211Family.kext/Contents/MacOS/IO80211Family", "hashes": {"md5":"3418FC3531E383B1A66B464F1E08F6FC","sha1":"30C0180A709160BE1FE0E6228D356DC96048E3F5"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AirPortBrcm4360", "path": "/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AirPortBrcm4360.kext/Contents/MacOS/AirPortBrcm4360", "hashes": {"md5":"9604947E45130D5E76FC7BC7235F28E9","sha1":"7E998E0818DDFFC62EE721B2FE5E5F8D8741C702"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "IOEthernetAVBController", "path": "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/IOEthernetAVBController.kext/Contents/MacOS/IOEthernetAVBController", "hashes": {"md5":"1685A0C12AB6322BAC0985CE684BD6BD","sha1":"F5EB0FA16373C9990CEE9529E56E667266599083"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "AppleBCM5701Ethernet", "path": "/System/Library/Extensions/IONetworkingFamily.kext/Contents/PlugIns/AppleBCM5701Ethernet.kext/Contents/MacOS/AppleBCM5701Ethernet", "hashes": {"md5":"A38BC2268D4A3DB4FE5C0AAF8DB70D14","sha1":"0C08D33A62674C6C4ABCCFE3A363E8B49BA2F76D"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "KextAudit", "path": "/System/Library/Extensions/KextAudit.kext/Contents/MacOS/KextAudit", "hashes": {"md5":"47AFD9D29A4F79F72A26DCEF5EE84497","sha1":"C6D18D610E389A2CCD8A35A4B074DB7682C6AD2F"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "AppleSDXC", "path": "/System/Library/Extensions/AppleSDXC.kext/Contents/MacOS/AppleSDXC", "hashes": {"md5":"AF69E8ADA14F0A2F9BE22B27327D0405","sha1":"FE1C96CE5D8C1FD29E23CD07D5C2A70FD4B5B15F"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "IOThunderboltFamily", "path": "/System/Library/Extensions/IOThunderboltFamily.kext/Contents/MacOS/IOThunderboltFamily", "hashes": {"md5":"26B7C14E1ACFD6960917652019F95952","sha1":"400EDE2A011BC4F6BDCBEBF39CB62E4529A19A04"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "AppleThunderboltNHI", "path": "/System/Library/Extensions/AppleThunderboltNHI.kext/Contents/MacOS/AppleThunderboltNHI", "hashes": {"md5":"6B54644E35D4F1DE80A87929B541D740","sha1":"3E0FE9D699B87226C5FC7BF3B68F935661E2D5BD"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "IOAHCIBlockStorage", "path": "/System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCIBlockStorage.kext/Contents/MacOS/IOAHCIBlockStorage", "hashes": {"md5":"E1541D90C90501D134FC5DCC0C4E399B","sha1":"D32555F4857DADC64C0E8644C48A6228FA7A94CD"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOAHCISerialATAPI", "path": "/System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/IOAHCISerialATAPI.kext/Contents/MacOS/IOAHCISerialATAPI", "hashes": {"md5":"E9A4240660244D8911207FEC9D7DDA28","sha1":"91DC39BB98C21D2D0F99AEAF27EBFA31991BCDD1"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "AppleThunderboltPCIDownAdapter", "path": "/System/Library/Extensions/AppleThunderboltPCIAdapters.kext/Contents/PlugIns/AppleThunderboltPCIDownAdapter.kext/Contents/MacOS/AppleThunderboltPCIDownAdapter", "hashes": {"md5":"334E28DAA897576F4EA782378C36B8BC","sha1":"B9DB0607523A439D91596A4BA9020746E2D6E658"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleThunderboltDPAdapterFamily", "path": "/System/Library/Extensions/AppleThunderboltDPAdapters.kext/Contents/PlugIns/AppleThunderboltDPAdapterFamily.kext/Contents/MacOS/AppleThunderboltDPAdapterFamily", "hashes": {"md5":"8686B216B69812BAEE2DA25660F65B07","sha1":"45413961227E0F93EA0FE4DB7B07D9E220EA359A"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleThunderboltDPInAdapter", "path": "/System/Library/Extensions/AppleThunderboltDPAdapters.kext/Contents/PlugIns/AppleThunderboltDPInAdapter.kext/Contents/MacOS/AppleThunderboltDPInAdapter", "hashes": {"md5":"0A0438D510C7BBCA5BCC95751391F163","sha1":"D7A985FCAF0C0063B2CAD780E1E86D971F8BD292"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit CD Storage Family", "path": "/System/Library/Extensions/IOCDStorageFamily.kext/Contents/MacOS/IOCDStorageFamily", "hashes": {"md5":"144EBD50EB1D32A4AD9D79E3F214A930","sha1":"2051E998FE6C39279E85E92E923FDBA9E0B6929C"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "I/O Kit DVD Storage Family", "path": "/System/Library/Extensions/IODVDStorageFamily.kext/Contents/MacOS/IODVDStorageFamily", "hashes": {"md5":"8950BBB7328F1F99FC7740826A085565","sha1":"2B26BE96FA6B7F7E5F261F18737FC97FF1337B23"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "I/O Kit BD Storage Family", "path": "/System/Library/Extensions/IOBDStorageFamily.kext/Contents/MacOS/IOBDStorageFamily", "hashes": {"md5":"83F85FF41A44B6463422FD77CDDE447E","sha1":"506EFE32ACB097B660C973876388AF0D08E4E3B8"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "IOSCSIMultimediaCommandsDevice", "path": "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/IOSCSIMultimediaCommandsDevice.kext/Contents/MacOS/IOSCSIMultimediaCommandsDevice", "hashes": {"md5":"EEC7824739E70400F71F1B617FF63FA6","sha1":"9FDFD1966FB68AB40A46E82E353BBCDA5E85651C"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "SCSITaskUserClient", "path": "/System/Library/Extensions/IOSCSIArchitectureModelFamily.kext/Contents/PlugIns/SCSITaskUserClient.kext/Contents/MacOS/SCSITaskUserClient", "hashes": {"md5":"AC16937FE9883C7C56929444E406414C","sha1":"818B89ED32A5EDBDA358CF97F3EBC2C23B05DCFA"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "HFSEncodings", "path": "/System/Library/Extensions/HFSEncodings.kext/Contents/MacOS/HFSEncodings", "hashes": {"md5":"098BD004F214F7A681C53A2A78FB99E0","sha1":"F87418673B2CE82FBCCD84610986B71E93CACB94"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleFSCompressionTypeZlib", "path": "/System/Library/Extensions/AppleFSCompressionTypeZlib.kext/Contents/MacOS/AppleFSCompressionTypeZlib", "hashes": {"md5":"4F0CD34DEABECDC0A7A3E40D5E05DAC6","sha1":"5649712E4027CCDF490D1ADAEDECF147485457D7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOSurface", "path": "/System/Library/Extensions/IOSurface.kext/Contents/MacOS/IOSurface", "hashes": {"md5":"FF7B4ECE107168E9D71892EDDA936335","sha1":"0C09EB33E683293F6D1B8A5AA8D952CAAF88EC43"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "BootCache", "path": "/System/Library/Extensions/BootCache.kext/Contents/MacOS/BootCache", "hashes": {"md5":"FDEDEBC722B1EDEA531CD5400350480B","sha1":"69D048B7CAFD5735FB96BFD1A0F064A7170466DF"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "AppleFSCompressionTypeDataless", "path": "/System/Library/Extensions/AppleFSCompressionTypeDataless.kext/Contents/MacOS/AppleFSCompressionTypeDataless", "hashes": {"md5":"0DBDFDABF9F6893882DD0F13C7B7836D","sha1":"81686AA35B0323C893775EB5DBBD25EA72E4EDAE"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "HFS", "path": "/System/Library/Extensions/HFS.kext/Contents/MacOS/HFS", "hashes": {"md5":"0FBEBC85EE27CC91A86EB46239039959","sha1":"044AF0137CC06AD67A35840A3A0C03F359C22131"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOKit Serial Port Family", "path": "/System/Library/Extensions/IOSerialFamily.kext/Contents/MacOS/IOSerialFamily", "hashes": {"md5":"94D7B005CB11F6C152E6B42C7B4B5FAD","sha1":"AD8C340BE9B19C1943B787DB54F7D89A0A0D6917"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "vecLib", "path": "/System/Library/Extensions/vecLib.kext/Contents/MacOS/vecLib", "hashes": {"md5":"375BDCD94F603F159238D78F1BC411AB","sha1":"40B7E43271227662B1CFC7C79520A88362A717C8"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOAudioFamily", "path": "/System/Library/Extensions/IOAudioFamily.kext/Contents/MacOS/IOAudioFamily", "hashes": {"md5":"168917059F511A3B648E10371F733F2B","sha1":"A87F42A055A3C760DDDA93BF8DF218F70F31A351"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleVirtIO", "path": "/System/Library/Extensions/AppleVirtIO.kext/Contents/MacOS/AppleVirtIO", "hashes": {"md5":"07CDF0748B851313F5AAA9E579BED8B6","sha1":"47F0F3641A83297817AD30F2ECF9649297914213"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "apfs", "path": "/System/Library/Extensions/apfs.kext/Contents/MacOS/apfs", "hashes": {"md5":"F1E45728259917BA75A28FCA8162D48B","sha1":"A7A6CE7C5A376E1C04D1D3BD026D78CC584B74B7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit Driver for USB Hubs", "path": "/System/Library/Extensions/IOUSBHostFamily.kext/Contents/PlugIns/AppleUSBHub.kext/Contents/MacOS/AppleUSBHub", "hashes": {"md5":"1EC7CCD927003F8FB95C427487D89144","sha1":"01DD3577AD3184BC815835A1F26CC27F40FC6D6B"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit Driver for USB Composite Devices", "path": "/System/Library/Extensions/IOUSBHostFamily.kext/Contents/PlugIns/AppleUSBHostCompositeDevice.kext/Contents/MacOS/AppleUSBHostCompositeDevice", "hashes": {"md5":"7A2F5ADD74670935049482D14880F507","sha1":"6E83AE9F501ED7780DC19D05A3374C083BA0FF94"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleUSBNetworking", "path": "/System/Library/Extensions/AppleUSBNetworking.kext/Contents/MacOS/AppleUSBNetworking", "hashes": {"md5":"9211AD1021741E41252FCE0B2B3C1B3E","sha1":"7416D2CA68D30C374983BFA870DBF4FFF4473F09"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleHIDMouse", "path": "/System/Library/Extensions/AppleHIDMouse.kext/Contents/MacOS/AppleHIDMouse", "hashes": {"md5":"5496A025C9DDE270BDC5D9722E39B5E9","sha1":"B2D236C6EC1464AE7FCB0A43EBB46B8DBCA04A5C"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "AppleUSBHIDMouse", "path": "/System/Library/Extensions/AppleHIDMouse.kext/Contents/PlugIns/AppleUSBHIDMouse.kext/Contents/MacOS/AppleUSBHIDMouse", "hashes": {"md5":"F364F5D5CD976BD781DBBA61075BA5B8","sha1":"8695818A68C749A8F6991454765D983406167EB9"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "I/O Kit Driver for USB HID Devices", "path": "/System/Library/Extensions/IOUSBHostFamily.kext/Contents/PlugIns/IOUSBHostHIDDevice.kext/Contents/MacOS/IOUSBHostHIDDevice", "hashes": {"md5":"20FE79092604CB39A75300AD5C4D23D8","sha1":"F93EBC2220C69952AF822C3428D508A8AE1CDC47"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleIRController", "path": "/System/Library/Extensions/AppleIRController.kext/Contents/MacOS/AppleIRController", "hashes": {"md5":"9FE707236D7228A67919161C1363DAF2","sha1":"3403337270F8943DC6D681E17CAED83FA5CB5B09"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "AppleUSBTCKeyboard", "path": "/System/Library/Extensions/AppleUSBTopCase.kext/Contents/PlugIns/AppleUSBTCKeyboard.kext/Contents/MacOS/AppleUSBTCKeyboard", "hashes": {"md5":"A0267322019E3E54877D43AC0C815F77","sha1":"E7D5678E6A626762C26E086E99830AB278FDB337"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleUSBTCButtons", "path": "/System/Library/Extensions/AppleUSBTopCase.kext/Contents/PlugIns/AppleUSBTCButtons.kext/Contents/MacOS/AppleUSBTCButtons", "hashes": {"md5":"A70CF33BCD8CEFB0FB105724054694E5","sha1":"BD792B22075D82E8AA3F65C90F21B1171ABE5262"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleUSBMultitouch", "path": "/System/Library/Extensions/AppleUSBMultitouch.kext/Contents/MacOS/AppleUSBMultitouch", "hashes": {"md5":"373A796637A680A000CE157ECE4CA489","sha1":"1E188B72DF13997A830FB87E9F41E590B9E778C3"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOBluetoothPacketLogger", "path": "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothPacketLogger.kext/Contents/MacOS/IOBluetoothPacketLogger", "hashes": {"md5":"246135A764F6865852B7F05968CD2594","sha1":"24ADB0FD8C09FDF766FB3A0D3538F8F4A831FCCC"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/72"},{"name": "IOBluetoothFamily", "path": "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/MacOS/IOBluetoothFamily", "hashes": {"md5":"28AF8BB07BF5E94CC8AAA9388721D02E","sha1":"682BCBB549EFC997BCA882C0C9215ED00FA39C42"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOBluetoothHostControllerTransport", "path": "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothHostControllerTransport.kext/Contents/MacOS/IOBluetoothHostControllerTransport", "hashes": {"md5":"7744563892CE9CB626A920988B0D67E8","sha1":"26482B3E11D67BC4B9AA5F496BCDCEB6AD23CD1E"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOBluetoothHostControllerUSBTransport", "path": "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothHostControllerUSBTransport.kext/Contents/MacOS/IOBluetoothHostControllerUSBTransport", "hashes": {"md5":"37A54BB4A29D7F7BBF1B7111F7348008","sha1":"96D772D0C92C6F808686ECDF60038825A8358032"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "BroadcomBluetoothHostControllerUSBTransport", "path": "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/BroadcomBluetoothHostControllerUSBTransport.kext/Contents/MacOS/BroadcomBluetoothHostControllerUSBTransport", "hashes": {"md5":"CD487E8A8587FA9D953FB8E4FA938493","sha1":"9175CC15915A694C0014ADF6DAB22EDF492C0F2F"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOgPTPPlugin", "path": "/System/Library/Extensions/IOTimeSyncFamily.kext/Contents/PlugIns/IOgPTPPlugin.kext/Contents/MacOS/IOgPTPPlugin", "hashes": {"md5":"2697A9DD044F8567391F2A7DA39FC48A","sha1":"259A41BE249BD06C225F7DE92C267CC01AD38D92"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "IOFireWireFamily", "path": "/System/Library/Extensions/IOFireWireFamily.kext/Contents/MacOS/IOFireWireFamily", "hashes": {"md5":"6BCB38887019323104BA9E8AB1EF6BD9","sha1":"3ECA6D577DA9B9A088C9C0C378ABE31419733623"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "AppleFWOHCI", "path": "/System/Library/Extensions/IOFireWireFamily.kext/Contents/PlugIns/AppleFWOHCI.kext/Contents/MacOS/AppleFWOHCI", "hashes": {"md5":"91D3E8895CEB3189101519361129FD76","sha1":"70EA3B69E71990125117B2459DC9BCABBF922779"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "SMCMotionSensor", "path": "/System/Library/Extensions/SMCMotionSensor.kext/Contents/MacOS/SMCMotionSensor", "hashes": {"md5":"46CB4ACB8583CA3CB72A0BF2024DD380","sha1":"9DF0A247ACADE0A1185C0E5539CBC0336B1D5244"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "I/O Kit Graphics Family", "path": "/System/Library/Extensions/IOGraphicsFamily.kext/IOGraphicsFamily", "hashes": {"md5":"FB8CE2FB6D2F78F26A0D62FCB4AAFDEC","sha1":"A7BCA18717CEDE1C60C32D0AF8FD7CF8610F9F33"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSMBusController", "path": "/System/Library/Extensions/AppleSMBusController.kext/Contents/MacOS/AppleSMBusController", "hashes": {"md5":"D51DC763DF200D077F3DE3FCE86B6967","sha1":"95C2A431A1EB2B5F3F3A5341ECF82BF3116B6E0C"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "AppleMCCSControl", "path": "/System/Library/Extensions/AppleMCCSControl.kext/Contents/MacOS/AppleMCCSControl", "hashes": {"md5":"1066A5D88F1858DAC92E0EE8BDCF0095","sha1":"3E2C99D7CB948B96A5FAC7F059BDB0B734A5B5F9"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleGraphicsControl", "path": "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/MacOS/AppleGraphicsControl", "hashes": {"md5":"5838D52D6AEF4FA3D128B5AA9787A9CC","sha1":"442540C024AEC437F4DF5606A1852D3F9DD00479"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "com.apple.AppleGraphicsDeviceControl", "path": "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AppleGraphicsDeviceControl.kext/AppleGraphicsDeviceControl", "hashes": {"md5":"6EAFCE28F778E64CC9A8F5DD21E26920","sha1":"AD7B2C6F166479D7F1775F236A8FE1E6E6484568"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit High Definition Audio Family", "path": "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/IOHDAFamily.kext/Contents/MacOS/IOHDAFamily", "hashes": {"md5":"064A9B6A7CFB176A30A607BBDF34D1CA","sha1":"86810E8DC605C8564F6B39D5B1A7F1CCD7EA5473"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "HDA Controller Driver", "path": "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleHDAController.kext/Contents/MacOS/AppleHDAController", "hashes": {"md5":"E144C58F0AA59EABCFE939EDEB6E757F","sha1":"F37156874297D2F6982BE5A9C8B25A4F5C9EE4C4"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleThunderboltIP", "path": "/System/Library/Extensions/AppleThunderboltIP.kext/Contents/MacOS/AppleThunderboltIP", "hashes": {"md5":"8D17E098447ED32891DD28CB56577273","sha1":"63B3B414230892585404D692125EB926B1C1EB47"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOPlatformPluginFamily", "path": "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/MacOS/IOPlatformPluginFamily", "hashes": {"md5":"CC72DA8F25C4802B94AE5895B6C33CB2","sha1":"29EE7898482F98DBC408E610D76DF59BE827EDB4"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "ACPI_SMC_PlatformPlugin", "path": "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/AppleSMCPDRC.kext/Contents/MacOS/AppleSMCPDRC", "hashes": {"md5":"CACF628159DB876CAA81B96FB359A5DC","sha1":"1A3FB7CE66257A8EE365CA646E1E704C28D84F40"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "IOAcceleratorFamily2", "path": "/System/Library/Extensions/IOAcceleratorFamily2.kext/Contents/MacOS/IOAcceleratorFamily2", "hashes": {"md5":"EC2F76EDCA597580AA9E6CF59A158419","sha1":"8020633F38D406A982DE14981F1EF1CEA94C61E1"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "com.apple.driver.AppleIntelFramebufferCapri", "path": "/System/Library/Extensions/AppleIntelFramebufferCapri.kext/Contents/MacOS/AppleIntelFramebufferCapri", "hashes": {"md5":"FFE377A7E008DD41ED5A98B08619F68F","sha1":"1BEAD8E150A5926AF03B306BDBDD83F99E091283"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "X86PlatformPlugin", "path": "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/X86PlatformPlugin.kext/Contents/MacOS/X86PlatformPlugin", "hashes": {"md5":"BE2E9FC7F0F9D4EF025236179160BAF3","sha1":"A7EB3793FFD46A6E594B90BFF5EB069E065917EC"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit NDRV Support", "path": "/System/Library/Extensions/IONDRVSupport.kext/IONDRVSupport", "hashes": {"md5":"108350FC790E9B74C5F8D4114A72D7C8","sha1":"B263DF2F1842CE61E7AFE5BDF67C221CEB93F10A"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Apple Embedded Graphics Kernel Extension", "path": "/System/Library/Extensions/AppleIntelHD4000Graphics.kext/Contents/MacOS/AppleIntelHD4000Graphics", "hashes": {"md5":"91E5DFBE79030BCB52AACE65BEF96A5D","sha1":"E673617E7949D814B52E63488E4E44212934EC4E"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "IOSlowAdaptiveClockingFamily", "path": "/System/Library/Extensions/IOSlowAdaptiveClockingFamily.kext/Contents/MacOS/IOSlowAdaptiveClockingFamily", "hashes": {"md5":"DDE550D613382C16A32C45BE20F1D11E","sha1":"5931A881FF5765CBCA5FADA4B4F5B694529F89E6"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleIntelSlowAdaptiveClocking", "path": "/System/Library/Extensions/AppleIntelSlowAdaptiveClocking.kext/Contents/MacOS/AppleIntelSlowAdaptiveClocking", "hashes": {"md5":"44B5F0247183B5489CF3EADB95AD67BC","sha1":"3136158B468F6A57D95C07C33EFA731AF042CDC4"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "com.apple.AppleGPUWrangler", "path": "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AppleGPUWrangler.kext/Contents/MacOS/AppleGPUWrangler", "hashes": {"md5":"FC5799E3C0E6FE0C32D2120AD73C8007","sha1":"A11136FCB6CC935417C3F8A3224825136F76F325"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSMCLMU", "path": "/System/Library/Extensions/AppleSMCLMU.kext/Contents/MacOS/AppleSMCLMU", "hashes": {"md5":"C6F6CD9B3A9AFCC7CDB5DB564E5F3253","sha1":"9D9A38BC09742B0DCF683BF7E83116799088B4CA"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleLPC", "path": "/System/Library/Extensions/AppleLPC.kext/Contents/MacOS/AppleLPC", "hashes": {"md5":"5E240B46DE5F29178503625D58E0484E","sha1":"FCAD7B662A4611634EC197678DCDD4C4BC3A7F65"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleSMBusPCI", "path": "/System/Library/Extensions/AppleSMBusPCI.kext/Contents/MacOS/AppleSMBusPCI", "hashes": {"md5":"D9CEF064D93241E301CF1AF7B1A07C03","sha1":"413C08AF2B8A623FE22F41192364F9C720FAF259"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "Dont Steal Mac OS X", "path": "/System/Library/Extensions/Dont Steal Mac OS X.kext/Contents/MacOS/Dont Steal Mac OS X", "hashes": {"md5":"B0B1B85FCF2BFCEDF39204A15C48FA81","sha1":"334902F2F49D9B35C6FCFD3464B8D3FA8D4A5E69"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "pmtelemetry", "path": "/System/Library/Extensions/pmtelemetry.kext/Contents/MacOS/pmtelemetry", "hashes": {"md5":"DEDB0F57F51E7819674C398BC089C0DD","sha1":"25AB38EDA63942697B0814822735B43CA895F015"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "IOBluetoothSerialManager", "path": "/System/Library/Extensions/IOBluetoothFamily.kext/Contents/PlugIns/IOBluetoothSerialManager.kext/Contents/MacOS/IOBluetoothSerialManager", "hashes": {"md5":"4D838AE94EBC047092F48A582EE9CB96","sha1":"A7E0BD4FC2DC5358B686183510242E95442D76B3"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "IOUserEthernet", "path": "/System/Library/Extensions/IOUserEthernet.kext/Contents/MacOS/IOUserEthernet", "hashes": {"md5":"DEB2949F077DDF9DEAEB5AB9FD97EF28","sha1":"D6492440E025B6E2A545BE1EDF1D64577A832207"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleHV", "path": "/System/Library/Extensions/AppleHV.kext/Contents/MacOS/AppleHV", "hashes": {"md5":"7B1419A6AB8DD32936F13BB95BE46B6A","sha1":"69EDE5BB60AAD4380030F8BA9B4DE9E69138C69D"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "eficheck", "path": "/System/Library/Extensions/eficheck.kext/Contents/MacOS/eficheck", "hashes": {"md5":"DAF066675420FA5EF6C8D620E496ED94","sha1":"C2607DDF1A7654F23F5A6C4BD2B8951003AEECE7"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/76"},{"name": "AppleUpstreamUserClient", "path": "/System/Library/Extensions/AppleUpstreamUserClient.kext/Contents/MacOS/AppleUpstreamUserClient", "hashes": {"md5":"EE4A124F28C9759CA90C20F555A2BA86","sha1":"BCF0680E7E6AC193DFD3EBF32252CB1D132308AC"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/74"},{"name": "IOAVBFamily", "path": "/System/Library/Extensions/IOAVBFamily.kext/Contents/MacOS/IOAVBFamily", "hashes": {"md5":"CDBCA897837FA07F2E4EC5BDD582B64E","sha1":"8067FD4E192CA17E0E822D7D97A8894052DB6AF2"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Apple Mikey Driver", "path": "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/AppleMikeyDriver.kext/Contents/MacOS/AppleMikeyDriver", "hashes": {"md5":"D8AA595D25AA8910D3431791E7351E14","sha1":"C3C521B37D8E67A4CAE8BC3578184004ADAC02B2"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "AGDCPluginDisplayMetrics", "path": "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AGDCPluginDisplayMetrics.kext/Contents/MacOS/AGDCPluginDisplayMetrics", "hashes": {"md5":"2CADD091D112FB7DED11CECD6C8D4A60","sha1":"5250F7E2CC634C588D3FC35E2F97D06296456A80"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/72"},{"name": "Mac OS X Kernel vDSPLib", "path": "/System/Library/Extensions/OSvKernDSPLib.kext/Contents/MacOS/OSvKernDSPLib", "hashes": {"md5":"2064FC307FD255BD1FDE1E946A9407F2","sha1":"C29A119910135ADE2EFD9B28711149A02EBFEE84"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Apple Dsp Function Library", "path": "/System/Library/Extensions/AppleHDA.kext/Contents/PlugIns/DspFuncLib.kext/Contents/MacOS/DspFuncLib", "hashes": {"md5":"74E1D826BADF2DDEB7402B912748D8D7","sha1":"E7E4AB65976D444E277E9783E2330365C33DBCBA"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "Apple HDA Driver", "path": "/System/Library/Extensions/AppleHDA.kext/Contents/MacOS/AppleHDA", "hashes": {"md5":"16EEBFF5F9F91D2A4ECC4BDB9C9E4AA7","sha1":"B0BED9B0FDF3F83C0F9D1CCD0C816D2889F762B4"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleGraphicsDevicePolicy", "path": "/System/Library/Extensions/AppleGraphicsControl.kext/Contents/PlugIns/AppleGraphicsDevicePolicy.kext/Contents/MacOS/AppleGraphicsDevicePolicy", "hashes": {"md5":"E5669C0303B71327CC90714BC95A5D28","sha1":"6D1D2B18C6363D9DB69B6BFAB1E77650865DCBF4"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleBacklightExpert", "path": "/System/Library/Extensions/AppleBacklightExpert.kext/AppleBacklightExpert", "hashes": {"md5":"34FF0F0C398AC90455D13419B39FB685","sha1":"3A53E04DA05D3277BD13513C4E680253160B92F1"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleBacklight", "path": "/System/Library/Extensions/AppleBacklight.kext/Contents/MacOS/AppleBacklight", "hashes": {"md5":"2A25996D793EF2221B24D597B51B43AA","sha1":"C14A5080D64F0B9CEF4C22059547AFCE3552AF00"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleMikeyHIDDriver", "path": "/System/Library/Extensions/AppleMikeyHIDDriver.kext/Contents/MacOS/AppleMikeyHIDDriver", "hashes": {"md5":"F038BBC600C73A07D3E76EA0892D5E13","sha1":"1DC2AD84B917607D3AC0B6A46422E0DAE8660391"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "IOFireWireIP", "path": "/System/Library/Extensions/IOFireWireIP.kext/Contents/MacOS/IOFireWireIP", "hashes": {"md5":"7B61451E95C0D04BB69BF51C9FE03F96","sha1":"93E78B949377FEDAE6A3482BA89A3DE529BFA4AE"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/0"},{"name": "triggers", "path": "/System/Library/Extensions/triggers.kext/Contents/MacOS/triggers", "hashes": {"md5":"879E8F43BEE1EC25B96C04A7EB87E9A0","sha1":"3CF5C489DAA2CE57054A8217B7CFA4DD74717F9D"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "autofs", "path": "/System/Library/Extensions/autofs.kext/Contents/MacOS/autofs", "hashes": {"md5":"6594D8E9839F2B2EB90EFB86388145B7","sha1":"6B0EA2AFA27D499B55661D70DDE80DC8A69E9112"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "VBoxDrv", "path": "/Library/StagedExtensions/Library/Application Support/VirtualBox/VBoxDrv.kext/Contents/MacOS/VBoxDrv", "hashes": {"md5":"4AC178FE434265AE2191CC236B6B6610","sha1":"F047025B80C8F7098F1AB099D9CE8A3BB59CD7A2"}, "signature(s)": {"signatureStatus":0,"signedByApple":false,"signingAuthorities":["Developer ID Application: Oracle America, Inc. (VB5E2TV963)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "X86PlatformShim", "path": "/System/Library/Extensions/IOPlatformPluginFamily.kext/Contents/PlugIns/X86PlatformShim.kext/Contents/MacOS/X86PlatformShim", "hashes": {"md5":"1601F213672BB7C4B8949A932643038E","sha1":"5BDA1D52684095AD71EA14430B58FCA42EB07930"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleGraphicsPowerManagement", "path": "/System/Library/Extensions/AppleGraphicsPowerManagement.kext/Contents/MacOS/AppleGraphicsPowerManagement", "hashes": {"md5":"23333E2D9800FC16092B9CE0B4ADE187","sha1":"4CA40A3598C58027A8FD4F7A0569987BDD22EF07"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AudioAUUC", "path": "/System/Library/Extensions/AudioAUUC.kext/AudioAUUC", "hashes": {"md5":"A4F72DD86378F465C8380B41B200C3C1","sha1":"5E54AA92D93054F322C228F435A2E8A43D4C7AAA"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "I/O Kit Driver for USB User Clients", "path": "/System/Library/Extensions/IOUSBFamily.kext/Contents/PlugIns/IOUSBUserClient.kext/Contents/MacOS/IOUSBUserClient", "hashes": {"md5":"6DAA75EB407582C72177D16DC76771EC","sha1":"7A086221DF1D6AC8E34FBFC984CF770835F8C9D2"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "VBoxUSB", "path": "/Library/StagedExtensions/Library/Application Support/VirtualBox/VBoxUSB.kext/Contents/MacOS/VBoxUSB", "hashes": {"md5":"9CD456381F0A262538BE7E4DC81F0DB0","sha1":"7C1C89760B87320186EC7350AFE1712B64BDA6E7"}, "signature(s)": {"signatureStatus":0,"signedByApple":false,"signingAuthorities":["Developer ID Application: Oracle America, Inc. (VB5E2TV963)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "VBoxNetFlt", "path": "/Library/StagedExtensions/Library/Application Support/VirtualBox/VBoxNetFlt.kext/Contents/MacOS/VBoxNetFlt", "hashes": {"md5":"F18A8ECAEFC9517FBF1C60A87587E61F","sha1":"1EC7252650F18CC2EB03E2D8854429A6E6D9F4EA"}, "signature(s)": {"signatureStatus":0,"signedByApple":false,"signingAuthorities":["Developer ID Application: Oracle America, Inc. (VB5E2TV963)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "VBoxNetAdp", "path": "/Library/StagedExtensions/Library/Application Support/VirtualBox/VBoxNetAdp.kext/Contents/MacOS/VBoxNetAdp", "hashes": {"md5":"F0301D9217D0266A2CA8E6506644EE67","sha1":"4247F4D4A9F54C248935D0B778D4F014CC6594BA"}, "signature(s)": {"signatureStatus":0,"signedByApple":false,"signingAuthorities":["Developer ID Application: Oracle America, Inc. (VB5E2TV963)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/75"},{"name": "AppleFileUtil", "path": "/System/Library/Extensions/AppleFileUtil.kext/Contents/MacOS/AppleFileUtil", "hashes": {"md5":"17E3046CB6AABDC94D2ABB5E5C66E304","sha1":"E72CEB1D9F9CB9E24BE72623F9EE652EB19CEE02"}, "signature(s)": {"signatureStatus":0,"signedByApple":true,"signingAuthorities":["Software Signing","Apple Code Signing Certification Authority","Apple Root CA"]}, "VT detection": "0/72"},{"name": "Hypervisor", "path": "/Library/StagedExtensions/Applications/BlueStacks.app/Contents/Resources/VBoxDrv.kext/Contents/MacOS/VBoxDrv", "hashes": {"md5":"01C4202883680C27913A274B669F55A4","sha1":"D29E9C512F42D0056A6E7106D8E8D8D503DCEB88"}, "signature(s)": {"signatureStatus":0,"signedByApple":false,"signingAuthorities":["Developer ID Application: BlueStack Systems, Inc. (QX5T8D6EDU)","Developer ID Certification Authority","Apple Root CA"]}, "VT detection": "0/74"}]}
Wie immer, Danke ich dir! |
|
05.05.2021, 14:14
| #18 | |
| /// Mac Expert | Ursnif Trojaner auf MacZitat:
Aber bevor du das machst, bitte führe die nachfolgenden Schritte aus: Bitte die Anleitung durchlesen und dein Gerät entsprechend aussuchen.
Schau mal jetzt bitte nach ob die Datei noch vorhanden ist. In den Logs ist nichts auffälliges mehr zu finden. Wenn du alles erledigt hast, dann bitte noch ein letztes Log mit DetectX Danke für deine Mithilfe
__________________ Geändert von Dante12 (05.05.2021 um 14:25 Uhr) |
|
06.05.2021, 08:56
| #19 | |
| | Ursnif Trojaner auf MacZitat:
Also.. nach allem finde ich die Datei immer noch.. hier der Pfad, es handelt sich um diese nicht zugelassene Systemerweiterung.. ich würd sie dennoch gerne loswerden, sie will aber nicht gehen. Egal wie, ich gebe das admin pw an, habe immer noch nicht die Rechte es zu entfernen... net.protected.macos.TotalAV.ESAVExtension.systemextension hier der DetectX Log Code:
ATTFilter Timestamp (15): Thu May 06 09:55:17 2021
DetectX Swift v1.0971
macOS: Version 10.15.7 (Build 19H114)
File System: apfs
Temp: The thermal state is within normal limits.
Boot time: Thu May 6 09:50:53 2021
Uptime: up 4 mins, 1 user
Spotlight status for /:
Indexing enabled.
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.
Internet: Reachable
Hardware Overview:
Model Name: MacBook Pro
Model Identifier: MacBookPro9,2
Processor Name: Dual-Core Intel Core i5
Processor Speed: 2,5 GHz
Number of Processors: 1
Total Number of Cores: 2
L2 Cache (per Core): 256 KB
L3 Cache: 3 MB
Hyper-Threading Technology: Enabled
Memory: 4 GB
Boot ROM Version: 233.0.0.0.0
SMC Version (system): 2.2f44
Sudden Motion Sensor:
State: Enabled
Sharing Preferences:
File Sharing: Off
Screen Sharing: Off
Remote Management: Off
Back To My Mac: Off
Remote Login: Off
Remote Apple Events: Off
3rd Party Kexts (loaded):
org.virtualbox.kext.VBoxDrv
org.virtualbox.kext.VBoxUSB
org.virtualbox.kext.VBoxNetFlt
org.virtualbox.kext.VBoxNetAdp
$PATH:
PATH=/usr/bin:/bin:/usr/sbin:/sbin
/etc/paths:
/usr/local/bin
/usr/bin
/bin
/usr/sbin
/sbin
/etc/paths.d/:
~/.bash_profile:
~/.bashrc:
~/.bash_login:
~/.profile:
~/.bash_logout:
PID Status Label
566 0 com.adobe.GC.AGM
674 0 com.sqwarq.DetectX-Swift.24416
558 0 com.wacom.DataStoreMgr
561 0 com.malwarebytes.mbam.frontend.agent
- 0 com.adobe.AdobeCreativeCloud
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
555 0 com.wacom.wacomtablet
- 0 com.BlueStacks.AppPlayer.Service
- 0 com.spotify.client.startuphelper
578 0 com.cyberghostsrl.cyberghostmac.23952
- 0 com.BlueStacks.AppPlayer.UninstallWatcher
- 0 com.microsoft.OneDriveStandaloneUpdater
563 0 com.wacom.IOManager
- 0 com.BlueStacks.AppPlayer.Updater
System Launchd processes:
0 - com.adobe.SwitchBoard
151 - com.malwarebytes.mbam.rtprotection.daemon
0 - com.adobe.acc.installer.v2
0 - com.vix.cron
0 - com.microsoft.office.licensing.helper
0 - com.microsoft.teams.TeamsUpdaterDaemon
0 - com.microsoft.office.licensingV2.helper
178 - com.wacom.UpdateHelper
0 0 com.microsoft.autoupdate.helper
181 - Adobe_Genuine_Software_Integrity_Service
369 - org.cups.cupsd
0 - com.anchorfree.ajaxserver
0 - com.wacom.displayhelper
653 - com.microsoft.OneDriveStandaloneUpdaterDaemon
378 - com.malwarebytes.mbam.settings.daemon
0 - com.microsoft.OneDriveUpdaterDaemon
0 - com.adobe.acc.installer
0 - com.BlueStacks.AppPlayer.bstservice_helper
198 - com.hercules.hdjsd
User Login Items:
/Applications/CyberGhost VPN.app
/Users/bettakroegel/Applications/Spotify.app
/Users/bettakroegel/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app
/Library/LaunchDaemons:
hdjsd.plist
--> Program Arguments: /var/hercules/hdjsd
com.malwarebytes.mbam.settings.daemon.plist
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
com.microsoft.OneDriveStandaloneUpdaterDaemon.plist
-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon
com.microsoft.teams.TeamsUpdaterDaemon.plist
com.adobe.agsservice.plist
--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGSService
com.BlueStacks.AppPlayer.bstservice_helper.plist
-> Program: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
com.malwarebytes.mbam.rtprotection.daemon.plist
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
--> Program Arguments: -i
--> Program Arguments: Malwarebytes-Mac-4.8.12.4131.pkg
com.microsoft.OneDriveUpdaterDaemon.plist
-> Program: /Applications/OneDrive.app/Contents/OneDriveUpdaterDaemon.xpc/Contents/MacOS/OneDriveUpdaterDaemon
com.wacom.displayhelper.plist
--> Program Arguments: /sbin/kextunload
--> Program Arguments: /System/Library/Extensions/AppleUSBFTDI.kext
org.virtualbox.startup.plist
--> Program Arguments: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh
--> Program Arguments: restart
com.adobe.acc.installer.v2.plist
-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
com.wacom.UpdateHelper.plist
-> Program: /Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper
com.adobe.SwitchBoard.plist
--> Program Arguments: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
com.anchorfree.ajaxserver.plist
-> Program: /Library/Application Support/Hotspot Shield/ajaxserver
--> Program Arguments: /Library/Application Support/Hotspot Shield/ajaxserver
com.microsoft.office.licensingV2.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
com.oracle.java.Helper-Tool.plist
com.adobe.acc.installer.plist
-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer
--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer
com.microsoft.office.licensing.helper.plist
--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
com.microsoft.autoupdate.helper.plist
-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
/Library/LaunchAgents:
com.adobe.AdobeCreativeCloud.plist
-> Program: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
--> Program Arguments: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
--> Program Arguments: --showwindow=false
--> Program Arguments: --onOSstartup=true
com.wacom.DataStoreMgr.plist
-> Program: /Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr
com.adobe.GC.AGM.plist
-> Program: /Library/Application Support/Adobe/AdobeGCClient/AGMService
--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGMService
--> Program Arguments: -mode=logon
com.malwarebytes.mbam.frontend.agent.plist
-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
com.adobe.AAM.Updater-1.0.plist
-> Program: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
--> Program Arguments: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
--> Program Arguments: -mode=logon
com.wacom.IOManager.plist
-> Program: /Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager
com.adobe.GC.Invoker-1.0.plist
-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
--> Program Arguments: -mode=logon
com.microsoft.OneDriveStandaloneUpdater.plist
-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater
com.wacom.wacomtablet.plist
-> Program: /Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver
com.microsoft.update.agent.plist
--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
--> Program Arguments: --launchByAgent
~/Library/LaunchAgents:
com.BlueStacks.AppPlayer.UninstallWatcher.plist
--> Program Arguments: /bin/sh
--> Program Arguments: /Users/[U501]/Library/BlueStacks/UninstallWatcher
com.adobe.GC.Invoker-1.0.plist
-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
--> Program Arguments: -mode=scheduled
com.BlueStacks.AppPlayer.Updater.plist
--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstupdater
--> Program Arguments: pull
com.BlueStacks.AppPlayer.Service.plist
--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstservice
--> Program Arguments: Android
User Crontab:
No cron jobs
/etc:
rc.common
php.ini.default-5.2-previous~orig
bootpd.plist
bashrc_Apple_Terminal
zshrc_Apple_Terminal
bashrc
zshrc
ssh_config~orig
hosts.save
authorization.deprecated
moduli~previous
rc.netboot
efax.rc~previous
php.ini.default-5.2-previous
sshd_config~previous
aliases
zprofile
/ $Root:
.file
.VolumeIcon.icns
opt / .. children: 0
~/ $Home:
Music / .. children: 5
objc.scan
.CFUserTextEncoding
Pictures / .. children: 3
.zsh_history
Desktop / .. children: 42
Library / .. children: 69
.cups / .. children: 1
.bash_sessions / .. children: 27
Public / .. children: 2
.dropbox / .. children: 9
Movies / .. children: 4
Applications / .. children: 1
.Trash / .. children: 0
Documents / .. children: 33
Downloads / .. children: 150
.bash_history
~/Library:
studentd / .. children: 3
HomeKit / .. children: 9
UIKitSystem / .. children: 1
Google / .. children: 1
BlueStacks / .. children: 11
com.apple.icloud.searchpartyd / .. children: 3
PhotoshopCrashes / .. children: 0
FrontBoard / .. children: 3
MediaStream / .. children: 7
Dropbox / .. children: 0
Fonts Disabled / .. children: 0
PersonalizationPortrait / .. children: 5
Reminders / .. children: 2
~/Library/Application Support:
com.apple.sbd / .. children: 1
com.apple.replayd / .. children: 0
com.apple.voicememos / .. children: 1
Propellerhead Software / .. children: 2
Native Instruments / .. children: 1
SyncServices / .. children: 1
com.apple.kvs / .. children: 1
com.apple.transparencyd / .. children: 5
com.apple.touristd / .. children: 6
CyberghostBrowser / .. children: 14
NoxInstaller / .. children: 0
DiskImages / .. children: 1
Anki2 / .. children: 5
CoreParsec / .. children: 0
OneDriveStandaloneUpdater / .. children: 1
com.apple.akd / .. children: 1
zoom.us / .. children: 2
MobileSync / .. children: 1
Google / .. children: 2
Microsoft / .. children: 1
Spotify / .. children: 4
Oracle / .. children: 1
dmd / .. children: 0
Ableton / .. children: 4
Anki / .. children: 1
Java / .. children: 1
com.microsoft.OneDriveStandaloneUpdater / .. children: 1
CEF / .. children: 1
com.cyberghostsrl.cyberghostmac / .. children: 1
TrustedPeersHelper / .. children: 0
EtreCheck / .. children: 1
Adobe / .. children: 10
MediaHuman / .. children: 1
EtreCheckPro / .. children: 2
.ACCC_Lock
Cycling '74 / .. children: 1
com.sqwarq.DetectX-Swift / .. children: 4
System Preferences / .. children: 0
com.apple.ContextStoreAgent / .. children: 1
FileProvider / .. children: 3
Dropbox / .. children: 4
com.malwarebytes.mbam / .. children: 1
ToguAudioLine / .. children: 1
uTorrent Web / .. children: 9
XMind / .. children: 3
transparencyd / .. children: 0
syncdefaultsd / .. children: 0
JREInstaller / .. children: 1
com.apple.accounts.dom / .. children: 0
~/Library/Safari/Extensions:
*-- Folder doesn't exist or is inaccessible --*
~/Library/Internet Plug-Ins:
/Users/Shared:
adi / .. children: 10
SC Info / .. children: 1
Hotspot Shield / .. children: 1
Library / .. children: 1
AdobeInstalledCodecs / .. children: 0
Adobe / .. children: 4
Previously Relocated Items / .. children: 3
AdobeGCData / .. children: 2
Max 8 / .. children: 2
/Applications:
Honey.app
VLC.app
XMind.app
KnockKnock.app
Office_Mac_HS_2011_German.dmg
Adobe After Effects CC / .. children: 9
Anki.app
Install macOS Mojave.app
Microsoft Office 2011 / .. children: 5
Rhinoceros.app
Adobe Creative Cloud / .. children: 1
OneDrive.app
CyberGhost Private Browser.app
Rob Papen / .. children: 6
DetectX Swift.app
Adobe Media Encoder CC 2017 / .. children: 3
Microsoft Word.app
Install macOS High Sierra.app
Anki Notes.app
Adobe Photoshop CC / .. children: 10
Paint S.app
Microsoft Excel.app
Adobe Media Encoder CC / .. children: 3
Adobe / .. children: 2
zoom.us.app
Adobe Illustrator CC / .. children: 10
Microsoft Outlook.app
Malwarebytes.app
Ableton Live 10 Intro.app
MoveToTrash.app
Wacom Tablet.localized / .. children: 5
Live
iZotope Ozone 7 / .. children: 6
CyberGhost VPN.app
uTorrent Web.app
EtreCheckPro.app
The Unarchiver.app
Microsoft OneNote.app
Adobe InDesign CC / .. children: 11
KextViewr.app
Live8 / .. children: 5
MediathekView.app
AppCleaner.app
Ableton Live 10 Standard.app
Adobe Acrobat X Pro / .. children: 1
Microsoft PowerPoint.app
Microsoft Teams.app
Ableton Live 11 Standard.app
BlueStacks.app
/Library:
Apple / .. children: 3
CFMSupport / .. children: 1
DropboxHelperTools / .. children: 2
OSAnalytics / .. children: 2
StagedDriverExtensions / .. children: 0
InstallerSandboxes / .. children: 2
DriverExtensions / .. children: 0
Automator / .. children: 95
User Template / .. children: 41
Fonts Disabled / .. children: 16
SystemExtensions / .. children: 3
/Library/Application Support:
Propellerhead Software / .. children: 3
Native Instruments / .. children: 9
Tablet / .. children: 2
Mozilla / .. children: 1
Avid / .. children: 1
ReWire
Hotspot Shield / .. children: 12
Mica / .. children: 1
.E42bQWl0wR
Microsoft / .. children: 2
Oracle / .. children: 0
Digidesign / .. children: 1
VirtualBox / .. children: 5
Canon / .. children: 7
Adobe / .. children: 70
Malwarebytes / .. children: 1
iZotope / .. children: 5
PACE Anti-Piracy / .. children: 4
REX Shared Library
regid.1986-12.com.adobe / .. children: 14
.5s+m_0Aav5
/Library/Extensions:
NIUSBAudio2DJ.kext
hp_fax_io.kext
FTDIKext.kext
Wacom Tablet.kext
NIUSBAudio4DJ.kext
SiLabsUSBDriver64.kext
JMicronATA.kext
fabio.kext
NIUSBTraktorKontrolX1.kext
Dropbox.kext
AppleMobileDevice.kext
BJUSBLoad.kext
CIJUSBLoad.kext
NIUSBDeviceHelper.kext
hp_io_enabler_compound.kext
NIUSBAudioDriver.kext
/Library/Internet Plug-Ins:
VLC Plugin.plugin
EPPEX Plugin.plugin
AdobeAAMDetect.plugin
Unused / .. children: 0
AdobePDFViewer.plugin
SharePointBrowserPlugin.plugin
Unity Web Player.plugin
AdobePDFViewerNPAPI.plugin
SharePointWebKitPlugin.webplugin
/Library/Managed Preferences:
*-- Folder doesn't exist or is inaccessible --*
/Library/PrivilegedHelperTools:
com.microsoft.office.licensing.helper
com.BlueStacks.AppPlayer.bstservice_helper
com.wacom.UpdateHelper.app
com.wacom.IOManager.app
com.adobe.acc.installer
com.microsoft.autoupdate.helper
com.microsoft.office.licensingV2.helper
com.adobe.acc.installer.v2
com.wacom.DataStoreMgr.app
/Library/ScriptingAdditions:
Adobe Unit Types.osax
/Library/StartupItems:
/Library/Updates:
ProductMetadata.plist
001-93719 / .. children: 16
071-05425 / .. children: 16
071-29320 / .. children: 16
071-38374 / .. children: 3
PPDVersions.plist
index.plist
Top Processes:
%CPU PID COMMAND
13.9 586 com.apple.WebKit
13.4 246 WindowServer
3.3 0 kernel_task
1.2 405 Safari
1.0 1 launchd
0.6 411 Spotify
0.4 184 opendirectoryd
0.3 151 RTProtectionDaem
0.2 233 trustd
0.2 208 hidd
Running Processes:
PPID PID %CPU USER COMMAND
0 1 1.3 root /sbin/launchd
1 148 0.0 root /usr/sbin/syslogd
1 149 0.0 root /usr/libexec/UserEventAgent (System)
1 151 0.2 root /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon -i Malwarebytes-Mac-4.8.12.4131.pkg
1 152 0.0 root /usr/libexec/wifiFirmwareLoader
1 153 0.0 root /System/Library/PrivateFrameworks/Uninstall.framework/Resources/uninstalld
1 154 0.0 root /usr/libexec/kextd
1 155 0.0 root /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/Support/fseventsd
1 156 0.0 root /System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted
1 159 0.0 root /usr/sbin/systemstats --daemon
1 160 0.0 root /usr/libexec/configd
1 162 0.0 root /System/Library/CoreServices/powerd.bundle/powerd
1 166 0.2 root /usr/libexec/logd
1 167 0.0 root /usr/libexec/keybagd -t 15
1 170 0.0 root /usr/libexec/watchdogd
1 171 0.0 root firmwaresyncd
1 174 0.3 root /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Support/mds
1 175 0.0 _iconservices /System/Library/CoreServices/iconservicesd
1 176 0.1 root /usr/libexec/diskarbitrationd
1 178 0.0 root /Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper
1 180 0.0 root /usr/libexec/coreduetd
1 181 0.0 root /Library/Application Support/Adobe/AdobeGCClient/AGSService
1 184 1.0 root /usr/libexec/opendirectoryd
1 185 0.0 root /System/Library/PrivateFrameworks/ApplePushService.framework/apsd
1 186 0.0 root /System/Library/CoreServices/launchservicesd
1 187 0.0 _timed /usr/libexec/timed
1 188 0.0 _usbmuxd /System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/Resources/usbmuxd -launchd
1 189 0.0 root /usr/sbin/securityd -i
1 190 0.0 root auditd -l
1 192 0.0 _locationd /usr/libexec/locationd
1 195 0.0 root autofsd
1 196 0.0 _displaypolicyd /usr/libexec/displaypolicyd -k 1
1 198 0.0 root /var/hercules/hdjsd
1 199 0.0 root /usr/libexec/dasd
1 201 0.0 root /usr/libexec/PerfPowerServices
1 203 0.0 root /System/Library/CoreServices/logind
1 204 0.0 root /System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/Support/revisiond
1 205 0.0 root /usr/sbin/KernelEventAgent
1 207 0.0 root /usr/sbin/bluetoothd
1 208 0.0 _hidd /usr/libexec/hidd
1 209 0.0 root /usr/libexec/sandboxd
1 210 0.0 root /usr/libexec/corebrightnessd --launchd
1 211 0.0 root /usr/libexec/AirPlayXPCHelper
1 212 0.3 root /usr/sbin/notifyd
1 213 0.0 root /usr/libexec/amfid
1 214 0.0 _distnote /usr/sbin/distnoted daemon
1 215 0.3 root /usr/sbin/cfprefsd daemon
1 216 2.2 root /System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system
1 217 0.0 root aslmanager
1 218 0.0 root /usr/libexec/syspolicyd
1 219 0.0 root /System/Library/CoreServices/coreservicesd
1 220 0.0 [U501] /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console
1 222 0.0 root /System/Library/Frameworks/Security.framework/Versions/A/XPCServices/authd.xpc/Contents/MacOS/authd
1 223 0.0 _analyticsd /System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd
1 224 0.0 root /System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/contextstored
1 228 0.0 _coreaudiod /usr/sbin/coreaudiod
1 231 0.0 root /usr/libexec/nehelper
1 233 2.1 root /usr/libexec/trustd
1 243 0.0 root /usr/sbin/ocspd
1 244 0.0 _mdnsresponder /usr/sbin/mDNSResponder
1 245 0.0 root /usr/libexec/searchpartyd
1 246 12.4 _windowserver /System/Library/PrivateFrameworks/SkyLight.framework/Resources/WindowServer -daemon
1 252 0.0 root /usr/sbin/mDNSResponderHelper
1 254 0.0 _networkd /usr/libexec/symptomsd
1 267 0.0 _locationd /System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
1 268 0.0 root /usr/libexec/airportd
1 271 0.0 _locationd /usr/sbin/cfprefsd agent
1 272 0.0 _locationd /usr/libexec/trustd --agent
1 282 0.0 root /System/Library/PrivateFrameworks/WirelessDiagnostics.framework/Support/awdd
1 334 0.0 root /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon
1 335 0.0 root /usr/libexec/runningboardd
1 344 0.0 root /usr/libexec/lsd runAsRoot
1 345 0.0 root /System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper
1 346 0.0 _driverkit /System/Library/DriverExtensions/AppleUserHIDDrivers.dext/AppleUserHIDDrivers com.apple.driverkit.AppleUserHIDEventDriver 0x100000444
1 348 0.0 root /usr/libexec/mobileassetd
1 350 0.0 root /usr/libexec/secinitd
1 352 0.0 root /System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd-helper -launchd
1 354 0.0 root /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/CVMServer
1 355 0.0 root /usr/libexec/colorsync.displayservices
1 356 0.0 root /usr/libexec/colorsyncd
1 357 0.0 _nsurlsessiond /usr/libexec/nsurlsessiond --privileged
1 359 0.0 _appleevents /System/Library/CoreServices/appleeventsd --server
1 360 0.0 root /usr/libexec/apfsd
1 363 0.0 _cmiodalassistants /System/Library/Frameworks/CoreMediaIO.framework/Resources/VDC.plugin/Contents/Resources/VDCAssistant
1 369 0.0 root /usr/sbin/cupsd -l
1 370 0.0 root /usr/libexec/ApplicationFirewall/socketfilterfw
1 371 0.0 root /usr/libexec/rpcsvchost -launchd netlogon.bundle
1 377 0.0 root /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mds_stores
1 378 0.0 root /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
1 388 0.0 root /System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
1 389 0.0 [U501] /System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd
1 391 0.0 [U501] /usr/sbin/cfprefsd agent
1 392 0.0 root /usr/libexec/securityd_service
1 393 0.0 root /usr/sbin/distnoted agent
1 394 0.0 [U501] /usr/libexec/UserEventAgent (Aqua)
1 396 0.0 [U501] /usr/sbin/distnoted agent
1 397 0.0 [U501] /usr/sbin/universalaccessd launchd -s
1 398 0.0 [U501] /usr/libexec/rapportd
1 399 0.0 [U501] /usr/libexec/trustd --agent
1 400 0.0 [U501] /usr/libexec/secd
1 401 0.0 [U501] /usr/libexec/lsd
1 403 0.0 [U501] /System/Library/PrivateFrameworks/IDS.framework/identityservicesd.app/Contents/MacOS/identityservicesd
1 404 0.0 [U501] /usr/libexec/knowledge-agent
1 405 1.3 [U501] /Applications/Safari.app/Contents/MacOS/Safari -psn_0_36873
1 406 0.0 [U501] /System/Library/CoreServices/sharedfilelistd
1 407 0.0 [U501] /System/Library/CoreServices/backgroundtaskmanagementagent
1 408 0.0 [U501] /System/Applications/Mail.app/Contents/MacOS/Mail -psn_0_40970
1 409 0.0 [U501] /System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd
1 410 0.0 [U501] /System/Library/Frameworks/CryptoTokenKit.framework/ctkd -tw
1 411 0.4 [U501] /Users/bettakroegel/Applications/Spotify.app/Contents/MacOS/Spotify -psn_0_45067
1 412 0.0 [U501] /usr/libexec/pkd
1 413 0.0 [U501] /System/Library/PrivateFrameworks/TCC.framework/Resources/tccd
1 416 0.0 [U501] /usr/libexec/secinitd
1 417 0.0 [U501] /usr/libexec/nsurlsessiond
1 418 0.0 [U501] /Applications/Microsoft Outlook.app/Contents/MacOS/Microsoft Outlook -psn_0_49164
1 419 0.0 [U501] /System/Applications/Music.app/Contents/MacOS/Music -psn_0_53261
1 420 0.0 [U501] /System/Library/CoreServices/talagent
1 421 0.0 [U501] /System/Library/CoreServices/Dock.app/Contents/MacOS/Dock
1 422 0.0 [U501] /System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUIServer
1 423 0.0 [U501] /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder
1 426 0.0 root /usr/sbin/systemsoundserverd
1 427 0.0 [U501] /usr/libexec/pboard
1 428 0.0 [U501] /System/Library/Frameworks/Accounts.framework/Versions/A/Support/accountsd
1 429 0.0 [U501] /System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService
1 430 0.0 [U501] /System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd
1 431 0.0 [U501] /usr/libexec/dmd
1 432 0.0 [U501] /System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary
1 434 0.0 [U501] /System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd
1 435 0.0 [U501] /usr/libexec/nsurlstoraged
1 436 0.0 [U501] /System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService
1 437 0.0 root automountd
1 438 0.0 [U501] /System/Library/PrivateFrameworks/AMPDevices.framework/Versions/A/Support/AMPDeviceDiscoveryAgent --launchd
1 443 0.0 root /System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd
1 444 0.0 [U501] /System/Library/CoreServices/Spotlight.app/Contents/MacOS/Spotlight
1 445 0.0 [U501] /usr/sbin/usernoted
1 446 0.0 [U501] /System/Library/CoreServices/NotificationCenter.app/Contents/MacOS/NotificationCenter
1 447 0.0 [U501] /System/Library/Frameworks/Security.framework/Versions/A/XPCServices/TrustedPeersHelper.xpc/Contents/MacOS/TrustedPeersHelper
1 448 0.0 [U501] /usr/libexec/sharingd
1 449 0.0 [U501] /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy
1 451 0.0 [U501] /Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History
1 452 0.0 [U501] /usr/libexec/neagent
1 453 0.0 [U501] /usr/libexec/routined LAUNCHED_BY_LAUNCHD
1 454 0.0 [U501] /System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent
1 455 0.0 [U501] /Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 456 0.0 [U501] /Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking
1 457 0.0 [U501] /System/Library/CoreServices/iconservicesagent
1 458 0.0 [U501] /System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService
1 459 0.0 root /usr/sbin/spindump
1 460 0.0 [U501] /System/Library/CoreServices/mapspushd
1 462 0.0 [U501] /System/Library/PrivateFrameworks/CoreParsec.framework/parsecd
1 463 0.0 root /System/Library/CoreServices/SubmitDiagInfo server-init
1 464 0.0 [U501] /System/Library/CoreServices/CoreServicesUIAgent.app/Contents/MacOS/CoreServicesUIAgent
1 465 0.0 [U501] /System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf
1 466 0.0 [U501] /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/commerce
1 467 0.0 [U501] /System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod
1 468 0.0 [U501] /System/Library/PrivateFrameworks/UserActivity.framework/Agents/useractivityd
1 469 0.0 [U501] /System/Library/Frameworks/QuickLookThumbnailing.framework/Support/com.apple.quicklook.ThumbnailsAgent
1 470 0.0 root /usr/sbin/filecoordinationd
1 471 0.0 root /System/Library/PrivateFrameworks/AmbientDisplay.framework/Versions/A/XPCServices/com.apple.AmbientDisplayAgent.xpc/Contents/MacOS/com.apple.AmbientDisplayAgent
1 472 0.0 [U501] /System/Library/CoreServices/Dock.app/Contents/XPCServices/com.apple.dock.extra.xpc/Contents/MacOS/com.apple.dock.extra
1 473 0.0 [U501] /System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService
1 474 0.0 [U501] /System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird
1 475 0.0 [U501] /System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService
1 476 0.0 [U501] /Applications/Honey.app/Contents/PlugIns/Extension.appex/Contents/MacOS/Extension
1 477 0.0 [U501] /System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent
1 478 0.0 [U501] /System/Library/CoreServices/pbs
1 479 0.0 [U501] /System/Library/CoreServices/WiFiAgent.app/Contents/MacOS/WiFiAgent
1 481 0.0 [U501] /System/Library/PrivateFrameworks/login.framework/Versions/A/XPCServices/LoginUserService.xpc/Contents/MacOS/LoginUserService
1 482 0.0 _captiveagent /usr/libexec/captiveagent
1 483 0.0 [U501] /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeaccountd
1 484 0.0 _gamecontrollerd /usr/libexec/gamecontrollerd
1 485 0.0 [U501] /System/Library/PrivateFrameworks/CallHistory.framework/Support/CallHistoryPluginHelper
1 486 0.0 [U501] /System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent
1 488 0.0 [U501] /Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --monitor-self-annotation=ptype=crashpad-handler --type=crashpad-handler --max-uploads=5 --max-db-size=20 --max-db-age=5 --database=/Users/[U501]/Library/Application Support/Spotify/User Data --url=https://crashdump.spotify.com:443/ --annotation=platform=macos --annotation=product=spotify --annotation=version=1.1.58.820 --handshake-fd=7
1 489 0.0 [U501] /System/Library/PrivateFrameworks/AppSSO.framework/Support/AppSSOAgent.app/Contents/MacOS/AppSSOAgent
1 490 0.0 [U501] /System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService
1 492 0.0 [U501] /System/Library/Frameworks/InputMethodKit.framework/Resources/imklaunchagent
1 493 0.0 _fpsd /System/Library/PrivateFrameworks/CoreFP.framework/Versions/A/fpsd
1 496 0.0 [U501] /System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService
1 497 0.0 [U501] /System/Library/Input Methods/PressAndHold.app/Contents/PlugIns/PAH_Extension.appex/Contents/MacOS/PAH_Extension
1 498 0.0 [U501] /System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar
1 499 0.0 [U501] /System/Library/PrivateFrameworks/IMCore.framework/imagent.app/Contents/MacOS/imagent
1 500 0.0 [U501] /usr/libexec/WiFiVelocityAgent
1 501 0.0 root /usr/libexec/wifivelocityd
1 502 0.0 [U501] /System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter -L
1 505 0.0 [U501] /System/Library/PrivateFrameworks/IMDPersistence.framework/XPCServices/IMDPersistenceAgent.xpc/Contents/MacOS/IMDPersistenceAgent
1 506 0.0 [U501] /System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/Support/AMPLibraryAgent --launchd
1 508 0.0 [U501] /usr/libexec/networkserviceproxy
411 509 0.0 [U501] /Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (GPU).app/Contents/MacOS/Spotify Helper (GPU) --type=gpu-process --field-trial-handle=1718379636,15860063630098117179,1913373892139726783,131072 --enable-features=CastMediaRouteProvider --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --gpu-preferences=SAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAwAAAAAAABgDAAAAAAAACAEAACAAAAAAAQAAAAAAAAgBAAAAAAAAEAEAAAAAAAAYAQAAAAAAACABAAAAAAAAKAEAAAAAAAAwAQAAAAAAADgBAAAAAAAAQAEAAAAAAABIAQAAAAAAAFABAAAAAAAAWAEAAAAAAABgAQAAAAAAAGgBAAAAAAAAcAEAAAAAAAB4AQAAAAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAEAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAoAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAEAAAAAAAAAEAAAAAAAAAABAAAABgAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACgAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAANAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAABAAAAAAAAAAQAAAAAAAAAAQAAAAGAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAKAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAA0AAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAHAAAAAAAAABAAAAAAAAAABwAAAAYAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAoAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADQAAABAAAAAAAAAABwAAAA4AAAAIAAAAAAAAAAgAAAAAAAAA --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files
1 510 0.0 [U501] /System/Library/CoreServices/lockoutagent
1 511 0.0 [U501] /System/Library/PrivateFrameworks/CommunicationsFilter.framework/CMFSyncAgent
1 512 0.0 [U501] /System/Library/CoreServices/APFSUserAgent
1 513 0.0 [U501] /usr/libexec/loginitemregisterd
1 514 0.0 [U501] /System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService
1 515 0.0 [U501] /usr/libexec/swcd
1 516 0.0 [U501] /System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd
1 517 0.0 [U501] /usr/libexec/remindd
1 518 0.0 root /usr/libexec/smd
1 519 0.0 [U501] /System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/Support/AMPArtworkAgent --launchd
1 520 0.0 root /usr/sbin/WirelessRadioManagerd
1 521 0.0 [U501] /usr/libexec/fmfd
1 522 0.0 [U501] /System/Library/PrivateFrameworks/TelephonyUtilities.framework/callservicesd
1 523 0.0 [U501] /System/Applications/Music.app/Contents/XPCServices/VisualizerService.xpc/Contents/MacOS/VisualizerService
411 524 0.0 [U501] /Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1718379636,15860063630098117179,1913373892139726783,131072 --enable-features=CastMediaRouteProvider --lang=en --service-sandbox-type=utility --use-mock-keychain --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files --seatbelt-client=37
411 525 0.0 [U501] /Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1718379636,15860063630098117179,1913373892139726783,131072 --enable-features=CastMediaRouteProvider --lang=en --service-sandbox-type=network --use-mock-keychain --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files --seatbelt-client=37
1 526 0.0 [U501] /System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService
1 527 0.0 [U501] /System/Library/PrivateFrameworks/AOSKit.framework/Versions/A/XPCServices/com.apple.iCloudHelper.xpc/Contents/MacOS/com.apple.iCloudHelper
411 528 0.0 [U501] /Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (Renderer).app/Contents/MacOS/Spotify Helper (Renderer) --type=renderer --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --field-trial-handle=1718379636,15860063630098117179,1913373892139726783,131072 --enable-features=CastMediaRouteProvider --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --disable-scroll-bounce --disable-spell-checking --num-raster-threads=2 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --enable-main-frame-before-activation --renderer-client-id=5 --shared-files --seatbelt-client=81
1 529 0.0 root /System/Library/Frameworks/AudioToolbox.framework/XPCServices/CAReportingService.xpc/Contents/MacOS/CAReportingService
1 530 0.0 _netbios /usr/sbin/netbiosd
1 531 0.0 [U501] /System/Library/PrivateFrameworks/CoreCDP.framework/Versions/A/Resources/cdpd
1 532 0.0 [U501] /System/Library/Frameworks/ImageIO.framework/Versions/A/XPCServices/ImageIOXPCService.xpc/Contents/MacOS/ImageIOXPCService
1 533 0.0 [U501] /System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled
1 534 0.0 [U501] /System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent
1 535 0.0 root /usr/libexec/rtcreportingd
1 536 0.0 [U501] /System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoteagent
1 538 0.0 root /usr/libexec/findmydeviced
1 539 0.0 [U501] /Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent
1 540 0.0 [U501] /Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariBookmarksSyncAgent
1 541 0.0 [U501] /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 542 0.0 [U501] /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking
1 543 0.0 [U501] /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/corespotlightd
1 544 0.0 _fpsd /System/Library/PrivateFrameworks/CoreADI.framework/adid
1 545 0.0 [U501] /System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd
1 546 0.0 [U501] /System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service
1 548 0.0 [U501] /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/XPCServices/com.apple.hiservices-xpcservice.xpc/Contents/MacOS/com.apple.hiservices-xpcservice
1 549 0.0 [U501] /Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 551 0.0 [U501] /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid
1 552 0.0 [U501] /System/Library/PrivateFrameworks/CoreSpeech.framework/corespeechd
1 555 0.0 [U501] /Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver
1 556 0.0 [U501] /System/Library/CoreServices/SocialPushAgent.app/Contents/MacOS/SocialPushAgent
1 558 0.0 [U501] /Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr
1 559 0.0 [U501] /System/Library/Image Capture/Support/icdd
1 561 0.0 [U501] /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
1 563 0.0 [U501] /Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager
1 564 0.0 [U501] /System/Library/PrivateFrameworks/AskPermission.framework/Versions/A/Resources/askpermissiond
1 566 0.0 [U501] /Library/Application Support/Adobe/AdobeGCClient/AGMService -mode=logon
1 567 0.0 [U501] /System/Library/CoreServices/AirPlayUIAgent.app/Contents/MacOS/AirPlayUIAgent --launchd
1 569 0.0 [U501] /System/Library/CoreServices/cloudpaird
1 572 0.0 [U501] /System/Library/CoreServices/diagnostics_agent
1 574 0.0 [U501] /System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent
1 575 0.0 [U501] /System/Library/PrivateFrameworks/AppleMediaServices.framework/Resources/amsaccountsd
1 577 0.0 root /System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp -d
1 578 0.0 [U501] /Applications/CyberGhost VPN.app/Contents/MacOS/CyberGhost VPN
1 579 0.0 [U501] /System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp
1 580 0.0 [U501] /System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService
1 582 0.0 [U501] /System/Library/PrivateFrameworks/CoreRecents.framework/Versions/A/Support/recentsd
1 583 0.0 [U501] /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 584 0.0 [U501] /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking
1 585 0.0 [U501] /Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.SearchHelper.xpc/Contents/MacOS/com.apple.Safari.SearchHelper
1 586 15.5 [U501] /Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 587 0.0 [U501] /System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent
1 589 0.0 [U501] /System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell
1 590 0.0 [U501] /usr/libexec/keyboardservicesd
1 592 0.0 root /usr/libexec/diskmanagementd
1 593 0.0 [U501] /System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager
1 594 0.0 [U501] /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 595 0.0 [U501] /System/Library/PrivateFrameworks/GameCenterFoundation.framework/Versions/A/gamed
1 596 0.0 _softwareupdate /System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated
1 597 0.0 root /System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd
1 598 0.0 _atsserver /System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd
1 602 0.0 [U501] /System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/reversetemplated
1 606 0.0 [U501] SafeEjectGPUAgent
1 607 0.0 [U501] /System/Library/CoreServices/Menu Extras/SafeEjectGPUExtra.menu/Contents/XPCServices/SafeEjectGPUService.xpc/Contents/MacOS/SafeEjectGPUService
1 608 0.0 _nsurlstoraged /usr/libexec/nsurlstoraged --privileged
1 610 0.0 [U501] /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 611 0.0 [U501] /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking
1 613 0.0 [U501] /System/Library/PrivateFrameworks/PassKitCore.framework/passd
1 614 0.0 root /usr/libexec/dprivacyd
1 615 0.0 [U501] /System/Library/PrivateFrameworks/AssetCacheServices.framework/Versions/A/XPCServices/AssetCacheLocatorService.xpc/Contents/MacOS/AssetCacheLocatorService -a
1 616 0.0 _assetcache /usr/libexec/AssetCache/AssetCache
1 617 0.0 [U501] /System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd
1 627 0.0 [U501] /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Support/fontworker
1 635 0.0 _applepay /usr/libexec/nfcd
1 640 0.0 [U501] /Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
1 642 0.0 [U501] /System/Library/PrivateFrameworks/FileProvider.framework/Support/fileproviderd
1 644 0.0 [U501] /System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService
1 645 0.0 [U501] /System/Library/PrivateFrameworks/CloudDocsDaemon.framework/XPCServices/ContainerMetadataExtractor.xpc/Contents/MacOS/ContainerMetadataExtractor
1 646 0.0 root /System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheTetheratorService.xpc/Contents/MacOS/AssetCacheTetheratorService
1 652 0.0 [U501] /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/XPCServices/com.apple.DictionaryServiceHelper.xpc/Contents/MacOS/com.apple.DictionaryServiceHelper
1 653 0.0 root /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon
1 654 0.0 root /System/Library/PrivateFrameworks/CoreSymbolication.framework/coresymbolicationd
1 656 0.0 [U501] /Applications/Wacom Tablet.localized/.Tablet/TabletDriver.app/Contents/MacOS/TabletDriver -psn_0_249917
1 657 0.0 [U501] /Applications/Wacom Tablet.localized/.Tablet/WacomTouchDriver.app/Contents/MacOS/WacomTouchDriver -psn_0_254014
1 668 0.0 root /usr/libexec/sysmond
159 670 0.0 root /usr/sbin/systemstats --logger-helper /private/var/db/systemstats
1 671 0.0 root /System/Library/Frameworks/CoreMediaIO.framework/Versions/A/XPCServices/com.apple.cmio.registerassistantservice.xpc/Contents/MacOS/com.apple.cmio.registerassistantservice
1 673 0.0 [U501] /usr/libexec/adprivacyd
1 674 0.1 [U501] /Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift
1 788 0.0 _spotlight /usr/libexec/trustd --agent
1 835 0.0 [U501] /System/Library/PrivateFrameworks/ProtectedCloudStorage.framework/Helpers/ProtectedCloudKeySyncing
1 836 0.0 [U501] /System/Library/CoreServices/ReportCrash agent
1 882 0.0 root /System/Library/CoreServices/ReportCrash daemon
1 901 0.0 [U501] /usr/libexec/spindump_agent
1 903 0.0 root /System/Library/CoreServices/CrashReporterSupportHelper server-init
1 915 0.0 [U501] /System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService
1 916 0.0 [U501] /System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService
1 936 0.0 [U501] /Applications/Safari.app/Contents/PlugIns/SafariQuickLookPreview.appex/Contents/MacOS/SafariQuickLookPreview
1 937 0.0 [U501] /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared
1 938 0.0 [U501] /System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite
1 941 0.0 [U501] /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Contents/MacOS/quicklookd
1 942 0.0 [U501] /System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite
1 953 0.0 [U501] /System/Library/PrivateFrameworks/CloudDocs.framework/PlugIns/com.apple.CloudDocs.MobileDocumentsFileProvider.appex/Contents/MacOS/com.apple.CloudDocs.MobileDocumentsFileProvider
1 1041 0.0 [U501] /System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker -c MDSImporterWorker -m com.apple.mdworker.single
«»EOF»«
|
|
06.05.2021, 10:04
| #20 | |
| /// Mac Expert | Ursnif Trojaner auf MacZitat:
Mit dem vollständigen Pfad meinte ich den absoluten Pfad zu der Erweiterung.  Terminal öffnen folgenden Befehl ausführen - "Alles auswählen" auswählen, kopieren und in das Terrminal einfügen. Code:
ATTFilter touch ~/Desktop/lib.txt; p="lib.txt"; cd ~/Desktop; ls -ald /Library/Extensions/* >$p && ls -ald /System/Library/Extensions/* >> $p | open -e lib.txt
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? Geändert von Dante12 (06.05.2021 um 10:17 Uhr) |
|
06.05.2021, 10:25
| #21 |
| | Ursnif Trojaner auf Mac ups.. also hier der Pfad, Pardon Code:
ATTFilter /Library/SystemExtensions/3A3B86FB-F4CD-4A53-9861-3163E1A1A166/net.protected.macos.TotalAV.ESAVExtension.systemextension
Code:
ATTFilter drwxr-xr-x 3 root wheel 96 Apr 16 2019 /Library/Extensions/ACS6x.kext
drwxr-xr-x 3 root wheel 96 May 8 2018 /Library/Extensions/ATTOCelerityFC8.kext
drwxr-xr-x 3 root wheel 96 May 7 2018 /Library/Extensions/ATTOExpressSASHBA2.kext
drwxr-xr-x 3 root wheel 96 May 7 2018 /Library/Extensions/ATTOExpressSASRAID2.kext
drwxr-xr-x@ 3 root wheel 96 Jan 7 2019 /Library/Extensions/AppleMobileDevice.kext
drwxr-xr-x 3 root wheel 96 Aug 19 2019 /Library/Extensions/ArcMSR.kext
drwxr-xr-x 3 root wheel 96 Mar 16 2015 /Library/Extensions/BJUSBLoad.kext
drwxr-xr-x 3 root wheel 96 Sep 1 2016 /Library/Extensions/CIJUSBLoad.kext
drwxr-xr-x 3 root wheel 96 Sep 1 2013 /Library/Extensions/CalDigitHDProDrv.kext
drwxr-xr-x 3 root wheel 96 Oct 29 2019 /Library/Extensions/Dropbox.kext
drwxr-xr-x 3 root wheel 96 Aug 9 2019 /Library/Extensions/FTDIKext.kext
drwxr-xr-x 3 root wheel 96 May 4 2018 /Library/Extensions/HighPointIOP.kext
drwxr-xr-x 3 root wheel 96 Dec 5 2017 /Library/Extensions/HighPointRR.kext
drwxr-xr-x 3 root wheel 96 May 22 2012 /Library/Extensions/JMicronATA.kext
drwxr-xr-x 3 root wheel 96 Sep 11 2009 /Library/Extensions/NIUSBAudio2DJ.kext
drwxr-xr-x 3 root wheel 96 Sep 11 2009 /Library/Extensions/NIUSBAudio4DJ.kext
drwxr-xr-x 3 root wheel 96 Sep 11 2009 /Library/Extensions/NIUSBAudioDriver.kext
drwxr-xr-x 3 root wheel 96 Aug 24 2011 /Library/Extensions/NIUSBDeviceHelper.kext
drwxr-xr-x 3 root wheel 96 Sep 11 2009 /Library/Extensions/NIUSBTraktorKontrolX1.kext
drwxr-xr-x 3 root wheel 96 Jul 26 2019 /Library/Extensions/PromiseSTEX.kext
drwxr-xr-x 3 root wheel 96 Sep 25 2020 /Library/Extensions/SiLabsUSBDriver64.kext
drwxr-xr-x 3 root wheel 96 Aug 9 2018 /Library/Extensions/SoftRAID.kext
drwxr-xr-x 3 root wheel 96 Aug 9 2019 /Library/Extensions/Wacom Tablet.kext
drwxr-xr-x 3 root wheel 96 Sep 9 2013 /Library/Extensions/fabio.kext
drwxr-xr-x 3 root wheel 96 Aug 14 2013 /Library/Extensions/hp_fax_io.kext
drwxr-xr-x 3 root wheel 96 Aug 14 2013 /Library/Extensions/hp_io_enabler_compound.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/ALF.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMD10000Controller.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMD7000Controller.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMD8000Controller.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMD9000Controller.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMD9500Controller.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDFramebuffer.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDMTLBronzeDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonServiceManager.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonVADriver2.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX4000.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX4000GLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX4000HWServices.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX5000.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX5000GLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX5000HWServices.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX5000MTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX5000Shared.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX6000.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX6000Framebuffer.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX6000GLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX6000HWServices.kext
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX6000MTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDRadeonX6000Shared.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDShared.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 6 2020 /System/Library/Extensions/AMDSupport.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/Apple16X50Serial.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleACPIPlatform.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleAHCIPort.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleAPIC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleAVEBridge.kext
drwxr-xr-x@ 3 root wheel 96 Mar 25 2020 /System/Library/Extensions/AppleActuatorDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleAfterburner.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleBCMWLANBusInterfacePCIe.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleBCMWLANCore.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleBacklight.kext
drwxr-xr-x@ 7 root wheel 224 Dec 29 15:39 /System/Library/Extensions/AppleBacklightExpert.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleBluetoothDebug.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleBluetoothDebugService.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleBluetoothModule.kext
drwxr-xr-x@ 3 root wheel 96 Mar 25 2020 /System/Library/Extensions/AppleBluetoothMultitouch.kext
drwxr-xr-x@ 3 root wheel 96 Mar 25 2020 /System/Library/Extensions/AppleBluetoothRemote.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleBusPowerController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleCameraInterface.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleConvergedIPCOLYBTControl.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleConvergedPCI.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleCredentialManager.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleEFIRuntime.kext
drwxr-xr-x@ 3 root wheel 96 Mar 7 2020 /System/Library/Extensions/AppleEffaceableNOR.kext
drwxr-xr-x@ 3 root wheel 96 Mar 7 2020 /System/Library/Extensions/AppleEffaceableStorage.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleEmbeddedOSSupportHost.kext
drwxr-xr-x@ 3 root wheel 96 Mar 7 2020 /System/Library/Extensions/AppleFDEKeyStore.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleFIVRDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleFSCompressionTypeDataless.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleFSCompressionTypeZlib.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleFWAudio.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleFileSystemDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleFileUtil.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleGFXHDA.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleGraphicsControl.kext
drwxr-xr-x@ 3 root wheel 96 Mar 11 2020 /System/Library/Extensions/AppleGraphicsPowerManagement.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHDA.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHIDALSService.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHIDKeyboard.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHIDMouse.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHPET.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHPM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHSSPIHIDDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHSSPISupport.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleHV.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIRController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 25 2020 /System/Library/Extensions/AppleImage4.kext
drwxr-xr-x@ 3 root wheel 96 Mar 25 2020 /System/Library/Extensions/AppleInputDeviceSupport.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelBDWGraphics.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelBDWGraphicsFramebuffer.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelBDWGraphicsGLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelBDWGraphicsMTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelBDWGraphicsVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelBDWGraphicsVAME.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelCFLGraphicsFramebuffer.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelCFLGraphicsVAME.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelCPUPowerManagement.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelCPUPowerManagementClient.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelFramebufferAzul.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelFramebufferCapri.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelGraphicsShared.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD4000Graphics.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD4000GraphicsGLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD4000GraphicsMTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD4000GraphicsVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD5000Graphics.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD5000GraphicsGLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD5000GraphicsMTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHD5000GraphicsVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelHSWVA.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelICLGraphics.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelICLGraphicsGLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelICLGraphicsMTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelICLGraphicsVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelICLLPGraphicsFramebuffer.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelICLLPGraphicsVAME.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelIVBVA.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelKBLGraphics.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelKBLGraphicsFramebuffer.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelKBLGraphicsGLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelKBLGraphicsMTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelKBLGraphicsVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelKBLGraphicsVAME.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssDmac.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssGspi.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssI2C.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssI2CController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssSpiController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssUARTCommon.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssUARTv0.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelLpssUARTv1.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelMCEReporter.kext
drwxr-xr-x@ 3 root wheel 96 Mar 11 2020 /System/Library/Extensions/AppleIntelPCHPMC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelSKLGraphics.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelSKLGraphicsFramebuffer.kext
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelSKLGraphicsGLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelSKLGraphicsMTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelSKLGraphicsVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 16 2020 /System/Library/Extensions/AppleIntelSKLGraphicsVAME.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleIntelSlowAdaptiveClocking.kext
drwxr-xr-x@ 3 root wheel 96 Mar 7 2020 /System/Library/Extensions/AppleKeyStore.kext
drwxr-xr-x@ 3 root wheel 96 Mar 11 2020 /System/Library/Extensions/AppleLPC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleLSIFusionMPT.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleMCCSControl.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleMCP89RootPortPM.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleMIDIBluetoothDriver.plugin
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleMIDIFWDriver.plugin
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleMIDIIACDriver.plugin
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleMIDIRTPDriver.plugin
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleMIDIUSBDriver.plugin
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleMatch.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleMikeyHIDDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleMobileFileIntegrity.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleMultiFunctionManager.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleMultitouchDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleOSXUSBNCM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleOnboardSerial.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/ApplePlatformEnabler.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleQEMUHID.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleRAID.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleRTC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSDXC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSEPManager.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSMBIOS.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSMBusController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSMBusPCI.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSMC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSMCLMU.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSMCRTC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSRP.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSSE.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSmartBatteryManager.kext
drwxr-xr-x@ 3 root wheel 96 Mar 7 2020 /System/Library/Extensions/AppleStorageDrivers.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleSystemPolicy.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleThunderboltDPAdapters.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleThunderboltEDMService.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleThunderboltIP.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleThunderboltNHI.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleThunderboltPCIAdapters.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleThunderboltUTDM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 25 2020 /System/Library/Extensions/AppleTopCase.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBACM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBAudio.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBCDC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBCommon.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBDMM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBDisplays.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBECM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBEEM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBEthernet.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBEthernetHost.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBMultitouch.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBNCM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBNetworking.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBPLCOM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBRealtek8153Patcher.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBSerial.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBTopCase.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBWCM.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUSBiBridge.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleUpstreamUserClient.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/AppleVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleVirtIO.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleVirtualGraphics.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleWWANAutoEject.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/AppleXsanScheme.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/Apple_iSight.kext
drwxr-xr-x@ 6 root wheel 192 Dec 29 15:39 /System/Library/Extensions/AudioAUUC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/BCMWLANFirmware4355_Hashstore.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/BCMWLANFirmware4364_Hashstore.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/BCMWLANFirmware4377_Hashstore.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/BootCache.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/BridgeAudioCommunication.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/BridgeAudioController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/CellPhoneHelper.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/CoreAnalyticsFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/CoreStorage.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/CoreTrust.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/DSACL.ppp
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/DSAuth.ppp
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/Dont Steal Mac OS X.kext
drwxr-xr-x@ 4 root wheel 128 Feb 29 2020 /System/Library/Extensions/DriverKit
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/EAP-KRB.ppp
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/EAP-RSA.ppp
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/EAP-TLS.ppp
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/EndpointSecurity.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/GeForce.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/GeForceAIRPlugin.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/GeForceGLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/GeForceMTLDriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/GeForceVADriver.bundle
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/HFS.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/HFSEncodings.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IO80211Family.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IO80211FamilyV2.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOACPIFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOAHCIFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOATAFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOAVBFamily.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/IOAccelerator2D.plugin
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOAcceleratorFamily2.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOAudioFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOBDStorageFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOBluetoothFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOBluetoothHIDDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOBufferCopyController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOBufferCopyEngineFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOCDStorageFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IODVDStorageFamily.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/IOFireWireAVC.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOFireWireFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOFireWireIP.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/IOFireWireSBP2.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOFireWireSerialBusProtocolTransport.kext
drwxr-xr-x@ 7 root wheel 224 Dec 29 15:39 /System/Library/Extensions/IOGraphicsFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOHDIXController.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOHIDFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOImageLoader.kext
drwxr-xr-x@ 6 root wheel 192 Dec 29 15:39 /System/Library/Extensions/IONDRVSupport.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IONVMeFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IONetworkingFamily.kext
drwxr-xr-x@ 6 root wheel 192 Dec 29 15:39 /System/Library/Extensions/IOPCIFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 11 2020 /System/Library/Extensions/IOPlatformPluginFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOReportFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSCSIArchitectureModelFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSCSIParallelFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSMBusFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSerialFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSkywalkFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSlaveProcessor.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSlowAdaptiveClockingFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOStorageFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOStreamFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOSurface.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/IOThunderboltFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOTimeSyncFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOUSBAttachedSCSI.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOUSBFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOUSBHostFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOUSBMassStorageClass.kext
drwxr-xr-x@ 3 root wheel 96 Mar 7 2020 /System/Library/Extensions/IOUSBMassStorageDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOUserEthernet.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOUserSerial.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/IOVideoFamily.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/KernelRelayHost.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/KextAudit.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/L2TP.ppp
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/Libm.kext
drwxr-xr-x@ 3 root wheel 96 Jul 2 2019 /System/Library/Extensions/NVDAGF100Hal.kext
drwxr-xr-x@ 3 root wheel 96 Jul 2 2019 /System/Library/Extensions/NVDAGK100Hal.kext
drwxr-xr-x@ 3 root wheel 96 Jul 2 2019 /System/Library/Extensions/NVDAResman.kext
drwxr-xr-x@ 3 root wheel 96 Jul 2 2019 /System/Library/Extensions/NVDAStartup.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/NVMeSMARTLib.plugin
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/NVSMU.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/OSvKernDSPLib.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/PPP.kext
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/PPPSerial.ppp
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/PPPoE.ppp
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/Quarantine.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/Radius.ppp
drwxr-xr-x@ 3 root wheel 96 Feb 29 2020 /System/Library/Extensions/SMARTLib.plugin
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/SMCMotionSensor.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/Sandbox.kext
drwxr-xr-x@ 6 root wheel 192 Dec 29 15:39 /System/Library/Extensions/System.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/TMSafetyNet.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/acfs.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/acfsctl.kext
drwxr-xr-x@ 3 root wheel 96 Mar 7 2020 /System/Library/Extensions/apfs.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/autofs.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/cd9660.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/cddafs.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/corecapture.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/corecrypto.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/eficheck.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/exfat.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/iPodDriver.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/mcxalr.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/msdosfs.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/ntfs.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/pmtelemetry.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/pthread.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/smbfs.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/triggers.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/udf.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/vecLib.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/watchdog.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/webcontentfilter.kext
drwxr-xr-x@ 3 root wheel 96 Mar 5 2020 /System/Library/Extensions/webdav_fs.kext
|
|
06.05.2021, 10:36
| #22 |
| /// Mac Expert | Ursnif Trojaner auf Mac Ist das die einzige Erweiterung dort bei mir ist das Verzeichnis leer Gib mir doch bitte folgende Ausgabe nochmal aus dem Terminal Code:
ATTFilter launchctl list | grep -v com.apple
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? Geändert von Dante12 (06.05.2021 um 11:02 Uhr) |
|
06.05.2021, 11:32
| #23 |
| | Ursnif Trojaner auf Mac Ja die einzige Erweiterung Code:
ATTFilter berlinalake@DER-MacBook-Pro ~ % launchctl list | grep -v com.apple
PID Status Label
566 0 com.adobe.GC.AGM
558 0 com.wacom.DataStoreMgr
561 0 com.malwarebytes.mbam.frontend.agent
- 0 com.adobe.AdobeCreativeCloud
- 0 com.openssh.ssh-agent
- 0 com.microsoft.update.agent
555 0 com.wacom.wacomtablet
1925 0 com.bluestacks.BlueStacks.20464
- 0 com.BlueStacks.AppPlayer.Service
- 0 com.spotify.client.startuphelper
578 0 com.cyberghostsrl.cyberghostmac.23952
- 0 com.BlueStacks.AppPlayer.UninstallWatcher
- 0 com.microsoft.OneDriveStandaloneUpdater
563 0 com.wacom.IOManager
- 0 com.BlueStacks.AppPlayer.Updater
berlinalake@DER-MacBook-Pro ~ %
|
|
06.05.2021, 11:37
| #24 |
| | Ursnif Trojaner auf Mac https://www.trojaner-board.de/attachment.php?attachmentid=83998&stc=1&d=1620297373 hier ein screenshot... |
|
06.05.2021, 12:12
| #25 |
| /// Mac Expert | Ursnif Trojaner auf Mac Also in der Start-Bibliothek ist es nicht mehr enthalten. Mache bitte ein vollständiges Backup! Zunächst einmal hätte ich gerne noch eine Ausgabe mit folgendem Befehl: Code:
ATTFilter systemextensionsctl list
sudo systemextensionsctl list
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? Geändert von Dante12 (06.05.2021 um 12:28 Uhr) |
|
06.05.2021, 12:31
| #26 |
| | Ursnif Trojaner auf Mac hier bitte Code:
ATTFilter Last login: Thu May 6 13:27:19 on console
The default interactive shell is now zsh.
To update your account to use zsh, please run `chsh -s /bin/zsh`.
For more details, please visit https://support.apple.com/kb/HT208050.
DER-MacBook-Pro:~ admin$ systemextensionsctl list
1 extension(s)
--- com.apple.system_extension.endpoint_security
enabled active teamID bundleID (version) name [state]
* 47M7HL5AG8 net.protected.macos.TotalAV.ESAVExtension (1.0/3) TotalAV 5 Real-Time Extension [activated waiting for user]
DER-MacBook-Pro:~ admin$ sudo systemextensionsctl list
|
|
06.05.2021, 18:20
| #27 |
| /// Mac Expert | Ursnif Trojaner auf Mac Wie ich mir schon gedacht habe, als du TotalAV installiert hattest, hat das System dich aufgefordert die Erweiterung zuzulassen, was du nicht getan hast. Ich sehe gerade zu hast immer noch nicht deine Shell auf Zsh umgestellt. Lese bitte diesen Beitrag um das zu ändern. Wenn du laut meiner Anleitung diese in den Systemeinstellungen bereits geändert hast, brauchst du nur noch den Befehl ausführen der im Hinweisfenster der Shell angezeigt wird: Code:
ATTFilter chsh -s /bin/zsh
Wichtig: Ich hoffe du hast ein backup gemacht. Drucke bitte die nachfolgenden Schritte aus um Fehler zu vermeiden. 1. Rechner neu Starten und beim Start die Tasten CMD+R halten um in den Wiederherstellungsmodus zu gelangen. 2. Im Wiederherstellungsmodus: Menü -> Dienstprogramme -> Terminal starten 3. Eingabe: csrutil status Ausgabe sollte sein: System Integrity Protection status: enabled. 4. Befehl: csrutil disable Rückmeldung sollte sein, das der Schutz deaktiviert wurde (also disabled). 5. Neustart 6. Log dich als Admin ein, und öffne dein Terminal 7. Gebe oder kopiere die nachfolgende Zeile in das Terminal ein und führe diese aus. Code:
ATTFilter systemextensionsctl uninstall 47M7HL5AG8 net.protected.macos.TotalAV.ESAVExtension
9. Wiederhole jetzt bitte die Schritte 1 + 2 und gebe folgendes in das Terminal (Wiederherstellungsumgebung): Code:
ATTFilter csrutil enable
10. Neustart Prüfe jetzt noch mal, ob es weg ist.
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? |
|
10.05.2021, 13:43
| #28 |
| | Ursnif Trojaner auf Mac Lieber Dante12, ich kam leider erst jetzt dazu, die letzten Schritte durchzuführen: Es hat geklappt! Die Datei ist endlich verschwunden! Ich bin dir für deine Hilfestellung unglaublich dankbar!!! Habe auch so einiges dazugelernt! Werde gerne etwas an euch hier spenden! NOCHMAL DANKE und alles Gute weiterhin! LG  elisabeth69 |
|
10.05.2021, 16:49
| #29 |
| /// Mac Expert | Ursnif Trojaner auf Mac Vielen Dank für das Lob - Damit ist meine Aufgabe erfüllt Du kannst jetzt alle Dateien die wir angelegt haben, löschen. Du kannst jetzt KextViewer, KnockKnock mit AppCleaner entfernen. Lege einfach die Programme (einzeln) in das Fenster von AppCleaner und lösche diese. AppCleaner selbst kannst du danach einfach in den Papierkorb verschieben. Achte aber bitte vorher darauf das im Programm unter Menü -> Einstellungen (Preferences) -> die Funktion SmartDelete abgeschaltet ist. MalwareBytes 4 for Mac deinstallieren
 CLEAN & TIPPS
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? |
|
15.06.2021, 17:02
| #30 |
| | Ursnif Trojaner auf Mac Eigentlich war/ bin ich auf der Suche nach einem Grund, weshalb mir in unregelmäßigen Abständen “sprach-downloader versucht deine systemeinstellungen zu verändern" angezeigt wird. Dabei bin ich nach langer Zeit mal wieder hier gelandet und habe diesen Thread hier gesehen/gelesen. Ich muss das einfach mal sagen: Dante12, Du bist einmalig! Deine Mac-Kenntnisse, vor allem aber Deine Fähigkeit zu diesen nachvollziehbaren Anleitungen, keinen Schritt vergessen, nichts als selbstverständlich vorauszusetzen - unbezahlbar! Wo findet man Supporter wie Dich, falls man sie hier mal nicht antrifft??? Und an alle hier bei Trojaner-Board: Toll, dass es Euch gibt!!! Liebe Grüße Kassie
__________________ LG kassie MBP 13", 2919; macOS Catalina 10.15.7 + MBP Retina Mitte 2012; macOS Catalina 10.15.7 Geändert von mac-kass (15.06.2021 um 17:03 Uhr) Grund: Tippfehler |
 |
| Themen zu Ursnif Trojaner auf Mac |
| aktiv, blockiert, datei, einiger, email, entdeck, entdeckt, entfernen, erlaubt, frage, heute, hoffe, laufen, mac, macintosh, mehrfach, nichts, nötig, passwort, phänomen, quelle, runter, trojaner, ursnif, verschickt, woche, würde |
Linear-Darstellung
