Zurück   Trojaner-Board > Web/PC > Alles rund um Mac OSX & Linux
Ursnif Trojaner auf Mac

Ursnif Trojaner auf Mac


Alles rund um Mac OSX & Linux: Ursnif Trojaner auf Mac

Windows 7 Für alle Fragen rund um Mac OSX, Linux und andere Unix-Derivate.

Thema geschlossen
Seite 1 von 3 1 23
Alt 28.04.2021, 21:42   #1
elisabeth69
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Hallo! Ich habe letzte Woche eine email bekommen, mit einer zip Datei inkl. Passwort, welches eine Word Datei beinhaltete. Nachdem ich heute erfuhr, dass diese email nicht von der Person verschickt wurde, von der ich ausging und nach einiger Recherche, wurde ich auf das Phänomen Ursnif aufmerksam, das genau meinen Fall beschreibt.
Nun, ich habe die Datei leider mehrfach geöffnet und auch die Makros erlaubt, welche zunächst blockiert waren. Ich hoffe es bleibt unnötig zu sagen, dass ich dachte, die Mail würde einer vertrauenswürdigen Quelle entspringen.
Ich besitze einen Mac und frage mich nun: Ist der Trojaner aktiv? Wie kann ich ihn entfernen? Ich habe heute ein Antivirusprogramm laufen lassen, welches nichts entdeckt hat.
Ich bitte um Hilfe!

LG

Alt 29.04.2021, 18:42   #2
felix1
/// Helfer-Team
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac




Appel gehört nicht zu den Kernkompetenzen des TB. Ich würde Dir aber mal einen Link im TB empfehlen. Dort sind bezüglich Malwarebites und anderer Programme ein paar nützliche Links.
Vielleicht hast Du auch des Glück, dass Dante12 der Tage mal wieder im Forum vorbeischaut.
__________________

__________________
Alt 29.04.2021, 23:33   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Was soll den großartig bei einem Mac passieren, Felix? Hast du schon jemals Malware gesehen, die per Makro als DOC oder XLS kam und dann OSX infizieren wollte?

Zitat:
Ich hoffe es bleibt unnötig zu sagen, dass ich dachte, die Mail würde einer vertrauenswürdigen Quelle entspringen.
Beim nächsten Mal bitte Gehirn einschalten. Makros sind wirklich extrem gefährlich und ich kenne niemanden der das wirklich wirklich auch privat braucht und nutzen sollte.
__________________
__________________
Alt 30.04.2021, 20:39   #4
felix1
/// Helfer-Team
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Zitat:
Zitat von cosinus Beitrag anzeigen
Was soll den großartig bei einem Mac passieren, Felix? Hast du schon jemals Malware gesehen, die per Makro als DOC oder XLS kam und dann OSX infizieren wollte?
So richtig nicht, aber Appel ist das, was Sicherheit betrifft, auch nicht mehr das, was es mal war.

Zitat:
Zitat von cosinus Beitrag anzeigen
Beim nächsten Mal bitte Gehirn einschalten. Makros sind wirklich extrem gefährlich und ich kenne niemanden der das wirklich wirklich auch privat braucht und nutzen sollte.
__________________
LG

Der Felix

Keine Hilfe per PN und E-Mail
Alt 30.04.2021, 21:15   #5
elisabeth69
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Zitat:
Zitat von cosinus Beitrag anzeigen
Beim nächsten Mal bitte Gehirn einschalten. Makros sind wirklich extrem gefährlich und ich kenne niemanden der das wirklich wirklich auch privat braucht und nutzen sollte.
Ach, Mensch! War mein Gehirn wohl offline! Ich Dummerchen!

Zitat:
Zitat von felix1 Beitrag anzeigen


Appel gehört nicht zu den Kernkompetenzen des TB. Ich würde Dir aber mal einen Link im TB empfehlen. Dort sind bezüglich Malwarebites und anderer Programme ein paar nützliche Links.
Vielleicht hast Du auch des Glück, dass Dante12 der Tage mal wieder im Forum vorbeischaut.
Danke dir, Felix!


Alt 30.04.2021, 23:08   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Bitte bleibt bei Anhängen eher skeptisch.
Es kommt zu oft Müll rum. Das beste wäre wenn man per Mail sich nur noch abspricht und grundsätzlich keine Dateien mehr schickt, denn dafür ist Mail auch garnicht da!!!

Nehmt bitte sowas wie https://wetransfer.com/
__________________
--> Ursnif Trojaner auf Mac

Alt 02.05.2021, 21:59   #7
Dante12
/// Mac Expert
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Hallo elisabeth69,

Bitte lese dir alles vorher genau durch bevor du die Schritte ausführst. Solltest du Fragen haben, bitte gleich stellen.

Hinweis: Ab Catalina, Big Sur benötigen manche Programme die Zustimmung zum Festplattenvollzugriff. Sofern das nicht vom Programm selbst angezeigt wird, dann folgende Schritte durchführen:

1. Systemeinstellung -> Sicherheit & Datenschutz -> Button "Datenschutz" auwählen.
2. Auf das Schloss klicken und das Passwort eingeben.
3. Linke Spalte hinunterscrollen bis zu dem Punkt "Festplattenvollzugriff".
4. Klicke bitte auf den (+)-Button und wähle aus deinem Programm-Ordner das entsprechende Programm aus (in diesem Fall: DetectX Swift.app).
5. Systemeinstellungen wieder schliessen, und Programm neu starten.

Scan mit Malwarebytes 4 for Mac
  • Lade dir bitte MalwareBytes 4 for Mac herunter.
  • Starte das "Install Malwarebytes 4.xx.pkg" um Malwarebytes zu installieren.
  • Bestätige beim ersten Start die angezeigten Fenster und wähle deinen Rechner aus "Persönlich" oder "Business"
  • Programm starten und klicke auf Scan. Gefundene Malware wird in die Quarantäne verschoben.
  • Wenn ein Neustart verlangt wird, bitte durchführen.
  • Sofern nichts gefunden wurde brauchst du hier nichts weiter tun, sonst,
  • Öffne Malwarebytes klicke auf die Fläche "Scan" - (nicht auf den Button!) und dann auf Berichte.
  • Mache ein Screenshot wenn nötig.

Prüfen mit DetectX Swift
  • Lade dir bitte DetectX Swift herunter.
  • Öffne das DMG-Archiv, akzeptiere die Lizenzbestimmungen und verschiebe die App in den Programm-Ordner.
  • Starte DetectX Swift klicke auf OK und anschliessend auf Search. Lösche gefundene Einträge.
  • Wenn du dir beim löschen nicht sicher bist, dann Frage lieber einmal mehr hier im Forum (mache bitte ein Screenshot wenn nötig).


  • Erstelle bitte ein Log in dem du auf Profile klickst.
  • Klick auf den Button Share Options.. und anschliessend wähle die Option Sanitized.
  • Als letztes klicke bitte auf Copy Report to Clipboard
  • Füge das Log hier in das Forum in Code-Tags ein.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit COMMAND+A) und kopiere es in die Zwischenablage mit COMMAND+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Cursor zwischen die CODE-Tags und drücke COMMAND+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
-----------------
-Gruß dante12
-----------------
Lob, Kritik, Wünsche? Spende fürs trojaner-board?
Geändert von Dante12 (02.05.2021 um 22:16 Uhr)

Alt 03.05.2021, 09:23   #8
elisabeth69
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Hallo Dante!! Hier der Bericht von DetectX! Ich danke dir vielmals für die Zeit!!!!!!!!!!






Code:
ATTFilter
Timestamp (5): Mon May 03 10:17:51 2021
DetectX Swift v1.0971

macOS: Version 10.15.7 (Build 19H114)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Mon May 3 09:45:50 2021
Uptime: 32 mins, 1 user

Spotlight status for /:
	Indexing enabled. 
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.

Internet:	Reachable


    Hardware Overview:

      Model Name: MacBook Pro
      Model Identifier: MacBookPro9,2
      Processor Name: Dual-Core Intel Core i5
      Processor Speed: 2,5 GHz
      Number of Processors: 1
      Total Number of Cores: 2
      L2 Cache (per Core): 256 KB
      L3 Cache: 3 MB
      Hyper-Threading Technology: Enabled
      Memory: 4 GB
      Boot ROM Version: 233.0.0.0.0
      SMC Version (system): 2.2f44
      Sudden Motion Sensor:
          State: Enabled



  Sharing Preferences:

	File Sharing:  Off
	Screen Sharing:  Off
	Remote Management:  Off
	Back To My Mac:  Off
	Remote Login:  Off
	Remote Apple Events:  Off


3rd Party Kexts (loaded):

	org.virtualbox.kext.VBoxDrv
	org.virtualbox.kext.VBoxUSB
	org.virtualbox.kext.VBoxNetFlt
	org.virtualbox.kext.VBoxNetAdp
	com.bluestacks.kext.Hypervisor


 $PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
	/usr/local/bin
	/usr/bin
	/bin
	/usr/sbin
	/sbin

/etc/paths.d/:

~/.bash_profile:
	
~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


PID	Status	Label
547	0	com.adobe.GC.AGM
539	0	com.wacom.DataStoreMgr
542	0	com.malwarebytes.mbam.frontend.agent
-	0	com.adobe.AdobeCreativeCloud
-	0	com.openssh.ssh-agent
-	0	com.microsoft.update.agent
536	0	com.wacom.wacomtablet
-	0	com.BlueStacks.AppPlayer.Service
1160	0	com.malwarebytes.mbam.frontend.application.24400
-	0	com.spotify.client.startuphelper
559	0	com.cyberghostsrl.cyberghostmac.23952
-	0	com.BlueStacks.AppPlayer.UninstallWatcher
-	0	com.microsoft.OneDriveStandaloneUpdater
544	0	com.wacom.IOManager
-	0	com.BlueStacks.AppPlayer.Updater


 System Launchd processes:

0      - 	com.adobe.SwitchBoard
151      - 	com.malwarebytes.mbam.rtprotection.daemon
0      - 	com.adobe.acc.installer.v2
0      - 	com.vix.cron
0      - 	com.microsoft.office.licensing.helper
0      - 	com.microsoft.teams.TeamsUpdaterDaemon
0      - 	com.microsoft.office.licensingV2.helper
178      - 	com.wacom.UpdateHelper
0      0 	com.microsoft.autoupdate.helper
181      - 	Adobe_Genuine_Software_Integrity_Service
371      - 	org.cups.cupsd
0      - 	com.adobe.fpsaud
0      - 	com.anchorfree.ajaxserver
0      - 	com.wacom.displayhelper
617      - 	com.microsoft.OneDriveStandaloneUpdaterDaemon
385      - 	com.malwarebytes.mbam.settings.daemon
0      - 	com.microsoft.OneDriveUpdaterDaemon
0      - 	net.protected.macos.AVHelper
0      - 	com.adobe.acc.installer
730      - 	com.BlueStacks.AppPlayer.bstservice_helper
198      - 	com.hercules.hdjsd



 User Login Items:
 
	/Applications/CyberGhost VPN.app
	/Applications/TotalAV.app
	/Applications/TotalAV.app/Contents/Library/LoginItems/AVLaunchHelper.app
	/Users/bettakroegel/Applications/Spotify.app
	/Users/bettakroegel/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app



 /Library/LaunchDaemons:

	hdjsd.plist
		--> Program Arguments: /var/hercules/hdjsd
	
	com.malwarebytes.mbam.settings.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
	
	com.microsoft.OneDriveStandaloneUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon
	
	com.microsoft.teams.TeamsUpdaterDaemon.plist
	
	com.adobe.agsservice.plist
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGSService
	
	com.BlueStacks.AppPlayer.bstservice_helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
	
	com.malwarebytes.mbam.rtprotection.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: -i
		--> Program Arguments: Malwarebytes-Mac-4.8.12.4131.pkg
	
	com.microsoft.OneDriveUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/OneDriveUpdaterDaemon.xpc/Contents/MacOS/OneDriveUpdaterDaemon
	
	com.wacom.displayhelper.plist
		--> Program Arguments: /sbin/kextunload
		--> Program Arguments: /System/Library/Extensions/AppleUSBFTDI.kext
	
	org.virtualbox.startup.plist
		--> Program Arguments: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh
		--> Program Arguments: restart
	
	com.adobe.acc.installer.v2.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
	
	com.wacom.UpdateHelper.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper
	
	com.adobe.fpsaud.plist
		--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
	
	com.adobe.SwitchBoard.plist
		--> Program Arguments: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
	
	net.protected.macos.AVHelper.plist
		-> Program: /Library/PrivilegedHelperTools/net.protected.macos.AVHelper
		--> Program Arguments: /Library/PrivilegedHelperTools/net.protected.macos.AVHelper
	
	com.anchorfree.ajaxserver.plist
		-> Program: /Library/Application Support/Hotspot Shield/ajaxserver
		--> Program Arguments: /Library/Application Support/Hotspot Shield/ajaxserver
	
	com.microsoft.office.licensingV2.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
	
	com.oracle.java.Helper-Tool.plist
	
	com.adobe.acc.installer.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer
	
	com.microsoft.office.licensing.helper.plist
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
	
	com.microsoft.autoupdate.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
	



 /Library/LaunchAgents:

	com.adobe.AdobeCreativeCloud.plist
		-> Program: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: --showwindow=false
		--> Program Arguments: --onOSstartup=true
	
	com.wacom.DataStoreMgr.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr
	
	com.adobe.GC.AGM.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: -mode=logon
	
	com.malwarebytes.mbam.frontend.agent.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
	
	com.adobe.AAM.Updater-1.0.plist
		-> Program: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: -mode=logon
	
	com.wacom.IOManager.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=logon
	
	com.microsoft.OneDriveStandaloneUpdater.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater
	
	com.wacom.wacomtablet.plist
		-> Program: /Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver
	
	com.microsoft.update.agent.plist
		--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
		--> Program Arguments: --launchByAgent
	



 ~/Library/LaunchAgents:

	com.BlueStacks.AppPlayer.UninstallWatcher.plist
		--> Program Arguments: /bin/sh
		--> Program Arguments: /Users/[U501]/Library/BlueStacks/UninstallWatcher
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=scheduled
	
	com.BlueStacks.AppPlayer.Updater.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstupdater
		--> Program Arguments: pull
	
	com.BlueStacks.AppPlayer.Service.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstservice
		--> Program Arguments: Android
	

 User Crontab:

	No cron jobs



 /etc:

	rc.common
	php.ini.default-5.2-previous~orig
	bootpd.plist
	bashrc_Apple_Terminal
	zshrc_Apple_Terminal
	bashrc
	zshrc
	ssh_config~orig
	hosts.save
	authorization.deprecated
	moduli~previous
	rc.netboot
	efax.rc~previous
	php.ini.default-5.2-previous
	sshd_config~previous
	aliases
	zprofile

 / $Root:

	.file
	.VolumeIcon.icns
	opt / .. children: 0

 ~/ $Home:

	Music / .. children: 5
	objc.scan
	.CFUserTextEncoding
	Pictures / .. children: 3
	Desktop / .. children: 23
	Library / .. children: 69
	.cups / .. children: 1
	.bash_sessions / .. children: 10
	Public / .. children: 2
	.dropbox / .. children: 9
	Movies / .. children: 4
	Applications / .. children: 1
	.Trash / .. children: 1
	Documents / .. children: 32
	Downloads / .. children: 145
	.bash_history



 ~/Library:

	studentd / .. children: 3
	HomeKit / .. children: 9
	UIKitSystem / .. children: 1
	Google / .. children: 1
	BlueStacks / .. children: 11
	com.apple.icloud.searchpartyd / .. children: 3
	PhotoshopCrashes / .. children: 0
	FrontBoard / .. children: 3
	MediaStream / .. children: 7
	Dropbox / .. children: 0
	Fonts Disabled / .. children: 0
	PersonalizationPortrait / .. children: 5
	Reminders / .. children: 2



 ~/Library/Application Support:

	com.apple.sbd / .. children: 1
	com.apple.replayd / .. children: 0
	com.apple.voicememos / .. children: 1
	Propellerhead Software / .. children: 2
	Native Instruments / .. children: 1
	SyncServices / .. children: 1
	com.apple.kvs / .. children: 1
	com.apple.transparencyd / .. children: 5
	com.apple.touristd / .. children: 6
	CyberghostBrowser / .. children: 14
	NoxInstaller / .. children: 0
	DiskImages / .. children: 1
	Anki2 / .. children: 5
	CoreParsec / .. children: 0
	OneDriveStandaloneUpdater / .. children: 1
	com.apple.akd / .. children: 1
	zoom.us / .. children: 2
	MobileSync / .. children: 1
	Google / .. children: 2
	Microsoft / .. children: 1
	Spotify / .. children: 4
	Oracle / .. children: 1
	dmd / .. children: 0
	Ableton / .. children: 4
	Anki / .. children: 1
	Java / .. children: 1
	com.microsoft.OneDriveStandaloneUpdater / .. children: 1
	CEF / .. children: 1
	com.cyberghostsrl.cyberghostmac / .. children: 1
	TrustedPeersHelper / .. children: 0
	Adobe / .. children: 10
	MediaHuman / .. children: 1
	.ACCC_Lock
	Cycling '74 / .. children: 1
	com.sqwarq.DetectX-Swift / .. children: 4
	System Preferences / .. children: 0
	com.apple.ContextStoreAgent / .. children: 1
	FileProvider / .. children: 3
	Dropbox / .. children: 4
	com.malwarebytes.mbam / .. children: 1
	ToguAudioLine / .. children: 1
	Grammarly / .. children: 12
	uTorrent Web / .. children: 9
	net.protected.macos.TotalAV / .. children: 4
	XMind / .. children: 3
	transparencyd / .. children: 0
	syncdefaultsd / .. children: 0
	JREInstaller / .. children: 1
	com.apple.accounts.dom / .. children: 0



 ~/Library/Safari/Extensions:

	*-- Folder doesn't exist or is inaccessible --*



 ~/Library/Internet Plug-Ins:

	



 /Users/Shared:

	adi / .. children: 10
	SC Info / .. children: 1
	Hotspot Shield / .. children: 1
	Library / .. children: 1
	AdobeInstalledCodecs / .. children: 0
	Canon Inkjet Extended Survey Program / .. children: 1
	Adobe / .. children: 4
	CleanMyMac 2 / .. children: 1
	Previously Relocated Items / .. children: 3
	AdobeGCData / .. children: 2
	Max 8 / .. children: 2
	CleanMyMac / .. children: 1



 /Applications:

	Honey.app
	VLC.app
	XMind.app
	Office_Mac_HS_2011_German.dmg
	Adobe After Effects CC / .. children: 10
	Anki.app
	Install macOS Mojave.app
	Microsoft Office 2011 / .. children: 10
	Rhinoceros.app
	Adobe Creative Cloud / .. children: 3
	OneDrive.app
	Adobe Photoshop CC Kopie / .. children: 3
	CyberGhost Private Browser.app
	Rob Papen / .. children: 6
	DetectX Swift.app
	Adobe Media Encoder CC 2017 / .. children: 3
	Microsoft Word.app
	Install macOS High Sierra.app
	Anki Notes.app
	Adobe Photoshop CC / .. children: 10
	Grammarly.app
	Paint S.app
	Microsoft Excel.app
	Adobe Media Encoder CC / .. children: 3
	Adobe / .. children: 5
	zoom.us.app
	Adobe Illustrator CC / .. children: 10
	Microsoft Outlook.app
	Malwarebytes.app
	Ableton Live 10 Intro.app
	Wacom Tablet.localized / .. children: 5
	Live
	iZotope Ozone 7 / .. children: 6
	CyberGhost VPN.app
	uTorrent Web.app
	iMovie 9.0.9 / .. children: 1
	The Unarchiver.app
	Microsoft OneNote.app
	Adobe InDesign CC / .. children: 11
	Live8 / .. children: 5
	MediathekView.app
	Ableton Live 10 Standard.app
	Adobe Acrobat X Pro / .. children: 4
	Microsoft PowerPoint.app
	Microsoft Teams.app
	Ableton Live 11 Standard.app
	BlueStacks.app



 /Library:

	Apple / .. children: 3
	CFMSupport / .. children: 1
	DropboxHelperTools / .. children: 2
	OSAnalytics / .. children: 2
	StagedDriverExtensions / .. children: 0
	InstallerSandboxes / .. children: 2
	DriverExtensions / .. children: 0
	Automator / .. children: 95
	User Template / .. children: 41
	Fonts Disabled / .. children: 16
	SystemExtensions / .. children: 3



 /Library/Application Support:

	Propellerhead Software / .. children: 3
	Native Instruments / .. children: 9
	Tablet / .. children: 2
	Mozilla / .. children: 1
	Avid / .. children: 1
	ReWire
	Hotspot Shield / .. children: 12
	Macromedia / .. children: 3
	Mica / .. children: 1
	.E42bQWl0wR
	Microsoft / .. children: 2
	Oracle / .. children: 0
	Digidesign / .. children: 1
	VirtualBox / .. children: 5
	Canon / .. children: 7
	Adobe / .. children: 70
	Malwarebytes / .. children: 1
	iZotope / .. children: 5
	PACE Anti-Piracy / .. children: 4
	REX Shared Library
	regid.1986-12.com.adobe / .. children: 14
	.5s+m_0Aav5



 /Library/Extensions:

	NIUSBAudio2DJ.kext
	hp_fax_io.kext
	FTDIKext.kext
	Wacom Tablet.kext
	NIUSBAudio4DJ.kext
	SiLabsUSBDriver64.kext
	JMicronATA.kext
	fabio.kext
	NIUSBTraktorKontrolX1.kext
	Dropbox.kext
	AppleMobileDevice.kext
	BJUSBLoad.kext
	CIJUSBLoad.kext
	NIUSBDeviceHelper.kext
	hp_io_enabler_compound.kext
	NIUSBAudioDriver.kext



 /Library/Internet Plug-Ins:

	VLC Plugin.plugin
	EPPEX Plugin.plugin
	AdobeAAMDetect.plugin
	Unused / .. children: 0
	AdobePDFViewer.plugin
	SharePointBrowserPlugin.plugin
	Unity Web Player.plugin
	AdobePDFViewerNPAPI.plugin
	Flash Player.plugin
	flashplayer.xpt
	SharePointWebKitPlugin.webplugin



 /Library/Managed Preferences:

	*-- Folder doesn't exist or is inaccessible --*



 /Library/PrivilegedHelperTools:

	com.microsoft.office.licensing.helper
	com.BlueStacks.AppPlayer.bstservice_helper
	com.wacom.UpdateHelper.app
	com.wacom.IOManager.app
	com.adobe.acc.installer
	com.microsoft.autoupdate.helper
	com.microsoft.office.licensingV2.helper
	com.adobe.acc.installer.v2
	net.protected.macos.AVHelper
	com.wacom.DataStoreMgr.app



 /Library/ScriptingAdditions:

	Adobe Unit Types.osax



 /Library/StartupItems:

	



 /Library/Updates:

	ProductMetadata.plist
	001-93719 / .. children: 16
	071-05425 / .. children: 16
	071-29320 / .. children: 16
	PPDVersions.plist
	index.plist
	071-10831 / .. children: 3



Top Processes: 

%CPU	PID	COMMAND	
11.6 	288		WindowServer 
3.2		0		kernel_task 
3.0		950		DetectX Swift 
2.5		936		com.apple.WebKit 
1.9		208		hidd 
1.8		413		Spotify 
1.2		521		Spotify Helper ( 
1.2		265		coreaudiod 
1.2		510		Spotify Helper ( 
0.8		544		com.wacom.IOMana 


Running Processes: 

PPID	PID	%CPU	USER	COMMAND	
0		1		0.0		root		/sbin/launchd 
1		148		0.0		root		/usr/sbin/syslogd 
1		149		0.0		root		/usr/libexec/UserEventAgent (System) 
1		151		0.1		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon -i Malwarebytes-Mac-4.8.12.4131.pkg 
1		153		0.0		root		/System/Library/PrivateFrameworks/Uninstall.framework/Resources/uninstalld 
1		154		0.0		root		/usr/libexec/kextd 
1		155		0.0		root		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/Support/fseventsd 
1		156		0.0		root		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted 
1		159		0.0		root		/usr/sbin/systemstats --daemon 
1		160		0.0		root		/usr/libexec/configd 
1		162		0.0		root		/System/Library/CoreServices/powerd.bundle/powerd 
1		166		0.0		root		/usr/libexec/logd 
1		167		0.0		root		/usr/libexec/keybagd -t 15 
1		170		0.0		root		/usr/libexec/watchdogd 
1		174		0.0		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Support/mds 
1		175		0.0		_iconservices		/System/Library/CoreServices/iconservicesd 
1		176		0.0		root		/usr/libexec/diskarbitrationd 
1		178		0.0		root		/Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper 
1		180		0.0		root		/usr/libexec/coreduetd 
1		181		0.0		root		/Library/Application Support/Adobe/AdobeGCClient/AGSService 
1		184		0.0		root		/usr/libexec/opendirectoryd 
1		185		0.0		root		/System/Library/PrivateFrameworks/ApplePushService.framework/apsd 
1		186		0.0		root		/System/Library/CoreServices/launchservicesd 
1		187		0.0		_timed		/usr/libexec/timed 
1		188		0.0		_usbmuxd		/System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/Resources/usbmuxd -launchd 
1		189		0.0		root		/usr/sbin/securityd -i 
1		190		0.0		root		auditd		-l 
1		195		0.0		root		autofsd		
1		196		0.0		_displaypolicyd		/usr/libexec/displaypolicyd -k 1 
1		198		0.0		root		/var/hercules/hdjsd 
1		199		0.0		root		/usr/libexec/dasd 
1		201		0.0		root		/usr/libexec/PerfPowerServices 
1		203		0.0		root		/System/Library/CoreServices/logind 
1		204		0.0		root		/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/Support/revisiond 
1		205		0.0		root		/usr/sbin/KernelEventAgent 
1		207		0.0		root		/usr/sbin/bluetoothd 
1		208		1.9		_hidd		/usr/libexec/hidd 
1		209		0.0		root		/usr/libexec/sandboxd 
1		210		0.0		root		/usr/libexec/corebrightnessd --launchd 
1		211		0.0		root		/usr/libexec/AirPlayXPCHelper 
1		212		0.0		root		/usr/sbin/notifyd 
1		213		0.0		root		/usr/libexec/amfid 
1		214		0.0		_distnote		/usr/sbin/distnoted daemon 
1		215		0.0		root		/usr/sbin/cfprefsd daemon 
1		216		0.0		root		/usr/libexec/syspolicyd 
1		217		0.0		root		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system 
1		218		0.0		root		aslmanager		
1		220		0.0		root		/System/Library/CoreServices/coreservicesd 
1		221		0.0		[U501]		/System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console 
1		223		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/authd.xpc/Contents/MacOS/authd 
1		224		0.0		_analyticsd		/System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd 
1		263		0.0		root		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/contextstored 
1		265		1.3		_coreaudiod		/usr/sbin/coreaudiod 
1		266		0.0		root		/usr/libexec/lsd runAsRoot 
1		268		0.0		root		/usr/libexec/nehelper 
1		272		0.0		root		/usr/libexec/trustd 
1		281		0.0		root		/usr/libexec/searchpartyd 
1		284		0.0		root		/usr/sbin/ocspd 
1		288		12.6		_windowserver		/System/Library/PrivateFrameworks/SkyLight.framework/Resources/WindowServer -daemon 
1		289		0.0		_mdnsresponder		/usr/sbin/mDNSResponder 
1		291		0.0		root		/usr/sbin/mDNSResponderHelper 
1		303		0.0		_networkd		/usr/libexec/symptomsd 
1		309		0.0		root		/System/Library/PrivateFrameworks/WirelessDiagnostics.framework/Support/awdd 
1		310		0.0		root		/usr/libexec/airportd 
1		311		0.0		_locationd		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		313		0.0		_locationd		/usr/sbin/cfprefsd agent 
1		316		0.0		_locationd		/usr/libexec/trustd --agent 
1		336		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon 
1		337		0.0		root		/usr/libexec/runningboardd 
1		346		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper 
1		347		0.0		root		/usr/libexec/mobileassetd 
1		348		0.0		_driverkit		/System/Library/DriverExtensions/AppleUserHIDDrivers.dext/AppleUserHIDDrivers com.apple.driverkit.AppleUserHIDEventDriver 0x100000433 
1		352		0.0		root		/usr/libexec/secinitd 
1		353		0.0		_locationd		/usr/libexec/locationd 
1		354		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd-helper -launchd 
1		356		0.0		root		/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/CVMServer 
1		357		0.0		root		/usr/libexec/colorsync.displayservices 
1		358		0.0		root		/usr/libexec/colorsyncd 
1		359		0.0		_nsurlsessiond		/usr/libexec/nsurlsessiond --privileged 
1		360		0.0		root		/System/Library/CryptoTokenKit/com.apple.ifdreader.slotd/Contents/MacOS/com.apple.ifdreader 
1		361		0.0		_appleevents		/System/Library/CoreServices/appleeventsd --server 
1		362		0.0		root		/usr/libexec/apfsd 
1		363		0.0		root		/usr/libexec/usbd 
1		364		0.0		root		/usr/libexec/firmwarecheckers/ethcheck/ethcheck --integrity-check-daemon 
1		366		0.0		root		/usr/libexec/bootinstalld 
1		370		0.0		root		/usr/libexec/diskmanagementd 
1		371		0.0		root		/usr/sbin/cupsd -l 
1		373		0.0		root		/usr/libexec/ApplicationFirewall/socketfilterfw 
1		379		0.0		root		/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper 
1		384		0.0		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mds_stores 
1		385		0.0		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon 
1		386		0.0		root		/System/Library/Frameworks/GSS.framework/Helpers/GSSCred 
1		388		0.0		root		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		389		0.0		root		/usr/sbin/distnoted agent 
1		391		0.0		root		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		392		0.0		[U501]		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		393		0.0		[U501]		/usr/sbin/cfprefsd agent 
1		394		0.0		root		/usr/libexec/securityd_service 
1		395		0.0		[U501]		/usr/libexec/UserEventAgent (Aqua) 
1		397		0.0		[U501]		/usr/sbin/distnoted agent 
1		398		0.0		[U501]		/usr/sbin/universalaccessd launchd -s 
1		399		0.0		[U501]		/usr/libexec/trustd --agent 
1		400		0.0		[U501]		/usr/libexec/knowledge-agent 
1		401		0.0		[U501]		/usr/libexec/lsd 
1		402		0.0		[U501]		/System/Library/PrivateFrameworks/CloudServices.framework/Helpers/com.apple.sbd 
1		403		0.0		[U501]		/usr/libexec/secd 
1		404		0.0		[U501]		/Applications/Microsoft Outlook.app/Contents/MacOS/Microsoft Outlook -psn_0_36873 
1		405		0.0		[U501]		/System/Library/CoreServices/backgroundtaskmanagementagent 
1		406		0.0		[U501]		/System/Library/CoreServices/sharedfilelistd 
1		407		0.0		[U501]		/System/Applications/Mail.app/Contents/MacOS/Mail -psn_0_40970 
1		408		0.1		[U501]		/Applications/Safari.app/Contents/MacOS/Safari -psn_0_45067 
1		409		0.0		[U501]		/System/Applications/Calendar.app/Contents/MacOS/Calendar -psn_0_49164 
1		410		0.0		[U501]		/System/Applications/Music.app/Contents/MacOS/Music -psn_0_53261 
1		411		0.0		[U501]		/System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd 
1		412		0.0		[U501]		/usr/libexec/rapportd 
1		413		1.7		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/MacOS/Spotify -psn_0_57358 
1		414		0.0		[U501]		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd 
1		415		0.0		[U501]		/System/Library/CoreServices/talagent 
1		416		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/MacOS/Dock 
1		417		0.0		[U501]		/usr/libexec/nsurlsessiond 
1		418		0.0		[U501]		/System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUIServer 
1		419		0.0		[U501]		/System/Library/CoreServices/Finder.app/Contents/MacOS/Finder 
1		420		0.0		[U501]		/System/Library/PrivateFrameworks/IDS.framework/identityservicesd.app/Contents/MacOS/identityservicesd 
1		423		0.0		root		/usr/sbin/systemsoundserverd 
1		424		0.0		[U501]		/usr/libexec/pboard 
1		425		0.0		[U501]		/usr/libexec/routined LAUNCHED_BY_LAUNCHD 
1		426		0.0		[U501]		/usr/libexec/secinitd 
1		427		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd 
1		428		0.0		[U501]		/usr/libexec/pkd 
1		429		0.0		[U501]		/System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService 
1		430		0.0		[U501]		/usr/libexec/dmd 
1		431		0.0		[U501]		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		432		0.0		[U501]		/System/Library/Frameworks/Accounts.framework/Versions/A/Support/accountsd 
1		433		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		438		0.0		[U501]		/System/Library/PrivateFrameworks/AMPDevices.framework/Versions/A/Support/AMPDeviceDiscoveryAgent --launchd 
1		441		0.0		[U501]		/System/Library/CoreServices/Spotlight.app/Contents/MacOS/Spotlight 
1		442		0.0		[U501]		/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent 
1		443		0.0		[U501]		/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService 
1		444		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -tw 
1		445		0.0		_ctkd		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -s 
1		447		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/TrustedPeersHelper.xpc/Contents/MacOS/TrustedPeersHelper 
1		448		0.0		[U501]		/System/Library/CoreServices/mapspushd 
1		449		0.0		[U501]		/usr/sbin/usernoted 
1		450		0.0		[U501]		/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd 
1		451		0.0		[U501]		/usr/libexec/nsurlstoraged 
1		452		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy 
1		454		0.0		[U501]		/System/Library/CoreServices/NotificationCenter.app/Contents/MacOS/NotificationCenter 
1		455		0.0		[U501]		/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService 
1		456		0.0		[U501]		/System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter -L 
1		457		0.0		[U501]		/usr/libexec/neagent 
1		458		0.0		[U501]		/usr/libexec/sharingd 
1		459		0.0		root		/usr/sbin/spindump 
1		460		0.0		[U501]		/usr/libexec/spindump_agent 
1		461		0.0		root		/System/Library/CoreServices/SubmitDiagInfo server-init 
1		462		0.0		[U501]		/System/Library/CoreServices/lockoutagent 
1		463		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		464		0.0		[U501]		/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent 
1		465		0.0		[U501]		/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService 
1		466		0.0		[U501]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsecd 
1		467		0.0		[U501]		/System/Library/CoreServices/iconservicesagent 
1		468		0.0		root		/System/Library/PrivateFrameworks/AmbientDisplay.framework/Versions/A/XPCServices/com.apple.AmbientDisplayAgent.xpc/Contents/MacOS/com.apple.AmbientDisplayAgent 
1		469		0.0		root		/usr/sbin/WirelessRadioManagerd 
1		470		0.0		[U501]		/System/Library/PrivateFrameworks/TelephonyUtilities.framework/callservicesd 
1		471		0.0		[U501]		/System/Library/CoreServices/pbs 
1		472		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird 
1		473		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeaccountd 
1		474		0.0		[U501]		/System/Library/CoreServices/WiFiAgent.app/Contents/MacOS/WiFiAgent 
1		475		0.0		root		/usr/sbin/filecoordinationd 
1		478		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/commerce 
1		479		0.0		[U501]		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		480		0.0		[U501]		/System/Library/PrivateFrameworks/UserActivity.framework/Agents/useractivityd 
1		481		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/XPCServices/com.apple.dock.extra.xpc/Contents/MacOS/com.apple.dock.extra 
1		483		0.0		[U501]		/System/Library/Frameworks/QuickLookThumbnailing.framework/Support/com.apple.quicklook.ThumbnailsAgent 
1		484		0.0		[U501]		/System/Library/Frameworks/InputMethodKit.framework/Resources/imklaunchagent 
1		485		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		486		0.0		[U501]		/System/Library/PrivateFrameworks/login.framework/Versions/A/XPCServices/LoginUserService.xpc/Contents/MacOS/LoginUserService 
1		487		0.0		[U501]		/System/Library/PrivateFrameworks/AppSSO.framework/Support/AppSSOAgent.app/Contents/MacOS/AppSSOAgent 
1		488		0.0		[U501]		/System/Library/PrivateFrameworks/WeatherKit.framework/Versions/A/XPCServices/com.apple.WeatherKitService.xpc/Contents/MacOS/com.apple.WeatherKitService 
1		489		0.0		[U501]		/System/Library/PrivateFrameworks/IMCore.framework/imagent.app/Contents/MacOS/imagent 
1		490		0.0		[U501]		/System/Library/Input Methods/PressAndHold.app/Contents/PlugIns/PAH_Extension.appex/Contents/MacOS/PAH_Extension 
1		491		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		492		0.0		[U501]		/System/Library/PrivateFrameworks/CallHistory.framework/Support/CallHistoryPluginHelper 
1		493		0.0		_gamecontrollerd		/usr/libexec/gamecontrollerd 
1		494		0.0		[U501]		/System/Library/PrivateFrameworks/IMDPersistence.framework/XPCServices/IMDPersistenceAgent.xpc/Contents/MacOS/IMDPersistenceAgent 
1		496		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --monitor-self-annotation=ptype=crashpad-handler --type=crashpad-handler --max-uploads=5 --max-db-size=20 --max-db-age=5 --database=/Users/[U501]/Library/Application Support/Spotify/User Data --url=https://crashdump.spotify.com:443/ --annotation=platform=macos --annotation=product=spotify --annotation=version=1.1.51.382 --handshake-fd=7 
1		500		0.0		[U501]		/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent 
1		501		0.0		[U501]		/usr/libexec/WiFiVelocityAgent 
1		502		0.0		root		/usr/libexec/wifivelocityd 
1		507		0.0		[U501]		/usr/libexec/networkserviceproxy 
1		509		0.0		[U501]		/usr/libexec/fmfd 
413		510		1.3		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (GPU).app/Contents/MacOS/Spotify Helper (GPU) --type=gpu-process --field-trial-handle=1718379636,16794060305522284187,6033290690699194460,131072 --enable-features=CastMediaRouteProvider --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/86.0.4240.193 Spotify/1.1.51.382 --lang=en --gpu-preferences=MAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAA6AAAABwAAADgAAAAAAAAAOgAAAAAAAAA8AAAAAAAAAD4AAAAAAAAAAABAAAAAAAACAEAAAAAAAAQAQAAAAAAABgBAAAAAAAAIAEAAAAAAAAoAQAAAAAAADABAAAAAAAAOAEAAAAAAABAAQAAAAAAAEgBAAAAAAAAUAEAAAAAAABYAQAAAAAAAGABAAAAAAAAaAEAAAAAAABwAQAAAAAAAHgBAAAAAAAAgAEAAAAAAACIAQAAAAAAAJABAAAAAAAAmAEAAAAAAACgAQAAAAAAAKgBAAAAAAAAsAEAAAAAAAC4AQAAAAAAABAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAAAAAAABwAAABAAAAAAAAAAAAAAAAgAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAAAAAA0AAAAQAAAAAAAAAAEAAAAAAAAAEAAAAAAAAAABAAAABgAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACgAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAANAAAAEAAAAAAAAAAEAAAAAAAAABAAAAAAAAAABAAAAAYAAAAQAAAAAAAAAAQAAAAHAAAAEAAAAAAAAAAEAAAACAAAABAAAAAAAAAABAAAAAoAAAAQAAAAAAAAAAQAAAALAAAAEAAAAAAAAAAEAAAADQAAABAAAAAAAAAABgAAAAAAAAAQAAAAAAAAAAYAAAAGAAAAEAAAAAAAAAAGAAAABwAAABAAAAAAAAAABgAAAAgAAAAQAAAAAAAAAAYAAAAKAAAAEAAAAAAAAAAGAAAACwAAABAAAAAAAAAABgAAAA0AAAA= --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files 
1		511		0.0		[U501]		/usr/libexec/loginitemregisterd 
1		512		0.0		[U501]		/usr/libexec/swcd 
1		513		0.0		[U501]		/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd 
1		514		0.0		root		/usr/libexec/smd 
413		515		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1718379636,16794060305522284187,6033290690699194460,131072 --enable-features=CastMediaRouteProvider --lang=en --service-sandbox-type=network --use-mock-keychain --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/86.0.4240.193 Spotify/1.1.51.382 --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files --seatbelt-client=40 
1		517		0.0		[U501]		/System/Library/CoreServices/APFSUserAgent 
1		518		0.0		[U501]		/System/Library/PrivateFrameworks/CommunicationsFilter.framework/CMFSyncAgent 
1		519		0.0		[U501]		/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService 
413		521		1.7		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (Renderer).app/Contents/MacOS/Spotify Helper (Renderer) --type=renderer --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --field-trial-handle=1718379636,16794060305522284187,6033290690699194460,131072 --enable-features=CastMediaRouteProvider --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/86.0.4240.193 Spotify/1.1.51.382 --disable-scroll-bounce --disable-spell-checking --num-raster-threads=2 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --enable-main-frame-before-activation --renderer-client-id=4 --shared-files --seatbelt-client=70 
1		522		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/corespotlightd 
1		523		0.0		[U501]		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar 
1		524		0.0		[U501]		/System/Library/PrivateFrameworks/CoreCDP.framework/Versions/A/Resources/cdpd 
1		525		0.0		[U501]		/System/Library/PrivateFrameworks/ProtectedCloudStorage.framework/Helpers/ProtectedCloudKeySyncing 
1		526		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd 
1		527		0.0		[U501]		/System/Library/CoreServices/Keychain Circle Notification.app/Contents/MacOS/Keychain Circle Notification 
1		528		0.0		[U501]		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoteagent 
1		530		0.0		root		/usr/libexec/findmydeviced 
1		531		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/XPCServices/CAReportingService.xpc/Contents/MacOS/CAReportingService 
1		532		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSpeech.framework/corespeechd 
1		534		0.0		[U501]		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent 
1		536		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver 
1		537		0.0		[U501]		/System/Library/CoreServices/SocialPushAgent.app/Contents/MacOS/SocialPushAgent 
1		539		0.0		[U501]		/Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr 
1		540		0.0		[U501]		/System/Library/Image Capture/Support/icdd 
1		542		0.0		[U501]		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent 
1		544		0.9		[U501]		/Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager 
1		545		0.0		[U501]		/System/Library/PrivateFrameworks/AskPermission.framework/Versions/A/Resources/askpermissiond 
1		547		0.0		[U501]		/Library/Application Support/Adobe/AdobeGCClient/AGMService -mode=logon 
1		548		0.0		[U501]		/System/Library/CoreServices/AirPlayUIAgent.app/Contents/MacOS/AirPlayUIAgent --launchd 
1		550		0.0		[U501]		/System/Library/CoreServices/cloudpaird 
1		553		0.0		[U501]		/System/Library/CoreServices/diagnostics_agent 
1		555		0.0		[U501]		/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent 
1		556		0.0		[U501]		/System/Library/PrivateFrameworks/AppleMediaServices.framework/Resources/amsaccountsd 
1		558		0.0		root		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp -d 
1		559		0.0		[U501]		/Applications/CyberGhost VPN.app/Contents/MacOS/CyberGhost VPN 
1		560		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp 
1		561		0.0		root		/usr/libexec/rtcreportingd 
1		563		0.0		[U501]		/System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled 
1		564		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/XPCServices/ContainerMetadataExtractor.xpc/Contents/MacOS/ContainerMetadataExtractor 
1		565		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreADI.framework/adid 
1		566		0.0		_nsurlstoraged		/usr/libexec/nsurlstoraged --privileged 
1		568		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		569		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		570		0.0		[U501]		SafeEjectGPUAgent		
1		571		0.0		[U501]		/System/Library/CoreServices/Menu Extras/SafeEjectGPUExtra.menu/Contents/XPCServices/SafeEjectGPUService.xpc/Contents/MacOS/SafeEjectGPUService 
1		576		0.0		[U501]		/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service 
1		578		0.0		[U501]		/System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent 
1		589		0.0		[U501]		/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager 
1		590		0.0		_softwareupdate		/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated 
1		591		0.0		[U501]		/System/Library/PrivateFrameworks/GameCenterFoundation.framework/Versions/A/gamed 
1		592		0.0		root		/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd 
1		606		0.0		[U501]		/System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell 
1		607		0.0		_captiveagent		/usr/libexec/captiveagent 
1		608		0.0		[U501]		/usr/libexec/keyboardservicesd 
1		609		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		610		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		611		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		612		0.0		_netbios		/usr/sbin/netbiosd 
1		613		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		614		0.0		[U501]		/System/iOSSupport/System/Library/PrivateFrameworks/VoiceMemos.framework/Support/voicememod 
1		617		0.0		root		/Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon 
1		618		0.0		[U501]		/System/Library/PrivateFrameworks/AssetCacheServices.framework/Versions/A/XPCServices/AssetCacheLocatorService.xpc/Contents/MacOS/AssetCacheLocatorService -a 
1		619		0.0		_assetcache		/usr/libexec/AssetCache/AssetCache 
1		632		0.0		root		/System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheTetheratorService.xpc/Contents/MacOS/AssetCacheTetheratorService 
1		633		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/TabletDriver.app/Contents/MacOS/TabletDriver -psn_0_200753 
1		634		0.0		root		/System/Library/CoreServices/CrashReporterSupportHelper server-init 
1		635		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/WacomTouchDriver.app/Contents/MacOS/WacomTouchDriver -psn_0_204850 
1		636		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/XPCServices/com.apple.hiservices-xpcservice.xpc/Contents/MacOS/com.apple.hiservices-xpcservice 
1		637		0.0		[U501]		/System/Library/PrivateFrameworks/CoreRecents.framework/Versions/A/Support/recentsd 
1		638		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		639		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		640		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/reversetemplated 
1		643		0.0		_locationd		/usr/sbin/distnoted agent 
1		644		0.0		_spotlight		/usr/libexec/trustd --agent 
1		645		0.0		root		/usr/libexec/dprivacyd 
1		649		0.0		root		/usr/libexec/sysmond 
1		650		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
159		651		0.0		root		/usr/sbin/systemstats --logger-helper /private/var/db/systemstats 
1		660		0.0		[U501]		/System/Library/CoreServices/ReportCrash agent 
1		662		0.0		root		/System/Library/CoreServices/ReportCrash daemon 
1		665		0.3		[U501]		/usr/libexec/adprivacyd 
1		680		0.0		[U501]		/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper 
1		684		0.0		[U501]		/System/Library/PrivateFrameworks/DeviceCheckInternal.framework/devicecheckd 
1		686		0.0		root		/usr/libexec/mobileactivationd 
1		687		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariBookmarksSyncAgent 
1		688		0.0		root		/usr/libexec/tzd 
1		691		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		692		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		694		0.0		root		/System/Library/PrivateFrameworks/StorageKit.framework/Resources/storagekitd 
1		695		0.0		[U501]		/System/Library/PrivateFrameworks/CacheDelete.framework/deleted 
1		696		0.0		root		/System/Library/PrivateFrameworks/CacheDelete.framework/deleted_helper 
1		698		0.0		[U501]		/usr/libexec/replayd 
1		700		0.0		[U501]		/System/Library/PrivateFrameworks/FileProvider.framework/Support/fileproviderd 
1		701		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd 
1		702		0.0		root		/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd 
1		703		0.0		root		/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd 
1		704		0.0		root		/System/Library/PrivateFrameworks/CoreSymbolication.framework/coresymbolicationd 
1		709		0.0		root		/System/Library/CoreServices/iconservicesagent runAsRoot 
1		712		0.0		root		/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd 
1		730		0.0		root		/Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper 
1		745		0.0		[U501]		/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstoreagent 
1		750		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreLSKD.framework/Versions/A/lskdd 
1		752		0.0		[U501]		/System/Library/PrivateFrameworks/CoreFollowUp.framework/Versions/A/Support/followupd 
1		753		0.0		[U501]		/System/Library/CoreServices/EscrowSecurityAlert.app/Contents/MacOS/EscrowSecurityAlert 
1		773		0.0		[U501]		/System/Library/PrivateFrameworks/PhotoAnalysis.framework/Versions/A/Support/photoanalysisd 
1		774		0.0		[U501]		/System/Library/PrivateFrameworks/UsageTracking.framework/Versions/A/UsageTrackingAgent 
1		775		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		776		0.0		[U501]		/System/Library/PrivateFrameworks/PhotoLibraryServices.framework/Versions/A/Support/photolibraryd 
1		777		0.0		[U501]		/System/Library/CoreServices/ScopedBookmarkAgent 
1		784		0.0		[U501]		cloudphotod		
1		790		0.0		root		/usr/libexec/periodic-wrapper daily 
1		791		0.0		[U501]		/System/Library/PrivateFrameworks/IMDPersistence.framework/IMAutomaticHistoryDeletionAgent.app/Contents/MacOS/IMAutomaticHistoryDeletionAgent 
1		856		0.0		root		/System/Library/PrivateFrameworks/XprotectFramework.framework/Versions/A/XPCServices/XprotectService.xpc/Contents/MacOS/XprotectService 
1		858		0.0		root		/usr/bin/sysdiagnose 
1		861		0.0		[U501]		/usr/libexec/silhouette 
1		865		0.0		[U501]		/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/XPCServices/media-indexer.xpc/Contents/MacOS/media-indexer 
1		866		0.0		[U501]		/System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/Support/AMPLibraryAgent --launchd 
1		868		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreFP.framework/Versions/A/fpsd 
1		869		0.0		[U501]		/System/Library/PrivateFrameworks/PodcastServices.framework/XPCServices/PodcastContentService.xpc/Contents/MacOS/PodcastContentService 
1		870		0.0		[U501]		/System/Library/PrivateFrameworks/BookKit.framework/Versions/A/XPCServices/com.apple.BKAgentService.xpc/Contents/MacOS/com.apple.BKAgentService 
1		871		0.0		[U501]		/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper 
1		872		0.0		[U501]		/System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/Support/AMPArtworkAgent --launchd 
1		873		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-sizing -c MDSSizingWorker -m com.apple.mdworker.sizing 
1		885		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-sizing -c MDSSizingWorker -m com.apple.mdworker.sizing 
1		893		0.0		[U501]		/usr/libexec/transparencyd 
1		919		0.0		root		/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstored 
1		925		0.0		_spotlight		/usr/sbin/distnoted agent 
1		934		0.0		[U501]		/System/Library/CoreServices/CoreServicesUIAgent.app/Contents/MacOS/CoreServicesUIAgent 
1		935		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History 
1		936		2.6		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		937		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		938		0.0		[U501]		/Applications/Honey.app/Contents/PlugIns/Extension.appex/Contents/MacOS/Extension 
1		940		0.0		[U501]		/System/Library/Frameworks/ImageIO.framework/Versions/A/XPCServices/ImageIOXPCService.xpc/Contents/MacOS/ImageIOXPCService 
1		941		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent 
1		942		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariCloudHistoryPushAgent 
1		943		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		944		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		945		0.0		[U501]		/System/Library/PrivateFrameworks/PassKitCore.framework/passd 
1		946		0.0		_applepay		/usr/libexec/nfcd 
1		947		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		948		0.0		[U501]		/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService 
1		949		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		950		3.3		[U501]		/Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift -psn_0_278596 
1		951		0.0		[U501]		/System/Library/PrivateFrameworks/XprotectFramework.framework/Versions/A/XPCServices/XprotectService.xpc/Contents/MacOS/XprotectService 
1		958		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/XPCServices/com.apple.DictionaryServiceHelper.xpc/Contents/MacOS/com.apple.DictionaryServiceHelper 
1		1160		0.0		[U501]		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendApplication.app/Contents/MacOS/FrontendApplication 
1		1172		0.0		[U501]		/System/Library/PrivateFrameworks/AOSKit.framework/Versions/A/XPCServices/com.apple.iCloudHelper.xpc/Contents/MacOS/com.apple.iCloudHelper 
1		1175		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdwrite 
1		1179		0.0		[U501]		/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite 
1		1181		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocs.framework/PlugIns/com.apple.CloudDocs.MobileDocumentsFileProvider.appex/Contents/MacOS/com.apple.CloudDocs.MobileDocumentsFileProvider 
1		1292		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		1293		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 

«»EOF»«

Alt 03.05.2021, 12:36   #9
Dante12
/// Mac Expert
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Frage: Bei dir läuft ein ajax-Server, der gehört zu HotSpot Shield hast du diesen bewusst installiert?

Schritt 1

Bitte TotalAV deinstallieren das hat mehr mit Schlangenöl als mit echtem Schutz zu tun:
  1. Systemeinstellungen -> Benutzer & Gruppen -> <dein Benutzer>, button Anmeldeobjekte wählen
  2. Einträge von TotaAV deaktivieren
  3. Neustart dann zu Schritt 2

Schritt 2
  1. Lesestoff Programme löschen mit AppCleaner und das Programm entsprechend der Anleitung installieren.
  2. Hinweis: AppCleaner benötigt Festplattenvollzugriff bitte in den Systemeinstellungen eintragen und Programm starten.
  3. Folge den Anweisungen aus dem Lesestoff und Programm TotalAV dort auswählen. Bitte folgende Einträge markieren wenn diese von AppCleaner noch nicht ausgewählt sind.
Code:
ATTFilter
Alle Einträge mit TotalAV
Alle Einträge mit net.protected.macos.AVHelper
4. Neustart

Schritt 3
  1. Terminal starten. Auf Finder klicken, Menü Gehe zu... , Dienstprogramme oder <Shift><CMD><U> benutzen.
  2. Kopiere den Inhalt aus der Codebox unten, in das Terminal einfügen und Enter drücken. Gebe bitte dein Admin-Passwort danach ein.
  3. Auf deinem Desktop befindet sich eine neue Textdatei "pkgList.txt". Den Inhalt kopieren und hier im Forum einfügen.

Code:
ATTFilter
pkgutil --pkgs > ~/Desktop/pkgList.txt |& sudo pkgutil --pkgs >> ~/Desktop/pkgList.txt
Schritt 4
  • Log von DetectX
  • Log mit EtreCheck siehe unten. Sollte EtreCheck etwas finden, kannst du direkt aus dem Programm heraus die Einträge löschen.

EtreCheck installieren
  • Lade dir bitte EtreCheck herunter. Entpacken und in den Programm-Ordner verschieben. Rechte für Festplattenvollzugriff gewähren. Programm starten. Lizenzbestimmungen akzeptieren und dann los.
  • Klicke auf das Pull-Down Menü und wähle No Problem - Just Checking, anschliessend auf Start Etrecheck
  • Nach Abschluss erscheint das EtreCheck-Fenster. In der linken Spalte kannst du verschiedene Informationen über deinen Rechner abrufen (mehr in der gekauften Version).
  • Klicke oben links auf den Button Share Report und anschließend Copy Report.
  • Akzeptiere die Lizenz-Bedingungen, danach wird das Log in die Zwischenanlage (Clipboard) kopiert.
  • Füge den Inhalt mit Command-V hier in dein Thema ein. Bitte in Code-Tags siehe Lesestoff.


Programme löschen mit AppCleaner

AppCleaner ist ein Programm das dabei hilft Programme und dessen Dateien / Ordner zu entfernen.

Wichtiger Hinweis: Programme können Fehler enthalten das ist bei AppCleaner auch nicht anders. Deshalb vergewissere dich,
dass alle vorgeschlagenen (ausgewählten) Einträge zu dem Programm passen. Hier ein Beispiel:
<domain>.<Anbieter / Hersteller>.<Programmname>.<Dateibeschreibung>
Beispiel hier: net.kovidgoyal.calibre.xxxxx
Vergewissere dich das alle Einträge den Hersteller und / oder Programmnamen enthalten.
Andere Dateien oder Ordner die nicht übereinstimmen bitte nicht löschen!
  • Bitte lade dir die neueste Version von AppCleaner, entpacke es und verschiebe die app in den Programm-Ordner.
  • Starte die Anwendung und lösche alle aufgeführten Programme/Dateien die ich dir in der Codebox angebeben. Siehe Beschreibung und Anwendung von AppCleaner.


  1. Wähle in der Anwendung die Listendarstellung
  2. Vergewissere dich das in Spalte 2 Programme eingestellt ist.
  3. Die von AppCleaner vorgeschlagenen Dateien und Ordner sind schon markiert (Punkt 3)
  4. Unter Punkt 4 sind Dateien / Ordner die AppCleaner nicht markiert. Diese benötigen zum löschen dein Admin-Passwort. Wenn diese mit dem zu löschenden Programm übereinstimmen, bitte auch diese auswählen.
  5. Du kannst die unter Punkt 4 angegezeigten Einträge direkt markieren und löschen - Sei dir aber Sicher das die angegeben Einträge übereinstimmen!
  6. Wenn du alles markiert hast, Klicke auf den Button Löschen um die markierten Einträge zu löschen.
__________________
-----------------
-Gruß dante12
-----------------
Lob, Kritik, Wünsche? Spende fürs trojaner-board?

Alt 03.05.2021, 13:41   #10
elisabeth69
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Auf deine Frage bezogen, nein den Ajax Server habe ich nicht bewusst installiert.

1)pkgList.txt
Code:
ATTFilter
com.apple.pkg.MRTConfigData.16U4001
com.apple.pkg.iTunesX.12.6.1.delta
com.apple.update.fullbundleupdate.19H2
com.apple.pkg.ChineseWordlistUpdate.14U1355
com.apple.pkg.GatekeeperConfigData.16U1300
com.apple.pkg.GatekeeperConfigData.14U2302
com.apple.pkg.MRTConfigData.16U4003
com.apple.pkg.ChineseWordlistUpdate.14U1356
com.apple.pkg.ChineseWordlistUpdate.14U1346
com.apple.pkg.GatekeeperConfigData.16U1259
com.apple.pkg.GatekeeperConfigData.16U1265
com.apple.pkg.XProtectPlistConfigData.16U4009
com.apple.pkg.ChineseWordlistUpdate.14U1353
com.apple.pkg.ChineseWordlistUpdate.14U1347
com.apple.pkg.ChineseWordlistUpdate.14U1351
com.apple.pkg.ChineseWordlistUpdate.14U1345
com.apple.pkg.iTunesX.12.7.3.delta
com.apple.pkg.XProtectPlistConfigData.14U4058
com.apple.pkg.GatekeeperConfigData.16U1138
com.apple.pkg.EmbeddedOSFirmware
com.apple.pkg.MRTConfigData.16U4005
com.apple.pkg.ChineseWordlistUpdate.14U1323
com.apple.pkg.CustomVoice_en_GB_arthur
com.apple.pkg.iTunesX.12.7.delta
com.apple.pkg.MRT.14U2321
com.apple.pkg.iTunesX.12.7.4.patch
com.apple.pkg.ChineseWordlistUpdate.14U1308
com.apple.pkg.ChineseWordlistUpdate.14U1320
com.apple.pkg.ChineseWordlistUpdate.14U1309
com.apple.pkg.MRT.14U2291
com.apple.update.fullbundleupdate.19G2021
com.apple.pkg.MobileDevice
com.apple.pkg.iTunesX
com.apple.pkg.ChineseWordlistUpdate.14U1330
com.apple.pkg.ChineseWordlistUpdate.14U1332
com.apple.pkg.MRT.14U2319
com.apple.pkg.CoreADI
com.apple.pkg.GatekeeperConfigData.16U1204
com.apple.pkg.update.os.10.15.7.19H2
com.apple.pkg.ChineseWordlistUpdate.14U1333
com.apple.pkg.MRT.14U2301
com.apple.pkg.MobileDeviceSU.1220A22
com.apple.pkg.ChineseWordlistUpdate.14U1303
com.apple.pkg.ChineseWordlistUpdate.14U1317
com.apple.pkg.ChineseWordlistUpdate.14U1315
com.apple.pkg.ChineseWordlistUpdate.16U1232
com.apple.pkg.GatekeeperConfigData.16U1168
com.apple.pkg.iTunesX.12.5.4.delta
com.apple.pkg.SecureBoot
com.apple.pkg.iTunesXPatch
com.apple.pkg.update.os.SecUpd2020-001Catalina.19H114
com.apple.pkg.ChineseWordlistUpdate.14U1314
com.apple.pkg.ChineseWordlistUpdate.14U1300
com.apple.pkg.ChineseWordlistUpdate.14U1328
com.apple.pkg.ChineseWordlistUpdate.14U1310
com.apple.pkg.ChineseWordlistUpdate.16U1223
com.apple.pkg.GatekeeperConfigData.16U1193
com.apple.pkg.ChineseWordlistUpdate.14U1339
com.apple.pkg.ChineseWordlistUpdate.14U1305
com.apple.pkg.ChineseWordlistUpdate.14U1307
com.apple.pkg.GatekeeperConfigData.16U1230
com.apple.pkg.ChineseWordlistUpdate.14U1306
com.apple.pkg.ChineseWordlistUpdate.14U1312
com.apple.pkg.GatekeeperConfigData.16U1295
com.apple.pkg.XProtectPlistConfigData.14U4054
com.apple.pkg.GatekeeperConfigData.14U2308
com.apple.pkg.update.os.Combo10.15.6Auto.19G2021
com.apple.pkg.GatekeeperConfigData.14U2309
com.apple.pkg.XProtectPlistConfigData.14U4055
com.apple.pkg.ChineseWordlistUpdate.14U1348
com.apple.pkg.InstallAssistantAuto
com.apple.pkg.XProtectPlistConfigData.14U4057
com.apple.pkg.XProtectPlistConfigData.16U4004
com.apple.pkg.GatekeeperConfigData.14U2323
com.apple.pkg.iTunesAccess
com.apple.pkg.GatekeeperConfigData.16U1136
com.apple.pkg.GatekeeperConfigData.14U2322
com.apple.pkg.XProtectPlistConfigData.16U4011
com.apple.pkg.XProtectPlistConfigData.14U4056
com.apple.pkg.GatekeeperConfigData.16U1132
com.apple.pkg.GatekeeperConfigData.16U1126
com.apple.pkg.RemoteDesktopClient
com.apple.pkg.Core
com.apple.pkg.CoreFP
com.apple.pkg.XProtectPlistConfigData.16U4016
com.apple.pkg.GatekeeperConfigData.16U1118
com.apple.update.fullbundleupdate.19H114
com.apple.pkg.ChineseWordlistUpdate.14U1359
com.apple.pkg.ChineseWordlistUpdate.14U1365
com.apple.pkg.XProtectPlistConfigData_10_15.16U4147
com.apple.pkg.XProtectPlistConfigData_10_15.16U4152
com.apple.files.data-template
com.apple.pkg.XProtectPlistConfigData_10_15.16U4145
com.apple.pkg.XProtectPlistConfigData_10_15.16U4151
com.apple.pkg.XProtectPlistConfigData_10_15.16U4154
com.apple.pkg.XProtectPlistConfigData_10_15.16U4156
com.apple.pkg.MobileDeviceOnDemand.1420A54
com.apple.pkg.MRTConfigData_10_15.16U4149
com.apple.pkg.CustomVoiceUpdate_en_GB_arthur.16U1791
com.apple.pkg.MRTConfigData_10_15.16U4155
com.apple.pkg.MRTConfigData_10_15.16U4157
com.apple.pkg.MRTConfigData_10_15.16U4142
com.apple.pkg.CoreTypes.1420A54
com.apple.pkg.MRTConfigData_10_15.16U4146
com.apple.pkg.MRTConfigData_10_15.16U4153
com.apple.pkg.MRTConfigData_10_15.16U4150
com.apple.pkg.XProtectPlistConfigData_10_15.16U4158
com.apple.pkg.XProtectPlistConfigData_10_15.16U4148
com.apple.pkg.ChineseWordlistUpdate.12U1655
com.apple.pkg.ChineseWordlistUpdate.12U1696
com.microsoft.office.all.fonts.pkg.14.2.0
com.apple.pkg.ChineseWordlistUpdate.12U1682
com.zeobit.MacKeeper.affid.pkg
com.apple.pkg.GatekeeperConfigData.12U2210
com.dvdfab.dvdfab9.postflight.pkg
com.native-instruments.Audio4DJDriver.Application
com.microsoft.office.de.automator_workflow.pkg.14.5.2
com.apple.pkg.XProtectPlistConfigData.12U4038
com.microsoft.office.all.clipart_search0.pkg.14.2.0
com.microsoft.office.all.proofing_polish.pkg.14.5.2
com.apple.pkg.iBooksDelta
com.mixvibes.crossdj-free
com.RPCX.PredatorFilesInstallerS
com.microsoft.msgr.all.messenger.pkg.8.0.1
com.caiaq.NIUSBTraktorKontrolX1Driver
com.apple.pkg.Safari7.1Mavericks
com.rockysandstudio.WakeUpTime
com.dvdfab.dvdfab9.fabio.pkg
com.apple.pkg.GatekeeperConfigData.12U2205
com.5YNERGY.massive130VstFix5Ynergy.Massive.pkg
com.RPCX.Blue2VST64InstallerS
com.RPCX.PredatorAU64InstallerS
com.apple.pkg.ChineseWordlistUpdate.12U1668
com.microsoft.office.de.silverlight.pkg.14.5.2
com.caiaq.NIUSBAudio2DJDriver
org.virtualbox.pkg.vboxkexts
com.apple.pkg.ChineseWordlistUpdate.12U1642
com.microsoft.office.de.flip4mac.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2207
com.microsoft.office.all.licensing.pkg.14.5.2
com.apple.pkg.ChineseWordlistUpdate.12U1736
com.apple.pkg.GatekeeperConfigData.12U2159
com.microsoft.office.all.proofing_portuguese.pkg.14.2.0
com.apple.pkg.GatekeeperConfigData.12U2171
com.apple.pkg.GatekeeperConfigData.12U2170
com.microsoft.office.all.proofing_finnish.pkg.14.5.2
com.microsoft.office.all.quit.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2206
com.microsoft.office.all.core.pkg.14.2.0
com.microsoft.office.all.powerpoint.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.14U2298
com.microsoft.office.de.excel_webqueries.pkg.14.2.0
com.microsoft.office.de.readme.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2202
com.native-instruments.Massive.RTAS
com.microsoft.office.all.vb.pkg.14.2.0
com.apple.pkg.GatekeeperConfigData.12U2160
com.apple.pkg.GatekeeperConfigData.12U2148
com.microsoft.office.de.solver.pkg.14.2.0
com.microsoft.office.all.proofing_norwegian.pkg.14.2.0
com.microsoft.office.de.excel_resources.pkg.14.2.0
com.apple.pkg.IncompatibleKextConfigData.3-15
com.apple.pkg.Safari6.1MountainLion
com.microsoft.office.de.powerpoint_templates.pkg.14.5.2
com.microsoft.office.all.proofing_french.pkg.14.2.0
com.apple.pkg.GatekeeperConfigData.12U2149
com.apple.pkg.GatekeeperConfigData.12U2175
com.RPCX.RawVST64InstallerS
com.apple.pkg.XProtectPlistConfigData.2-49
com.atomixproductions.virtualdjhome
org.virtualbox.pkg.virtualbox
com.5YNERGY.massive130VstFix5Ynergy.Massive-1.pkg
com.cyberghostsrl.cyberghostmac.installer
com.microsoft.office.de.core_resources.pkg.14.2.0
com.microsoft.office.all.excel.pkg.14.5.2
com.zeobit.MacKeeper.pkg
com.apple.pkg.AppExceptions.12U2146
com.apple.pkg.GatekeeperConfigData.12U2215
com.native-instruments.ControllerEditor.FactoryContentUpdate
com.microsoft.office.de.powerpoint_resources.pkg.14.5.2
com.microsoft.office.de.vb_resources.pkg.14.5.2
com.microsoft.office.de.core_themes.pkg.14.5.2
com.apple.pkg.Pages10
com.RPCX.Blue2AU64InstallerS
com.microsoft.office.all.proofing_english.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2163
com.apple.pkg.XProtectPlistConfigData.12U4029
com.microsoft.office.all.ooxml.pkg.14.2.0
com.apple.pkg.IncompatibleKextConfigData.12U2199
com.github.osxfuse.pkg.Core
com.apple.pkg.GatekeeperConfigData.12U2188
com.RPCX.RawAU64InstallerS
com.apple.pkg.ChineseWordlistUpdate.12U1725
com.microsoft.office.all.proofing_czech.pkg.14.2.0
org.virtualbox.pkg.virtualboxcli
com.microsoft.office.all.proofing_danish.pkg.14.2.0
com.apple.pkg.Pages11
com.microsoft.office.all.sharepointbrowserplugin.pkg.14.5.2
com.microsoft.office.all.proofing_dutch.pkg.14.5.2
com.mediavatar.Free YouTube Download
com.apple.pkg.iMovie_AppStore
com.apple.pkg.GatekeeperConfigData.12U2200
com.microsoft.office.de.excel_templates.pkg.14.2.0
com.microsoft.package.Microsoft_Excel.app
com.apple.pkg.ChineseWordlistUpdate.12U1692
com.microsoft.office.de.outlook_resources.pkg.14.5.2
com.microsoft.office.de.core_resources.pkg.14.5.2
com.native-instruments.Massive.Documentation
com.caiaq.NIUSBAudio4DJDriver
com.native-instruments.Massive.SystemExtensions
com.apple.pkg.GatekeeperConfigData.12U2139
com.microsoft.office.de.powerpoint_templates.pkg.14.2.0
com.apple.pkg.RegionalBoot
com.microsoft.office.all.proofing_french.pkg.14.5.2
com.microsoft.office.de.excel_resources.pkg.14.5.2
com.microsoft.office.de.solver.pkg.14.5.2
com.microsoft.office.all.proofing_norwegian.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2138
com.microsoft.office.all.vb.pkg.14.5.2
com.native-instruments.Audio4DJDriver.Documentation
com.adobe.acrobat.reader.11.reader.browser.pkg.de_DE
com.adobe.PDApp.AdobeApplicationManager.installer.pkg
com.microsoft.office.de.excel_webqueries.pkg.14.5.2
com.microsoft.office.de.readme.pkg.14.2.0
com.jdi.pkg.TotalAV
com.native-instruments.ControllerEditor.SystemExtensions
com.microsoft.office.all.powerpoint.pkg.14.2.0
com.microsoft.office.de.outlook_resources.pkg.14.2.0
ch.corrupt.talbassline101.TAL-BassLine-101-x64.pkg
com.microsoft.office.de.excel_templates.pkg.14.5.2
com.apple.pkg.InstallMacOSX
com.microsoft.office.all.sharepointbrowserplugin.pkg.14.2.0
com.microsoft.office.all.proofing_dutch.pkg.14.2.0
ch.corrupt.talbassline101.TAL-BassLine-101.pkg
com.microsoft.office.all.proofing_danish.pkg.14.5.2
com.5ynergY.massive130Patch.BatChmod.pkg
jp.co.canon.mpkg.scangear.mg2200series.190000a
com.microsoft.office.all.proofing_czech.pkg.14.5.2
com.hercules.djdev
com.caiaq.NIUSBHardwareDriver
com.microsoft.office.all.ooxml.pkg.14.5.2
ch.corrupt.talbassline101.TAL-BassLine-101-x64-1.pkg
com.apple.pkg.MBP92
com.xdb.pkg.SubBoomBass.Resources
com.microsoft.office.all.proofing_english.pkg.14.2.0
com.microsoft.office.de.core_themes.pkg.14.2.0
com.adobe.acrobat.10.viewer.browser.pkg.EFG
com.native-instruments.Traktor2.FactoryContent
com.microsoft.office.de.powerpoint_resources.pkg.14.2.0
com.microsoft.office.de.vb_resources.pkg.14.2.0
com.microsoft.office.all.excel.pkg.14.2.0
com.WorldNumerology.WorldNumerologyApp
com.RPCX.RGAU64InstallerS
com.microsoft.office.de.silverlight.pkg.14.2.0
com.adobe.pkg.FlashPlayer
com.apple.pkg.MobileDevice
com.microsoft.office.all.proofing_polish.pkg.14.2.0
com.microsoft.office.all.clipart_search0.pkg.14.5.2
com.malwarebytes.mbam.installer
com.microsoft.package.Microsoft_Word.app
com.microsoft.OneDrive
com.microsoft.office.de.automator_workflow.pkg.14.2.0
com.apple.pkg.GarageBand_AppStore
com.microsoft.office.all.fonts.pkg.14.5.2
com.apple.pkg.iTunesX
com.native-instruments.Traktor.Documentation
com.adobe.acrobat.10.viewer.preinstall.pkg.EFG
jp.co.canon.pkg.canonijscanner3.020100
com.microsoft.Word
com.microsoft.office.all.core.pkg.14.5.2
com.unity.UnityWebPlayer
com.anchorfree.HotspotShield.Shared
com.native-instruments.Traktor2.Documentation
com.microsoft.office.all.quit.pkg.14.2.0
com.microsoft.package.Frameworks
com.microsoft.office.all.proofing_finnish.pkg.14.2.0
com.apple.pkg.CoreADI
com.native-instruments.Audio8DJDriver.Application
com.apple.pkg.BookKitDelta
com.microsoft.office.all.proofing_portuguese.pkg.14.5.2
com.microsoft.office.all.licensing.pkg.14.2.0
com.native-instruments.Traktor2.Application
com.apple.pkg.CoreLSKDConfigData.8
com.microsoft.office.de.flip4mac.pkg.14.2.0
com.microsoft.office.all.proofing_german.pkg.14.5.2
com.apple.pkg.Pages6
com.microsoft.teams
com.microsoft.office.de.clipart.pkg.14.2.0
com.native-instruments.Massive.VST
com.microsoft.office.all.dcc.pkg.14.5.2
com.microsoft.office.all.proofing_spanish.pkg.14.2.0
com.microsoft.office.all.slt_std.pkg.14.2.0
com.microsoft.OneDrive-mac
com.RPCX.PredatorVST64InstallerS
com.microsoft.office.de.clipart_search1031.pkg.14.5.2
com.microsoft.office.all.proofing_swedish.pkg.14.2.0
com.microsoft.office.de.outlook_scriptmenuitems.pkg.14.2.0
com.microsoft.package.Microsoft_OneNote.app
com.native-instruments.Audio2DJDriver.Documentation
com.anchorfree.HotspotShield.Launchd
com.apple.pkg.Pages7
com.native-instruments.Massive.FactoryContent
com.apple.pkg.ChineseWordlistUpdate.4-1
com.5YNERGY.massive130VstFix5Ynergy.BatChmod.pkg
com.microsoft.package.Microsoft_Outlook.app
com.microsoft.office.de.word_wizards.pkg.14.5.2
us.zoom.pkg.videmeeting
com.apple.pkg.AppleDisplaysConfigData.14U2182
com.RPCX.BladeFilesS
com.joinhoney
com.apple.pkg.XProtectPlistConfigData.12U4045
jp.co.canon.pkg.MG2200-106701
jp.co.canon.MG2200series100
com.microsoft.office.de.equationeditor_resources.pkg.14.5.2
com.microsoft.package.Proofing_Tools
com.microsoft.office.de.setupasst_resources.pkg.14.2.0
com.microsoft.office.all.dock.pkg.14.5.2
com.apple.pkg.XProtectPlistConfigData.12U4044
com.microsoft.office.all.proofing_italian.pkg.14.2.0
com.native-instruments.driver.NIUSBDevice_10.6
com.native-instruments.Traktor2.SystemExtensions
com.5ynergY.massive130Patch.ScreenShot2012-03-27at23.37.24.pkg
com.RPCX.BladeVST64S
com.adobe.acrobat.10.viewer.preferences.pkg.EFG
com.microsoft.package.DFonts
com.apple.pkg.RAWCameraUpdate5
com.microsoft.office.all.required_home.pkg.14.5.2
com.microsoft.office.de.fonts_fontcollection.pkg.14.2.0
com.anchorfree.HotspotShield.AppSupport
com.apple.pkg.InstallOS
com.microsoft.office.de.required.pkg.14.5.2
com.native-instruments.Massive.Application
com.anchorfree.HotspotShield.App
com.apple.pkg.GarageBandExtraContent
com.microsoft.office.all.setupasst.pkg.14.5.2
com.microsoft.office.de.sharepointbrowserplugin_resources.pkg.14.2.0
jp.co.canon.pkg.Inkjet Extended Survey Program_300
com.microsoft.office.de.graph_resources.pkg.14.5.2
com.native-instruments.Massive.AU
com.native-instruments.ServiceCenter.DocumentationUpdate
com.microsoft.office.all.outlook.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2136
com.microsoft.office.all.proofing_catalan.pkg.14.5.2
com.microsoft.office.all.launch.pkg.14.2.0
com.adobe.acrobat.10.viewer.app.pkg.EFG
ch.corrupt.talbassline101.TAL-BassLine-101-AAX.pkg
com.apple.pkg.GatekeeperConfigData.12U2137
com.microsoft.office.all.proofing_brazilian.pkg.14.2.0
com.RPCX.RGVST64InstallerS
com.microsoft.office.all.proofing_russian.pkg.14.5.2
com.microsoft.office.de.word_resources.pkg.14.2.0
com.xdb.pkg.SubBoomBass.VST
com.apple.pkg.JavaSecurity
com.microsoft.office.all.equationeditor.pkg.14.2.0
com.microsoft.office.all.proofing_japanese.pkg.14.5.2
com.apple.pkg.RAWCameraUpdate4
com.native-instruments.KompleteAudio6Driver.Documentation
com.microsoft.package.Microsoft_AutoUpdate.app
com.microsoft.office.all.automator.pkg.14.5.2
com.TryBest.Paint
com.microsoft.office.de.word_templates.pkg.14.2.0
com.dvdfab.dvdfab9.DVDFab9.pkg
com.microsoft.office.de.sounds.pkg.14.5.2
ch.corrupt.talbassline101.TAL-BassLine-101-x64-AAX.pkg
com.apple.pkg.XProtectPlistConfigData.12U4043
com.anchorfree.HotspotShield.zFinalize
jp.co.canon.ij.easy-guide-viewer180.pkg
com.native-instruments.TraktorKontrolX1Driver.Documentation
com.adobe.acrobat.10.viewer.print_pdf_services.pkg.EFG
com.microsoft.office.all.proofing_turkish.pkg.14.2.0
com.apple.pkg.XProtectPlistConfigData.12U4042
com.microsoft.office.de.query.pkg.14.5.2
com.microsoft.office.all.graph.pkg.14.5.2
com.microsoft.office.de.dcc_resources.pkg.14.2.0
jp.co.canon.SolutionMenuEX100
com.microsoft.office.all.word.pkg.14.2.0
com.native-instruments.ControllerEditor.DocumentationUpdate
com.apple.pkg.ChineseWordlistUpdate.6-18
com.native-instruments.Traktor.FactoryContent
com.microsoft.office.all.proofing_japanese.pkg.14.2.0
com.microsoft.office.all.equationeditor.pkg.14.5.2
com.netgear.netgearGenie.NETGEARGenie.pkg
com.microsoft.office.all.proofing_russian.pkg.14.2.0
com.microsoft.office.de.word_resources.pkg.14.5.2
com.microsoft.office.all.proofing_brazilian.pkg.14.5.2
com.microsoft.rdc.all.rdc.pkg.2.1.1
com.native-instruments.Audio8DJDriver.Documentation
com.apple.pkg.AirPortUtility
com.apple.pkg.XProtectPlistConfigData.12U4031
com.microsoft.office.all.launch.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2184
com.apple.pkg.GatekeeperConfigData.12U2185
com.apple.pkg.AppleDisplaysConfigData.12U2192
com.apple.pkg.ChineseWordlistUpdate.12U1715
com.microsoft.office.all.proofing_catalan.pkg.14.2.0
com.microsoft.office.all.outlook.pkg.14.2.0
ch.corrupt.talbassline101.TAL-BassLine-101-1.pkg
com.apple.pkg.GarageBandBasicContent
com.microsoft.office.de.sharepointbrowserplugin_resources.pkg.14.5.2
com.microsoft.office.de.graph_resources.pkg.14.2.0
com.microsoft.office.all.setupasst.pkg.14.2.0
com.microsoft.office.de.required.pkg.14.2.0
com.microsoft.pkg.licensing
com.microsoft.office.all.required_home.pkg.14.2.0
com.native-instruments.Traktor.SystemExtensions
com.microsoft.office.de.fonts_fontcollection.pkg.14.5.2
com.adobe.acrobat.reader.11.reader.app.pkg.de_DE
com.apple.pkg.ChineseWordlistUpdate.6-33
com.apple.pkg.iPhoto_AppStore
maccatalyst.social.street.MemoryAssistant
com.microsoft.Outlook
com.microsoft.office.all.word.pkg.14.5.2
com.microsoft.office.all.graph.pkg.14.2.0
com.microsoft.office.de.dcc_resources.pkg.14.5.2
com.microsoft.office.de.query.pkg.14.2.0
com.apple.pkg.XProtectPlistConfigData.2-50
com.todoist.mac.Todoist
com.apple.pkg.XProtectPlistConfigData.12U4032
com.apple.pkg.GatekeeperConfigData.12U2178
com.apple.pkg.GatekeeperConfigData.12U2144
com.microsoft.office.all.proofing_turkish.pkg.14.5.2
com.microsoft.mau.all.autoupdate.pkg.2.3.6
com.apple.pkg.iTunesAccess
jp.co.canon.My Image Garden V100
com.apple.pkg.GatekeeperConfigData.12U2145
com.apple.pkg.IncompatibleKextConfigData.12U2168
com.apple.pkg.ChineseWordlistUpdate.12U1702
com.RPCX.Blue2FilesS
com.apple.pkg.XProtectPlistConfigData.12U4033
com.adobe.acrobat.10.viewer.appsupport.pkg.EFG
com.RPCX.BladeAU64S
com.microsoft.office.de.word_templates.pkg.14.5.2
com.microsoft.office.de.sounds.pkg.14.2.0
com.apple.pkg.ChineseWordlistUpdate.6-26
com.microsoft.office.all.automator.pkg.14.2.0
com.apple.pkg.ChineseWordlistUpdate.12U1662
com.apple.pkg.ChineseWordlistUpdate.6-22
com.apple.pkg.GatekeeperConfigData.12U2223
com.adobe.acrobat.a10.AcrobatUpd1011
com.google.macfuse
com.native-instruments.ControllerEditor.ApplicationUpdate
com.microsoft.office.de.clipart_search1031.pkg.14.2.0
com.microsoft.office.all.proofing_swedish.pkg.14.5.2
com.microsoft.office.de.outlook_scriptmenuitems.pkg.14.5.2
com.apple.pkg.GatekeeperConfigData.12U2155
com.microsoft.office.all.slt_std.pkg.14.5.2
com.apple.pkg.ChineseWordlistUpdate.12U1712
com.apple.pkg.XProtectPlistConfigData.12U4037
com.adobe.acrobat.reader.11.reader.appsupport.pkg.de_DE
com.apple.pkg.GatekeeperConfigData.12U2196
com.microsoft.office.all.proofing_spanish.pkg.14.5.2
com.microsoft.mau.all.autoupdate.pkg.2.3.3
com.apple.pkg.GatekeeperConfigData.12U2197
com.microsoft.office.all.dcc.pkg.14.2.0
com.apple.update.firmwareupdate
com.apple.pkg.GatekeeperConfigData.12U2140
com.microsoft.office.de.clipart.pkg.14.5.2
com.microsoft.Excel
com.apple.pkg.RemoteDesktopClient
com.native-instruments.ServiceCenter.ApplicationUpdate
com.RPCX.RGFilesS
com.microsoft.office.all.proofing_german.pkg.14.2.0
com.native-instruments.Traktor.Application
com.apple.pkg.ChineseWordlistUpdate.6-21
com.apple.pkg.GatekeeperConfigData.12U2220
com.microsoft.merp.all.errorreporting.pkg.2.2.8
com.adobe.acrobat.10.viewer.print_automator.pkg.EFG
com.wacom.TabletInstaller
com.RPCX.RawFilesS
com.apple.pkg.CoreFP
com.5ynergY.massive130Patch.Massive.pkg
com.apple.pkg.GatekeeperConfigData.12U2142
com.apple.pkg.GatekeeperConfigData.12U2156
com.apple.pkg.ChineseWordlistUpdate.12U1705
com.microsoft.office.de.setupasst_resources.pkg.14.5.2
com.microsoft.office.all.dock.pkg.14.2.0
com.microsoft.office.all.proofing_italian.pkg.14.5.2
com.apple.pkg.XProtectPlistConfigData.12U4034
com.apple.pkg.GatekeeperConfigData.12U2181
com.apple.pkg.GatekeeperConfigData.12U2195
com.apple.pkg.GatekeeperConfigData.12U2194
com.microsoft.office.de.equationeditor_resources.pkg.14.2.0
com.apple.pkg.XProtectPlistConfigData.12U4035
com.Guillemot.djuced18.DJUCED18.pkg
com.5ynergY.massive130Patch.Massive-1.pkg
com.dvdfab.dvdfab9.preflight.pkg
com.microsoft.office.de.word_wizards.pkg.14.2.0
com.microsoft.merp.all.errorreporting.pkg.2.2.9
com.apple.pkg.GatekeeperConfigData.12U2209
com.xdb.pkg.SubBoomBass.AU
com.microsoft.package.Microsoft_PowerPoint.app
com.apple.pkg.ChineseWordlistUpdate.6-34
com.apple.pkg.ChineseWordlistUpdate.6-20
2) DetectX
Code:
ATTFilter
Timestamp (7): Mon May 03 14:25:59 2021
DetectX Swift v1.0971

macOS: Version 10.15.7 (Build 19H114)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Mon May 3 14:13:17 2021
Uptime: 13 mins, 2 users

Spotlight status for /:
	Indexing enabled. 
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.

Internet:	Reachable,Transient Connection


    Hardware Overview:

      Model Name: MacBook Pro
      Model Identifier: MacBookPro9,2
      Processor Name: Dual-Core Intel Core i5
      Processor Speed: 2,5 GHz
      Number of Processors: 1
      Total Number of Cores: 2
      L2 Cache (per Core): 256 KB
      L3 Cache: 3 MB
      Hyper-Threading Technology: Enabled
      Memory: 4 GB
      Boot ROM Version: 233.0.0.0.0
      SMC Version (system): 2.2f44
      Sudden Motion Sensor:
          State: Enabled



  Sharing Preferences:

	File Sharing:  Off
	Screen Sharing:  Off
	Remote Management:  Off
	Back To My Mac:  Off
	Remote Login:  Off
	Remote Apple Events:  Off


3rd Party Kexts (loaded):

	org.virtualbox.kext.VBoxDrv
	org.virtualbox.kext.VBoxUSB
	org.virtualbox.kext.VBoxNetFlt
	org.virtualbox.kext.VBoxNetAdp


 $PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
	/usr/local/bin
	/usr/bin
	/bin
	/usr/sbin
	/sbin

/etc/paths.d/:

~/.bash_profile:
	
~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


PID	Status	Label
545	0	com.adobe.GC.AGM
918	0	com.sqwarq.DetectX-Swift.24416
676	0	net.freemacsoft.AppCleaner.24544
537	0	com.wacom.DataStoreMgr
540	0	com.malwarebytes.mbam.frontend.agent
-	-6	com.adobe.AdobeCreativeCloud
-	0	com.openssh.ssh-agent
-	0	com.microsoft.update.agent
534	0	com.wacom.wacomtablet
-	0	com.BlueStacks.AppPlayer.Service
-	0	com.spotify.client.startuphelper
-	0	com.adobe.GC.Scheduler-1.0
557	0	com.cyberghostsrl.cyberghostmac.23952
-	0	com.BlueStacks.AppPlayer.UninstallWatcher
-	0	com.microsoft.OneDriveStandaloneUpdater
542	0	com.wacom.IOManager
-	0	com.BlueStacks.AppPlayer.Updater
846	0	com.etresoft.EtreCheck4.24700


 System Launchd processes:

0      - 	com.adobe.SwitchBoard
151      - 	com.malwarebytes.mbam.rtprotection.daemon
0      - 	com.adobe.acc.installer.v2
0      - 	com.vix.cron
0      - 	com.microsoft.office.licensing.helper
0      - 	com.microsoft.teams.TeamsUpdaterDaemon
0      - 	com.microsoft.office.licensingV2.helper
178      - 	com.wacom.UpdateHelper
0      0 	com.microsoft.autoupdate.helper
181      - 	Adobe_Genuine_Software_Integrity_Service
338      - 	org.cups.cupsd
0      - 	com.adobe.fpsaud
0      - 	com.anchorfree.ajaxserver
0      - 	com.wacom.displayhelper
636      - 	com.microsoft.OneDriveStandaloneUpdaterDaemon
382      - 	com.malwarebytes.mbam.settings.daemon
0      - 	com.microsoft.OneDriveUpdaterDaemon
0      - 	net.protected.macos.AVHelper
0      - 	com.adobe.acc.installer
0      - 	com.BlueStacks.AppPlayer.bstservice_helper
198      - 	com.hercules.hdjsd



 User Login Items:
 
	/Applications/CyberGhost VPN.app
	/Users/bettakroegel/Applications/Spotify.app
	/Users/bettakroegel/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app



 /Library/LaunchDaemons:

	hdjsd.plist
		--> Program Arguments: /var/hercules/hdjsd
	
	com.malwarebytes.mbam.settings.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
	
	com.microsoft.OneDriveStandaloneUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon
	
	com.microsoft.teams.TeamsUpdaterDaemon.plist
	
	com.adobe.agsservice.plist
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGSService
	
	com.BlueStacks.AppPlayer.bstservice_helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
	
	com.malwarebytes.mbam.rtprotection.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: -i
		--> Program Arguments: Malwarebytes-Mac-4.8.12.4131.pkg
	
	com.microsoft.OneDriveUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/OneDriveUpdaterDaemon.xpc/Contents/MacOS/OneDriveUpdaterDaemon
	
	com.wacom.displayhelper.plist
		--> Program Arguments: /sbin/kextunload
		--> Program Arguments: /System/Library/Extensions/AppleUSBFTDI.kext
	
	org.virtualbox.startup.plist
		--> Program Arguments: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh
		--> Program Arguments: restart
	
	com.adobe.acc.installer.v2.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
	
	com.wacom.UpdateHelper.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper
	
	com.adobe.fpsaud.plist
		--> Program Arguments: /Library/Application Support/Adobe/Flash Player Install Manager/fpsaud
	
	com.adobe.SwitchBoard.plist
		--> Program Arguments: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
	
	net.protected.macos.AVHelper.plist
		-> Program: /Library/PrivilegedHelperTools/net.protected.macos.AVHelper
		--> Program Arguments: /Library/PrivilegedHelperTools/net.protected.macos.AVHelper
	
	com.anchorfree.ajaxserver.plist
		-> Program: /Library/Application Support/Hotspot Shield/ajaxserver
		--> Program Arguments: /Library/Application Support/Hotspot Shield/ajaxserver
	
	com.microsoft.office.licensingV2.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
	
	com.oracle.java.Helper-Tool.plist
	
	com.adobe.acc.installer.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer
	
	com.microsoft.office.licensing.helper.plist
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
	
	com.microsoft.autoupdate.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
	



 /Library/LaunchAgents:

	com.adobe.AdobeCreativeCloud.plist
		-> Program: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: --showwindow=false
		--> Program Arguments: --onOSstartup=true
	
	com.wacom.DataStoreMgr.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr
	
	com.adobe.GC.AGM.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: -mode=logon
	
	com.malwarebytes.mbam.frontend.agent.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
	
	com.adobe.AAM.Updater-1.0.plist
		-> Program: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: -mode=logon
	
	com.wacom.IOManager.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=logon
	
	com.microsoft.OneDriveStandaloneUpdater.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater
	
	com.wacom.wacomtablet.plist
		-> Program: /Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver
	
	com.microsoft.update.agent.plist
		--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
		--> Program Arguments: --launchByAgent
	



 ~/Library/LaunchAgents:

	com.BlueStacks.AppPlayer.UninstallWatcher.plist
		--> Program Arguments: /bin/sh
		--> Program Arguments: /Users/[U501]/Library/BlueStacks/UninstallWatcher
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=scheduled
	
	com.BlueStacks.AppPlayer.Updater.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstupdater
		--> Program Arguments: pull
	
	com.BlueStacks.AppPlayer.Service.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstservice
		--> Program Arguments: Android
	

 User Crontab:

	No cron jobs



 /etc:

	rc.common
	php.ini.default-5.2-previous~orig
	bootpd.plist
	bashrc_Apple_Terminal
	zshrc_Apple_Terminal
	bashrc
	zshrc
	ssh_config~orig
	hosts.save
	authorization.deprecated
	moduli~previous
	rc.netboot
	efax.rc~previous
	php.ini.default-5.2-previous
	sshd_config~previous
	aliases
	zprofile

 / $Root:

	.file
	.VolumeIcon.icns
	opt / .. children: 0

 ~/ $Home:

	Music / .. children: 5
	objc.scan
	.CFUserTextEncoding
	Pictures / .. children: 3
	Desktop / .. children: 37
	Library / .. children: 69
	.cups / .. children: 1
	.bash_sessions / .. children: 11
	Public / .. children: 2
	.dropbox / .. children: 9
	Movies / .. children: 4
	Applications / .. children: 1
	.Trash / .. children: 1
	Documents / .. children: 32
	Downloads / .. children: 147
	.bash_history



 ~/Library:

	studentd / .. children: 3
	HomeKit / .. children: 9
	UIKitSystem / .. children: 1
	Google / .. children: 1
	BlueStacks / .. children: 11
	com.apple.icloud.searchpartyd / .. children: 3
	PhotoshopCrashes / .. children: 0
	FrontBoard / .. children: 3
	MediaStream / .. children: 7
	Dropbox / .. children: 0
	Fonts Disabled / .. children: 0
	PersonalizationPortrait / .. children: 5
	Reminders / .. children: 2



 ~/Library/Application Support:

	com.apple.sbd / .. children: 1
	com.apple.replayd / .. children: 0
	com.apple.voicememos / .. children: 1
	Propellerhead Software / .. children: 2
	Native Instruments / .. children: 1
	SyncServices / .. children: 1
	com.apple.kvs / .. children: 1
	com.apple.transparencyd / .. children: 5
	com.apple.touristd / .. children: 6
	CyberghostBrowser / .. children: 14
	NoxInstaller / .. children: 0
	DiskImages / .. children: 1
	Anki2 / .. children: 5
	CoreParsec / .. children: 0
	OneDriveStandaloneUpdater / .. children: 1
	com.apple.akd / .. children: 1
	zoom.us / .. children: 2
	MobileSync / .. children: 1
	Google / .. children: 2
	Microsoft / .. children: 1
	Spotify / .. children: 4
	Oracle / .. children: 1
	dmd / .. children: 0
	Ableton / .. children: 4
	Anki / .. children: 1
	Java / .. children: 1
	com.microsoft.OneDriveStandaloneUpdater / .. children: 1
	CEF / .. children: 1
	com.cyberghostsrl.cyberghostmac / .. children: 1
	TrustedPeersHelper / .. children: 0
	Adobe / .. children: 10
	MediaHuman / .. children: 1
	.ACCC_Lock
	Cycling '74 / .. children: 1
	com.sqwarq.DetectX-Swift / .. children: 4
	System Preferences / .. children: 0
	com.apple.ContextStoreAgent / .. children: 1
	FileProvider / .. children: 3
	Dropbox / .. children: 4
	com.malwarebytes.mbam / .. children: 1
	ToguAudioLine / .. children: 1
	Grammarly / .. children: 12
	uTorrent Web / .. children: 9
	XMind / .. children: 3
	transparencyd / .. children: 0
	syncdefaultsd / .. children: 0
	JREInstaller / .. children: 1
	com.apple.accounts.dom / .. children: 0



 ~/Library/Safari/Extensions:

	*-- Folder doesn't exist or is inaccessible --*



 ~/Library/Internet Plug-Ins:

	



 /Users/Shared:

	adi / .. children: 10
	SC Info / .. children: 1
	Hotspot Shield / .. children: 1
	Library / .. children: 1
	AdobeInstalledCodecs / .. children: 0
	Canon Inkjet Extended Survey Program / .. children: 1
	Adobe / .. children: 4
	CleanMyMac 2 / .. children: 1
	Previously Relocated Items / .. children: 3
	AdobeGCData / .. children: 2
	Max 8 / .. children: 2
	CleanMyMac / .. children: 1



 /Applications:

	Honey.app
	VLC.app
	XMind.app
	Office_Mac_HS_2011_German.dmg
	Adobe After Effects CC / .. children: 10
	Anki.app
	Install macOS Mojave.app
	Microsoft Office 2011 / .. children: 10
	Rhinoceros.app
	Adobe Creative Cloud / .. children: 3
	OneDrive.app
	Adobe Photoshop CC Kopie / .. children: 3
	CyberGhost Private Browser.app
	Rob Papen / .. children: 6
	DetectX Swift.app
	Adobe Media Encoder CC 2017 / .. children: 3
	Microsoft Word.app
	Install macOS High Sierra.app
	Anki Notes.app
	Adobe Photoshop CC / .. children: 10
	Grammarly.app
	Paint S.app
	Microsoft Excel.app
	Adobe Media Encoder CC / .. children: 3
	Adobe / .. children: 5
	zoom.us.app
	Adobe Illustrator CC / .. children: 10
	Microsoft Outlook.app
	Malwarebytes.app
	Ableton Live 10 Intro.app
	Wacom Tablet.localized / .. children: 5
	Live
	iZotope Ozone 7 / .. children: 6
	CyberGhost VPN.app
	uTorrent Web.app
	iMovie 9.0.9 / .. children: 1
	EtreCheckPro.app
	The Unarchiver.app
	Microsoft OneNote.app
	Adobe InDesign CC / .. children: 11
	Live8 / .. children: 5
	MediathekView.app
	AppCleaner.app
	Ableton Live 10 Standard.app
	Adobe Acrobat X Pro / .. children: 4
	Microsoft PowerPoint.app
	Microsoft Teams.app
	Ableton Live 11 Standard.app
	BlueStacks.app



 /Library:

	Apple / .. children: 3
	CFMSupport / .. children: 1
	DropboxHelperTools / .. children: 2
	OSAnalytics / .. children: 2
	StagedDriverExtensions / .. children: 0
	InstallerSandboxes / .. children: 2
	DriverExtensions / .. children: 0
	Automator / .. children: 95
	User Template / .. children: 41
	Fonts Disabled / .. children: 16
	SystemExtensions / .. children: 3



 /Library/Application Support:

	Propellerhead Software / .. children: 3
	Native Instruments / .. children: 9
	Tablet / .. children: 2
	Mozilla / .. children: 1
	Avid / .. children: 1
	ReWire
	Hotspot Shield / .. children: 12
	Macromedia / .. children: 3
	Mica / .. children: 1
	.E42bQWl0wR
	Microsoft / .. children: 2
	Oracle / .. children: 0
	Digidesign / .. children: 1
	VirtualBox / .. children: 5
	Canon / .. children: 7
	Adobe / .. children: 70
	Malwarebytes / .. children: 1
	iZotope / .. children: 5
	PACE Anti-Piracy / .. children: 4
	REX Shared Library
	regid.1986-12.com.adobe / .. children: 14
	.5s+m_0Aav5



 /Library/Extensions:

	NIUSBAudio2DJ.kext
	hp_fax_io.kext
	FTDIKext.kext
	Wacom Tablet.kext
	NIUSBAudio4DJ.kext
	SiLabsUSBDriver64.kext
	JMicronATA.kext
	fabio.kext
	NIUSBTraktorKontrolX1.kext
	Dropbox.kext
	AppleMobileDevice.kext
	BJUSBLoad.kext
	CIJUSBLoad.kext
	NIUSBDeviceHelper.kext
	hp_io_enabler_compound.kext
	NIUSBAudioDriver.kext



 /Library/Internet Plug-Ins:

	VLC Plugin.plugin
	EPPEX Plugin.plugin
	AdobeAAMDetect.plugin
	Unused / .. children: 0
	AdobePDFViewer.plugin
	SharePointBrowserPlugin.plugin
	Unity Web Player.plugin
	AdobePDFViewerNPAPI.plugin
	Flash Player.plugin
	flashplayer.xpt
	SharePointWebKitPlugin.webplugin



 /Library/Managed Preferences:

	*-- Folder doesn't exist or is inaccessible --*



 /Library/PrivilegedHelperTools:

	com.microsoft.office.licensing.helper
	com.BlueStacks.AppPlayer.bstservice_helper
	com.wacom.UpdateHelper.app
	com.wacom.IOManager.app
	com.adobe.acc.installer
	com.microsoft.autoupdate.helper
	com.microsoft.office.licensingV2.helper
	com.adobe.acc.installer.v2
	net.protected.macos.AVHelper
	com.wacom.DataStoreMgr.app



 /Library/ScriptingAdditions:

	Adobe Unit Types.osax



 /Library/StartupItems:

	



 /Library/Updates:

	ProductMetadata.plist
	001-93719 / .. children: 16
	071-05425 / .. children: 16
	071-29320 / .. children: 16
	PPDVersions.plist
	index.plist
	071-10831 / .. children: 3



Top Processes: 

%CPU	PID	COMMAND	
12.3 	244		WindowServer 
7.8		918		DetectX Swift 
6.3		846		EtreCheckPro 
3.8		0		kernel_task 
0.8		208		hidd 
0.7		459		com.apple.WebKit 
0.6		461		iconservicesagen 
0.4		542		com.wacom.IOMana 
0.3		151		RTProtectionDaem 
0.1		604		NEIKEv2Provider 


Running Processes: 

PPID	PID	%CPU	USER	COMMAND	
0		1		0.0		root		/sbin/launchd 
1		148		0.0		root		/usr/sbin/syslogd 
1		149		0.0		root		/usr/libexec/UserEventAgent (System) 
1		151		0.2		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon -i Malwarebytes-Mac-4.8.12.4131.pkg 
1		153		0.0		root		/System/Library/PrivateFrameworks/Uninstall.framework/Resources/uninstalld 
1		154		0.0		root		/usr/libexec/kextd 
1		155		0.0		root		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/Support/fseventsd 
1		156		0.0		root		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted 
1		159		0.0		root		/usr/sbin/systemstats --daemon 
1		160		0.0		root		/usr/libexec/configd 
1		162		0.0		root		/System/Library/CoreServices/powerd.bundle/powerd 
1		166		0.0		root		/usr/libexec/logd 
1		167		0.0		root		/usr/libexec/keybagd -t 15 
1		170		0.0		root		/usr/libexec/watchdogd 
1		174		0.0		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Support/mds 
1		175		0.0		_iconservices		/System/Library/CoreServices/iconservicesd 
1		176		0.0		root		/usr/libexec/diskarbitrationd 
1		178		0.0		root		/Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper 
1		180		0.0		root		/usr/libexec/coreduetd 
1		181		0.0		root		/Library/Application Support/Adobe/AdobeGCClient/AGSService 
1		184		0.0		root		/usr/libexec/opendirectoryd 
1		185		0.0		root		/System/Library/PrivateFrameworks/ApplePushService.framework/apsd 
1		186		0.0		root		/System/Library/CoreServices/launchservicesd 
1		187		0.0		_timed		/usr/libexec/timed 
1		188		0.0		_usbmuxd		/System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/Resources/usbmuxd -launchd 
1		189		0.0		root		/usr/sbin/securityd -i 
1		190		0.0		root		auditd		-l 
1		195		0.0		root		autofsd		
1		196		0.0		_displaypolicyd		/usr/libexec/displaypolicyd -k 1 
1		198		0.0		root		/var/hercules/hdjsd 
1		199		0.0		root		/usr/libexec/dasd 
1		201		0.0		root		/usr/libexec/PerfPowerServices 
1		203		0.0		root		/System/Library/CoreServices/logind 
1		204		0.0		root		/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/Support/revisiond 
1		205		0.0		root		/usr/sbin/KernelEventAgent 
1		207		0.0		root		/usr/sbin/bluetoothd 
1		208		0.0		_hidd		/usr/libexec/hidd 
1		209		0.0		root		/usr/libexec/sandboxd 
1		210		0.0		root		/usr/libexec/corebrightnessd --launchd 
1		211		0.0		root		/usr/libexec/AirPlayXPCHelper 
1		212		0.0		root		/usr/sbin/notifyd 
1		213		0.0		root		/usr/libexec/amfid 
1		214		0.0		_distnote		/usr/sbin/distnoted daemon 
1		215		0.0		root		/usr/sbin/cfprefsd daemon 
1		216		0.0		root		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system 
1		217		0.0		root		aslmanager		
1		218		0.0		root		/System/Library/CoreServices/coreservicesd 
1		219		0.0		[U501]		/System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console 
1		220		0.0		root		/usr/libexec/syspolicyd 
1		222		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/authd.xpc/Contents/MacOS/authd 
1		223		0.0		_analyticsd		/System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd 
1		226		0.0		root		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/contextstored 
1		228		0.0		_coreaudiod		/usr/sbin/coreaudiod 
1		231		0.0		root		/usr/libexec/trustd 
1		232		0.0		root		/usr/libexec/nehelper 
1		239		0.0		root		/usr/sbin/ocspd 
1		242		0.0		root		/usr/libexec/searchpartyd 
1		244		15.6		_windowserver		/System/Library/PrivateFrameworks/SkyLight.framework/Resources/WindowServer -daemon 
1		251		0.0		_networkd		/usr/libexec/symptomsd 
1		292		0.0		_mdnsresponder		/usr/sbin/mDNSResponder 
1		300		0.0		root		/usr/sbin/mDNSResponderHelper 
1		304		0.0		root		/System/Library/PrivateFrameworks/WirelessDiagnostics.framework/Support/awdd 
1		306		0.0		root		/usr/libexec/airportd 
1		308		0.0		_locationd		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		313		0.0		_locationd		/usr/sbin/cfprefsd agent 
1		315		0.0		_locationd		/usr/libexec/trustd --agent 
1		321		0.0		_nsurlsessiond		/usr/libexec/nsurlsessiond --privileged 
1		323		0.0		root		/usr/libexec/apfsd 
1		338		0.0		root		/usr/sbin/cupsd -l 
1		339		0.0		root		/usr/libexec/mobileassetd 
1		340		0.0		root		/usr/libexec/ApplicationFirewall/socketfilterfw 
1		343		0.0		root		/usr/libexec/runningboardd 
1		353		0.0		root		/usr/libexec/lsd runAsRoot 
1		354		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper 
1		355		0.0		_driverkit		/System/Library/DriverExtensions/AppleUserHIDDrivers.dext/AppleUserHIDDrivers com.apple.driverkit.AppleUserHIDEventDriver 0x100000448 
1		358		0.0		root		/usr/libexec/secinitd 
1		359		0.0		_locationd		/usr/libexec/locationd 
1		361		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd-helper -launchd 
1		364		0.0		root		/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/CVMServer 
1		368		0.0		_appleevents		/System/Library/CoreServices/appleeventsd --server 
1		378		0.0		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mds_stores 
1		382		0.0		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon 
1		383		0.0		root		/usr/sbin/spindump 
1		384		0.0		root		/System/Library/CoreServices/SubmitDiagInfo server-init 
1		388		0.0		root		/usr/sbin/distnoted agent 
1		395		0.0		[U501]		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		396		0.0		root		/usr/libexec/securityd_service 
1		397		0.0		[U501]		/usr/sbin/cfprefsd agent 
1		398		0.0		[U501]		/usr/libexec/UserEventAgent (Aqua) 
1		400		0.0		[U501]		/usr/sbin/distnoted agent 
1		401		0.0		[U501]		/usr/sbin/universalaccessd launchd -s 
1		402		0.0		[U501]		/usr/libexec/lsd 
1		403		0.0		[U501]		/usr/libexec/trustd --agent 
1		405		0.0		[U501]		/usr/libexec/knowledge-agent 
1		406		0.0		[U501]		/usr/libexec/secd 
1		407		0.0		[U501]		/System/Applications/Notes.app/Contents/MacOS/Notes -psn_0_40970 
1		408		0.0		[U501]		/System/Library/CoreServices/sharedfilelistd 
1		409		0.0		[U501]		/System/Library/CoreServices/backgroundtaskmanagementagent 
1		410		0.0		[U501]		/Applications/Safari.app/Contents/MacOS/Safari -psn_0_45067 
1		411		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/MacOS/Spotify -psn_0_49164 
1		412		0.0		[U501]		/System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd 
1		413		0.0		[U501]		/Applications/Microsoft Outlook.app/Contents/MacOS/Microsoft Outlook -psn_0_53261 
1		414		0.0		[U501]		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd 
1		415		0.0		[U501]		/usr/libexec/nsurlsessiond 
1		416		0.0		[U501]		/System/Applications/Mail.app/Contents/MacOS/Mail -psn_0_57358 
1		417		0.0		[U501]		/System/Applications/Calendar.app/Contents/MacOS/Calendar -psn_0_61455 
1		418		0.0		[U501]		/System/Applications/Music.app/Contents/MacOS/Music -psn_0_65552 
1		419		0.0		[U501]		/Applications/Microsoft Word.app/Contents/MacOS/Microsoft Word -psn_0_69649 
1		420		0.0		[U501]		/System/Library/CoreServices/talagent 
1		421		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/MacOS/Dock 
1		422		0.0		[U501]		/System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUIServer 
1		423		0.0		[U501]		/System/Library/CoreServices/Finder.app/Contents/MacOS/Finder 
1		424		0.0		[U501]		/System/Library/Frameworks/Accounts.framework/Versions/A/Support/accountsd 
1		427		0.0		[U501]		/usr/libexec/pboard 
1		429		0.0		[U501]		/usr/libexec/pkd 
1		430		0.0		[U501]		/System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService 
1		431		0.0		[U501]		/usr/libexec/secinitd 
1		432		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd 
1		433		0.0		[U501]		/usr/libexec/dmd 
1		435		0.0		[U501]		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		442		0.0		[U501]		/System/Library/PrivateFrameworks/AMPDevices.framework/Versions/A/Support/AMPDeviceDiscoveryAgent --launchd 
1		444		0.0		[U501]		/System/Library/CoreServices/Spotlight.app/Contents/MacOS/Spotlight 
1		445		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy 
1		447		0.0		[U501]		/usr/libexec/rapportd 
1		448		0.0		[U501]		/usr/libexec/neagent 
1		449		0.0		[U501]		/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService 
1		450		0.0		[U501]		/System/Library/PrivateFrameworks/IDS.framework/identityservicesd.app/Contents/MacOS/identityservicesd 
1		451		0.0		[U501]		/usr/libexec/routined LAUNCHED_BY_LAUNCHD 
1		452		0.0		[U501]		/usr/sbin/usernoted 
1		453		0.0		[U501]		/System/Library/CoreServices/mapspushd 
1		454		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History 
1		455		0.0		[U501]		/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent 
1		456		0.0		[U501]		/usr/libexec/networkserviceproxy 
1		457		0.0		[U501]		/usr/libexec/nsurlstoraged 
1		458		0.0		[U501]		/System/Library/CoreServices/NotificationCenter.app/Contents/MacOS/NotificationCenter 
1		459		0.7		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		460		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		461		0.2		[U501]		/System/Library/CoreServices/iconservicesagent 
1		462		0.0		[U501]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsecd 
1		463		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -tw 
1		464		0.0		[U501]		/System/Library/PrivateFrameworks/UserActivity.framework/Agents/useractivityd 
1		466		0.0		root		/usr/sbin/filecoordinationd 
1		467		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/XPCServices/com.apple.dock.extra.xpc/Contents/MacOS/com.apple.dock.extra 
1		469		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/corespotlightd 
1		470		0.0		[U501]		/usr/libexec/swcd 
1		471		0.0		[U501]		/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd 
1		472		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird 
1		474		0.0		_ctkd		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -s 
1		475		0.0		[U501]		/usr/libexec/sharingd 
1		477		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/commerce 
1		478		0.0		[U501]		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		479		0.0		root		/System/Library/PrivateFrameworks/AmbientDisplay.framework/Versions/A/XPCServices/com.apple.AmbientDisplayAgent.xpc/Contents/MacOS/com.apple.AmbientDisplayAgent 
1		480		0.0		[U501]		/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent 
1		481		0.0		[U501]		/System/Library/CoreServices/pbs 
1		482		0.0		[U501]		/System/Library/CoreServices/WiFiAgent.app/Contents/MacOS/WiFiAgent 
1		485		0.0		[U501]		/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService 
1		486		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeaccountd 
1		487		0.0		[U501]		/Applications/Honey.app/Contents/PlugIns/Extension.appex/Contents/MacOS/Extension 
1		488		0.0		[U501]		/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd 
1		490		0.0		[U501]		/System/Library/PrivateFrameworks/CallHistory.framework/Support/CallHistoryPluginHelper 
1		491		0.0		[U501]		/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService 
1		494		0.0		[U501]		/usr/libexec/WiFiVelocityAgent 
1		495		0.0		root		/usr/libexec/wifivelocityd 
1		498		0.0		[U501]		/System/Library/PrivateFrameworks/AppSSO.framework/Support/AppSSOAgent.app/Contents/MacOS/AppSSOAgent 
1		505		0.0		[U501]		/usr/libexec/remindd 
1		506		0.0		[U501]		/System/Library/CoreServices/CoreServicesUIAgent.app/Contents/MacOS/CoreServicesUIAgent 
1		507		0.0		[U501]		/System/Library/PrivateFrameworks/CoreCDP.framework/Versions/A/Resources/cdpd 
1		509		0.0		root		/usr/libexec/findmydeviced 
1		510		0.0		[U501]		/System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter -L 
1		511		0.0		[U501]		/System/Library/Frameworks/ImageIO.framework/Versions/A/XPCServices/ImageIOXPCService.xpc/Contents/MacOS/ImageIOXPCService 
1		512		0.0		[U501]		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent 
1		513		0.0		root		/usr/sbin/WirelessRadioManagerd 
1		514		0.0		[U501]		/System/Library/PrivateFrameworks/TelephonyUtilities.framework/callservicesd 
1		516		0.0		[U501]		/System/Library/Frameworks/InputMethodKit.framework/Resources/imklaunchagent 
1		518		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariBookmarksSyncAgent 
1		519		0.0		[U501]		/System/Library/Input Methods/PressAndHold.app/Contents/PlugIns/PAH_Extension.appex/Contents/MacOS/PAH_Extension 
1		520		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		521		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		522		0.0		[U501]		/System/Library/PrivateFrameworks/IMCore.framework/imagent.app/Contents/MacOS/imagent 
1		523		0.0		[U501]		/System/Library/PrivateFrameworks/IMDPersistence.framework/XPCServices/IMDPersistenceAgent.xpc/Contents/MacOS/IMDPersistenceAgent 
1		524		0.0		[U501]		/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service 
1		525		0.0		[U501]		/System/Library/CoreServices/lockoutagent 
1		526		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		527		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd 
1		530		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid 
1		531		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSpeech.framework/corespeechd 
1		534		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver 
1		535		0.0		[U501]		/System/Library/CoreServices/SocialPushAgent.app/Contents/MacOS/SocialPushAgent 
1		537		0.0		[U501]		/Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr 
1		538		0.0		[U501]		/System/Library/Image Capture/Support/icdd 
1		540		0.0		[U501]		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent 
1		542		0.1		[U501]		/Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager 
1		543		0.0		[U501]		/System/Library/PrivateFrameworks/AskPermission.framework/Versions/A/Resources/askpermissiond 
1		545		0.0		[U501]		/Library/Application Support/Adobe/AdobeGCClient/AGMService -mode=logon 
1		546		0.0		[U501]		/System/Library/CoreServices/AirPlayUIAgent.app/Contents/MacOS/AirPlayUIAgent --launchd 
1		548		0.0		[U501]		/System/Library/CoreServices/cloudpaird 
1		551		0.0		[U501]		/System/Library/CoreServices/diagnostics_agent 
1		553		0.0		[U501]		/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent 
1		554		0.0		[U501]		/System/Library/PrivateFrameworks/AppleMediaServices.framework/Resources/amsaccountsd 
1		556		0.0		root		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp -d 
1		557		0.0		[U501]		/Applications/CyberGhost VPN.app/Contents/MacOS/CyberGhost VPN 
1		558		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp 
1		559		0.0		[U501]		/System/Library/PrivateFrameworks/CoreRecents.framework/Versions/A/Support/recentsd 
1		560		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		561		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		562		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		563		0.0		[U501]		/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent 
1		564		0.0		[U501]		/usr/libexec/fmfd 
1		565		0.0		[U501]		/System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled 
1		566		0.0		[U501]		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoteagent 
1		567		0.0		[U501]		/System/Library/PrivateFrameworks/AOSKit.framework/Versions/A/XPCServices/com.apple.iCloudHelper.xpc/Contents/MacOS/com.apple.iCloudHelper 
1		568		0.0		[U501]		/usr/libexec/SidecarRelay 
1		569		0.0		[U501]		SafeEjectGPUAgent		
1		570		0.0		[U501]		/System/Library/CoreServices/Menu Extras/SafeEjectGPUExtra.menu/Contents/XPCServices/SafeEjectGPUService.xpc/Contents/MacOS/SafeEjectGPUService 
1		571		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/XPCServices/ContainerMetadataExtractor.xpc/Contents/MacOS/ContainerMetadataExtractor 
1		576		0.0		[U501]		/System/Library/PrivateFrameworks/PassKitCore.framework/passd 
1		577		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreADI.framework/adid 
1		580		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/reversetemplated 
1		581		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/XPCServices/com.apple.hiservices-xpcservice.xpc/Contents/MacOS/com.apple.hiservices-xpcservice 
1		582		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd 
1		583		0.0		_captiveagent		/usr/libexec/captiveagent 
1		584		0.0		root		/usr/libexec/diskmanagementd 
1		585		0.0		_netbios		/usr/sbin/netbiosd 
1		587		0.0		root		/usr/libexec/dprivacyd 
1		590		0.0		[U501]		/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager 
1		591		0.0		_softwareupdate		/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated 
1		592		0.0		[U501]		/System/Library/PrivateFrameworks/GameCenterFoundation.framework/Versions/A/gamed 
1		595		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		596		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		597		0.0		root		/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd 
1		598		0.0		_nsurlstoraged		/usr/libexec/nsurlstoraged --privileged 
1		602		0.0		root		/usr/libexec/nesessionmanager 
1		603		0.0		root		/System/Library/Frameworks/SystemExtensions.framework/Versions/A/Helpers/sysextd 
1		604		0.0		[U501]		/System/Library/Frameworks/NetworkExtension.framework/PlugIns/NEIKEv2Provider.appex/Contents/MacOS/NEIKEv2Provider 
1		608		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		609		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		610		0.0		[U501]		/System/Library/PrivateFrameworks/AssetCacheServices.framework/Versions/A/XPCServices/AssetCacheLocatorService.xpc/Contents/MacOS/AssetCacheLocatorService -a 
1		611		0.0		_assetcache		/usr/libexec/AssetCache/AssetCache 
1		622		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Support/fontworker 
1		624		0.0		_applepay		/usr/libexec/nfcd 
1		630		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariCloudHistoryPushAgent 
1		632		0.0		[U501]		/System/Library/CoreServices/ReportCrash agent 
1		636		0.0		root		/Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon 
1		640		0.0		root		/usr/libexec/rtcreportingd 
1		642		0.0		root		/System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheTetheratorService.xpc/Contents/MacOS/AssetCacheTetheratorService 
1		644		0.0		root		/System/Library/PrivateFrameworks/CoreSymbolication.framework/coresymbolicationd 
1		645		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/TabletDriver.app/Contents/MacOS/TabletDriver -psn_0_249917 
1		647		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/WacomTouchDriver.app/Contents/MacOS/WacomTouchDriver -psn_0_258111 
1		651		0.0		root		/usr/libexec/sysmond 
159		652		0.0		root		/usr/sbin/systemstats --logger-helper /private/var/db/systemstats 
1		654		0.0		[U501]		/usr/libexec/adprivacyd 
1		655		0.0		[U501]		/System/Library/PrivateFrameworks/ProtectedCloudStorage.framework/Helpers/ProtectedCloudKeySyncing 
1		672		0.0		root		/usr/libexec/smd 
1		673		0.0		[U501]		/System/Library/PrivateFrameworks/FileProvider.framework/Support/fileproviderd 
1		674		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		676		0.0		[U501]		/Applications/AppCleaner.app/Contents/MacOS/AppCleaner 
1		677		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/XPCServices/com.apple.DictionaryServiceHelper.xpc/Contents/MacOS/com.apple.DictionaryServiceHelper 
1		682		0.0		root		/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd 
1		685		0.0		[U501]		/System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent 
1		686		0.0		root		/usr/libexec/colorsyncd 
1		687		0.0		_spotlight		/usr/libexec/trustd --agent 
1		688		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		689		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		692		0.0		[U501]		/System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell 
1		693		0.0		[U501]		/usr/libexec/keyboardservicesd 
1		706		0.0		root		/System/Library/CoreServices/CrashReporterSupportHelper server-init 
1		712		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		714		0.0		[U501]		/System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal 
1		715		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		717		0.0		root		/usr/sbin/systemsoundserverd 
1		718		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon 
1		719		0.0		root		/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper 
1		748		0.0		[U501]		/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstoreagent 
1		778		0.0		[U501]		/System/Library/PrivateFrameworks/PhotoAnalysis.framework/Versions/A/Support/photoanalysisd 
1		779		0.0		[U501]		/System/Library/PrivateFrameworks/PhotoLibraryServices.framework/Versions/A/Support/photolibraryd 
1		782		0.0		[U501]		/System/Library/CoreServices/ScopedBookmarkAgent 
1		784		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-sizing -c MDSSizingWorker -m com.apple.mdworker.sizing 
1		785		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-sizing -c MDSSizingWorker -m com.apple.mdworker.sizing 
1		786		0.0		[U501]		/System/Library/Frameworks/QuickLookThumbnailing.framework/Support/com.apple.quicklook.ThumbnailsAgent 
1		789		0.0		[U501]		/System/Library/Frameworks/QuickLook.framework/Versions/A/XPCServices/QuickLookSatellite.xpc/Contents/MacOS/QuickLookSatellite 
1		805		0.0		[U501]		cloudphotod		
1		806		0.0		[U501]		/System/Library/PrivateFrameworks/CacheDelete.framework/deleted 
1		807		0.0		[U501]		/System/Library/PrivateFrameworks/CoreFollowUp.framework/Versions/A/Support/followupd 
1		829		0.0		[U501]		/Applications/Safari.app/Contents/XPCServices/com.apple.Safari.SandboxBroker.xpc/Contents/MacOS/com.apple.Safari.SandboxBroker 
1		833		0.0		[U501]		/System/Library/Frameworks/AppKit.framework/Versions/C/XPCServices/SandboxedServiceRunner.xpc/Contents/MacOS/SandboxedServiceRunner 
1		837		0.0		root		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		841		0.0		[U501]		/System/Library/PrivateFrameworks/XprotectFramework.framework/Versions/A/XPCServices/XprotectService.xpc/Contents/MacOS/XprotectService 
1		842		0.0		root		/System/Library/PrivateFrameworks/XprotectFramework.framework/Versions/A/XPCServices/XprotectService.xpc/Contents/MacOS/XprotectService 
1		846		6.4		[U501]		/Applications/EtreCheckPro.app/Contents/MacOS/EtreCheckPro 
1		848		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		849		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		853		0.0		[U501]		/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService 
1		860		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		918		5.5		[U501]		/Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift 
1		3038		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocs.framework/PlugIns/com.apple.CloudDocs.MobileDocumentsFileProvider.appex/Contents/MacOS/com.apple.CloudDocs.MobileDocumentsFileProvider 
1		4692		0.0		[U501]		/usr/libexec/studentd 
1		4694		0.0		[U501]		/System/Library/PrivateFrameworks/ClassKit.framework/Versions/A/progressd 
714		716		0.0		root		login -pf [U501] 
716		720		0.0		[U501]		-bash 

«»EOF»«
3) EtreCheck

Code:
ATTFilter
EtreCheckPro version: 6.4.4 (6E015)
Report generated: 2021-05-03 14:27:20
Download EtreCheckPro from https://etrecheck.com
Runtime: 4:02
Performance: Good

Problem: No problem - just checking

Major Issues:
  Anything that appears on this list needs immediate attention. 
  System extension blocked - There are system extensions awaiting user approval.
  Adobe Flash Player installed - Adobe Flash Player is installed on this computer. This is a security risk and no longer supported.

Minor Issues:
  These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. 
  SSD too slow - SSD is showing poor performance.
  No Time Machine backup - Time Machine backup not found.
  High battery cycle count - Your battery may be losing capacity.
  Unsigned files - There are unsigned software files installed. Apple has said that unsigned software will not run by default in a future version of the operating system.
  System modifications - There are a large number of system modifications running in the background.
  Insufficient permissions - EtreCheck running under a standard user. Diagnostic information may not be available.
  Limited drive access - More information may be available with Full Drive Access.
  Kernel extensions present - This computer has kernel extensions that may not work in the future.

Hardware Information:
  MacBook Pro (13-inch, Mid 2012)
  MacBook Pro Model: MacBookPro9,2
  2,5 GHz Dual-Core Intel Core i5 (i5-3210M) CPU: 2-core
  4 GB RAM - Upgradeable
    BANK 0/DIMM0 - 2 GB DDR3 1600  
    BANK 1/DIMM0 - 2 GB DDR3 1600  
  Battery: Health = Replace Soon - Cycle count = 1165

Video Information:
  Intel HD Graphics 4000 - VRAM: 1536 MB
    Color LCD 1280 x 800

Drives:
  disk0 - Crucial_CT525MX300SSD1 525.11 GB (Solid State - TRIM: No) 
  Internal SATA 6 Gigabit Serial ATA
    disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk0s2 [APFS Container] 524.90 GB
      disk1 [APFS Virtual drive] 524.90 GB (Shared by 5 volumes)
        disk1s1 - M******************n (APFS) [APFS Virtual drive] (Shared - 251.17 GB used)
        disk1s2 - Preboot (APFS) [APFS Preboot] (Shared - 30 MB used)
        disk1s3 - Recovery (APFS) [Recovery] (Shared - 526 MB used)
        disk1s4 - VM (APFS) [APFS VM] (Shared - 2.15 GB used)
        disk1s5 - Macintosh HD (APFS) (Shared - 11.26 GB used)

Mounted Volumes:
  disk1s1 - M******************n [APFS Virtual drive]
    524.90 GB (Shared - 251.17 GB used, 268.24 GB available, 259.60 GB free)
    APFS
    Mount point: /System/Volumes/Data
    Encrypted

  disk1s4 - VM [APFS VM]
    524.90 GB (Shared - 2.15 GB used, 259.60 GB free)
    APFS
    Mount point: /private/var/vm

  disk1s5 - Macintosh HD
    524.90 GB (Shared - 11.26 GB used, 268.24 GB available, 259.60 GB free)
    APFS
    Mount point: /
    Encrypted
    Read-only: Yes

Network:
  Interface en0: Ethernet
  Interface en1: Wi-Fi
    802.11 a/b/g/n
  Interface fw0: FireWire
  Interface en3: Bluetooth PAN
  Interface bridge0: Thunderbolt Bridge
  iCloud Quota: 1.79 GB available

System Software:
  macOS Catalina 10.15.7 (19H114) 
  Time since boot: Less than an hour

Configuration Files:
  /etc/hosts - Count: 20

Notifications:
  Microsoft Outlook.app
    2 notifications

  BlueStacks.app
    100 notifications

Security:
  Gatekeeper: App Store and identified developers
  System Integrity Protection: Enabled

  Antivirus software: Apple and Malwarebytes

  Security Risk! - Adobe Flash Player installed!

Unsigned Files:
  Launchd: /Library/LaunchDaemons/com.adobe.SwitchBoard.plist
    Executable: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/org.virtualbox.startup.plist
    Executable: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh restart
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist
    Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.anchorfree.ajaxserver.plist
    Executable: /Library/Application Support/Hotspot Shield/ajaxserver
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist
    Executable: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility -mode=logon
    Details: Exact match found in the legitimate list - probably OK

  Launchd: ~/Library/LaunchAgents/com.BlueStacks.AppPlayer.Service.plist
    Executable: /Applications/BlueStacks.app/Contents/MacOS/bstservice Android
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/hdjsd.plist
    Executable: /var/hercules/hdjsd
    Details: Exact match found in the legitimate list - probably OK

  Plugin: /Library/Internet Plug-Ins/Flash Player.plugin/Flash Player.plugin/Contents/PlugIns/FlashPlayer-10.6.plugin
  Plugin: /Library/Internet Plug-Ins/EPPEX Plugin.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewer.plugin
  Plugin: /Library/Internet Plug-Ins/Flash Player.plugin/Flash Player.plugin
  Plugin: /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin
  Plugin: /Library/Internet Plug-Ins/Unity Web Player.plugin
  Plugin: /Library/Internet Plug-Ins/VLC Plugin.plugin

  Preference Pane: /Library/PreferencePanes/MacFUSE.prefPane
  Preference Pane: /Library/PreferencePanes/NIUSBAudio.prefPane

  Apps: 34


System Extensions:
  [Waiting for authorization] TotalAV 5 Real-Time Extension - version 1.0 (SS Protect Limited - 2021-03-15)
    Application: /Applications/TotalAV.app - version 1.0

Kernel Extensions:
  /Applications/BlueStacks.app
    [Not Loaded] VBoxDrv.kext - com.bluestacks.kext.Hypervisor (5.2.20)

  /Library/Application Support/Hotspot Shield
    [Not Loaded] tun10.9.kext - com.anchorfree.tun (1.1.1 - SDK 10.8)

  /Library/Application Support/VirtualBox
    [Loaded] VBoxDrv.kext - org.virtualbox.kext.VBoxDrv (6.1.4)
    [Loaded] VBoxNetAdp.kext - org.virtualbox.kext.VBoxNetAdp (6.1.4)
    [Loaded] VBoxNetFlt.kext - org.virtualbox.kext.VBoxNetFlt (6.1.4)
    [Loaded] VBoxUSB.kext - org.virtualbox.kext.VBoxUSB (6.1.4)

  /Library/Extensions
    [Not Loaded] FTDIKext.kext - com.FTDI.driver.D2XXHelper (1.0 - SDK 10.14)
    [Not Loaded] NIUSBAudio2DJ.kext - com.caiaq.driver.NIUSBAudio2DJDriver (2.3.14)
    [Not Loaded] NIUSBAudio4DJ.kext - com.caiaq.driver.NIUSBAudio4DJDriver (2.3.14)
    [Not Loaded] NIUSBAudioDriver.kext - com.caiaq.driver.NIUSBHardwareDriver (2.3.14)
    [Not Loaded] NIUSBTraktorKontrolX1.kext - com.caiaq.driver.NIUSBTraktorKontrolX1Driver (2.3.14)
    [Not Loaded] fabio.kext - com.dvdfab.kext.fabio (1.0)
    [Not Loaded] Dropbox.kext - com.getdropbox.dropbox.kext (1.11.0 - SDK 10.14)
    [Not Loaded] hp_fax_io.kext - com.hp.kext.hp-fax-io (5.11.0 - SDK 10.8)
    [Not Loaded] hp_io_enabler_compound.kext - com.hp.kext.io.enabler.compound (3.4.0)
    [Not Loaded] JMicronATA.kext - com.jmicron.JMicronATA (1.1.6)
    [Not Loaded] NIUSBDeviceHelper.kext - com.native-instruments.driver.NIUSBDeviceHelper (1.0.8 (R32))
    [Not Loaded] SiLabsUSBDriver64.kext - com.silabs.driver.CP210xVCPDriver64 (3.0.0d1)
    [Not Loaded] Wacom Tablet.kext - com.wacom.kext.wacomtablet (Wacom Tablet 6.3.34-1 - SDK 10.14)
    [Not Loaded] BJUSBLoad.kext - jp.co.canon.bj.print.BJUSBLoad (10.75.21 - SDK 10.8)
    [Not Loaded] CIJUSBLoad.kext - jp.co.canon.ij.print.CIJUSBLoad (16.0.10 - SDK 10.9)

System Launch Agents:
  [Not Loaded]  17 Apple tasks
  [Loaded]  185 Apple tasks
  [Running]  111 Apple tasks

System Launch Daemons:
  [Not Loaded]  33 Apple tasks
  [Loaded]  202 Apple tasks
  [Running]  102 Apple tasks

Launch Agents:
  [Not Loaded] com.adobe.AAM.Updater-1.0.plist (? ffb65062  - installed 2018-01-09)
  [Loaded] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Loaded] com.microsoft.OneDriveStandaloneUpdater.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2021-04-14)
  [Running] com.wacom.DataStoreMgr.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.IOManager.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.wacomtablet.plist (Wacom Technology Corp. - installed 2020-09-25)

Launch Daemons:
  [Loaded] com.BlueStacks.AppPlayer.bstservice_helper.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.adobe.SwitchBoard.plist (? 68cad67  - installed 2014-11-19)
  [Loaded] com.adobe.acc.installer.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Loaded] com.adobe.acc.installer.v2.plist (Adobe Inc. - installed 2020-11-18)
  [Running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Loaded] com.adobe.fpsaud.plist (Adobe Inc. - installed 2020-11-24)
  [Loaded] com.anchorfree.ajaxserver.plist (? b7821fb8  - installed 2013-11-08)
  [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2021-04-29)
  [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Running] com.microsoft.OneDriveStandaloneUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.OneDriveUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2021-04-14)
  [Loaded] com.microsoft.office.licensing.helper.plist (? 6d8cb30e  - installed 2015-06-04)
  [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2020-11-09)
  [Loaded] com.microsoft.teams.TeamsUpdaterDaemon.plist (Microsoft Corporation - installed 2020-12-07)
  [Not Loaded] com.oracle.java.Helper-Tool.plist (? 0  - installed )
  [Running] com.wacom.UpdateHelper.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Loaded] com.wacom.displayhelper.plist (Apple - installed 2020-12-09)
  [Running] hdjsd.plist (? 70ae2dc0  - installed 2013-12-25)
  [Loaded] net.protected.macos.AVHelper.plist (SS Protect Limited - installed 2021-04-28)
  [Not Loaded] org.virtualbox.startup.plist (? 700b9385  - installed 2020-03-02)

User Launch Agents:
  [Loaded] com.BlueStacks.AppPlayer.Service.plist (? 0  - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.UninstallWatcher.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.Updater.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-04-25)

User Login Items:
  [Not Loaded] AppCleaner SmartDelete (Julien Ramseier - installed 2021-05-03)
    Modern Login Item
    /Applications/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app

  [Running] CyberGhost VPN (Cyberghost SRL - installed 2021-04-27)
    Application
    /Applications/CyberGhost VPN.app

  [Not Loaded] Launcher Disabler (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/Launcher Disabler.app

  [Not Loaded] OneDrive Launcher (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/OneDrive Launcher.app

  [Not Loaded] QuickEntryHelper (XMind Ltd. - installed 2020-12-16)
    Modern Login Item
    /Applications/XMind.app/Contents/PlugIns/XMind QuickEntry.app/Contents/Library/LoginItems/QuickEntryHelper.app

  [Not Loaded] HP Device Monitor (HP Inc. - installed 2017-11-06)
    Modern Login Item
    /Library/Printers/hp/Frameworks/HPDeviceMonitoring.framework/Versions/1.0/Helpers/HP Device Monitor Manager.app/Contents/Library/LoginItems/HP Device Monitor.app

  [Not Loaded] HP Product Research (HP Inc. - installed 2017-11-06)
    Modern Login Item
    /Library/Printers/hp/Utilities/HPPU Plugins/ProductImprovementStudy.hptask/Contents/Helpers/HP Product Research Manager.app/Contents/Library/LoginItems/HP Product Research.app

  [Loaded] StartUpHelper (Spotify - installed 2021-05-03)
    Modern Login Item
    /Users/***/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app

Internet Plug-ins:
  AdobeAAMDetect: 3.0.0.0 (Adobe Systems, Inc. - installed 2017-11-02)
  FlashPlayer-10.6: 32.0.0.465 (? - installed 2020-12-08)
  EPPEX Plugin: 10.0 (? - installed 2012-05-25)
  AdobePDFViewerNPAPI: 11.0.0 (? - installed 2012-09-24)
  AdobePDFViewer: 11.0.0 (? - installed 2012-09-24)
  Flash Player: 32.0.0.465 (? - installed 2020-12-08)
  SharePointBrowserPlugin: 14.5.2 (? - installed 2020-09-01)
  Unity Web Player: UnityPlayer version 4.5.5f1 (? - installed 2014-10-08)
  VLC Plugin: 2.2.4 (? - installed 2016-06-02)

Safari Extensions:
  Honey (App Store - installed 2021-04-21)

3rd Party Preference Panes:
  Flash Player (Adobe Inc. - installed 2020-11-24)
  MacFUSE (? - installed 2008-12-19)
  Native Instruments USB Audio (? - installed 2013-10-23)
  WacomTablet (Wacom Technology Corp. - installed 2020-09-25)

Backup:
  Time Machine information not available without Full Drive Access.

Performance:
  System Load: 1.53 (1 min ago) 5.09 (5 min ago) 5.44 (15 min ago)
  Nominal I/O speed: 0.09 MB/s
  File system: 24.41 seconds
  Write speed: 240 MB/s
  Read speed: 420 MB/s

CPU Usage Snapshot:
  Type Overall
  System: 3 %
  User: 4 %
  Idle: 93 %

Top Processes Snapshot by CPU:
  Process (count) CPU (Source - Location)
  system_profiler (2) 31.00 % (Apple)
  WindowServer 8.04 % (Apple)
  DetectX Swift 7.10 % (Philip Stokes)
  EtreCheckPro 6.80 % (Etresoft, Inc.)
  kernel_task 3.40 % (Apple)

Top Processes Snapshot by Memory:
  Process (count) RAM usage (Source - Location)
  EtreCheckPro 212 MB (Etresoft, Inc.)
  com.apple.WebKit.WebContent (2) 112 MB (Apple)
  mds_stores 104 MB (Apple)
  kernel_task 93 MB (Apple)
  Spotlight 82 MB (Apple)

Top Processes Snapshot by Network Use:
  Process (count) Input / Output (Source - Location)
  Mail 2 MB / 12 KB (Apple)
  mDNSResponder 42 KB / 37 KB (Apple)
  parsecd 39 KB / 2 KB (Apple)
  apsd 11 KB / 18 KB (Apple)
  cloudd 7 KB / 2 KB (Apple)

Top Processes Snapshot by Energy Use:
  Process (count) Energy (0-100) (Source - Location)
  WindowServer 4 (Apple)
  Safari 2 (Apple)
  com.apple.WebKit.WebContent (2) 1 (Apple)
  DetectX Swift 1 (Philip Stokes)
  hidd 1 (Apple)

Virtual Memory Information:
  Physical RAM: 4 GB

  Free RAM: 208 MB
  Used RAM: 3.02 GB
  Cached files: 797 MB

  Available RAM: 1005 MB
  Swap Used: 30 MB

Software Installs (past 60 days):
  Install Date Name (Version)
  2021-03-05 iMovie (10.2.3)
  2021-03-24 Pages (11.0)
  2021-04-14 Microsoft AutoUpdate (4.34.21041102)
  2021-04-14 Microsoft Excel (16.48.21041102)
  2021-04-14 Microsoft OneNote (16.48.21041102)
  2021-04-14 Microsoft PowerPoint (16.48.21041102)
  2021-04-14 Microsoft Word (16.48.21041102)
  2021-04-19 Microsoft Outlook (16.48.21041102)
  2021-04-21 Honey (12.8.6)
  2021-04-27 Anki Notes (3.00)
  2021-04-28 TotalAV (1.0)
  2021-04-29 Malwarebytes for Mac (1.0)
  2021-04-30 MRTConfigData (1.78)
  2021-04-30 XProtectPlistConfigData (2145)
  2021-05-03 Paint S (5.10.1)

Diagnostics Information (past 7-30 days):
  2021-05-03 14:19:37 Creative Cloud.app Crash
    Executable: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app
    Details:
      abort() called
      Creative Cloud(550,0x10eaf0dc0) malloc: *** error for object 0x7f8043c
      71a00: pointer being freed was not allocated

  2021-05-03 14:14:55 Adobe CEF Helper.app Crash
    Executable: /Library/Application Support/Adobe/*/Adobe CEF Helper.app
    Details:
      couldn't dlopen libobjc-trampolines.dylib: dlopen(/usr/lib/libobjc-tra
      mpolines.dylib, 262): no suitable image found.  Did find:
      /usr/lib/libobjc-trampolines.dylib: file system sandbox blocked stat()

  2021-04-28 16:43:45 cloudd Crash
    Executable: /System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd
    Details:
      dyld3 mode
      *** Terminating app due to uncaught exception 'NSGenericException', re
      ason: 'Failed to step (6922): "select operationID from OperationInfo w
      here appBundleIdentifier = ? AND sourceAppBundleIdentifier = ? AND per
      sonaID = ? AND applicationContainerPath = ? AND containerIdentifier = 
      ? AND containerEnvironment = ? AND accountID = ?" - errcode:1b0a, msg:
      "disk I/O error", size: (null), path:/Users/***/Library/Caches/*/Cloud
      KitOperationInfo, fs:(null)/(null)'
      terminating with uncaught exception of type NSException
      abort() called

  Directory /Library/Logs/DiagnosticReports is not accessible.
  Run as an administrator account to see more information.

End of report


Ich hoffe das passt so! DANKE, Dante12!

Außerdem :
1. Unter Systemeinstellungen, Benutzer und Gruppen, Button Anmeldeobjekte: keine Einträge von TotalAV, dementsprechend nicht deaktivierbar
2. Appcleaner findet keine totalAv Dateien
3. Habe manuell gesucht und dieses gefunden, lässt sich nicht löschen, habe auch nach eingeben des PW keinen Zugriff: net.protected.macos.TotalAV.ESAVExtension.systemextension

Alt 03.05.2021, 15:59   #11
Dante12
/// Mac Expert
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Danke für deine Mithilfe,

Wichtig: Bitte mache zwischendurch keinen Neustart bis ich dir das weiter unten geschrieben habe.

Fragen:

EtreCheck ohne Root-Rechte
Hast du ExtreCheck unter Systemeinstellungen -> Sicherheit & Datenschutz -> Reiter Datenschutz -> Festplattenvollzugriff die Rechte zugewiesen? Sieht so aus das EtreCheck nur auf User-Ebene läuft.
Bitte die Anweisungen befolgen wie ich dir bei der Rechtevergabe zu DetectX gegeben habe. Hier EtreCheck die Rechte unter Festplattenvollzugriff geben, Programm neu starten und ein neues Log erstellen.

Adobe Flash Player
Benötigst du den Flashplayer? Der wird nicht mehr aktualiert. Also wenn nicht, dann deinstallieren.
In Safari unter Einstellungen -> Erweiterungen das Plugin löschen.
Schau mal bitte im Finder unter Programme -> Dienstprogramme ob dort bereits ein uninstaller vorhanden ist. Dann diesen ausführen.

Alternativ den Flash-Uninstaller herunterladen. Öffnen und ausführen.

Terminal öffnen
kopiere den Inhalt aus den Codeboxen, einfügen und mit Enter bestätigen. Eventuell musst du dein Admin-Passwort angeben.

Code:
ATTFilter
sudo launchctl remove net.protected.macos.AVHelper
Sollte eine Fehlermeldung erscheinen bitte kopieren und ins Thema einfügen.

weiter...
Bitte die Zeilen hier einzeln in das Terminal kopieren und ausführen - Bei Fehlermeldungen hier posten.

Code:
ATTFilter
sudo pkgutil --forget com.jdi.pkg.TotalAV
sudo pkgutil --forget com.zeobit.MacKeeper.affid.pkg
sudo pkgutil --forget com.zeobit.MacKeeper.pkg
App von TB laden
  1. Öffne bitte TextEdit -> Programme -> TextEdit
  2. Oben im Menü Format wähle in reinen Text umwandeln
  3. Kopiere den nachfolgenden Inhalt aus der Code-Box und füge es in TextEdit ein.
  4. Speichere es auf dein Schreibtisch(desktop) unter den Namen trashPaths.txt

Hinweis: Das nachfolgende AppleScript-Programm löscht die Daten in der Liste trashPaths.txt. Aufgrund von Beschränkungen im System,
muss jedoch beim Löschen in Systemordnern immer das Admin-Passwort eingegeben werden.
  1. Bitte lade dir das script MoveToTrash von Server herunter und speichere es auf dein Desktop
  2. Entpacke das Archiv und Starte es mit einem Doppelklick
  3. Solltest du die Meldung erhalten von einem "nicht Verifizierten Entwickler", dann klicke mit der rechten Maus drauf und wähle öffnen.
  4. Die Dateien in der Liste trashPaths.txt werden in den Papierkorb verschoben.
  5. Sollte es mit dem löschen probleme geben, dann musst du diese Dateien "manuell" löschen.

Code:
ATTFilter
/Library/LaunchDaemons/net.protected.macos.AVHelper.plist,
/Applications/TotalAV.app
Jetzt Neustart!

1. Log mit DetectX
2. Log mit EtreCheck (bitte mit Root-Rechten)
__________________
-----------------
-Gruß dante12
-----------------
Lob, Kritik, Wünsche? Spende fürs trojaner-board?

Alt 03.05.2021, 22:14   #12
elisabeth69
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


1) Root Rechte gewährt! Check

2) Adobe Flashplayer deinstalliert. Check

3) Inhalt kopiert und in Terminal eingegeben, gebe admin Passwort ein, wird nicht akzeptiert
Code:
ATTFilter
Last login: Mon May  3 15:01:04 on ttys000

The default interactive shell is now zsh.
To update your account to use zsh, please run `chsh -s /bin/zsh`.
For more details, please visit https://support.apple.com/kb/HT208050.
DER-MacBook-Pro:~ berlinalake$ sudo launchctl remove net.protected.macos.AVHelper
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
sudo: 3 incorrect password attempts
DER-MacBook-Pro:~ berlinalake$ sudo launchctl remove net.protected.macos.AVHelper
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
berlinalake is not in the sudoers file.  This incident will be reported.
DER-MacBook-Pro:~ berlinalake$ sudo launchctl remove net.protected.macos.AVHelper
Password:
Sorry, try again.
Password:
Sorry, try again.
Password:
gleiche Geschichte für den nächsten code
Code:
ATTFilter
Last login: Mon May  3 22:38:20 on ttys000

The default interactive shell is now zsh.
To update your account to use zsh, please run `chsh -s /bin/zsh`.
For more details, please visit https://support.apple.com/kb/HT208050.
DER-MacBook-Pro:~ berlinalake$ sudo pkgutil --forget com.jdi.pkg.TotalAV
Password:
Sorry, try again.
Password:
und wieder das gleiche
Code:
ATTFilter
Last login: Mon May  3 22:42:00 on ttys000

The default interactive shell is now zsh.
To update your account to use zsh, please run `chsh -s /bin/zsh`.
For more details, please visit https://support.apple.com/kb/HT208050.
DER-MacBook-Pro:~ berlinalake$ sudo pkgutil --forget com.zeobit.MacKeeper.affid.pkg
Password:
Sorry, try again.
Password:
und wieder
Code:
ATTFilter
Last login: Mon May  3 22:42:50 on ttys000

The default interactive shell is now zsh.
To update your account to use zsh, please run `chsh -s /bin/zsh`.
For more details, please visit https://support.apple.com/kb/HT208050.
DER-MacBook-Pro:~ berlinalake$ sudo pkgutil --forget com.zeobit.MacKeeper.pkg
Password:
Sorry, try again.
Password:

4) MoveToTrash hat die Datei /Library/LaunchDaemons/net.protected.macos.AVHelper.plist, entfernt, jedoch nicht Applications/TotalAV.app , jedenfalls konnte ich es visuell nicht nachvollziehen

5)DetectX Log

Code:
ATTFilter
Timestamp (10): Mon May 03 22:57:57 2021
DetectX Swift v1.0971

macOS: Version 10.15.7 (Build 19H114)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Mon May 3 22:56:15 2021
Uptime: 2 mins, 1 user

Spotlight status for /:
	Indexing enabled. 
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.

Internet:	Reachable,Transient Connection


    Hardware Overview:

      Model Name: MacBook Pro
      Model Identifier: MacBookPro9,2
      Processor Name: Dual-Core Intel Core i5
      Processor Speed: 2,5 GHz
      Number of Processors: 1
      Total Number of Cores: 2
      L2 Cache (per Core): 256 KB
      L3 Cache: 3 MB
      Hyper-Threading Technology: Enabled
      Memory: 4 GB
      Boot ROM Version: 233.0.0.0.0
      SMC Version (system): 2.2f44
      Sudden Motion Sensor:
          State: Enabled



  Sharing Preferences:

	File Sharing:  Off
	Screen Sharing:  Off
	Remote Management:  Off
	Back To My Mac:  Off
	Remote Login:  Off
	Remote Apple Events:  Off


3rd Party Kexts (loaded):

	org.virtualbox.kext.VBoxDrv
	org.virtualbox.kext.VBoxUSB
	org.virtualbox.kext.VBoxNetFlt
	org.virtualbox.kext.VBoxNetAdp


 $PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
	/usr/local/bin
	/usr/bin
	/bin
	/usr/sbin
	/sbin

/etc/paths.d/:

~/.bash_profile:
	
~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


PID	Status	Label
608	0	com.adobe.GC.AGM
674	0	com.sqwarq.DetectX-Swift.24416
600	0	com.wacom.DataStoreMgr
603	0	com.malwarebytes.mbam.frontend.agent
-	0	com.adobe.AdobeCreativeCloud
-	0	com.openssh.ssh-agent
-	0	com.microsoft.update.agent
597	0	com.wacom.wacomtablet
-	0	com.BlueStacks.AppPlayer.Service
-	0	com.spotify.client.startuphelper
620	0	com.cyberghostsrl.cyberghostmac.23952
-	0	com.BlueStacks.AppPlayer.UninstallWatcher
-	0	com.microsoft.OneDriveStandaloneUpdater
605	0	com.wacom.IOManager
-	0	com.BlueStacks.AppPlayer.Updater


 System Launchd processes:

0      - 	com.adobe.SwitchBoard
151      - 	com.malwarebytes.mbam.rtprotection.daemon
0      - 	com.adobe.acc.installer.v2
0      - 	com.vix.cron
0      - 	com.microsoft.office.licensing.helper
0      - 	com.microsoft.teams.TeamsUpdaterDaemon
0      - 	com.microsoft.office.licensingV2.helper
178      - 	com.wacom.UpdateHelper
623      - 	com.microsoft.autoupdate.helper
181      - 	Adobe_Genuine_Software_Integrity_Service
368      - 	org.cups.cupsd
0      - 	com.anchorfree.ajaxserver
0      - 	com.wacom.displayhelper
1301      - 	com.microsoft.OneDriveStandaloneUpdaterDaemon
379      - 	com.malwarebytes.mbam.settings.daemon
0      - 	com.microsoft.OneDriveUpdaterDaemon
0      - 	com.adobe.acc.installer
0      - 	com.BlueStacks.AppPlayer.bstservice_helper
198      - 	com.hercules.hdjsd



 User Login Items:
 
	/Applications/CyberGhost VPN.app
	/Users/bettakroegel/Applications/Spotify.app
	/Users/bettakroegel/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app



 /Library/LaunchDaemons:

	hdjsd.plist
		--> Program Arguments: /var/hercules/hdjsd
	
	com.malwarebytes.mbam.settings.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
	
	com.microsoft.OneDriveStandaloneUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon
	
	com.microsoft.teams.TeamsUpdaterDaemon.plist
	
	com.adobe.agsservice.plist
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGSService
	
	com.BlueStacks.AppPlayer.bstservice_helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
	
	com.malwarebytes.mbam.rtprotection.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: -i
		--> Program Arguments: Malwarebytes-Mac-4.8.12.4131.pkg
	
	com.microsoft.OneDriveUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/OneDriveUpdaterDaemon.xpc/Contents/MacOS/OneDriveUpdaterDaemon
	
	com.wacom.displayhelper.plist
		--> Program Arguments: /sbin/kextunload
		--> Program Arguments: /System/Library/Extensions/AppleUSBFTDI.kext
	
	org.virtualbox.startup.plist
		--> Program Arguments: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh
		--> Program Arguments: restart
	
	com.adobe.acc.installer.v2.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
	
	com.wacom.UpdateHelper.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper
	
	com.adobe.SwitchBoard.plist
		--> Program Arguments: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
	
	com.anchorfree.ajaxserver.plist
		-> Program: /Library/Application Support/Hotspot Shield/ajaxserver
		--> Program Arguments: /Library/Application Support/Hotspot Shield/ajaxserver
	
	com.microsoft.office.licensingV2.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
	
	com.oracle.java.Helper-Tool.plist
	
	com.adobe.acc.installer.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer
	
	com.microsoft.office.licensing.helper.plist
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
	
	com.microsoft.autoupdate.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
	



 /Library/LaunchAgents:

	com.adobe.AdobeCreativeCloud.plist
		-> Program: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: --showwindow=false
		--> Program Arguments: --onOSstartup=true
	
	com.wacom.DataStoreMgr.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr
	
	com.adobe.GC.AGM.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: -mode=logon
	
	com.malwarebytes.mbam.frontend.agent.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
	
	com.adobe.AAM.Updater-1.0.plist
		-> Program: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: -mode=logon
	
	com.wacom.IOManager.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=logon
	
	com.microsoft.OneDriveStandaloneUpdater.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater
	
	com.wacom.wacomtablet.plist
		-> Program: /Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver
	
	com.microsoft.update.agent.plist
		--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
		--> Program Arguments: --launchByAgent
	



 ~/Library/LaunchAgents:

	com.BlueStacks.AppPlayer.UninstallWatcher.plist
		--> Program Arguments: /bin/sh
		--> Program Arguments: /Users/[U501]/Library/BlueStacks/UninstallWatcher
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=scheduled
	
	com.BlueStacks.AppPlayer.Updater.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstupdater
		--> Program Arguments: pull
	
	com.BlueStacks.AppPlayer.Service.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstservice
		--> Program Arguments: Android
	

 User Crontab:

	No cron jobs



 /etc:

	rc.common
	php.ini.default-5.2-previous~orig
	bootpd.plist
	bashrc_Apple_Terminal
	zshrc_Apple_Terminal
	bashrc
	zshrc
	ssh_config~orig
	hosts.save
	authorization.deprecated
	moduli~previous
	rc.netboot
	efax.rc~previous
	php.ini.default-5.2-previous
	sshd_config~previous
	aliases
	zprofile

 / $Root:

	.file
	.VolumeIcon.icns
	opt / .. children: 0

 ~/ $Home:

	Music / .. children: 5
	objc.scan
	.CFUserTextEncoding
	Pictures / .. children: 3
	Desktop / .. children: 39
	Library / .. children: 69
	.cups / .. children: 1
	.bash_sessions / .. children: 27
	Public / .. children: 2
	.dropbox / .. children: 9
	Movies / .. children: 4
	Applications / .. children: 1
	.Trash / .. children: 0
	Documents / .. children: 33
	Downloads / .. children: 149
	.bash_history



 ~/Library:

	studentd / .. children: 3
	HomeKit / .. children: 9
	UIKitSystem / .. children: 1
	Google / .. children: 1
	BlueStacks / .. children: 11
	com.apple.icloud.searchpartyd / .. children: 3
	PhotoshopCrashes / .. children: 0
	FrontBoard / .. children: 3
	MediaStream / .. children: 7
	Dropbox / .. children: 0
	Fonts Disabled / .. children: 0
	PersonalizationPortrait / .. children: 5
	Reminders / .. children: 2



 ~/Library/Application Support:

	com.apple.sbd / .. children: 1
	com.apple.replayd / .. children: 0
	com.apple.voicememos / .. children: 1
	Propellerhead Software / .. children: 2
	Native Instruments / .. children: 1
	SyncServices / .. children: 1
	com.apple.kvs / .. children: 1
	com.apple.transparencyd / .. children: 5
	com.apple.touristd / .. children: 6
	CyberghostBrowser / .. children: 14
	NoxInstaller / .. children: 0
	DiskImages / .. children: 1
	Anki2 / .. children: 5
	CoreParsec / .. children: 0
	OneDriveStandaloneUpdater / .. children: 1
	com.apple.akd / .. children: 1
	zoom.us / .. children: 2
	MobileSync / .. children: 1
	Google / .. children: 2
	Microsoft / .. children: 1
	Spotify / .. children: 4
	Oracle / .. children: 1
	dmd / .. children: 0
	Ableton / .. children: 4
	Anki / .. children: 1
	Java / .. children: 1
	com.microsoft.OneDriveStandaloneUpdater / .. children: 1
	CEF / .. children: 1
	com.cyberghostsrl.cyberghostmac / .. children: 1
	TrustedPeersHelper / .. children: 0
	EtreCheck / .. children: 1
	Adobe / .. children: 10
	MediaHuman / .. children: 1
	EtreCheckPro / .. children: 2
	.ACCC_Lock
	Cycling '74 / .. children: 1
	com.sqwarq.DetectX-Swift / .. children: 4
	System Preferences / .. children: 0
	com.apple.ContextStoreAgent / .. children: 1
	FileProvider / .. children: 3
	Dropbox / .. children: 4
	com.malwarebytes.mbam / .. children: 1
	ToguAudioLine / .. children: 1
	uTorrent Web / .. children: 9
	XMind / .. children: 3
	transparencyd / .. children: 0
	syncdefaultsd / .. children: 0
	JREInstaller / .. children: 1
	com.apple.accounts.dom / .. children: 0



 ~/Library/Safari/Extensions:

	*-- Folder doesn't exist or is inaccessible --*



 ~/Library/Internet Plug-Ins:

	



 /Users/Shared:

	adi / .. children: 10
	SC Info / .. children: 1
	Hotspot Shield / .. children: 1
	Library / .. children: 1
	AdobeInstalledCodecs / .. children: 0
	Canon Inkjet Extended Survey Program / .. children: 1
	Adobe / .. children: 4
	CleanMyMac 2 / .. children: 1
	Previously Relocated Items / .. children: 3
	AdobeGCData / .. children: 2
	Max 8 / .. children: 2
	CleanMyMac / .. children: 1



 /Applications:

	Honey.app
	VLC.app
	XMind.app
	Office_Mac_HS_2011_German.dmg
	Adobe After Effects CC / .. children: 9
	Anki.app
	Install macOS Mojave.app
	Microsoft Office 2011 / .. children: 5
	Rhinoceros.app
	Adobe Creative Cloud / .. children: 1
	OneDrive.app
	CyberGhost Private Browser.app
	Rob Papen / .. children: 6
	DetectX Swift.app
	Adobe Media Encoder CC 2017 / .. children: 3
	Microsoft Word.app
	Install macOS High Sierra.app
	Anki Notes.app
	Adobe Photoshop CC / .. children: 10
	Paint S.app
	Microsoft Excel.app
	Adobe Media Encoder CC / .. children: 3
	Adobe / .. children: 2
	zoom.us.app
	Adobe Illustrator CC / .. children: 10
	Microsoft Outlook.app
	Malwarebytes.app
	Ableton Live 10 Intro.app
	MoveToTrash.app
	Wacom Tablet.localized / .. children: 5
	Live
	iZotope Ozone 7 / .. children: 6
	CyberGhost VPN.app
	uTorrent Web.app
	EtreCheckPro.app
	The Unarchiver.app
	Microsoft OneNote.app
	Adobe InDesign CC / .. children: 11
	Live8 / .. children: 5
	MediathekView.app
	AppCleaner.app
	Ableton Live 10 Standard.app
	Adobe Acrobat X Pro / .. children: 1
	Microsoft PowerPoint.app
	Microsoft Teams.app
	Ableton Live 11 Standard.app
	BlueStacks.app



 /Library:

	Apple / .. children: 3
	CFMSupport / .. children: 1
	DropboxHelperTools / .. children: 2
	OSAnalytics / .. children: 2
	StagedDriverExtensions / .. children: 0
	InstallerSandboxes / .. children: 2
	DriverExtensions / .. children: 0
	Automator / .. children: 95
	User Template / .. children: 41
	Fonts Disabled / .. children: 16
	SystemExtensions / .. children: 3



 /Library/Application Support:

	Propellerhead Software / .. children: 3
	Native Instruments / .. children: 9
	Tablet / .. children: 2
	Mozilla / .. children: 1
	Avid / .. children: 1
	ReWire
	Hotspot Shield / .. children: 12
	Mica / .. children: 1
	.E42bQWl0wR
	Microsoft / .. children: 2
	Oracle / .. children: 0
	Digidesign / .. children: 1
	VirtualBox / .. children: 5
	Canon / .. children: 7
	Adobe / .. children: 70
	Malwarebytes / .. children: 1
	iZotope / .. children: 5
	PACE Anti-Piracy / .. children: 4
	REX Shared Library
	regid.1986-12.com.adobe / .. children: 14
	.5s+m_0Aav5



 /Library/Extensions:

	NIUSBAudio2DJ.kext
	hp_fax_io.kext
	FTDIKext.kext
	Wacom Tablet.kext
	NIUSBAudio4DJ.kext
	SiLabsUSBDriver64.kext
	JMicronATA.kext
	fabio.kext
	NIUSBTraktorKontrolX1.kext
	Dropbox.kext
	AppleMobileDevice.kext
	BJUSBLoad.kext
	CIJUSBLoad.kext
	NIUSBDeviceHelper.kext
	hp_io_enabler_compound.kext
	NIUSBAudioDriver.kext



 /Library/Internet Plug-Ins:

	VLC Plugin.plugin
	EPPEX Plugin.plugin
	AdobeAAMDetect.plugin
	Unused / .. children: 0
	AdobePDFViewer.plugin
	SharePointBrowserPlugin.plugin
	Unity Web Player.plugin
	AdobePDFViewerNPAPI.plugin
	SharePointWebKitPlugin.webplugin



 /Library/Managed Preferences:

	*-- Folder doesn't exist or is inaccessible --*



 /Library/PrivilegedHelperTools:

	com.microsoft.office.licensing.helper
	com.BlueStacks.AppPlayer.bstservice_helper
	com.wacom.UpdateHelper.app
	com.wacom.IOManager.app
	com.adobe.acc.installer
	com.microsoft.autoupdate.helper
	com.microsoft.office.licensingV2.helper
	com.adobe.acc.installer.v2
	net.protected.macos.AVHelper
	com.wacom.DataStoreMgr.app



 /Library/ScriptingAdditions:

	Adobe Unit Types.osax



 /Library/StartupItems:

	



 /Library/Updates:

	ProductMetadata.plist
	001-93719 / .. children: 16
	071-05425 / .. children: 16
	071-29320 / .. children: 16
	PPDVersions.plist
	index.plist
	071-10831 / .. children: 3



Top Processes: 

%CPU	PID	COMMAND	
69.4 	1		launchd 
32.3 	410		EtreCheckPro 
13.8 	248		WindowServer 
7.4		674		DetectX Swift 
4.3		166		logd 
3.8		0		kernel_task 
2.8		420		Spotify 
1.5		597		WacomTabletDrive 
1.3		212		notifyd 
0.9		545		suggestd 


Running Processes: 

PPID	PID	%CPU	USER	COMMAND	
0		1		74.3		root		/sbin/launchd 
1		148		0.3		root		/usr/sbin/syslogd 
1		149		0.0		root		/usr/libexec/UserEventAgent (System) 
1		151		0.1		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon -i Malwarebytes-Mac-4.8.12.4131.pkg 
1		152		0.0		root		/usr/libexec/wifiFirmwareLoader 
1		153		0.0		root		/System/Library/PrivateFrameworks/Uninstall.framework/Resources/uninstalld 
1		154		0.0		root		/usr/libexec/kextd 
1		155		0.0		root		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/Support/fseventsd 
1		156		0.0		root		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted 
1		158		0.0		root		/Library/Apple/System/Library/CoreServices/MRT.app/Contents/MacOS/MRT -d 
1		159		0.0		root		/usr/sbin/systemstats --daemon 
1		160		0.0		root		/usr/libexec/configd 
1		161		0.0		root		endpointsecurityd		
1		162		0.0		root		/System/Library/CoreServices/powerd.bundle/powerd 
1		166		4.4		root		/usr/libexec/logd 
1		167		0.0		root		/usr/libexec/keybagd -t 15 
1		168		0.0		root		/System/Library/PrivateFrameworks/MobileAccessoryUpdater.framework/Support/fud 30 
1		170		0.0		root		/usr/libexec/watchdogd 
1		171		0.0		root		firmwaresyncd		
1		174		0.0		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Support/mds 
1		175		0.0		_iconservices		/System/Library/CoreServices/iconservicesd 
1		176		0.0		root		/usr/libexec/diskarbitrationd 
1		178		0.0		root		/Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper 
1		180		0.0		root		/usr/libexec/coreduetd 
1		181		0.0		root		/Library/Application Support/Adobe/AdobeGCClient/AGSService 
1		184		0.1		root		/usr/libexec/opendirectoryd 
1		185		0.0		root		/System/Library/PrivateFrameworks/ApplePushService.framework/apsd 
1		186		0.2		root		/System/Library/CoreServices/launchservicesd 
1		187		0.0		_timed		/usr/libexec/timed 
1		188		0.0		_usbmuxd		/System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/Resources/usbmuxd -launchd 
1		189		0.0		root		/usr/sbin/securityd -i 
1		190		0.0		root		auditd		-l 
1		195		0.0		root		autofsd		
1		196		0.0		_displaypolicyd		/usr/libexec/displaypolicyd -k 1 
1		198		0.0		root		/var/hercules/hdjsd 
1		199		0.0		root		/usr/libexec/dasd 
1		201		0.0		root		/usr/libexec/PerfPowerServices 
1		203		0.0		root		/System/Library/CoreServices/logind 
1		204		0.0		root		/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/Support/revisiond 
1		205		0.0		root		/usr/sbin/KernelEventAgent 
1		207		0.0		root		/usr/sbin/bluetoothd 
1		208		0.8		_hidd		/usr/libexec/hidd 
1		209		0.0		root		/usr/libexec/sandboxd 
1		210		0.0		root		/usr/libexec/corebrightnessd --launchd 
1		211		0.0		root		/usr/libexec/AirPlayXPCHelper 
1		212		1.6		root		/usr/sbin/notifyd 
1		213		0.0		root		/usr/libexec/amfid 
1		214		0.0		_distnote		/usr/sbin/distnoted daemon 
1		215		0.0		root		/usr/sbin/cfprefsd daemon 
1		216		0.0		root		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system 
1		217		0.0		root		aslmanager		
1		218		0.0		root		/System/Library/CoreServices/coreservicesd 
1		219		0.0		root		/usr/libexec/syspolicyd 
1		220		0.0		[U501]		/System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console 
1		222		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/authd.xpc/Contents/MacOS/authd 
1		223		0.0		_analyticsd		/System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd 
1		224		0.0		root		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/contextstored 
1		228		0.0		_coreaudiod		/usr/sbin/coreaudiod 
1		232		0.0		root		/usr/libexec/nehelper 
1		233		0.0		root		/usr/libexec/trustd 
1		237		0.0		root		/usr/libexec/searchpartyd 
1		247		0.0		root		/usr/sbin/ocspd 
1		248		15.1		_windowserver		/System/Library/PrivateFrameworks/SkyLight.framework/Resources/WindowServer -daemon 
1		249		0.0		_networkd		/usr/libexec/symptomsd 
1		253		0.0		_mdnsresponder		/usr/sbin/mDNSResponder 
1		254		0.0		_coreaudiod		/System/Library/Frameworks/CoreAudio.framework/Versions/A/XPCServices/com.apple.audio.DriverHelper.xpc/Contents/MacOS/com.apple.audio.DriverHelper 
1		265		0.0		root		/usr/libexec/airportd 
1		267		0.0		_locationd		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		268		0.0		root		/usr/sbin/mDNSResponderHelper 
1		269		0.0		_locationd		/usr/libexec/secinitd 
1		270		0.0		_locationd		/usr/sbin/cfprefsd agent 
1		272		0.0		_locationd		/usr/libexec/trustd --agent 
1		274		0.0		root		/System/Library/PrivateFrameworks/WirelessDiagnostics.framework/Support/awdd 
1		326		0.0		root		/usr/libexec/taskgated-helper 
1		334		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon 
1		335		0.2		root		/usr/libexec/runningboardd 
1		343		0.0		_coreaudiod		/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper 
1		344		0.0		root		/usr/libexec/lsd runAsRoot 
1		345		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper 
1		346		0.0		_driverkit		/System/Library/DriverExtensions/AppleUserHIDDrivers.dext/AppleUserHIDDrivers com.apple.driverkit.AppleUserHIDEventDriver 0x100000441 
1		349		0.0		root		/usr/libexec/secinitd 
1		350		0.0		_locationd		/usr/libexec/locationd 
1		351		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd-helper -launchd 
1		353		0.0		root		/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/CVMServer 
1		354		0.0		root		/usr/libexec/mobileassetd 
1		355		0.0		root		/usr/libexec/colorsync.displayservices 
1		356		0.0		root		/usr/libexec/colorsyncd 
1		357		0.0		_nsurlsessiond		/usr/libexec/nsurlsessiond --privileged 
1		358		0.0		root		/System/Library/CryptoTokenKit/com.apple.ifdreader.slotd/Contents/MacOS/com.apple.ifdreader 
1		359		0.0		_appleevents		/System/Library/CoreServices/appleeventsd --server 
1		360		0.0		root		/usr/libexec/apfsd 
1		361		0.0		root		/usr/libexec/usbd 
1		362		0.0		root		/usr/libexec/firmwarecheckers/ethcheck/ethcheck --integrity-check-daemon 
1		363		0.0		_cmiodalassistants		/System/Library/Frameworks/CoreMediaIO.framework/Resources/VDC.plugin/Contents/Resources/VDCAssistant 
1		364		0.0		root		/usr/libexec/bootinstalld 
1		367		0.0		root		/usr/libexec/corecaptured 
1		368		0.0		root		/usr/sbin/cupsd -l 
1		370		0.0		root		/usr/libexec/ApplicationFirewall/socketfilterfw 
1		373		0.0		root		/usr/libexec/rpcsvchost -launchd netlogon.bundle 
1		377		0.0		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mds_stores 
1		379		0.0		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon 
1		381		0.0		root		/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper 
1		385		0.0		root		/System/Library/Frameworks/GSS.framework/Helpers/GSSCred 
1		389		0.0		root		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		390		0.0		[U501]		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		391		0.0		root		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		392		0.0		root		/usr/libexec/securityd_service 
1		393		0.0		[U501]		/usr/sbin/cfprefsd agent 
1		394		0.0		root		/usr/sbin/distnoted agent 
1		395		0.0		[U501]		/usr/libexec/UserEventAgent (Aqua) 
1		397		0.0		[U501]		/usr/sbin/distnoted agent 
1		398		0.0		[U501]		/usr/sbin/universalaccessd launchd -s 
1		399		0.0		[U501]		/usr/libexec/trustd --agent 
1		400		0.0		[U501]		/usr/libexec/lsd 
1		401		0.0		[U501]		/System/Library/PrivateFrameworks/CloudServices.framework/Helpers/com.apple.sbd 
1		402		0.0		[U501]		/usr/libexec/rapportd 
1		403		0.0		[U501]		/usr/libexec/knowledge-agent 
1		404		0.0		[U501]		/usr/libexec/secd 
1		405		0.0		[U501]		/Applications/Safari.app/Contents/MacOS/Safari -psn_0_36873 
1		406		0.0		[U501]		/System/Library/PrivateFrameworks/IDS.framework/identityservicesd.app/Contents/MacOS/identityservicesd 
1		407		0.0		[U501]		/System/Library/CoreServices/backgroundtaskmanagementagent 
1		408		0.0		[U501]		/System/Library/CoreServices/sharedfilelistd 
1		409		0.0		[U501]		/System/Applications/Notes.app/Contents/MacOS/Notes -psn_0_40970 
1		410		34.2		[U501]		/Applications/EtreCheckPro.app/Contents/MacOS/EtreCheckPro -psn_0_45067 
1		411		0.0		[U501]		/System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd 
1		412		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -tw 
1		413		0.0		[U501]		/usr/libexec/pkd 
1		414		0.0		[U501]		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd 
1		415		0.0		_ctkd		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -s 
1		417		0.0		[U501]		/usr/libexec/secinitd 
1		418		0.0		[U501]		/usr/libexec/nsurlsessiond 
1		419		0.0		[U501]		/System/Applications/Mail.app/Contents/MacOS/Mail -psn_0_49164 
1		420		2.7		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/MacOS/Spotify -psn_0_53261 
1		421		0.0		[U501]		/Applications/Microsoft Outlook.app/Contents/MacOS/Microsoft Outlook -psn_0_57358 
1		422		0.0		[U501]		/System/Library/Frameworks/Accounts.framework/Versions/A/Support/accountsd 
1		423		0.0		[U501]		/System/Applications/Calendar.app/Contents/MacOS/Calendar -psn_0_61455 
1		424		0.0		[U501]		/System/Applications/Music.app/Contents/MacOS/Music -psn_0_65552 
1		425		0.0		[U501]		/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd 
1		426		0.0		[U501]		/usr/libexec/nsurlstoraged 
1		427		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd 
1		428		0.0		[U501]		/usr/sbin/usernoted 
1		429		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/TrustedPeersHelper.xpc/Contents/MacOS/TrustedPeersHelper 
1		430		0.0		[U501]		/usr/libexec/routined LAUNCHED_BY_LAUNCHD 
1		431		0.0		[U501]		/usr/libexec/networkserviceproxy 
1		432		0.0		[U501]		/System/Library/CoreServices/APFSUserAgent 
1		433		0.0		[U501]		/System/Library/CoreServices/NotificationCenter.app/Contents/MacOS/NotificationCenter 
1		434		0.0		root		/usr/sbin/spindump 
1		435		0.0		[U501]		/usr/libexec/sharingd 
1		436		0.0		[U501]		/usr/libexec/spindump_agent 
1		437		0.0		[U501]		/usr/libexec/pboard 
1		438		0.0		root		/System/Library/CoreServices/SubmitDiagInfo server-init 
1		439		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy 
1		440		0.0		[U501]		/System/Library/CoreServices/mapspushd 
1		441		0.0		[U501]		/System/Library/PrivateFrameworks/SyncedDefaults.framework/Support/syncdefaultsd 
1		443		0.0		[U501]		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		444		0.0		[U501]		/usr/libexec/neagent 
1		445		0.0		[U501]		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		446		0.0		[U501]		/System/Library/CoreServices/talagent 
1		447		0.1		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd 
1		448		0.0		[U501]		/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService 
1		450		0.0		[U501]		/System/Library/CoreServices/lockoutagent 
1		451		0.0		[U501]		/usr/libexec/dmd 
1		452		0.0		[U501]		/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent 
1		453		0.0		[U501]		/System/Library/Frameworks/InputMethodKit.framework/Resources/imklaunchagent 
1		454		0.0		[U501]		/System/Library/Input Methods/PressAndHold.app/Contents/PlugIns/PAH_Extension.appex/Contents/MacOS/PAH_Extension 
1		455		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		456		0.0		[U501]		/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService 
1		457		0.0		[U501]		/System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter -L 
1		459		0.0		[U501]		/System/Library/PrivateFrameworks/CoreCDP.framework/Versions/A/Resources/cdpd 
1		460		0.0		[U501]		/System/Library/PrivateFrameworks/ProtectedCloudStorage.framework/Helpers/ProtectedCloudKeySyncing 
1		461		0.0		[U501]		/System/Library/CoreServices/Keychain Circle Notification.app/Contents/MacOS/Keychain Circle Notification 
1		462		0.0		[U501]		/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent 
1		463		0.0		root		/usr/sbin/WirelessRadioManagerd 
1		464		0.0		[U501]		/System/Library/PrivateFrameworks/TelephonyUtilities.framework/callservicesd 
1		465		0.0		[U501]		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent 
1		466		0.0		[U501]		/System/Library/PrivateFrameworks/IMCore.framework/imagent.app/Contents/MacOS/imagent 
1		467		0.0		[U501]		/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd 
1		468		0.0		[U501]		/System/Library/PrivateFrameworks/Tourist.framework/Versions/A/Resources/touristd 
1		469		0.0		[U501]		/System/Library/PrivateFrameworks/IMDPersistence.framework/XPCServices/IMDPersistenceAgent.xpc/Contents/MacOS/IMDPersistenceAgent 
1		470		0.0		root		/usr/sbin/systemsoundserverd 
1		471		0.0		[U501]		/System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled 
1		472		0.0		[U501]		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoteagent 
1		473		0.0		[U501]		/System/Library/PrivateFrameworks/UserActivity.framework/Agents/useractivityd 
1		474		0.0		[U501]		/usr/libexec/fmfd 
1		475		0.0		[U501]		/System/Library/PrivateFrameworks/AOSKit.framework/Versions/A/XPCServices/com.apple.iCloudHelper.xpc/Contents/MacOS/com.apple.iCloudHelper 
1		476		3.6		[U501]		/System/Library/CoreServices/iconservicesagent 
1		477		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeaccountd 
1		478		0.0		root		/System/Library/PrivateFrameworks/AmbientDisplay.framework/Versions/A/XPCServices/com.apple.AmbientDisplayAgent.xpc/Contents/MacOS/com.apple.AmbientDisplayAgent 
1		479		0.0		[U501]		/System/Library/CoreServices/WiFiAgent.app/Contents/MacOS/WiFiAgent 
1		480		0.0		_nsurlstoraged		/usr/libexec/nsurlstoraged --privileged 
1		481		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/MacOS/Dock 
1		482		0.0		[U501]		/System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUIServer 
1		483		0.0		[U501]		/System/Library/CoreServices/Finder.app/Contents/MacOS/Finder 
1		486		0.0		[U501]		/System/Library/CoreServices/Spotlight.app/Contents/MacOS/Spotlight 
1		487		0.0		[U501]		/System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService 
1		488		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		489		0.0		[U501]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsecd 
1		490		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/XPCServices/com.apple.dock.extra.xpc/Contents/MacOS/com.apple.dock.extra 
1		491		0.0		[U501]		/System/Library/Frameworks/QuickLookThumbnailing.framework/Support/com.apple.quicklook.ThumbnailsAgent 
1		492		0.0		root		/usr/sbin/filecoordinationd 
1		493		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		494		0.0		[U501]		/System/Library/PrivateFrameworks/AMPDevices.framework/Versions/A/Support/AMPDeviceDiscoveryAgent --launchd 
1		495		0.0		root		automountd		
1		496		0.0		[U501]		/System/Library/CoreServices/pbs 
1		497		5.1		[U501]		/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent 
1		500		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird 
1		501		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History 
1		504		0.0		[U501]		/System/Library/PrivateFrameworks/CallHistory.framework/Support/CallHistoryPluginHelper 
1		506		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		507		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		509		0.0		[U501]		/System/Library/PrivateFrameworks/login.framework/Versions/A/XPCServices/LoginUserService.xpc/Contents/MacOS/LoginUserService 
1		511		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		512		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/commerce 
1		513		0.0		[U501]		/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService 
1		514		0.0		[U501]		/System/Library/PrivateFrameworks/WeatherKit.framework/Versions/A/XPCServices/com.apple.WeatherKitService.xpc/Contents/MacOS/com.apple.WeatherKitService 
1		515		0.0		_gamecontrollerd		/usr/libexec/gamecontrollerd 
1		517		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --monitor-self-annotation=ptype=crashpad-handler --type=crashpad-handler --max-uploads=5 --max-db-size=20 --max-db-age=5 --database=/Users/[U501]/Library/Application Support/Spotify/User Data --url=https://crashdump.spotify.com:443/ --annotation=platform=macos --annotation=product=spotify --annotation=version=1.1.58.820 --handshake-fd=7 
1		518		0.0		[U501]		/Applications/Honey.app/Contents/PlugIns/Extension.appex/Contents/MacOS/Extension 
1		519		0.0		[U501]		/usr/libexec/WiFiVelocityAgent 
1		520		0.0		[U501]		/System/Library/PrivateFrameworks/AppSSO.framework/Support/AppSSOAgent.app/Contents/MacOS/AppSSOAgent 
1		521		0.0		root		/usr/libexec/wifivelocityd 
1		526		0.0		root		/System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/XPCServices/com.apple.PerformanceAnalysis.animationperfd.xpc/Contents/MacOS/com.apple.PerformanceAnalysis.animationperfd 
1		527		0.0		[U501]		/System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent 
1		531		2.6		[U501]		/usr/libexec/remindd 
420		532		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (GPU).app/Contents/MacOS/Spotify Helper (GPU) --type=gpu-process --field-trial-handle=1718379636,15075671087347229897,12592815560952544150,131072 --enable-features=CastMediaRouteProvider --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --gpu-preferences=SAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAwAAAAAAABgDAAAAAAAACAEAACAAAAAAAQAAAAAAAAgBAAAAAAAAEAEAAAAAAAAYAQAAAAAAACABAAAAAAAAKAEAAAAAAAAwAQAAAAAAADgBAAAAAAAAQAEAAAAAAABIAQAAAAAAAFABAAAAAAAAWAEAAAAAAABgAQAAAAAAAGgBAAAAAAAAcAEAAAAAAAB4AQAAAAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAEAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAoAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAEAAAAAAAAAEAAAAAAAAAABAAAABgAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACgAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAANAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAABAAAAAAAAAAQAAAAAAAAAAQAAAAGAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAKAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAA0AAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAHAAAAAAAAABAAAAAAAAAABwAAAAYAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAoAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADQAAABAAAAAAAAAABwAAAA4AAAAIAAAAAAAAAAgAAAAAAAAA --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files 
1		533		0.0		[U501]		/usr/libexec/loginitemregisterd 
1		534		0.0		[U501]		/usr/libexec/swcd 
1		535		0.0		root		/usr/libexec/smd 
1		536		0.0		[U501]		/System/Library/PrivateFrameworks/CommunicationsFilter.framework/CMFSyncAgent 
420		537		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1718379636,15075671087347229897,12592815560952544150,131072 --enable-features=CastMediaRouteProvider --lang=en --service-sandbox-type=utility --use-mock-keychain --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files --seatbelt-client=39 
420		538		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1718379636,15075671087347229897,12592815560952544150,131072 --enable-features=CastMediaRouteProvider --lang=en --service-sandbox-type=network --use-mock-keychain --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files --seatbelt-client=39 
1		539		0.0		[U501]		/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService 
1		541		0.0		[U501]		/System/Library/Frameworks/ImageIO.framework/Versions/A/XPCServices/ImageIOXPCService.xpc/Contents/MacOS/ImageIOXPCService 
1		542		1.9		[U501]		/System/Library/CoreServices/CoreServicesUIAgent.app/Contents/MacOS/CoreServicesUIAgent 
1		543		0.0		root		/usr/libexec/findmydeviced 
1		544		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/corespotlightd 
1		545		4.1		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd 
420		546		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (Renderer).app/Contents/MacOS/Spotify Helper (Renderer) --type=renderer --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --field-trial-handle=1718379636,15075671087347229897,12592815560952544150,131072 --enable-features=CastMediaRouteProvider --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --disable-scroll-bounce --disable-spell-checking --num-raster-threads=2 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --enable-main-frame-before-activation --renderer-client-id=5 --shared-files --seatbelt-client=73 
1		547		0.0		[U501]		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar 
1		548		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent 
1		549		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariBookmarksSyncAgent 
1		550		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		551		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		552		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/XPCServices/CAReportingService.xpc/Contents/MacOS/CAReportingService 
1		553		0.0		root		/usr/libexec/rtcreportingd 
1		554		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		555		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreADI.framework/adid 
1		557		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariCloudHistoryPushAgent 
1		559		0.0		[U501]		SafeEjectGPUAgent		
1		560		0.0		[U501]		/System/Library/CoreServices/Menu Extras/SafeEjectGPUExtra.menu/Contents/XPCServices/SafeEjectGPUService.xpc/Contents/MacOS/SafeEjectGPUService 
1		561		0.0		[U501]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf 
1		562		0.0		[U501]		/System/Library/PrivateFrameworks/CoreRecents.framework/Versions/A/Support/recentsd 
1		563		0.0		[U501]		/System/Library/PrivateFrameworks/PassKitCore.framework/passd 
1		564		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		565		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		566		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/XPCServices/ContainerMetadataExtractor.xpc/Contents/MacOS/ContainerMetadataExtractor 
1		568		0.0		[U501]		/System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell 
1		569		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/reversetemplated 
1		570		0.0		[U501]		/usr/libexec/keyboardservicesd 
1		575		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/XPCServices/com.apple.hiservices-xpcservice.xpc/Contents/MacOS/com.apple.hiservices-xpcservice 
1		582		0.0		_captiveagent		/usr/libexec/captiveagent 
1		583		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		584		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		585		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		586		0.0		_netbios		/usr/sbin/netbiosd 
1		587		0.0		_applepay		/usr/libexec/nfcd 
1		588		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid 
1		589		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-bundle -c MDSImporterBundleFinder -m com.apple.mdworker.bundles 
1		590		0.1		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-bundle -c MDSImporterBundleFinder -m com.apple.mdworker.bundles 
1		591		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd 
1		592		0.0		[U501]		/System/Library/PrivateFrameworks/AssetCacheServices.framework/Versions/A/XPCServices/AssetCacheLocatorService.xpc/Contents/MacOS/AssetCacheLocatorService -a 
1		593		0.0		_assetcache		/usr/libexec/AssetCache/AssetCache 
1		594		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSpeech.framework/corespeechd 
1		597		2.3		[U501]		/Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver 
1		598		0.0		[U501]		/System/Library/CoreServices/SocialPushAgent.app/Contents/MacOS/SocialPushAgent 
1		599		0.0		[U501]		/System/Library/PrivateFrameworks/AMPSharing.framework/Versions/A/Support/mediasharingd --launchd 
1		600		0.0		[U501]		/Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr 
1		601		0.0		[U501]		/System/Library/Image Capture/Support/icdd 
1		603		0.0		[U501]		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent 
1		605		0.7		[U501]		/Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager 
1		606		0.0		[U501]		/System/Library/PrivateFrameworks/AskPermission.framework/Versions/A/Resources/askpermissiond 
1		608		0.0		[U501]		/Library/Application Support/Adobe/AdobeGCClient/AGMService -mode=logon 
1		609		0.0		[U501]		/System/Library/CoreServices/AirPlayUIAgent.app/Contents/MacOS/AirPlayUIAgent --launchd 
1		611		0.0		[U501]		/System/Library/CoreServices/cloudpaird 
1		614		0.7		[U501]		/System/Library/CoreServices/diagnostics_agent 
1		616		0.0		[U501]		/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent 
1		617		0.0		[U501]		/System/Library/PrivateFrameworks/AppleMediaServices.framework/Resources/amsaccountsd 
1		618		0.0		[U501]		/Library/Apple/System/Library/CoreServices/MRT.app/Contents/MacOS/MRT -a 
1		619		0.0		root		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp -d 
1		620		0.0		[U501]		/Applications/CyberGhost VPN.app/Contents/MacOS/CyberGhost VPN 
1		621		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp 
1		622		0.0		root		/usr/libexec/diskmanagementd 
1		623		0.0		root		/Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper 
1		627		0.0		[U501]		/System/Library/PrivateFrameworks/IMFoundation.framework/XPCServices/IMRemoteURLConnectionAgent.xpc/Contents/MacOS/IMRemoteURLConnectionAgent 
1		632		0.0		[U501]		/System/Library/PrivateFrameworks/CacheDelete.framework/deleted 
1		658		0.0		[U501]		/System/Library/PrivateFrameworks/FileProvider.framework/Support/fileproviderd 
1		660		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		661		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/PlugIns/setoken.appex/Contents/MacOS/setoken 
1		673		0.0		[U501]		/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager 
1		674		5.5		[U501]		/Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift 
1		675		0.3		_softwareupdate		/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated 
1		676		0.0		[U501]		/System/Library/PrivateFrameworks/GameCenterFoundation.framework/Versions/A/gamed 
1		677		0.0		root		/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd 
1		758		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		759		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		772		0.0		_atsserver		/System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd 
1		775		0.0		[U501]		/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service 
1		776		0.0		root		/usr/libexec/nesessionmanager 
1		777		0.0		root		/System/Library/Frameworks/SystemExtensions.framework/Versions/A/Helpers/sysextd 
1		778		0.0		[U501]		/System/Library/Frameworks/NetworkExtension.framework/PlugIns/NEIKEv2Provider.appex/Contents/MacOS/NEIKEv2Provider 
1		780		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/XPCKeychainSandboxCheck.xpc/Contents/MacOS/XPCKeychainSandboxCheck 
1		781		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		782		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		783		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/XPCServices/com.apple.DictionaryServiceHelper.xpc/Contents/MacOS/com.apple.DictionaryServiceHelper 
1		798		0.0		[U501]		/System/Library/PrivateFrameworks/IMDMessageServices.framework/XPCServices/IMDMessageServicesAgent.xpc/Contents/MacOS/IMDMessageServicesAgent 
1		805		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		809		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Support/fontworker 
1		829		0.0		[U501]		/System/Library/PrivateFrameworks/MobileAccessoryUpdater.framework/Support/fudHelperAgent 
1		830		0.0		root		/System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheTetheratorService.xpc/Contents/MacOS/AssetCacheTetheratorService 
1		1301		0.0		root		/Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon 
1		1824		0.0		_spotlight		/usr/libexec/trustd --agent 
410		2126		0.0		[U501]		(launchctl)		

«»EOF»«


6) Ehre Check Log mit root rechten
Code:
ATTFilter
EtreCheckPro version: 6.4.4 (6E015)
Report generated: 2021-05-03 23:02:16
Download EtreCheckPro from https://etrecheck.com
Runtime: 5:26
Performance: Below Average

Problem: No problem - just checking

Major Issues:
  Anything that appears on this list needs immediate attention. 
  Time Machine backup out-of-date - The last Time Machine backup is over 10 days old.
  System extension blocked - There are system extensions awaiting user approval.

Minor Issues:
  These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. 
  SSD too slow - SSD is showing poor performance.
  Time Machine auto backup disabled - Time Machine auto backups are disabled.
  High battery cycle count - Your battery may be losing capacity.
  Unsigned files - There are unsigned software files installed. Apple has said that unsigned software will not run by default in a future version of the operating system.
  System modifications - There are a large number of system modifications running in the background.
  Insufficient permissions - EtreCheck running under a standard user. Diagnostic information may not be available.
  Kernel extensions present - This computer has kernel extensions that may not work in the future.

Hardware Information:
  MacBook Pro (13-inch, Mid 2012)
  MacBook Pro Model: MacBookPro9,2
  2,5 GHz Dual-Core Intel Core i5 (i5-3210M) CPU: 2-core
  4 GB RAM - Upgradeable
    BANK 0/DIMM0 - 2 GB DDR3 1600  
    BANK 1/DIMM0 - 2 GB DDR3 1600  
  Battery: Health = Replace Soon - Cycle count = 1165

Video Information:
  Intel HD Graphics 4000 - VRAM: 1536 MB
    Color LCD 1280 x 800

Drives:
  disk0 - Crucial_CT525MX300SSD1 525.11 GB (Solid State - TRIM: No) 
  Internal SATA 6 Gigabit Serial ATA
    disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk0s2 [APFS Container] 524.90 GB
      disk1 [APFS Virtual drive] 524.90 GB (Shared by 5 volumes)
        disk1s1 - M******************n (APFS) [APFS Virtual drive] (Shared - 248.39 GB used)
        disk1s2 - Preboot (APFS) [APFS Preboot] (Shared - 30 MB used)
        disk1s3 - Recovery (APFS) [Recovery] (Shared - 526 MB used)
        disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07 GB used)
        disk1s5 - Macintosh HD (APFS) (Shared - 11.26 GB used)

Mounted Volumes:
  disk1s1 - M******************n [APFS Virtual drive]
    524.90 GB (Shared - 248.39 GB used, 272.28 GB available, 263.46 GB free)
    APFS
    Mount point: /System/Volumes/Data
    Encrypted

  disk1s4 - VM [APFS VM]
    524.90 GB (Shared - 1.07 GB used, 263.46 GB free)
    APFS
    Mount point: /private/var/vm

  disk1s5 - Macintosh HD
    524.90 GB (Shared - 11.26 GB used, 272.28 GB available, 263.46 GB free)
    APFS
    Mount point: /
    Encrypted
    Read-only: Yes

Network:
  Interface en0: Ethernet
  Interface en1: Wi-Fi
    802.11 a/b/g/n
  Interface fw0: FireWire
  Interface en3: Bluetooth PAN
  Interface bridge0: Thunderbolt Bridge
  iCloud Quota: 1.79 GB available

System Software:
  macOS Catalina 10.15.7 (19H114) 
  Time since boot: Less than an hour

Configuration Files:
  /etc/hosts - Count: 20

Notifications:
  Microsoft Outlook.app
    one notification

  EtreCheckPro.app
    2 notifications

  BlueStacks.app
    60 notifications

Security:
  Gatekeeper: App Store and identified developers
  System Integrity Protection: Enabled

  Antivirus software: Apple and Malwarebytes

Unsigned Files:
  Launchd: /Library/LaunchDaemons/org.virtualbox.startup.plist
    Executable: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh restart
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.anchorfree.ajaxserver.plist
    Executable: /Library/Application Support/Hotspot Shield/ajaxserver
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist
    Executable: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility -mode=logon
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/hdjsd.plist
    Executable: /var/hercules/hdjsd
    Details: Exact match found in the legitimate list - probably OK

  Launchd: ~/Library/LaunchAgents/com.BlueStacks.AppPlayer.Service.plist
    Executable: /Applications/BlueStacks.app/Contents/MacOS/bstservice Android
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.adobe.SwitchBoard.plist
    Executable: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist
    Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
    Details: Exact match found in the legitimate list - probably OK

  Plugin: /Library/Internet Plug-Ins/EPPEX Plugin.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewer.plugin
  Plugin: /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin
  Plugin: /Library/Internet Plug-Ins/Unity Web Player.plugin
  Plugin: /Library/Internet Plug-Ins/VLC Plugin.plugin

  Preference Pane: /Library/PreferencePanes/MacFUSE.prefPane
  Preference Pane: /Library/PreferencePanes/NIUSBAudio.prefPane

  Apps: 34


System Extensions:
  [Waiting for authorization] TotalAV 5 Real-Time Extension - version 1.0 (SS Protect Limited - 2021-03-15)
    Application: /Applications/TotalAV.app - version 1.0

Kernel Extensions:
  /Applications/BlueStacks.app
    [Not Loaded] VBoxDrv.kext - com.bluestacks.kext.Hypervisor (5.2.20)

  /Library/Application Support/Hotspot Shield
    [Not Loaded] tun10.9.kext - com.anchorfree.tun (1.1.1 - SDK 10.8)

  /Library/Application Support/VirtualBox
    [Loaded] VBoxDrv.kext - org.virtualbox.kext.VBoxDrv (6.1.4)
    [Loaded] VBoxNetAdp.kext - org.virtualbox.kext.VBoxNetAdp (6.1.4)
    [Loaded] VBoxNetFlt.kext - org.virtualbox.kext.VBoxNetFlt (6.1.4)
    [Loaded] VBoxUSB.kext - org.virtualbox.kext.VBoxUSB (6.1.4)

  /Library/Extensions
    [Not Loaded] FTDIKext.kext - com.FTDI.driver.D2XXHelper (1.0 - SDK 10.14)
    [Not Loaded] NIUSBAudio2DJ.kext - com.caiaq.driver.NIUSBAudio2DJDriver (2.3.14)
    [Not Loaded] NIUSBAudio4DJ.kext - com.caiaq.driver.NIUSBAudio4DJDriver (2.3.14)
    [Not Loaded] NIUSBAudioDriver.kext - com.caiaq.driver.NIUSBHardwareDriver (2.3.14)
    [Not Loaded] NIUSBTraktorKontrolX1.kext - com.caiaq.driver.NIUSBTraktorKontrolX1Driver (2.3.14)
    [Not Loaded] fabio.kext - com.dvdfab.kext.fabio (1.0)
    [Not Loaded] Dropbox.kext - com.getdropbox.dropbox.kext (1.11.0 - SDK 10.14)
    [Not Loaded] hp_fax_io.kext - com.hp.kext.hp-fax-io (5.11.0 - SDK 10.8)
    [Not Loaded] hp_io_enabler_compound.kext - com.hp.kext.io.enabler.compound (3.4.0)
    [Not Loaded] JMicronATA.kext - com.jmicron.JMicronATA (1.1.6)
    [Not Loaded] NIUSBDeviceHelper.kext - com.native-instruments.driver.NIUSBDeviceHelper (1.0.8 (R32))
    [Not Loaded] SiLabsUSBDriver64.kext - com.silabs.driver.CP210xVCPDriver64 (3.0.0d1)
    [Not Loaded] Wacom Tablet.kext - com.wacom.kext.wacomtablet (Wacom Tablet 6.3.34-1 - SDK 10.14)
    [Not Loaded] BJUSBLoad.kext - jp.co.canon.bj.print.BJUSBLoad (10.75.21 - SDK 10.8)
    [Not Loaded] CIJUSBLoad.kext - jp.co.canon.ij.print.CIJUSBLoad (16.0.10 - SDK 10.9)

System Launch Agents:
  [Not Loaded]  17 Apple tasks
  [Loaded]  183 Apple tasks
  [Running]  113 Apple tasks

System Launch Daemons:
  [Not Loaded]  32 Apple tasks
  [Loaded]  189 Apple tasks
  [Running]  116 Apple tasks

Launch Agents:
  [Not Loaded] com.adobe.AAM.Updater-1.0.plist (? ffb65062  - installed 2018-01-09)
  [Loaded] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Loaded] com.microsoft.OneDriveStandaloneUpdater.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2021-04-14)
  [Running] com.wacom.DataStoreMgr.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.IOManager.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.wacomtablet.plist (Wacom Technology Corp. - installed 2020-09-25)

Launch Daemons:
  [Loaded] com.BlueStacks.AppPlayer.bstservice_helper.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.adobe.SwitchBoard.plist (? 68cad67  - installed 2014-11-19)
  [Loaded] com.adobe.acc.installer.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Loaded] com.adobe.acc.installer.v2.plist (Adobe Inc. - installed 2020-11-18)
  [Running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Loaded] com.anchorfree.ajaxserver.plist (? b7821fb8  - installed 2013-11-08)
  [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2021-04-29)
  [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Running] com.microsoft.OneDriveStandaloneUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.OneDriveUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Running] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2021-04-14)
  [Loaded] com.microsoft.office.licensing.helper.plist (? 6d8cb30e  - installed 2015-06-04)
  [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2020-11-09)
  [Loaded] com.microsoft.teams.TeamsUpdaterDaemon.plist (Microsoft Corporation - installed 2020-12-07)
  [Not Loaded] com.oracle.java.Helper-Tool.plist (? 0  - installed )
  [Running] com.wacom.UpdateHelper.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Loaded] com.wacom.displayhelper.plist (Apple - installed 2020-12-09)
  [Running] hdjsd.plist (? 70ae2dc0  - installed 2013-12-25)
  [Not Loaded] org.virtualbox.startup.plist (? 700b9385  - installed 2020-03-02)

User Launch Agents:
  [Loaded] com.BlueStacks.AppPlayer.Service.plist (? 0  - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.UninstallWatcher.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.Updater.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-04-25)

User Login Items:
  [Not Loaded] AppCleaner SmartDelete (Julien Ramseier - installed 2021-05-03)
    Modern Login Item
    /Applications/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app

  [Running] CyberGhost VPN (Cyberghost SRL - installed 2021-04-27)
    Application
    /Applications/CyberGhost VPN.app

  [Not Loaded] Launcher Disabler (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/Launcher Disabler.app

  [Not Loaded] OneDrive Launcher (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/OneDrive Launcher.app

  [Not Loaded] QuickEntryHelper (XMind Ltd. - installed 2020-12-16)
    Modern Login Item
    /Applications/XMind.app/Contents/PlugIns/XMind QuickEntry.app/Contents/Library/LoginItems/QuickEntryHelper.app

  [Not Loaded] HP Device Monitor (HP Inc. - installed 2017-11-06)
    Modern Login Item
    /Library/Printers/hp/Frameworks/HPDeviceMonitoring.framework/Versions/1.0/Helpers/HP Device Monitor Manager.app/Contents/Library/LoginItems/HP Device Monitor.app

  [Not Loaded] HP Product Research (HP Inc. - installed 2017-11-06)
    Modern Login Item
    /Library/Printers/hp/Utilities/HPPU Plugins/ProductImprovementStudy.hptask/Contents/Helpers/HP Product Research Manager.app/Contents/Library/LoginItems/HP Product Research.app

  [Loaded] StartUpHelper (Spotify - installed 2021-05-03)
    Modern Login Item
    /Users/***/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app

Internet Plug-ins:
  AdobeAAMDetect: 3.0.0.0 (Adobe Systems, Inc. - installed 2017-11-02)
  EPPEX Plugin: 10.0 (? - installed 2012-05-25)
  AdobePDFViewerNPAPI: 11.0.0 (? - installed 2012-09-24)
  AdobePDFViewer: 11.0.0 (? - installed 2012-09-24)
  SharePointBrowserPlugin: 14.5.2 (? - installed 2020-09-01)
  Unity Web Player: UnityPlayer version 4.5.5f1 (? - installed 2014-10-08)
  VLC Plugin: 2.2.4 (? - installed 2016-06-02)

Safari Extensions:
  Honey (App Store - installed 2021-04-21)

3rd Party Preference Panes:
  MacFUSE (? - installed 2008-12-19)
  Native Instruments USB Audio (? - installed 2013-10-23)
  WacomTablet (Wacom Technology Corp. - installed 2020-09-25)

Backup:
  Skip System Files: No
  Mobile backups: No
  Auto backup: No
  Volumes being backed up: 
    M******************n: Disk size: 524.90 GB - Disk used: 261.44 GB 
  Destinations: 
    T*********T [Local] (Last used)
      Total size: 999.86 GB
      Total number of backups: 1
      Oldest backup: 2017-02-08 10:22:24
      Last backup: 2017-02-08 10:22:24

Performance:
  System Load: 66.72 (1 min ago) 22.62 (5 min ago) 8.72 (15 min ago)
  Nominal I/O speed: 18.84 MB/s
  File system: 27.52 seconds
  Write speed: 134 MB/s
  Read speed: 411 MB/s

CPU Usage Snapshot:
  Type Overall
  System: 13 %
  User: 18 %
  Idle: 69 %

Top Processes Snapshot by CPU:
  Process (count) CPU (Source - Location)
  MRT (2) 66.18 % (Apple)
  kernel_task 18.80 % (Apple)
  WindowServer 17.18 % (Apple)
  com.apple.WebKit.WebContent (3) 14.96 % (Apple)
  trustd (4) 14.82 % (Apple)

Top Processes Snapshot by Memory:
  Process (count) RAM usage (Source - Location)
  MRT (2) 135 MB (Apple)
  Spotify Helper (Renderer) 135 MB (Spotify)
  com.apple.WebKit.WebContent (3) 129 MB (Apple)
  kernel_task 106 MB (Apple)
  com.apple.WebKit.WebContent (4) 63 MB (Apple)

Top Processes Snapshot by Network Use:
  Process (count) Input / Output (Source - Location)
  Mail 402 KB / 9 KB (Apple)
  mDNSResponder 120 KB / 109 KB (Apple)
  com.apple.geod 82 KB / 3 KB (Apple)
  Spotify 16 KB / 4 KB (Spotify)
  apsd 9 KB / 7 KB (Apple)

Top Processes Snapshot by Energy Use:
  Process (count) Energy (0-100) (Source - Location)
  MRT (2) 24 (Apple)
  Finder 13 (Apple)
  trustd (4) 9 (Apple)
  WindowServer 6 (Apple)
  syspolicyd 6 (Apple)

Virtual Memory Information:
  Physical RAM: 4 GB

  Free RAM: 29 MB
  Used RAM: 2.70 GB
  Cached files: 1.27 GB

  Available RAM: 1.30 GB
  Swap Used: 0 B

Software Installs (past 60 days):
  Install Date Name (Version)
  2021-03-05 iMovie (10.2.3)
  2021-03-24 Pages (11.0)
  2021-04-14 Microsoft AutoUpdate (4.34.21041102)
  2021-04-14 Microsoft Excel (16.48.21041102)
  2021-04-14 Microsoft OneNote (16.48.21041102)
  2021-04-14 Microsoft PowerPoint (16.48.21041102)
  2021-04-14 Microsoft Word (16.48.21041102)
  2021-04-19 Microsoft Outlook (16.48.21041102)
  2021-04-21 Honey (12.8.6)
  2021-04-27 Anki Notes (3.00)
  2021-04-28 TotalAV (1.0)
  2021-04-29 Malwarebytes for Mac (1.0)
  2021-04-30 MRTConfigData (1.78)
  2021-04-30 XProtectPlistConfigData (2145)
  2021-05-03 Paint S (5.10.1)

Diagnostics Information (past 7-30 days):
  2021-05-03 14:19:37 Creative Cloud.app Crash
    Executable: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app
    Details:
      abort() called
      Creative Cloud(550,0x10eaf0dc0) malloc: *** error for object 0x7f8043c
      71a00: pointer being freed was not allocated

  2021-05-03 14:14:55 Adobe CEF Helper.app Crash
    Executable: /Library/Application Support/Adobe/*/Adobe CEF Helper.app
    Details:
      couldn't dlopen libobjc-trampolines.dylib: dlopen(/usr/lib/libobjc-tra
      mpolines.dylib, 262): no suitable image found.  Did find:
      /usr/lib/libobjc-trampolines.dylib: file system sandbox blocked stat()

  2021-04-28 16:43:45 cloudd Crash
    Executable: /System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd
    Details:
      dyld3 mode
      *** Terminating app due to uncaught exception 'NSGenericException', re
      ason: 'Failed to step (6922): "select operationID from OperationInfo w
      here appBundleIdentifier = ? AND sourceAppBundleIdentifier = ? AND per
      sonaID = ? AND applicationContainerPath = ? AND containerIdentifier = 
      ? AND containerEnvironment = ? AND accountID = ?" - errcode:1b0a, msg:
      "disk I/O error", size: (null), path:/Users/***/Library/Caches/*/Cloud
      KitOperationInfo, fs:(null)/(null)'
      terminating with uncaught exception of type NSException
      abort() called

  Directory /Library/Logs/DiagnosticReports is not accessible.
  Run as an administrator account to see more information.

End of report
Hoffe das passt!!

In ewiger Dankbarkeit
Elisabeth

Dieses TotalAV hat sich da irgendwie reingebohrt und will nicht raus !!

Ich finde bei suche auch immer noch net.protected.macos.TotalAV.ESAVExtension.systemextension und beim Versuch es zu entfernen- ich gebe also mein admin pw ein- erscheint:

The operation can’t be completed because you don’t have permission to access some of the items.
!?

Alt 03.05.2021, 23:11   #13
Dante12
/// Mac Expert
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Zitat:
Inhalt kopiert und in Terminal eingegeben, gebe admin Passwort ein, wird nicht akzeptiert
  • Systemeinstellungen -> Benutzer & Gruppen
  • Klicke auf das Schloss und gib dein Admin-Passwort ein.
  • Rechtsklick auf deinen Benutzernamen (Bild linke Spalte) -> Erweiterte Optionen auswählen.
  • Anmelde-Shell prüfe bitte ob dort /bin/zsh ausgewählt ist. Wenn nicht klicke auf das Pull-Down-menu und wähle /bin/zsh als Anmelde-Shell aus. Bitte nichts anderes ändern!. Dann mit den Button Ok bestätigen.
  • Aus- und Wieder einloggen.
  • Starte danach noch mal das Terminal und führe alle Schritte in #11 noch mal aus. Das Admin-Passwort sollte jetzt funktionieren. Bedenke bitte das bei der Eingabe des Passwortes nichts angezeigt wird. Deshalb achte darauf das du es korrekt eigegeben hast.
__________________
-----------------
-Gruß dante12
-----------------
Lob, Kritik, Wünsche? Spende fürs trojaner-board?
Geändert von Dante12 (03.05.2021 um 23:21 Uhr)

Alt 04.05.2021, 09:30   #14
elisabeth69
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


Hallo Dante12,

habe die Änderungen vernommen, leider bleibt das Problem bestehen. Fehlermeldung: Sorry, try again. Password:

Das PW ist ganz sicher richtig eingegeben worden.. mehrmals....

AH ok. jetzt funktioniert es. ich arbeite nämlich nie direkt auf dem admin Konto, sondern immer auf einem anderen Benutzer Konto.. jetzt habe ich Terminal dort ausgeführt und es hat funktioniert

Detect X

Code:
ATTFilter
Timestamp (12): Tue May 04 10:23:03 2021
DetectX Swift v1.0971

macOS: Version 10.15.7 (Build 19H114)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Tue May 4 10:19:34 2021
Uptime: 3 mins, 1 user

Spotlight status for /:
	Indexing enabled. 
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.

Internet:	Reachable


    Hardware Overview:

      Model Name: MacBook Pro
      Model Identifier: MacBookPro9,2
      Processor Name: Dual-Core Intel Core i5
      Processor Speed: 2,5 GHz
      Number of Processors: 1
      Total Number of Cores: 2
      L2 Cache (per Core): 256 KB
      L3 Cache: 3 MB
      Hyper-Threading Technology: Enabled
      Memory: 4 GB
      Boot ROM Version: 233.0.0.0.0
      SMC Version (system): 2.2f44
      Sudden Motion Sensor:
          State: Enabled



  Sharing Preferences:

	File Sharing:  Off
	Screen Sharing:  Off
	Remote Management:  Off
	Back To My Mac:  Off
	Remote Login:  Off
	Remote Apple Events:  Off


3rd Party Kexts (loaded):

	org.virtualbox.kext.VBoxDrv
	org.virtualbox.kext.VBoxUSB
	org.virtualbox.kext.VBoxNetFlt
	org.virtualbox.kext.VBoxNetAdp


 $PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
	/usr/local/bin
	/usr/bin
	/bin
	/usr/sbin
	/sbin

/etc/paths.d/:

~/.bash_profile:
	
~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


PID	Status	Label
572	0	com.adobe.GC.AGM
745	0	com.sqwarq.DetectX-Swift.24416
564	0	com.wacom.DataStoreMgr
567	0	com.malwarebytes.mbam.frontend.agent
-	0	com.adobe.AdobeCreativeCloud
-	0	com.openssh.ssh-agent
-	0	com.microsoft.update.agent
561	0	com.wacom.wacomtablet
-	0	com.BlueStacks.AppPlayer.Service
-	0	com.spotify.client.startuphelper
584	0	com.cyberghostsrl.cyberghostmac.23952
-	0	com.BlueStacks.AppPlayer.UninstallWatcher
-	0	com.microsoft.OneDriveStandaloneUpdater
569	0	com.wacom.IOManager
-	0	com.BlueStacks.AppPlayer.Updater


 System Launchd processes:

0      - 	com.adobe.SwitchBoard
151      - 	com.malwarebytes.mbam.rtprotection.daemon
0      - 	com.adobe.acc.installer.v2
0      - 	com.vix.cron
0      - 	com.microsoft.office.licensing.helper
0      - 	com.microsoft.teams.TeamsUpdaterDaemon
0      - 	com.microsoft.office.licensingV2.helper
178      - 	com.wacom.UpdateHelper
0      0 	com.microsoft.autoupdate.helper
181      - 	Adobe_Genuine_Software_Integrity_Service
380      - 	org.cups.cupsd
0      - 	com.anchorfree.ajaxserver
0      - 	com.wacom.displayhelper
657      - 	com.microsoft.OneDriveStandaloneUpdaterDaemon
354      - 	com.malwarebytes.mbam.settings.daemon
0      - 	com.microsoft.OneDriveUpdaterDaemon
0      - 	com.adobe.acc.installer
0      - 	com.BlueStacks.AppPlayer.bstservice_helper
198      - 	com.hercules.hdjsd



 User Login Items:
 
	/Applications/CyberGhost VPN.app
	/Users/bettakroegel/Applications/Spotify.app
	/Users/bettakroegel/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app



 /Library/LaunchDaemons:

	hdjsd.plist
		--> Program Arguments: /var/hercules/hdjsd
	
	com.malwarebytes.mbam.settings.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
	
	com.microsoft.OneDriveStandaloneUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon
	
	com.microsoft.teams.TeamsUpdaterDaemon.plist
	
	com.adobe.agsservice.plist
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGSService
	
	com.BlueStacks.AppPlayer.bstservice_helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
	
	com.malwarebytes.mbam.rtprotection.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: -i
		--> Program Arguments: Malwarebytes-Mac-4.8.12.4131.pkg
	
	com.microsoft.OneDriveUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/OneDriveUpdaterDaemon.xpc/Contents/MacOS/OneDriveUpdaterDaemon
	
	com.wacom.displayhelper.plist
		--> Program Arguments: /sbin/kextunload
		--> Program Arguments: /System/Library/Extensions/AppleUSBFTDI.kext
	
	org.virtualbox.startup.plist
		--> Program Arguments: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh
		--> Program Arguments: restart
	
	com.adobe.acc.installer.v2.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
	
	com.wacom.UpdateHelper.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper
	
	com.adobe.SwitchBoard.plist
		--> Program Arguments: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
	
	com.anchorfree.ajaxserver.plist
		-> Program: /Library/Application Support/Hotspot Shield/ajaxserver
		--> Program Arguments: /Library/Application Support/Hotspot Shield/ajaxserver
	
	com.microsoft.office.licensingV2.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
	
	com.oracle.java.Helper-Tool.plist
	
	com.adobe.acc.installer.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer
	
	com.microsoft.office.licensing.helper.plist
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
	
	com.microsoft.autoupdate.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
	



 /Library/LaunchAgents:

	com.adobe.AdobeCreativeCloud.plist
		-> Program: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: --showwindow=false
		--> Program Arguments: --onOSstartup=true
	
	com.wacom.DataStoreMgr.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr
	
	com.adobe.GC.AGM.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: -mode=logon
	
	com.malwarebytes.mbam.frontend.agent.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
	
	com.adobe.AAM.Updater-1.0.plist
		-> Program: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: -mode=logon
	
	com.wacom.IOManager.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=logon
	
	com.microsoft.OneDriveStandaloneUpdater.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater
	
	com.wacom.wacomtablet.plist
		-> Program: /Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver
	
	com.microsoft.update.agent.plist
		--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
		--> Program Arguments: --launchByAgent
	



 ~/Library/LaunchAgents:

	com.BlueStacks.AppPlayer.UninstallWatcher.plist
		--> Program Arguments: /bin/sh
		--> Program Arguments: /Users/[U501]/Library/BlueStacks/UninstallWatcher
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=scheduled
	
	com.BlueStacks.AppPlayer.Updater.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstupdater
		--> Program Arguments: pull
	
	com.BlueStacks.AppPlayer.Service.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstservice
		--> Program Arguments: Android
	

 User Crontab:

	No cron jobs



 /etc:

	rc.common
	php.ini.default-5.2-previous~orig
	bootpd.plist
	bashrc_Apple_Terminal
	zshrc_Apple_Terminal
	bashrc
	zshrc
	ssh_config~orig
	hosts.save
	authorization.deprecated
	moduli~previous
	rc.netboot
	efax.rc~previous
	php.ini.default-5.2-previous
	sshd_config~previous
	aliases
	zprofile

 / $Root:

	.file
	.VolumeIcon.icns
	opt / .. children: 0

 ~/ $Home:

	Music / .. children: 5
	objc.scan
	.CFUserTextEncoding
	Pictures / .. children: 3
	.zsh_history
	Desktop / .. children: 39
	Library / .. children: 69
	.cups / .. children: 1
	.bash_sessions / .. children: 27
	Public / .. children: 2
	.dropbox / .. children: 9
	Movies / .. children: 4
	Applications / .. children: 1
	.Trash / .. children: 0
	Documents / .. children: 33
	Downloads / .. children: 149
	.bash_history



 ~/Library:

	studentd / .. children: 3
	HomeKit / .. children: 9
	UIKitSystem / .. children: 1
	Google / .. children: 1
	BlueStacks / .. children: 11
	com.apple.icloud.searchpartyd / .. children: 3
	PhotoshopCrashes / .. children: 0
	FrontBoard / .. children: 3
	MediaStream / .. children: 7
	Dropbox / .. children: 0
	Fonts Disabled / .. children: 0
	PersonalizationPortrait / .. children: 5
	Reminders / .. children: 2



 ~/Library/Application Support:

	com.apple.sbd / .. children: 1
	com.apple.replayd / .. children: 0
	com.apple.voicememos / .. children: 1
	Propellerhead Software / .. children: 2
	Native Instruments / .. children: 1
	SyncServices / .. children: 1
	com.apple.kvs / .. children: 1
	com.apple.transparencyd / .. children: 5
	com.apple.touristd / .. children: 6
	CyberghostBrowser / .. children: 14
	NoxInstaller / .. children: 0
	DiskImages / .. children: 1
	Anki2 / .. children: 5
	CoreParsec / .. children: 0
	OneDriveStandaloneUpdater / .. children: 1
	com.apple.akd / .. children: 1
	zoom.us / .. children: 2
	MobileSync / .. children: 1
	Google / .. children: 2
	Microsoft / .. children: 1
	Spotify / .. children: 4
	Oracle / .. children: 1
	dmd / .. children: 0
	Ableton / .. children: 4
	Anki / .. children: 1
	Java / .. children: 1
	com.microsoft.OneDriveStandaloneUpdater / .. children: 1
	CEF / .. children: 1
	com.cyberghostsrl.cyberghostmac / .. children: 1
	TrustedPeersHelper / .. children: 0
	EtreCheck / .. children: 1
	Adobe / .. children: 10
	MediaHuman / .. children: 1
	EtreCheckPro / .. children: 2
	.ACCC_Lock
	Cycling '74 / .. children: 1
	com.sqwarq.DetectX-Swift / .. children: 4
	System Preferences / .. children: 0
	com.apple.ContextStoreAgent / .. children: 1
	FileProvider / .. children: 3
	Dropbox / .. children: 4
	com.malwarebytes.mbam / .. children: 1
	ToguAudioLine / .. children: 1
	uTorrent Web / .. children: 9
	XMind / .. children: 3
	transparencyd / .. children: 0
	syncdefaultsd / .. children: 0
	JREInstaller / .. children: 1
	com.apple.accounts.dom / .. children: 0



 ~/Library/Safari/Extensions:

	*-- Folder doesn't exist or is inaccessible --*



 ~/Library/Internet Plug-Ins:

	



 /Users/Shared:

	adi / .. children: 10
	SC Info / .. children: 1
	Hotspot Shield / .. children: 1
	Library / .. children: 1
	AdobeInstalledCodecs / .. children: 0
	Canon Inkjet Extended Survey Program / .. children: 1
	Adobe / .. children: 4
	CleanMyMac 2 / .. children: 1
	Previously Relocated Items / .. children: 3
	AdobeGCData / .. children: 2
	Max 8 / .. children: 2
	CleanMyMac / .. children: 1



 /Applications:

	Honey.app
	VLC.app
	XMind.app
	Office_Mac_HS_2011_German.dmg
	Adobe After Effects CC / .. children: 9
	Anki.app
	Install macOS Mojave.app
	Microsoft Office 2011 / .. children: 5
	Rhinoceros.app
	Adobe Creative Cloud / .. children: 1
	OneDrive.app
	CyberGhost Private Browser.app
	Rob Papen / .. children: 6
	DetectX Swift.app
	Adobe Media Encoder CC 2017 / .. children: 3
	Microsoft Word.app
	Install macOS High Sierra.app
	Anki Notes.app
	Adobe Photoshop CC / .. children: 10
	Paint S.app
	Microsoft Excel.app
	Adobe Media Encoder CC / .. children: 3
	Adobe / .. children: 2
	zoom.us.app
	Adobe Illustrator CC / .. children: 10
	Microsoft Outlook.app
	Malwarebytes.app
	Ableton Live 10 Intro.app
	MoveToTrash.app
	Wacom Tablet.localized / .. children: 5
	Live
	iZotope Ozone 7 / .. children: 6
	CyberGhost VPN.app
	uTorrent Web.app
	EtreCheckPro.app
	The Unarchiver.app
	Microsoft OneNote.app
	Adobe InDesign CC / .. children: 11
	Live8 / .. children: 5
	MediathekView.app
	AppCleaner.app
	Ableton Live 10 Standard.app
	Adobe Acrobat X Pro / .. children: 1
	Microsoft PowerPoint.app
	Microsoft Teams.app
	Ableton Live 11 Standard.app
	BlueStacks.app



 /Library:

	Apple / .. children: 3
	CFMSupport / .. children: 1
	DropboxHelperTools / .. children: 2
	OSAnalytics / .. children: 2
	StagedDriverExtensions / .. children: 0
	InstallerSandboxes / .. children: 2
	DriverExtensions / .. children: 0
	Automator / .. children: 95
	User Template / .. children: 41
	Fonts Disabled / .. children: 16
	SystemExtensions / .. children: 3



 /Library/Application Support:

	Propellerhead Software / .. children: 3
	Native Instruments / .. children: 9
	Tablet / .. children: 2
	Mozilla / .. children: 1
	Avid / .. children: 1
	ReWire
	Hotspot Shield / .. children: 12
	Mica / .. children: 1
	.E42bQWl0wR
	Microsoft / .. children: 2
	Oracle / .. children: 0
	Digidesign / .. children: 1
	VirtualBox / .. children: 5
	Canon / .. children: 7
	Adobe / .. children: 70
	Malwarebytes / .. children: 1
	iZotope / .. children: 5
	PACE Anti-Piracy / .. children: 4
	REX Shared Library
	regid.1986-12.com.adobe / .. children: 14
	.5s+m_0Aav5



 /Library/Extensions:

	NIUSBAudio2DJ.kext
	hp_fax_io.kext
	FTDIKext.kext
	Wacom Tablet.kext
	NIUSBAudio4DJ.kext
	SiLabsUSBDriver64.kext
	JMicronATA.kext
	fabio.kext
	NIUSBTraktorKontrolX1.kext
	Dropbox.kext
	AppleMobileDevice.kext
	BJUSBLoad.kext
	CIJUSBLoad.kext
	NIUSBDeviceHelper.kext
	hp_io_enabler_compound.kext
	NIUSBAudioDriver.kext



 /Library/Internet Plug-Ins:

	VLC Plugin.plugin
	EPPEX Plugin.plugin
	AdobeAAMDetect.plugin
	Unused / .. children: 0
	AdobePDFViewer.plugin
	SharePointBrowserPlugin.plugin
	Unity Web Player.plugin
	AdobePDFViewerNPAPI.plugin
	SharePointWebKitPlugin.webplugin



 /Library/Managed Preferences:

	*-- Folder doesn't exist or is inaccessible --*



 /Library/PrivilegedHelperTools:

	com.microsoft.office.licensing.helper
	com.BlueStacks.AppPlayer.bstservice_helper
	com.wacom.UpdateHelper.app
	com.wacom.IOManager.app
	com.adobe.acc.installer
	com.microsoft.autoupdate.helper
	com.microsoft.office.licensingV2.helper
	com.adobe.acc.installer.v2
	net.protected.macos.AVHelper
	com.wacom.DataStoreMgr.app



 /Library/ScriptingAdditions:

	Adobe Unit Types.osax



 /Library/StartupItems:

	



 /Library/Updates:

	ProductMetadata.plist
	001-93719 / .. children: 16
	071-05425 / .. children: 16
	071-29320 / .. children: 16
	PPDVersions.plist
	index.plist
	071-10831 / .. children: 3



Top Processes: 

%CPU	PID	COMMAND	
9.6		247		WindowServer 
8.7		174		mds 
6.0		0		kernel_task 
3.9		474		Microsoft Outloo 
3.6		607		com.apple.WebKit 
2.9		431		Spotify 
2.2		745		DetectX Swift 
1.4		1		launchd 
1.1		208		hidd 
1.0		405		Safari 


Running Processes: 

PPID	PID	%CPU	USER	COMMAND	
0		1		0.6		root		/sbin/launchd 
1		148		0.0		root		/usr/sbin/syslogd 
1		149		0.0		root		/usr/libexec/UserEventAgent (System) 
1		151		0.3		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon -i Malwarebytes-Mac-4.8.12.4131.pkg 
1		152		0.0		root		/usr/libexec/wifiFirmwareLoader 
1		153		0.0		root		/System/Library/PrivateFrameworks/Uninstall.framework/Resources/uninstalld 
1		154		0.0		root		/usr/libexec/kextd 
1		155		0.0		root		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/Support/fseventsd 
1		156		0.0		root		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted 
1		159		0.0		root		/usr/sbin/systemstats --daemon 
1		160		0.0		root		/usr/libexec/configd 
1		162		0.0		root		/System/Library/CoreServices/powerd.bundle/powerd 
1		166		0.0		root		/usr/libexec/logd 
1		167		0.0		root		/usr/libexec/keybagd -t 15 
1		170		0.0		root		/usr/libexec/watchdogd 
1		171		0.0		root		firmwaresyncd		
1		174		5.6		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Support/mds 
1		175		0.0		_iconservices		/System/Library/CoreServices/iconservicesd 
1		176		0.0		root		/usr/libexec/diskarbitrationd 
1		178		0.0		root		/Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper 
1		180		0.0		root		/usr/libexec/coreduetd 
1		181		0.0		root		/Library/Application Support/Adobe/AdobeGCClient/AGSService 
1		184		0.0		root		/usr/libexec/opendirectoryd 
1		185		0.0		root		/System/Library/PrivateFrameworks/ApplePushService.framework/apsd 
1		186		0.0		root		/System/Library/CoreServices/launchservicesd 
1		187		0.0		_timed		/usr/libexec/timed 
1		188		0.0		_usbmuxd		/System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/Resources/usbmuxd -launchd 
1		189		0.0		root		/usr/sbin/securityd -i 
1		190		0.0		root		auditd		-l 
1		195		0.0		root		autofsd		
1		196		0.0		_displaypolicyd		/usr/libexec/displaypolicyd -k 1 
1		198		0.0		root		/var/hercules/hdjsd 
1		199		0.0		root		/usr/libexec/dasd 
1		201		0.0		root		/usr/libexec/PerfPowerServices 
1		203		0.0		root		/System/Library/CoreServices/logind 
1		204		0.0		root		/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/Support/revisiond 
1		205		0.0		root		/usr/sbin/KernelEventAgent 
1		207		0.0		root		/usr/sbin/bluetoothd 
1		208		0.6		_hidd		/usr/libexec/hidd 
1		209		0.0		root		/usr/libexec/sandboxd 
1		210		0.0		root		/usr/libexec/corebrightnessd --launchd 
1		211		0.0		root		/usr/libexec/AirPlayXPCHelper 
1		212		0.0		root		/usr/sbin/notifyd 
1		213		0.0		root		/usr/libexec/amfid 
1		214		0.0		_distnote		/usr/sbin/distnoted daemon 
1		215		0.0		root		/usr/sbin/cfprefsd daemon 
1		216		0.0		root		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system 
1		217		0.0		root		aslmanager		
1		218		0.0		root		/System/Library/CoreServices/coreservicesd 
1		219		0.0		root		/usr/libexec/syspolicyd 
1		220		0.0		[U501]		/System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console 
1		222		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/authd.xpc/Contents/MacOS/authd 
1		223		0.0		_analyticsd		/System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd 
1		224		0.0		root		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/contextstored 
1		225		0.0		root		/usr/libexec/nehelper 
1		226		0.0		_coreaudiod		/usr/sbin/coreaudiod 
1		235		0.0		root		/usr/libexec/trustd 
1		242		0.0		_mdnsresponder		/usr/sbin/mDNSResponder 
1		243		0.0		root		/usr/libexec/searchpartyd 
1		244		0.0		root		/usr/sbin/ocspd 
1		247		8.6		_windowserver		/System/Library/PrivateFrameworks/SkyLight.framework/Resources/WindowServer -daemon 
1		252		0.0		root		/usr/sbin/mDNSResponderHelper 
1		258		0.0		_networkd		/usr/libexec/symptomsd 
1		267		0.0		root		/usr/libexec/airportd 
1		268		0.0		_locationd		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		271		0.0		_locationd		/usr/sbin/cfprefsd agent 
1		272		0.0		_locationd		/usr/libexec/trustd --agent 
1		280		0.0		root		/System/Library/PrivateFrameworks/WirelessDiagnostics.framework/Support/awdd 
1		335		0.0		root		/usr/libexec/rpcsvchost -launchd netlogon.bundle 
1		336		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon 
1		337		0.0		root		/usr/libexec/runningboardd 
1		343		0.0		root		/usr/libexec/lsd runAsRoot 
1		344		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper 
1		350		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd-helper -launchd 
1		351		0.0		_locationd		/usr/libexec/locationd 
1		354		0.0		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon 
1		355		0.0		_driverkit		/System/Library/DriverExtensions/AppleUserHIDDrivers.dext/AppleUserHIDDrivers com.apple.driverkit.AppleUserHIDEventDriver 0x100000438 
1		358		0.0		root		/usr/libexec/secinitd 
1		359		0.0		root		/usr/libexec/mobileassetd 
1		360		0.0		root		/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/CVMServer 
1		361		0.0		root		/usr/libexec/colorsync.displayservices 
1		362		0.0		root		/usr/libexec/colorsyncd 
1		363		0.0		_nsurlsessiond		/usr/libexec/nsurlsessiond --privileged 
1		365		0.0		root		/usr/libexec/apfsd 
1		366		0.0		_appleevents		/System/Library/CoreServices/appleeventsd --server 
1		367		0.0		root		/usr/libexec/usbd 
1		379		0.4		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mds_stores 
1		380		0.0		root		/usr/sbin/cupsd -l 
1		382		0.0		root		/usr/libexec/ApplicationFirewall/socketfilterfw 
1		385		0.0		root		/usr/libexec/diskmanagementd 
1		388		0.0		root		/usr/sbin/distnoted agent 
1		390		0.0		root		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		391		0.0		[U501]		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		392		0.0		root		/usr/libexec/securityd_service 
1		393		0.0		[U501]		/usr/sbin/cfprefsd agent 
1		394		0.0		[U501]		/usr/libexec/UserEventAgent (Aqua) 
1		396		0.0		[U501]		/usr/libexec/knowledge-agent 
1		397		0.0		[U501]		/usr/sbin/distnoted agent 
1		398		0.0		[U501]		/usr/sbin/universalaccessd launchd -s 
1		399		0.0		[U501]		/usr/libexec/trustd --agent 
1		400		0.0		[U501]		/usr/libexec/lsd 
1		402		0.0		[U501]		/usr/libexec/secd 
1		403		0.0		[U501]		/usr/libexec/rapportd 
1		404		0.0		[U501]		/System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd 
1		405		1.0		[U501]		/Applications/Safari.app/Contents/MacOS/Safari -psn_0_36873 
1		406		0.0		[U501]		/System/Library/CoreServices/backgroundtaskmanagementagent 
1		407		0.0		[U501]		/System/Library/PrivateFrameworks/IDS.framework/identityservicesd.app/Contents/MacOS/identityservicesd 
1		408		0.0		[U501]		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd 
1		409		0.0		[U501]		/usr/libexec/nsurlsessiond 
1		410		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -tw 
1		411		0.0		[U501]		/usr/libexec/pkd 
1		412		0.0		[U501]		/System/Library/Frameworks/Accounts.framework/Versions/A/Support/accountsd 
1		413		0.0		_ctkd		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -s 
1		415		0.0		[U501]		/usr/libexec/secinitd 
1		416		0.0		[U501]		/System/Library/CoreServices/sharedfilelistd 
1		417		0.0		[U501]		/System/Applications/Utilities/Terminal.app/Contents/MacOS/Terminal -psn_0_40970 
1		418		0.0		[U501]		/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd 
1		419		0.0		[U501]		/usr/libexec/nsurlstoraged 
1		420		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/TrustedPeersHelper.xpc/Contents/MacOS/TrustedPeersHelper 
1		421		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd 
1		422		0.0		[U501]		/usr/sbin/usernoted 
1		423		0.0		[U501]		/usr/libexec/routined LAUNCHED_BY_LAUNCHD 
1		424		0.0		[U501]		/usr/libexec/networkserviceproxy 
1		425		0.0		[U501]		/System/Library/CoreServices/APFSUserAgent 
1		426		0.0		[U501]		/System/Library/CoreServices/NotificationCenter.app/Contents/MacOS/NotificationCenter 
1		427		0.0		[U501]		/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy 
1		428		0.0		[U501]		/usr/libexec/sharingd 
1		429		0.0		root		/usr/sbin/spindump 
1		431		1.5		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/MacOS/Spotify -psn_0_49164 
1		432		0.0		[U501]		/usr/libexec/pboard 
1		433		0.0		[U501]		/usr/libexec/spindump_agent 
1		434		0.0		root		/System/Library/CoreServices/SubmitDiagInfo server-init 
1		435		0.0		[U501]		/System/Library/CoreServices/mapspushd 
1		436		0.0		[U501]		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		437		0.0		[U501]		/usr/libexec/neagent 
1		438		0.0		[U501]		/System/Library/CoreServices/lockoutagent 
1		439		0.0		[U501]		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent 
1		440		0.0		[U501]		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		441		0.0		[U501]		/usr/libexec/dmd 
1		442		0.0		[U501]		/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent 
1		443		0.0		[U501]		/System/Library/CoreServices/talagent 
1		444		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd 
1		445		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		447		0.0		[U501]		/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService 
1		449		0.0		[U501]		/System/Library/PrivateFrameworks/CoreCDP.framework/Versions/A/Resources/cdpd 
1		450		0.0		[U501]		/System/Library/PrivateFrameworks/ProtectedCloudStorage.framework/Helpers/ProtectedCloudKeySyncing 
1		451		0.0		[U501]		/System/Library/CoreServices/Keychain Circle Notification.app/Contents/MacOS/Keychain Circle Notification 
1		452		0.0		[U501]		/System/Library/Frameworks/InputMethodKit.framework/Resources/imklaunchagent 
1		453		0.0		[U501]		/System/Library/Input Methods/PressAndHold.app/Contents/PlugIns/PAH_Extension.appex/Contents/MacOS/PAH_Extension 
1		454		0.0		[U501]		/System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter -L 
1		455		0.0		[U501]		/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService 
1		456		0.0		[U501]		/System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled 
1		457		0.0		root		/usr/sbin/WirelessRadioManagerd 
1		458		0.0		[U501]		/System/Library/PrivateFrameworks/TelephonyUtilities.framework/callservicesd 
1		459		0.0		[U501]		/System/Library/PrivateFrameworks/IMCore.framework/imagent.app/Contents/MacOS/imagent 
1		460		0.0		[U501]		/System/Library/PrivateFrameworks/IMDPersistence.framework/XPCServices/IMDPersistenceAgent.xpc/Contents/MacOS/IMDPersistenceAgent 
1		461		0.0		[U501]		/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent 
1		462		0.0		root		/usr/sbin/systemsoundserverd 
1		463		0.0		[U501]		/System/Library/PrivateFrameworks/UserActivity.framework/Agents/useractivityd 
1		464		0.0		[U501]		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoteagent 
1		465		0.0		[U501]		/System/Library/CoreServices/WiFiAgent.app/Contents/MacOS/WiFiAgent 
1		466		0.0		[U501]		/usr/libexec/fmfd 
1		467		0.0		[U501]		/System/Library/CoreServices/iconservicesagent 
1		468		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeaccountd 
1		469		0.0		[U501]		/System/Library/PrivateFrameworks/AOSKit.framework/Versions/A/XPCServices/com.apple.iCloudHelper.xpc/Contents/MacOS/com.apple.iCloudHelper 
1		470		0.0		_nsurlstoraged		/usr/libexec/nsurlstoraged --privileged 
1		471		0.0		[U501]		/System/Applications/Mail.app/Contents/MacOS/Mail -psn_0_81940 
1		472		0.0		[U501]		/System/Applications/Calendar.app/Contents/MacOS/Calendar -psn_0_86037 
1		473		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		474		2.7		[U501]		/Applications/Microsoft Outlook.app/Contents/MacOS/Microsoft Outlook -psn_0_90134 
1		475		0.0		[U501]		/System/Applications/Music.app/Contents/MacOS/Music -psn_0_94231 
1		476		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/MacOS/Dock 
1		477		0.0		[U501]		/System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUIServer 
1		478		0.0		[U501]		/System/Library/CoreServices/Finder.app/Contents/MacOS/Finder 
1		481		0.0		[U501]		/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent 
1		482		0.0		[U501]		/System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService 
1		483		0.0		[U501]		/System/Library/CoreServices/Spotlight.app/Contents/MacOS/Spotlight 
1		484		0.0		root		/System/Library/PrivateFrameworks/AmbientDisplay.framework/Versions/A/XPCServices/com.apple.AmbientDisplayAgent.xpc/Contents/MacOS/com.apple.AmbientDisplayAgent 
1		485		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		486		0.0		[U501]		/System/Library/CoreServices/Dock.app/Contents/XPCServices/com.apple.dock.extra.xpc/Contents/MacOS/com.apple.dock.extra 
1		487		0.0		[U501]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsecd 
1		488		0.0		[U501]		/System/Library/Frameworks/QuickLookThumbnailing.framework/Support/com.apple.quicklook.ThumbnailsAgent 
1		489		0.0		root		/usr/sbin/filecoordinationd 
1		490		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		491		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird 
1		492		0.0		[U501]		/System/Library/PrivateFrameworks/AMPDevices.framework/Versions/A/Support/AMPDeviceDiscoveryAgent --launchd 
1		493		0.0		root		automountd		
1		496		0.0		[U501]		/System/Library/CoreServices/pbs 
1		497		0.0		[U501]		/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService 
1		499		0.0		_captiveagent		/usr/libexec/captiveagent 
1		500		0.0		_gamecontrollerd		/usr/libexec/gamecontrollerd 
1		502		0.0		[U501]		/System/Library/PrivateFrameworks/CallHistory.framework/Support/CallHistoryPluginHelper 
1		503		0.0		[U501]		/System/Library/PrivateFrameworks/WeatherKit.framework/Versions/A/XPCServices/com.apple.WeatherKitService.xpc/Contents/MacOS/com.apple.WeatherKitService 
1		504		0.0		[U501]		/System/Library/PrivateFrameworks/login.framework/Versions/A/XPCServices/LoginUserService.xpc/Contents/MacOS/LoginUserService 
1		507		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --monitor-self-annotation=ptype=crashpad-handler --type=crashpad-handler --max-uploads=5 --max-db-size=20 --max-db-age=5 --database=/Users/[U501]/Library/Application Support/Spotify/User Data --url=https://crashdump.spotify.com:443/ --annotation=platform=macos --annotation=product=spotify --annotation=version=1.1.58.820 --handshake-fd=7 
1		509		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/commerce 
1		510		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreFP.framework/Versions/A/fpsd 
1		513		0.0		[U501]		/usr/libexec/WiFiVelocityAgent 
1		514		0.0		root		/usr/libexec/wifivelocityd 
1		515		0.0		[U501]		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar 
1		518		0.0		[U501]		/System/Library/PrivateFrameworks/AppSSO.framework/Support/AppSSOAgent.app/Contents/MacOS/AppSSOAgent 
1		519		0.0		[U501]		/System/Library/PrivateFrameworks/CommunicationsFilter.framework/CMFSyncAgent 
1		520		0.0		_netbios		/usr/sbin/netbiosd 
1		522		0.0		root		/usr/libexec/findmydeviced 
1		525		0.0		[U501]		/System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/Support/AMPLibraryAgent --launchd 
431		526		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (GPU).app/Contents/MacOS/Spotify Helper (GPU) --type=gpu-process --field-trial-handle=1718379636,5005914416862249996,8487275096739308770,131072 --enable-features=CastMediaRouteProvider --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --gpu-preferences=SAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAwAAAAAAABgDAAAAAAAACAEAACAAAAAAAQAAAAAAAAgBAAAAAAAAEAEAAAAAAAAYAQAAAAAAACABAAAAAAAAKAEAAAAAAAAwAQAAAAAAADgBAAAAAAAAQAEAAAAAAABIAQAAAAAAAFABAAAAAAAAWAEAAAAAAABgAQAAAAAAAGgBAAAAAAAAcAEAAAAAAAB4AQAAAAAAAIABAAAAAAAAiAEAAAAAAACQAQAAAAAAAJgBAAAAAAAAoAEAAAAAAACoAQAAAAAAALABAAAAAAAAuAEAAAAAAADAAQAAAAAAAMgBAAAAAAAA0AEAAAAAAADYAQAAAAAAAOABAAAAAAAA6AEAAAAAAADwAQAAAAAAAPgBAAAAAAAAEAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAAAAAAHAAAAEAAAAAAAAAAAAAAACAAAABAAAAAAAAAAAAAAAAoAAAAQAAAAAAAAAAAAAAALAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAAAAAA4AAAAQAAAAAAAAAAEAAAAAAAAAEAAAAAAAAAABAAAABgAAABAAAAAAAAAAAQAAAAcAAAAQAAAAAAAAAAEAAAAIAAAAEAAAAAAAAAABAAAACgAAABAAAAAAAAAAAQAAAAsAAAAQAAAAAAAAAAEAAAANAAAAEAAAAAAAAAABAAAADgAAABAAAAAAAAAABAAAAAAAAAAQAAAAAAAAAAQAAAAGAAAAEAAAAAAAAAAEAAAABwAAABAAAAAAAAAABAAAAAgAAAAQAAAAAAAAAAQAAAAKAAAAEAAAAAAAAAAEAAAACwAAABAAAAAAAAAABAAAAA0AAAAQAAAAAAAAAAQAAAAOAAAAEAAAAAAAAAAHAAAAAAAAABAAAAAAAAAABwAAAAYAAAAQAAAAAAAAAAcAAAAHAAAAEAAAAAAAAAAHAAAACAAAABAAAAAAAAAABwAAAAoAAAAQAAAAAAAAAAcAAAALAAAAEAAAAAAAAAAHAAAADQAAABAAAAAAAAAABwAAAA4AAAAIAAAAAAAAAAgAAAAAAAAA --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files 
1		527		0.0		[U501]		/System/Library/PrivateFrameworks/AMPLibrary.framework/Versions/A/Support/AMPArtworkAgent --launchd 
1		528		0.0		[U501]		/usr/libexec/loginitemregisterd 
1		529		0.0		[U501]		/System/Applications/Music.app/Contents/XPCServices/VisualizerService.xpc/Contents/MacOS/VisualizerService 
1		530		0.0		[U501]		/usr/libexec/swcd 
1		531		0.0		[U501]		/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd 
1		532		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/corespotlightd 
1		533		0.0		root		/usr/libexec/smd 
431		534		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1718379636,5005914416862249996,8487275096739308770,131072 --enable-features=CastMediaRouteProvider --lang=en --service-sandbox-type=utility --use-mock-keychain --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files --seatbelt-client=56 
431		535		0.0		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper.app/Contents/MacOS/Spotify Helper --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1718379636,5005914416862249996,8487275096739308770,131072 --enable-features=CastMediaRouteProvider --lang=en --service-sandbox-type=network --use-mock-keychain --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --shared-files --seatbelt-client=56 
1		536		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd 
1		537		0.0		[U501]		/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDecoderXPCService.xpc/Contents/MacOS/VTDecoderXPCService 
431		538		0.3		[U501]		/Users/bettakroegel/Applications/Spotify.app/Contents/Frameworks/Spotify Helper (Renderer).app/Contents/MacOS/Spotify Helper (Renderer) --type=renderer --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --field-trial-handle=1718379636,5005914416862249996,8487275096739308770,131072 --enable-features=CastMediaRouteProvider --lang=en --log-file=/Users/[U501]/Library/Logs/Spotify_debug.log --log-severity=disable --product-version=Chrome/89.0.4389.114 Spotify/1.1.58.820 --disable-scroll-bounce --disable-spell-checking --num-raster-threads=2 --enable-zero-copy --enable-gpu-memory-buffer-compositor-resources --enable-main-frame-before-activation --renderer-client-id=5 --shared-files --seatbelt-client=77 
1		539		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/XPCServices/CAReportingService.xpc/Contents/MacOS/CAReportingService 
1		540		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreADI.framework/adid 
1		541		0.0		root		/usr/libexec/rtcreportingd 
1		542		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/XPCServices/com.apple.hiservices-xpcservice.xpc/Contents/MacOS/com.apple.hiservices-xpcservice 
1		543		0.0		[U501]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf 
1		544		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/XPCServices/ContainerMetadataExtractor.xpc/Contents/MacOS/ContainerMetadataExtractor 
1		550		0.0		[U501]		/System/Library/PrivateFrameworks/CoreRecents.framework/Versions/A/Support/recentsd 
1		551		0.0		[U501]		SafeEjectGPUAgent		
1		552		0.0		[U501]		/System/Library/CoreServices/Menu Extras/SafeEjectGPUExtra.menu/Contents/XPCServices/SafeEjectGPUService.xpc/Contents/MacOS/SafeEjectGPUService 
1		553		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		554		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		557		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeuid.app/Contents/MacOS/storeuid 
1		558		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSpeech.framework/corespeechd 
1		561		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver 
1		562		0.0		[U501]		/System/Library/CoreServices/SocialPushAgent.app/Contents/MacOS/SocialPushAgent 
1		564		0.0		[U501]		/Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr 
1		565		0.0		[U501]		/System/Library/Image Capture/Support/icdd 
1		567		0.0		[U501]		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent 
1		569		0.3		[U501]		/Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager 
1		570		0.0		[U501]		/System/Library/PrivateFrameworks/AskPermission.framework/Versions/A/Resources/askpermissiond 
1		572		0.0		[U501]		/Library/Application Support/Adobe/AdobeGCClient/AGMService -mode=logon 
1		573		0.0		[U501]		/System/Library/CoreServices/AirPlayUIAgent.app/Contents/MacOS/AirPlayUIAgent --launchd 
1		575		0.0		[U501]		/System/Library/CoreServices/cloudpaird 
1		578		0.0		[U501]		/System/Library/CoreServices/diagnostics_agent 
1		580		0.0		[U501]		/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent 
1		581		0.0		[U501]		/System/Library/PrivateFrameworks/AppleMediaServices.framework/Resources/amsaccountsd 
1		583		0.0		root		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp -d 
1		584		0.0		[U501]		/Applications/CyberGhost VPN.app/Contents/MacOS/CyberGhost VPN 
1		585		0.0		[U501]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp 
1		586		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		587		0.0		[U501]		/System/Library/CoreServices/CoreServicesUIAgent.app/Contents/MacOS/CoreServicesUIAgent 
1		588		0.0		[U501]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/reversetemplated 
1		589		0.0		[U501]		/System/Library/Frameworks/ColorSync.framework/Support/colorsync.useragent 
1		590		0.0		[U501]		/System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell 
1		591		0.0		[U501]		/System/Library/PrivateFrameworks/SafariSafeBrowsing.framework/com.apple.Safari.SafeBrowsing.Service 
1		592		0.0		[U501]		/usr/libexec/keyboardservicesd 
1		593		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History 
1		594		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		595		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		596		0.0		[U501]		/Applications/Honey.app/Contents/PlugIns/Extension.appex/Contents/MacOS/Extension 
1		597		0.0		[U501]		/System/Library/Frameworks/ImageIO.framework/Versions/A/XPCServices/ImageIOXPCService.xpc/Contents/MacOS/ImageIOXPCService 
1		598		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariLaunchAgent 
1		599		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariBookmarksSyncAgent 
1		600		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		601		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		602		0.0		[U501]		/System/Library/PrivateFrameworks/GameCenterFoundation.framework/Versions/A/gamed 
1		604		0.0		[U501]		/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager 
1		605		0.0		_softwareupdate		/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated 
1		606		0.0		root		/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd 
1		607		3.4		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		611		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		612		0.0		[U501]		/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.Networking.xpc/Contents/MacOS/com.apple.WebKit.Networking 
1		623		0.0		[U501]		/System/Library/PrivateFrameworks/PassKitCore.framework/passd 
1		624		0.0		[U501]		/System/Library/PrivateFrameworks/AssetCacheServices.framework/Versions/A/XPCServices/AssetCacheLocatorService.xpc/Contents/MacOS/AssetCacheLocatorService -a 
1		625		0.0		_assetcache		/usr/libexec/AssetCache/AssetCache 
1		626		0.0		[U501]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd 
1		627		0.0		root		/usr/libexec/dprivacyd 
1		634		0.0		[U501]		/Library/Apple/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 
1		636		0.0		[U501]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Support/fontworker 
1		639		0.0		_applepay		/usr/libexec/nfcd 
1		650		0.0		_atsserver		/System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd 
1		652		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		655		0.0		root		/System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheTetheratorService.xpc/Contents/MacOS/AssetCacheTetheratorService 
1		656		0.0		[U501]		/Library/Apple/System/Library/CoreServices/SafariSupport.bundle/Contents/MacOS/SafariCloudHistoryPushAgent 
1		657		0.0		root		/Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon 
1		661		0.0		root		/System/Library/PrivateFrameworks/CoreSymbolication.framework/coresymbolicationd 
1		662		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/TabletDriver.app/Contents/MacOS/TabletDriver -psn_0_262208 
1		663		0.0		[U501]		/Applications/Wacom Tablet.localized/.Tablet/WacomTouchDriver.app/Contents/MacOS/WacomTouchDriver -psn_0_266305 
1		666		0.0		root		/usr/libexec/sysmond 
159		667		0.0		root		/usr/sbin/systemstats --logger-helper /private/var/db/systemstats 
1		668		0.0		[U501]		/usr/libexec/adprivacyd 
1		669		0.0		[U501]		/System/Library/CoreServices/ReportCrash agent 
1		671		0.0		root		/System/Library/CoreServices/ReportCrash daemon 
1		679		0.0		_spotlight		/usr/libexec/trustd --agent 
1		691		0.0		root		/System/Library/CoreServices/CrashReporterSupportHelper server-init 
1		693		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		711		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		712		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		713		0.0		[U502]		/usr/sbin/cfprefsd agent 
1		718		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		719		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		721		0.0		[U502]		/usr/sbin/distnoted agent 
1		723		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		724		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		725		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		726		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		728		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-bundle -c MDSImporterBundleFinder -m com.apple.mdworker.bundles 
1		729		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		730		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		731		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		732		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		733		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		734		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		735		0.0		[U502]		/usr/libexec/lsd 
1		736		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		737		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		738		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		739		0.0		[U502]		/usr/libexec/secd 
1		740		0.0		[U502]		/usr/libexec/trustd --agent 
1		741		0.0		[U501]		/System/Library/PrivateFrameworks/FileProvider.framework/Support/fileproviderd 
1		742		0.0		[U501]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		743		0.0		[U501]		/System/Library/PrivateFrameworks/CloudDocs.framework/PlugIns/com.apple.CloudDocs.MobileDocumentsFileProvider.appex/Contents/MacOS/com.apple.CloudDocs.MobileDocumentsFileProvider 
1		745		1.4		[U501]		/Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift 
1		879		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/XPCServices/com.apple.DictionaryServiceHelper.xpc/Contents/MacOS/com.apple.DictionaryServiceHelper 
1		901		0.0		[U501]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		952		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 
1		953		0.0		[U501]		/System/Library/Frameworks/Metal.framework/Versions/A/XPCServices/MTLCompilerService.xpc/Contents/MacOS/MTLCompilerService 

«»EOF»«

Etre Check

Code:
ATTFilter
EtreCheckPro version: 6.4.4 (6E015)
Report generated: 2021-05-04 10:28:18
Download EtreCheckPro from https://etrecheck.com
Runtime: 4:34
Performance: Good

Problem: No problem - just checking

Major Issues:
  Anything that appears on this list needs immediate attention. 
  Time Machine backup out-of-date - The last Time Machine backup is over 10 days old.
  System extension blocked - There are system extensions awaiting user approval.

Minor Issues:
  These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. 
  SSD too slow - SSD is showing poor performance.
  Time Machine auto backup disabled - Time Machine auto backups are disabled.
  High battery cycle count - Your battery may be losing capacity.
  Unsigned files - There are unsigned software files installed. Apple has said that unsigned software will not run by default in a future version of the operating system.
  System modifications - There are a large number of system modifications running in the background.
  Heavy I/O usage - Your system is under heavy I/O use. This will reduce your performance.
  Insufficient permissions - EtreCheck running under a standard user. Diagnostic information may not be available.
  Kernel extensions present - This computer has kernel extensions that may not work in the future.

Hardware Information:
  MacBook Pro (13-inch, Mid 2012)
  MacBook Pro Model: MacBookPro9,2
  2,5 GHz Dual-Core Intel Core i5 (i5-3210M) CPU: 2-core
  4 GB RAM - Upgradeable
    BANK 0/DIMM0 - 2 GB DDR3 1600  
    BANK 1/DIMM0 - 2 GB DDR3 1600  
  Battery: Health = Replace Soon - Cycle count = 1165

Video Information:
  Intel HD Graphics 4000 - VRAM: 1536 MB
    Color LCD 1280 x 800

Drives:
  disk0 - Crucial_CT525MX300SSD1 525.11 GB (Solid State - TRIM: No) 
  Internal SATA 6 Gigabit Serial ATA
    disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk0s2 [APFS Container] 524.90 GB
      disk1 [APFS Virtual drive] 524.90 GB (Shared by 5 volumes)
        disk1s1 - M******************n (APFS) [APFS Virtual drive] (Shared - 248.51 GB used)
        disk1s2 - Preboot (APFS) [APFS Preboot] (Shared - 30 MB used)
        disk1s3 - Recovery (APFS) [Recovery] (Shared - 526 MB used)
        disk1s4 - VM (APFS) [APFS VM] (Shared - 2.15 GB used)
        disk1s5 - Macintosh HD (APFS) (Shared - 11.26 GB used)

Mounted Volumes:
  disk1s1 - M******************n [APFS Virtual drive]
    524.90 GB (Shared - 248.51 GB used, 271.06 GB available, 262.26 GB free)
    APFS
    Mount point: /System/Volumes/Data
    Encrypted

  disk1s4 - VM [APFS VM]
    524.90 GB (Shared - 2.15 GB used, 262.26 GB free)
    APFS
    Mount point: /private/var/vm

  disk1s5 - Macintosh HD
    524.90 GB (Shared - 11.26 GB used, 271.06 GB available, 262.26 GB free)
    APFS
    Mount point: /
    Encrypted
    Read-only: Yes

Network:
  Interface en0: Ethernet
  Interface en1: Wi-Fi
    802.11 a/b/g/n
  Interface fw0: FireWire
  Interface en3: Bluetooth PAN
  Interface bridge0: Thunderbolt Bridge
  iCloud Quota: 1.79 GB available

System Software:
  macOS Catalina 10.15.7 (19H114) 
  Time since boot: Less than an hour

Configuration Files:
  /etc/hosts - Count: 20

Notifications:
  Microsoft Outlook.app
    one notification

  EtreCheckPro.app
    3 notifications

  BlueStacks.app
    65 notifications

Security:
  Gatekeeper: App Store and identified developers
  System Integrity Protection: Enabled

  Antivirus software: Apple and Malwarebytes

Unsigned Files:
  Launchd: /Library/LaunchDaemons/hdjsd.plist
    Executable: /var/hercules/hdjsd
    Details: Exact match found in the legitimate list - probably OK

  Launchd: ~/Library/LaunchAgents/com.BlueStacks.AppPlayer.Service.plist
    Executable: /Applications/BlueStacks.app/Contents/MacOS/bstservice Android
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.anchorfree.ajaxserver.plist
    Executable: /Library/Application Support/Hotspot Shield/ajaxserver
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.adobe.SwitchBoard.plist
    Executable: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist
    Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/org.virtualbox.startup.plist
    Executable: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh restart
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist
    Executable: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility -mode=logon
    Details: Exact match found in the legitimate list - probably OK

  Plugin: /Library/Internet Plug-Ins/EPPEX Plugin.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewer.plugin
  Plugin: /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin
  Plugin: /Library/Internet Plug-Ins/Unity Web Player.plugin
  Plugin: /Library/Internet Plug-Ins/VLC Plugin.plugin

  Preference Pane: /Library/PreferencePanes/MacFUSE.prefPane
  Preference Pane: /Library/PreferencePanes/NIUSBAudio.prefPane

  Apps: 34


System Extensions:
  [Waiting for authorization] TotalAV 5 Real-Time Extension - version 1.0 (SS Protect Limited - 2021-03-15)
    Application: /Applications/TotalAV.app - version 1.0

Kernel Extensions:
  /Applications/BlueStacks.app
    [Not Loaded] VBoxDrv.kext - com.bluestacks.kext.Hypervisor (5.2.20)

  /Library/Application Support/Hotspot Shield
    [Not Loaded] tun10.9.kext - com.anchorfree.tun (1.1.1 - SDK 10.8)

  /Library/Application Support/VirtualBox
    [Loaded] VBoxDrv.kext - org.virtualbox.kext.VBoxDrv (6.1.4)
    [Loaded] VBoxNetAdp.kext - org.virtualbox.kext.VBoxNetAdp (6.1.4)
    [Loaded] VBoxNetFlt.kext - org.virtualbox.kext.VBoxNetFlt (6.1.4)
    [Loaded] VBoxUSB.kext - org.virtualbox.kext.VBoxUSB (6.1.4)

  /Library/Extensions
    [Not Loaded] FTDIKext.kext - com.FTDI.driver.D2XXHelper (1.0 - SDK 10.14)
    [Not Loaded] NIUSBAudio2DJ.kext - com.caiaq.driver.NIUSBAudio2DJDriver (2.3.14)
    [Not Loaded] NIUSBAudio4DJ.kext - com.caiaq.driver.NIUSBAudio4DJDriver (2.3.14)
    [Not Loaded] NIUSBAudioDriver.kext - com.caiaq.driver.NIUSBHardwareDriver (2.3.14)
    [Not Loaded] NIUSBTraktorKontrolX1.kext - com.caiaq.driver.NIUSBTraktorKontrolX1Driver (2.3.14)
    [Not Loaded] fabio.kext - com.dvdfab.kext.fabio (1.0)
    [Not Loaded] Dropbox.kext - com.getdropbox.dropbox.kext (1.11.0 - SDK 10.14)
    [Not Loaded] hp_fax_io.kext - com.hp.kext.hp-fax-io (5.11.0 - SDK 10.8)
    [Not Loaded] hp_io_enabler_compound.kext - com.hp.kext.io.enabler.compound (3.4.0)
    [Not Loaded] JMicronATA.kext - com.jmicron.JMicronATA (1.1.6)
    [Not Loaded] NIUSBDeviceHelper.kext - com.native-instruments.driver.NIUSBDeviceHelper (1.0.8 (R32))
    [Not Loaded] SiLabsUSBDriver64.kext - com.silabs.driver.CP210xVCPDriver64 (3.0.0d1)
    [Not Loaded] Wacom Tablet.kext - com.wacom.kext.wacomtablet (Wacom Tablet 6.3.34-1 - SDK 10.14)
    [Not Loaded] BJUSBLoad.kext - jp.co.canon.bj.print.BJUSBLoad (10.75.21 - SDK 10.8)
    [Not Loaded] CIJUSBLoad.kext - jp.co.canon.ij.print.CIJUSBLoad (16.0.10 - SDK 10.9)

System Launch Agents:
  [Not Loaded]  17 Apple tasks
  [Loaded]  184 Apple tasks
  [Running]  112 Apple tasks

System Launch Daemons:
  [Not Loaded]  33 Apple tasks
  [Loaded]  196 Apple tasks
  [Running]  108 Apple tasks

Launch Agents:
  [Not Loaded] com.adobe.AAM.Updater-1.0.plist (? ffb65062  - installed 2018-01-09)
  [Loaded] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Loaded] com.microsoft.OneDriveStandaloneUpdater.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2021-04-14)
  [Running] com.wacom.DataStoreMgr.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.IOManager.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.wacomtablet.plist (Wacom Technology Corp. - installed 2020-09-25)

Launch Daemons:
  [Loaded] com.BlueStacks.AppPlayer.bstservice_helper.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.adobe.SwitchBoard.plist (? 68cad67  - installed 2014-11-19)
  [Loaded] com.adobe.acc.installer.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Loaded] com.adobe.acc.installer.v2.plist (Adobe Inc. - installed 2020-11-18)
  [Running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Loaded] com.anchorfree.ajaxserver.plist (? b7821fb8  - installed 2013-11-08)
  [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2021-04-29)
  [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Running] com.microsoft.OneDriveStandaloneUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.OneDriveUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2021-04-14)
  [Loaded] com.microsoft.office.licensing.helper.plist (? 6d8cb30e  - installed 2015-06-04)
  [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2020-11-09)
  [Loaded] com.microsoft.teams.TeamsUpdaterDaemon.plist (Microsoft Corporation - installed 2020-12-07)
  [Not Loaded] com.oracle.java.Helper-Tool.plist (? 0  - installed )
  [Running] com.wacom.UpdateHelper.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Loaded] com.wacom.displayhelper.plist (Apple - installed 2020-12-09)
  [Running] hdjsd.plist (? 70ae2dc0  - installed 2013-12-25)
  [Not Loaded] org.virtualbox.startup.plist (? 700b9385  - installed 2020-03-02)

User Launch Agents:
  [Loaded] com.BlueStacks.AppPlayer.Service.plist (? 0  - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.UninstallWatcher.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.Updater.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-04-25)

User Login Items:
  [Not Loaded] AppCleaner SmartDelete (Julien Ramseier - installed 2021-05-03)
    Modern Login Item
    /Applications/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app

  [Running] CyberGhost VPN (Cyberghost SRL - installed 2021-04-27)
    Application
    /Applications/CyberGhost VPN.app

  [Not Loaded] Launcher Disabler (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/Launcher Disabler.app

  [Not Loaded] OneDrive Launcher (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/OneDrive Launcher.app

  [Not Loaded] QuickEntryHelper (XMind Ltd. - installed 2020-12-16)
    Modern Login Item
    /Applications/XMind.app/Contents/PlugIns/XMind QuickEntry.app/Contents/Library/LoginItems/QuickEntryHelper.app

  [Not Loaded] HP Device Monitor (HP Inc. - installed 2017-11-06)
    Modern Login Item
    /Library/Printers/hp/Frameworks/HPDeviceMonitoring.framework/Versions/1.0/Helpers/HP Device Monitor Manager.app/Contents/Library/LoginItems/HP Device Monitor.app

  [Not Loaded] HP Product Research (HP Inc. - installed 2017-11-06)
    Modern Login Item
    /Library/Printers/hp/Utilities/HPPU Plugins/ProductImprovementStudy.hptask/Contents/Helpers/HP Product Research Manager.app/Contents/Library/LoginItems/HP Product Research.app

  [Loaded] StartUpHelper (Spotify - installed 2021-05-03)
    Modern Login Item
    /Users/***/Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app

Internet Plug-ins:
  AdobeAAMDetect: 3.0.0.0 (Adobe Systems, Inc. - installed 2017-11-02)
  EPPEX Plugin: 10.0 (? - installed 2012-05-25)
  AdobePDFViewerNPAPI: 11.0.0 (? - installed 2012-09-24)
  AdobePDFViewer: 11.0.0 (? - installed 2012-09-24)
  SharePointBrowserPlugin: 14.5.2 (? - installed 2020-09-01)
  Unity Web Player: UnityPlayer version 4.5.5f1 (? - installed 2014-10-08)
  VLC Plugin: 2.2.4 (? - installed 2016-06-02)

Safari Extensions:
  Honey (App Store - installed 2021-04-21)

3rd Party Preference Panes:
  MacFUSE (? - installed 2008-12-19)
  Native Instruments USB Audio (? - installed 2013-10-23)
  WacomTablet (Wacom Technology Corp. - installed 2020-09-25)

Backup:
  Skip System Files: No
  Mobile backups: No
  Auto backup: No
  Volumes being backed up: 
    M******************n: Disk size: 524.90 GB - Disk used: 262.64 GB 
  Destinations: 
    T*********T [Local] (Last used)
      Total size: 999.86 GB
      Total number of backups: 1
      Oldest backup: 2017-02-08 10:22:24
      Last backup: 2017-02-08 10:22:24

Performance:
  System Load: 6.21 (1 min ago) 12.57 (5 min ago) 7.14 (15 min ago)
  Nominal I/O speed: 25.63 MB/s
  File system: 40.72 seconds
  Write speed: 155 MB/s
  Read speed: 358 MB/s

CPU Usage Snapshot:
  Type Overall
  System: 29 %
  User: 30 %
  Idle: 41 %

Top Processes Snapshot by CPU:
  Process (count) CPU (Source - Location)
  system_profiler (2) 62.56 % (Apple)
  trustd (5) 42.18 % (Apple)
  kextutil 15.75 % (Apple)
  com.BlueStacks.AppPlayer.bstservice_helper 14.62 % (BlueStack Systems, Inc.)
  WindowServer 11.48 % (Apple)

Top Processes Snapshot by Memory:
  Process (count) RAM usage (Source - Location)
  BlueStacks 237 MB (BlueStack Systems, Inc.)
  system_profiler (2) 158 MB (Apple)
  com.apple.WebKit.WebContent (3) 151 MB (Apple)
  kernel_task 118 MB (Apple)
  com.apple.WebKit.WebContent (5) 103 MB (Apple)

Top Processes Snapshot by Network Use:
  Process (count) Input / Output (Source - Location)
  Mail 534 KB / 13 KB (Apple)
  com.apple.WebKit.Networking 217 KB / 11 KB (Apple)
  mDNSResponder 61 KB / 53 KB (Apple)
  Spotify 47 KB / 18 KB (Spotify)
  apsd 10 KB / 18 KB (Apple)

Top Processes Snapshot by Energy Use:
  Process (count) Energy (0-100) (Source - Location)
  BlueStacks 50 (BlueStack Systems, Inc.)
  system_profiler (2) 23 (Apple)
  trustd (5) 19 (Apple)
  WindowServer 5 (Apple)
  Mail 2 (Apple)

Virtual Memory Information:
  Physical RAM: 4 GB

  Free RAM: 19 MB
  Used RAM: 2.79 GB
  Cached files: 1.19 GB

  Available RAM: 1.21 GB
  Swap Used: 146 MB

Software Installs (past 60 days):
  Install Date Name (Version)
  2021-03-05 iMovie (10.2.3)
  2021-03-24 Pages (11.0)
  2021-04-14 Microsoft AutoUpdate (4.34.21041102)
  2021-04-14 Microsoft Excel (16.48.21041102)
  2021-04-14 Microsoft OneNote (16.48.21041102)
  2021-04-14 Microsoft PowerPoint (16.48.21041102)
  2021-04-14 Microsoft Word (16.48.21041102)
  2021-04-19 Microsoft Outlook (16.48.21041102)
  2021-04-21 Honey (12.8.6)
  2021-04-27 Anki Notes (3.00)
  2021-04-28 TotalAV
  2021-04-29 Malwarebytes for Mac (1.0)
  2021-04-30 MRTConfigData (1.78)
  2021-04-30 XProtectPlistConfigData (2145)
  2021-05-03 Paint S (5.10.1)

Diagnostics Information (past 7-30 days):
  2021-05-04 10:05:08 Adobe CEF Helper.app Crash (2 times)
    Executable: /Library/Application Support/Adobe/*/Adobe CEF Helper.app
    Details:
      couldn't dlopen libobjc-trampolines.dylib: dlopen(/usr/lib/libobjc-tra
      mpolines.dylib, 262): no suitable image found.  Did find:
      /usr/lib/libobjc-trampolines.dylib: file system sandbox blocked stat()

  2021-05-03 14:19:37 Creative Cloud.app Crash
    Executable: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app
    Details:
      abort() called
      Creative Cloud(550,0x10eaf0dc0) malloc: *** error for object 0x7f8043c
      71a00: pointer being freed was not allocated

  2021-04-28 16:43:45 cloudd Crash
    Executable: /System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd
    Details:
      dyld3 mode
      *** Terminating app due to uncaught exception 'NSGenericException', re
      ason: 'Failed to step (6922): "select operationID from OperationInfo w
      here appBundleIdentifier = ? AND sourceAppBundleIdentifier = ? AND per
      sonaID = ? AND applicationContainerPath = ? AND containerIdentifier = 
      ? AND containerEnvironment = ? AND accountID = ?" - errcode:1b0a, msg:
      "disk I/O error", size: (null), path:/Users/***/Library/Caches/*/Cloud
      KitOperationInfo, fs:(null)/(null)'
      terminating with uncaught exception of type NSException
      abort() called

  Directory /Library/Logs/DiagnosticReports is not accessible.
  Run as an administrator account to see more information.

End of report

Also, hier, unverändert leider....

Die MoveToTrash Datei hat bei Ausführung angegeben "Nothing was removed"..

Alt 04.05.2021, 10:09   #15
elisabeth69
 
Ursnif Trojaner auf Mac - Standard

Ursnif Trojaner auf Mac


OK Sorry für die ganzen Meldungen!
Ich bin jetzt im Admin Konto und konnte ein AV helper tool manuell löschen...

Hier der Detect X Log

Code:
ATTFilter
Timestamp (6): Tue May 04 10:54:22 2021
DetectX Swift v1.0971

macOS: Version 10.15.7 (Build 19H114)
File System: apfs
Temp: The thermal state is within normal limits.

Boot time: Tue May 4 10:52:50 2021
Uptime: 2 mins, 1 user

Spotlight status for /:
	Indexing enabled. 
System Integrity Protection status: enabled.
Gatekeeper status: enabled for App Store and identified developers.
FileVault is On.

Internet:	Reachable


    Hardware Overview:

      Model Name: MacBook Pro
      Model Identifier: MacBookPro9,2
      Processor Name: Dual-Core Intel Core i5
      Processor Speed: 2,5 GHz
      Number of Processors: 1
      Total Number of Cores: 2
      L2 Cache (per Core): 256 KB
      L3 Cache: 3 MB
      Hyper-Threading Technology: Enabled
      Memory: 4 GB
      Boot ROM Version: 233.0.0.0.0
      SMC Version (system): 2.2f44
      Sudden Motion Sensor:
          State: Enabled



  Sharing Preferences:

	File Sharing:  Off
	Screen Sharing:  Off
	Remote Management:  Off
	Back To My Mac:  Off
	Remote Login:  Off
	Remote Apple Events:  Off


3rd Party Kexts (loaded):

	org.virtualbox.kext.VBoxDrv
	org.virtualbox.kext.VBoxUSB
	org.virtualbox.kext.VBoxNetFlt
	org.virtualbox.kext.VBoxNetAdp


 $PATH:

PATH=/usr/bin:/bin:/usr/sbin:/sbin


/etc/paths:
	/usr/local/bin
	/usr/bin
	/bin
	/usr/sbin
	/sbin

/etc/paths.d/:

~/.bash_profile:
	
~/.bashrc:

~/.bash_login:

~/.profile:

~/.bash_logout:


PID	Status	Label
530	0	com.adobe.GC.AGM
521	0	com.wacom.DataStoreMgr
525	0	com.malwarebytes.mbam.frontend.agent
-	0	com.adobe.AdobeCreativeCloud
-	0	com.openssh.ssh-agent
-	0	com.microsoft.update.agent
518	0	com.wacom.wacomtablet
638	0	com.sqwarq.DetectX-Swift.6824
-	0	com.BlueStacks.AppPlayer.Service
-	0	com.BlueStacks.AppPlayer.UninstallWatcher
-	0	com.microsoft.OneDriveStandaloneUpdater
527	0	com.wacom.IOManager
-	0	com.BlueStacks.AppPlayer.Updater


 System Launchd processes:

0      - 	com.adobe.SwitchBoard
151      - 	com.malwarebytes.mbam.rtprotection.daemon
0      - 	com.adobe.acc.installer.v2
0      - 	com.vix.cron
0      - 	com.microsoft.office.licensing.helper
0      - 	com.microsoft.teams.TeamsUpdaterDaemon
0      - 	com.microsoft.office.licensingV2.helper
178      - 	com.wacom.UpdateHelper
0      0 	com.microsoft.autoupdate.helper
181      - 	Adobe_Genuine_Software_Integrity_Service
371      - 	org.cups.cupsd
0      - 	com.anchorfree.ajaxserver
0      - 	com.wacom.displayhelper
575      - 	com.microsoft.OneDriveStandaloneUpdaterDaemon
378      - 	com.malwarebytes.mbam.settings.daemon
0      - 	com.microsoft.OneDriveUpdaterDaemon
0      - 	com.adobe.acc.installer
0      - 	com.BlueStacks.AppPlayer.bstservice_helper
198      - 	com.hercules.hdjsd



 User Login Items:
nil



 /Library/LaunchDaemons:

	hdjsd.plist
		--> Program Arguments: /var/hercules/hdjsd
	
	com.malwarebytes.mbam.settings.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon
	
	com.microsoft.OneDriveStandaloneUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon
	
	com.microsoft.teams.TeamsUpdaterDaemon.plist
	
	com.adobe.agsservice.plist
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGSService
	
	com.BlueStacks.AppPlayer.bstservice_helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.BlueStacks.AppPlayer.bstservice_helper
	
	com.malwarebytes.mbam.rtprotection.daemon.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon
		--> Program Arguments: -i
		--> Program Arguments: Malwarebytes-Mac-4.8.12.4131.pkg
	
	com.microsoft.OneDriveUpdaterDaemon.plist
		-> Program: /Applications/OneDrive.app/Contents/OneDriveUpdaterDaemon.xpc/Contents/MacOS/OneDriveUpdaterDaemon
	
	com.wacom.displayhelper.plist
		--> Program Arguments: /sbin/kextunload
		--> Program Arguments: /System/Library/Extensions/AppleUSBFTDI.kext
	
	org.virtualbox.startup.plist
		--> Program Arguments: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh
		--> Program Arguments: restart
	
	com.adobe.acc.installer.v2.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2
	
	com.wacom.UpdateHelper.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper
	
	com.adobe.SwitchBoard.plist
		--> Program Arguments: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
	
	com.anchorfree.ajaxserver.plist
		-> Program: /Library/Application Support/Hotspot Shield/ajaxserver
		--> Program Arguments: /Library/Application Support/Hotspot Shield/ajaxserver
	
	com.microsoft.office.licensingV2.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper
	
	com.oracle.java.Helper-Tool.plist
	
	com.adobe.acc.installer.plist
		-> Program: /Library/PrivilegedHelperTools/com.adobe.acc.installer
		--> Program Arguments: /Library/PrivilegedHelperTools/com.adobe.acc.installer
	
	com.microsoft.office.licensing.helper.plist
		--> Program Arguments: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
	
	com.microsoft.autoupdate.helper.plist
		-> Program: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper
	



 /Library/LaunchAgents:

	com.adobe.AdobeCreativeCloud.plist
		-> Program: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud
		--> Program Arguments: --showwindow=false
		--> Program Arguments: --onOSstartup=true
	
	com.wacom.DataStoreMgr.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr
	
	com.adobe.GC.AGM.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/AGMService
		--> Program Arguments: -mode=logon
	
	com.malwarebytes.mbam.frontend.agent.plist
		-> Program: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent
	
	com.adobe.AAM.Updater-1.0.plist
		-> Program: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility
		--> Program Arguments: -mode=logon
	
	com.wacom.IOManager.plist
		-> Program: /Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager
	
	com.adobe.GC.Invoker-1.0.plist
		-> Program: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility
		--> Program Arguments: -mode=logon
	
	com.microsoft.OneDriveStandaloneUpdater.plist
		-> Program: /Applications/OneDrive.app/Contents/StandaloneUpdater.app/Contents/MacOS/OneDriveStandaloneUpdater
	
	com.wacom.wacomtablet.plist
		-> Program: /Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver
	
	com.microsoft.update.agent.plist
		--> Program Arguments: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant
		--> Program Arguments: --launchByAgent
	



 ~/Library/LaunchAgents:

	com.BlueStacks.AppPlayer.UninstallWatcher.plist
		--> Program Arguments: /bin/sh
		--> Program Arguments: /Users/[U502]/Library/BlueStacks/UninstallWatcher
	
	com.BlueStacks.AppPlayer.Updater.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstupdater
		--> Program Arguments: pull
	
	com.BlueStacks.AppPlayer.Service.plist
		--> Program Arguments: /Applications/BlueStacks.app/Contents/MacOS/bstservice
		--> Program Arguments: Android
	

 User Crontab:

	No cron jobs



 /etc:

	rc.common
	php.ini.default-5.2-previous~orig
	bootpd.plist
	bashrc_Apple_Terminal
	zshrc_Apple_Terminal
	bashrc
	zshrc
	ssh_config~orig
	hosts.save
	authorization.deprecated
	moduli~previous
	rc.netboot
	efax.rc~previous
	php.ini.default-5.2-previous
	sshd_config~previous
	aliases
	zprofile

 / $Root:

	.file
	.VolumeIcon.icns
	opt / .. children: 0

 ~/ $Home:

	Music / .. children: 1
	.CFUserTextEncoding
	Pictures / .. children: 1
	Desktop / .. children: 4
	Library / .. children: 60
	.cups / .. children: 1
	.bash_sessions / .. children: 4
	Public / .. children: 3
	Movies / .. children: 2
	.Trash / .. children: 0
	Documents / .. children: 1
	Downloads / .. children: 3
	.bash_history



 ~/Library:

	studentd / .. children: 3
	HomeKit / .. children: 8
	BlueStacks / .. children: 11
	PersonalizationPortrait / .. children: 5
	Reminders / .. children: 2



 ~/Library/Application Support:

	com.apple.replayd / .. children: 0
	com.apple.transparencyd / .. children: 5
	com.apple.touristd / .. children: 6
	DiskImages / .. children: 1
	CoreParsec / .. children: 0
	OneDriveStandaloneUpdater / .. children: 1
	dmd / .. children: 0
	com.microsoft.OneDriveStandaloneUpdater / .. children: 1
	CEF / .. children: 1
	EtreCheck / .. children: 1
	Adobe / .. children: 2
	.ACCC_Lock
	com.sqwarq.DetectX-Swift / .. children: 4
	com.apple.ContextStoreAgent / .. children: 1
	FileProvider / .. children: 2
	com.malwarebytes.mbam / .. children: 1
	transparencyd / .. children: 0
	syncdefaultsd / .. children: 0



 ~/Library/Safari/Extensions:

	*-- Folder doesn't exist or is inaccessible --*



 ~/Library/Internet Plug-Ins:

	



 /Users/Shared:

	adi / .. children: 10
	SC Info / .. children: 1
	Hotspot Shield / .. children: 1
	Library / .. children: 1
	AdobeInstalledCodecs / .. children: 0
	Adobe / .. children: 4
	Previously Relocated Items / .. children: 3
	AdobeGCData / .. children: 2
	Max 8 / .. children: 2



 /Applications:

	Honey.app
	VLC.app
	XMind.app
	Office_Mac_HS_2011_German.dmg
	Adobe After Effects CC / .. children: 9
	Anki.app
	Install macOS Mojave.app
	Microsoft Office 2011 / .. children: 5
	Rhinoceros.app
	Adobe Creative Cloud / .. children: 1
	OneDrive.app
	CyberGhost Private Browser.app
	Rob Papen / .. children: 6
	DetectX Swift.app
	Adobe Media Encoder CC 2017 / .. children: 3
	Microsoft Word.app
	Install macOS High Sierra.app
	Anki Notes.app
	Adobe Photoshop CC / .. children: 10
	Paint S.app
	Microsoft Excel.app
	Adobe Media Encoder CC / .. children: 3
	Adobe / .. children: 2
	zoom.us.app
	Adobe Illustrator CC / .. children: 10
	Microsoft Outlook.app
	Malwarebytes.app
	Ableton Live 10 Intro.app
	MoveToTrash.app
	Wacom Tablet.localized / .. children: 5
	Live
	iZotope Ozone 7 / .. children: 6
	CyberGhost VPN.app
	uTorrent Web.app
	EtreCheckPro.app
	The Unarchiver.app
	Microsoft OneNote.app
	Adobe InDesign CC / .. children: 11
	Live8 / .. children: 5
	MediathekView.app
	AppCleaner.app
	Ableton Live 10 Standard.app
	Adobe Acrobat X Pro / .. children: 1
	Microsoft PowerPoint.app
	Microsoft Teams.app
	Ableton Live 11 Standard.app
	BlueStacks.app



 /Library:

	Apple / .. children: 3
	CFMSupport / .. children: 1
	DropboxHelperTools / .. children: 2
	OSAnalytics / .. children: 2
	StagedDriverExtensions / .. children: 0
	InstallerSandboxes / .. children: 2
	DriverExtensions / .. children: 0
	Automator / .. children: 95
	User Template / .. children: 41
	Fonts Disabled / .. children: 16
	SystemExtensions / .. children: 3



 /Library/Application Support:

	Propellerhead Software / .. children: 3
	Native Instruments / .. children: 9
	Tablet / .. children: 2
	Mozilla / .. children: 1
	Avid / .. children: 1
	ReWire
	Hotspot Shield / .. children: 12
	Mica / .. children: 1
	.E42bQWl0wR
	Microsoft / .. children: 2
	Oracle / .. children: 0
	Digidesign / .. children: 1
	VirtualBox / .. children: 5
	Canon / .. children: 7
	Adobe / .. children: 70
	Malwarebytes / .. children: 1
	iZotope / .. children: 5
	PACE Anti-Piracy / .. children: 4
	REX Shared Library
	regid.1986-12.com.adobe / .. children: 14
	.5s+m_0Aav5



 /Library/Extensions:

	NIUSBAudio2DJ.kext
	hp_fax_io.kext
	FTDIKext.kext
	Wacom Tablet.kext
	NIUSBAudio4DJ.kext
	SiLabsUSBDriver64.kext
	JMicronATA.kext
	fabio.kext
	NIUSBTraktorKontrolX1.kext
	Dropbox.kext
	AppleMobileDevice.kext
	BJUSBLoad.kext
	CIJUSBLoad.kext
	NIUSBDeviceHelper.kext
	hp_io_enabler_compound.kext
	NIUSBAudioDriver.kext



 /Library/Internet Plug-Ins:

	VLC Plugin.plugin
	EPPEX Plugin.plugin
	AdobeAAMDetect.plugin
	Unused / .. children: 0
	AdobePDFViewer.plugin
	SharePointBrowserPlugin.plugin
	Unity Web Player.plugin
	AdobePDFViewerNPAPI.plugin
	SharePointWebKitPlugin.webplugin



 /Library/Managed Preferences:

	*-- Folder doesn't exist or is inaccessible --*



 /Library/PrivilegedHelperTools:

	com.microsoft.office.licensing.helper
	com.BlueStacks.AppPlayer.bstservice_helper
	com.wacom.UpdateHelper.app
	com.wacom.IOManager.app
	com.adobe.acc.installer
	com.microsoft.autoupdate.helper
	com.microsoft.office.licensingV2.helper
	com.adobe.acc.installer.v2
	com.wacom.DataStoreMgr.app



 /Library/ScriptingAdditions:

	Adobe Unit Types.osax



 /Library/StartupItems:

	



 /Library/Updates:

	ProductMetadata.plist
	001-93719 / .. children: 16
	071-05425 / .. children: 16
	071-29320 / .. children: 16
	PPDVersions.plist
	index.plist
	071-10831 / .. children: 3



Top Processes: 

%CPU	PID	COMMAND	
42.2 	174		mds 
15.1 	0		kernel_task 
4.0		246		WindowServer 
2.3		373		mds_stores 
1.1		155		fseventsd 
0.4		184		opendirectoryd 
0.2		151		RTProtectionDaem 
0.1		638		DetectX Swift 
0.1		185		apsd 


Running Processes: 

PPID	PID	%CPU	USER	COMMAND	
0		1		0.0		root		/sbin/launchd 
1		148		0.0		root		/usr/sbin/syslogd 
1		149		0.0		root		/usr/libexec/UserEventAgent (System) 
1		151		0.0		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon -i Malwarebytes-Mac-4.8.12.4131.pkg 
1		152		0.0		root		/usr/libexec/wifiFirmwareLoader 
1		153		0.0		root		/System/Library/PrivateFrameworks/Uninstall.framework/Resources/uninstalld 
1		154		0.0		root		/usr/libexec/kextd 
1		155		0.0		root		/System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/Support/fseventsd 
1		156		0.0		root		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoted 
1		159		0.0		root		/usr/sbin/systemstats --daemon 
1		160		0.0		root		/usr/libexec/configd 
1		161		0.0		root		endpointsecurityd		
1		162		0.0		root		/System/Library/CoreServices/powerd.bundle/powerd 
1		166		0.0		root		/usr/libexec/logd 
1		167		0.0		root		/usr/libexec/keybagd -t 15 
1		170		0.0		root		/usr/libexec/watchdogd 
1		171		0.0		root		firmwaresyncd		
1		174		50.3		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Support/mds 
1		175		0.0		_iconservices		/System/Library/CoreServices/iconservicesd 
1		176		0.0		root		/usr/libexec/diskarbitrationd 
1		178		0.0		root		/Library/PrivilegedHelperTools/com.wacom.UpdateHelper.app/Contents/MacOS/com.wacom.UpdateHelper 
1		180		0.0		root		/usr/libexec/coreduetd 
1		181		0.0		root		/Library/Application Support/Adobe/AdobeGCClient/AGSService 
1		184		0.0		root		/usr/libexec/opendirectoryd 
1		185		0.0		root		/System/Library/PrivateFrameworks/ApplePushService.framework/apsd 
1		186		0.0		root		/System/Library/CoreServices/launchservicesd 
1		187		0.0		_timed		/usr/libexec/timed 
1		188		0.0		_usbmuxd		/System/Library/PrivateFrameworks/MobileDevice.framework/Versions/A/Resources/usbmuxd -launchd 
1		189		0.0		root		/usr/sbin/securityd -i 
1		190		0.0		root		auditd		-l 
1		195		0.0		root		autofsd		
1		196		0.0		_displaypolicyd		/usr/libexec/displaypolicyd -k 1 
1		198		0.0		root		/var/hercules/hdjsd 
1		199		0.0		root		/usr/libexec/dasd 
1		201		0.0		root		/usr/libexec/PerfPowerServices 
1		203		0.0		root		/System/Library/CoreServices/logind 
1		204		0.0		root		/System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/Support/revisiond 
1		205		0.0		root		/usr/sbin/KernelEventAgent 
1		207		0.0		root		/usr/sbin/bluetoothd 
1		208		0.0		_hidd		/usr/libexec/hidd 
1		209		0.0		root		/usr/libexec/sandboxd 
1		210		0.0		root		/usr/libexec/corebrightnessd --launchd 
1		211		0.0		root		/usr/libexec/AirPlayXPCHelper 
1		212		0.0		root		/usr/sbin/notifyd 
1		213		0.0		root		/usr/libexec/amfid 
1		214		0.0		_distnote		/usr/sbin/distnoted daemon 
1		215		0.0		root		/usr/sbin/cfprefsd daemon 
1		216		0.0		root		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd system 
1		217		0.0		root		aslmanager		
1		218		0.0		root		/System/Library/CoreServices/coreservicesd 
1		219		0.0		[U502]		/System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow console 
1		220		0.0		root		/usr/libexec/syspolicyd 
1		222		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/authd.xpc/Contents/MacOS/authd 
1		223		0.0		_analyticsd		/System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd 
1		224		0.0		root		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/contextstored 
1		227		0.0		_coreaudiod		/usr/sbin/coreaudiod 
1		228		0.0		root		/usr/libexec/nehelper 
1		234		0.0		root		/usr/libexec/trustd 
1		240		0.0		_mdnsresponder		/usr/sbin/mDNSResponder 
1		241		0.0		root		/usr/sbin/ocspd 
1		242		0.0		_coreaudiod		/System/Library/Frameworks/CoreAudio.framework/Versions/A/XPCServices/com.apple.audio.DriverHelper.xpc/Contents/MacOS/com.apple.audio.DriverHelper 
1		246		3.9		_windowserver		/System/Library/PrivateFrameworks/SkyLight.framework/Resources/WindowServer -daemon 
1		250		0.0		root		/usr/libexec/searchpartyd 
1		252		0.0		root		/usr/sbin/mDNSResponderHelper 
1		263		0.0		_networkd		/usr/libexec/symptomsd 
1		267		0.0		root		/usr/libexec/airportd 
1		268		0.0		_locationd		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		270		0.0		_locationd		/usr/libexec/secinitd 
1		271		0.0		_locationd		/usr/sbin/cfprefsd agent 
1		272		0.0		_locationd		/usr/libexec/trustd --agent 
1		285		0.0		root		/System/Library/PrivateFrameworks/WirelessDiagnostics.framework/Support/awdd 
1		326		0.0		root		/usr/libexec/taskgated-helper 
1		334		0.0		root		/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon 
1		335		0.0		root		/usr/libexec/runningboardd 
1		339		0.0		_coreaudiod		/System/Library/Frameworks/AudioToolbox.framework/XPCServices/com.apple.audio.SandboxHelper.xpc/Contents/MacOS/com.apple.audio.SandboxHelper 
1		341		0.0		root		/usr/libexec/lsd runAsRoot 
1		342		0.0		root		/System/Library/Frameworks/Security.framework/Versions/A/XPCServices/com.apple.CodeSigningHelper.xpc/Contents/MacOS/com.apple.CodeSigningHelper 
1		344		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd-helper -launchd 
1		349		0.0		_locationd		/usr/libexec/locationd 
1		350		0.0		_driverkit		/System/Library/DriverExtensions/AppleUserHIDDrivers.dext/AppleUserHIDDrivers com.apple.driverkit.AppleUserHIDEventDriver 0x100000433 
1		352		0.0		root		/usr/libexec/rpcsvchost -launchd netlogon.bundle 
1		354		0.0		root		/usr/libexec/secinitd 
1		355		0.0		root		/usr/libexec/mobileassetd 
1		356		0.0		root		/System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/CVMServer 
1		357		0.0		root		/usr/libexec/colorsync.displayservices 
1		358		0.0		root		/usr/libexec/colorsyncd 
1		359		0.0		_nsurlsessiond		/usr/libexec/nsurlsessiond --privileged 
1		360		0.0		_appleevents		/System/Library/CoreServices/appleeventsd --server 
1		361		0.0		root		/System/Library/CryptoTokenKit/com.apple.ifdreader.slotd/Contents/MacOS/com.apple.ifdreader 
1		363		0.0		root		/usr/libexec/apfsd 
1		364		0.0		root		/usr/libexec/usbd 
1		365		0.0		root		/usr/libexec/firmwarecheckers/ethcheck/ethcheck --integrity-check-daemon 
1		366		0.0		root		/usr/libexec/bootinstalld 
1		369		0.0		root		/usr/libexec/corecaptured 
1		371		0.0		root		/usr/sbin/cupsd -l 
1		372		0.0		root		/usr/libexec/ApplicationFirewall/socketfilterfw 
1		373		3.1		root		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mds_stores 
1		378		0.0		root		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon 
1		380		0.0		root		/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper 
1		384		0.0		root		/System/Library/Frameworks/GSS.framework/Helpers/GSSCred 
1		385		0.0		root		/usr/libexec/diskmanagementd 
1		386		0.0		root		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		388		0.0		root		/usr/sbin/distnoted agent 
1		390		0.0		root		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		391		0.0		[U502]		/System/Library/Frameworks/LocalAuthentication.framework/Support/coreauthd 
1		392		0.0		[U502]		/usr/sbin/cfprefsd agent 
1		393		0.0		root		/usr/libexec/securityd_service 
1		394		0.0		[U502]		/usr/libexec/UserEventAgent (Aqua) 
1		396		0.0		[U502]		/usr/sbin/distnoted agent 
1		397		0.0		[U502]		/usr/sbin/universalaccessd launchd -s 
1		398		0.0		[U502]		/System/Library/PrivateFrameworks/CloudServices.framework/Helpers/com.apple.sbd 
1		399		0.0		[U502]		/System/Library/CoreServices/Dock.app/Contents/MacOS/Dock 
1		400		0.0		[U502]		/System/Library/CoreServices/talagent 
1		401		0.0		[U502]		/System/Library/CoreServices/SystemUIServer.app/Contents/MacOS/SystemUIServer 
1		402		0.0		[U502]		/System/Library/CoreServices/Finder.app/Contents/MacOS/Finder 
1		403		0.0		[U502]		/usr/libexec/lsd 
1		404		0.0		[U502]		/usr/libexec/trustd --agent 
1		405		0.0		[U502]		/usr/libexec/secd 
1		406		0.0		[U502]		/usr/libexec/knowledge-agent 
1		408		0.0		[U502]		/usr/libexec/pboard 
1		409		0.0		[U502]		/System/Library/Frameworks/Quartz.framework/Versions/A/Frameworks/QuickLookUI.framework/Versions/A/XPCServices/QuickLookUIService.xpc/Contents/MacOS/QuickLookUIService 
1		410		0.0		[U502]		/usr/libexec/pkd 
1		412		0.0		[U502]		/usr/libexec/secinitd 
1		413		0.0		[U502]		/usr/libexec/dmd 
1		414		0.0		[U502]		/System/Library/CoreServices/backgroundtaskmanagementagent 
1		415		0.0		[U502]		/System/Library/PrivateFrameworks/ViewBridge.framework/Versions/A/XPCServices/ViewBridgeAuxiliary.xpc/Contents/MacOS/ViewBridgeAuxiliary 
1		416		0.0		[U502]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		417		0.0		root		/usr/sbin/systemsoundserverd 
1		418		0.0		root		automountd		
1		419		0.0		[U502]		/System/Library/CoreServices/sharedfilelistd 
1		421		0.0		[U502]		/System/Library/Frameworks/ApplicationServices.framework/Frameworks/ATS.framework/Support/fontd 
1		422		0.0		[U502]		/System/Library/PrivateFrameworks/AMPDevices.framework/Versions/A/Support/AMPDeviceDiscoveryAgent --launchd 
1		426		0.0		[U502]		/System/Library/PrivateFrameworks/ContextKit.framework/Versions/A/XPCServices/ContextService.xpc/Contents/MacOS/ContextService 
1		427		0.0		[U502]		/System/Library/CoreServices/Spotlight.app/Contents/MacOS/Spotlight 
1		429		0.0		[U502]		/System/Library/PrivateFrameworks/TCC.framework/Resources/tccd 
1		430		0.0		[U502]		/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird 
1		431		0.0		[U502]		/System/Library/Frameworks/Accounts.framework/Versions/A/Support/accountsd 
1		432		0.0		[U502]		/System/Library/PrivateFrameworks/CloudKitDaemon.framework/Support/cloudd 
1		433		0.0		[U502]		/usr/libexec/nsurlsessiond 
1		434		0.0		[U502]		/usr/libexec/rapportd 
1		435		0.0		[U502]		/System/Library/PrivateFrameworks/IDS.framework/identityservicesd.app/Contents/MacOS/identityservicesd 
1		436		0.0		[U502]		/usr/libexec/routined LAUNCHED_BY_LAUNCHD 
1		437		0.0		[U502]		/usr/sbin/usernoted 
1		438		0.0		[U502]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsecd 
1		439		0.0		[U502]		/System/Library/CoreServices/iconservicesagent 
1		440		0.0		[U502]		/usr/libexec/networkserviceproxy 
1		441		0.0		[U502]		/System/Library/Frameworks/CoreTelephony.framework/Support/CommCenter -L 
1		442		0.0		[U502]		/System/Library/CoreServices/mapspushd 
1		443		0.0		[U502]		/System/Library/PrivateFrameworks/UserActivity.framework/Agents/useractivityd 
1		444		0.0		[U502]		/System/Library/CoreServices/NotificationCenter.app/Contents/MacOS/NotificationCenter 
1		445		0.0		root		/usr/sbin/spindump 
1		446		0.0		[U502]		/System/Library/Frameworks/QuickLookThumbnailing.framework/Support/com.apple.quicklook.ThumbnailsAgent 
1		447		0.0		root		/usr/sbin/filecoordinationd 
1		448		0.0		[U502]		/System/Library/CoreServices/Dock.app/Contents/XPCServices/com.apple.dock.extra.xpc/Contents/MacOS/com.apple.dock.extra 
1		449		0.0		[U502]		/usr/libexec/spindump_agent 
1		450		0.0		[U502]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		451		0.0		[U502]		/System/Library/CoreServices/pbs 
1		452		0.0		root		/System/Library/CoreServices/SubmitDiagInfo server-init 
1		453		0.0		[U502]		/System/Library/PrivateFrameworks/SyncedDefaults.framework/Support/syncdefaultsd 
1		455		0.0		[U502]		/System/Library/PrivateFrameworks/CalendarAgent.framework/Executables/CalendarAgent 
1		456		0.0		[U502]		/System/Library/Frameworks/AddressBook.framework/Executables/ContactsAccountsService 
1		457		0.0		[U502]		/System/Library/CoreServices/WiFiAgent.app/Contents/MacOS/WiFiAgent 
1		458		0.0		[U502]		/System/Library/PrivateFrameworks/CallHistory.framework/Support/CallHistoryPluginHelper 
1		459		0.0		[U502]		/System/Library/PrivateFrameworks/login.framework/Versions/A/XPCServices/LoginUserService.xpc/Contents/MacOS/LoginUserService 
1		460		0.0		[U502]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/commerce 
1		461		0.0		[U502]		/System/Library/PrivateFrameworks/GeoServices.framework/Versions/A/XPCServices/com.apple.geod.xpc/Contents/MacOS/com.apple.geod 
1		462		0.0		[U502]		/System/Library/PrivateFrameworks/CoreParsec.framework/parsec-fbf 
1		463		0.0		[U502]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storeaccountd 
1		464		0.0		[U502]		/System/Library/PrivateFrameworks/CalendarNotification.framework/Versions/A/XPCServices/CalNCService.xpc/Contents/MacOS/CalNCService 
1		465		0.0		[U502]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -tw 
1		466		0.0		[U502]		/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy 
1		467		0.0		_ctkd		/System/Library/Frameworks/CryptoTokenKit.framework/ctkd -s 
1		469		0.0		root		/usr/sbin/WirelessRadioManagerd 
1		470		0.0		[U502]		/usr/libexec/sharingd 
1		471		0.0		[U502]		/System/Library/PrivateFrameworks/TelephonyUtilities.framework/callservicesd 
1		472		0.0		root		/System/Library/CoreServices/backupd.bundle/Contents/Resources/backupd 
1		473		0.0		[U502]		/usr/libexec/WiFiVelocityAgent 
1		474		0.0		root		/usr/libexec/wifivelocityd 
1		475		0.0		[U502]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		477		0.0		root		/System/Library/PrivateFrameworks/AmbientDisplay.framework/Versions/A/XPCServices/com.apple.AmbientDisplayAgent.xpc/Contents/MacOS/com.apple.AmbientDisplayAgent 
1		478		0.0		[U502]		/System/Library/PrivateFrameworks/IMCore.framework/imagent.app/Contents/MacOS/imagent 
1		481		0.0		[U502]		/System/Library/PrivateFrameworks/IMDPersistence.framework/XPCServices/IMDPersistenceAgent.xpc/Contents/MacOS/IMDPersistenceAgent 
1		482		0.0		[U502]		/System/Library/PrivateFrameworks/ScreenTimeCore.framework/Versions/A/ScreenTimeAgent 
1		485		0.0		[U502]		/System/Library/CoreServices/CoreLocationAgent.app/Contents/MacOS/CoreLocationAgent 
1		487		0.0		[U502]		/usr/libexec/nsurlstoraged 
1		489		0.0		[U502]		/System/Library/CoreServices/lockoutagent 
1		490		0.0		[U502]		/System/Library/CoreServices/APFSUserAgent 
1		491		0.0		[U502]		/System/Library/PrivateFrameworks/Categories.framework/Versions/A/XPCServices/CategoriesService.xpc/Contents/MacOS/CategoriesService 
1		492		0.0		root		/usr/libexec/findmydeviced 
1		494		0.0		[U502]		/System/Library/PrivateFrameworks/CoreCDP.framework/Versions/A/Resources/cdpd 
1		495		0.0		[U502]		/System/Library/PrivateFrameworks/ProtectedCloudStorage.framework/Helpers/ProtectedCloudKeySyncing 
1		496		0.0		[U502]		/System/Library/PrivateFrameworks/FamilyCircle.framework/Versions/A/Resources/familycircled 
1		497		0.0		[U502]		/System/Library/PrivateFrameworks/CoreDuetContext.framework/Resources/ContextStoreAgent 
1		498		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/corespotlightd 
1		499		0.0		[U502]		/System/Library/PrivateFrameworks/MediaRemote.framework/Support/mediaremoteagent 
1		500		0.0		[U502]		/usr/libexec/neagent 
1		501		0.0		[U502]		/System/Library/PrivateFrameworks/CoreSuggestions.framework/Versions/A/Support/suggestd 
1		502		0.0		[U502]		/usr/libexec/fmfd 
1		504		0.0		[U502]		/System/Library/PrivateFrameworks/AOSKit.framework/Versions/A/XPCServices/com.apple.iCloudHelper.xpc/Contents/MacOS/com.apple.iCloudHelper 
1		506		0.0		[U502]		/System/Library/PrivateFrameworks/AssistantServices.framework/Versions/A/Support/assistantd 
1		509		0.0		[U502]		/System/Library/PrivateFrameworks/AppSSO.framework/Support/AppSSOAgent.app/Contents/MacOS/AppSSOAgent 
1		510		0.0		[U502]		SafeEjectGPUAgent		
1		511		0.0		[U502]		/System/Library/CoreServices/Menu Extras/SafeEjectGPUExtra.menu/Contents/XPCServices/SafeEjectGPUService.xpc/Contents/MacOS/SafeEjectGPUService 
1		514		0.0		[U502]		/System/Library/PrivateFrameworks/AuthKit.framework/Versions/A/Support/akd 
1		515		0.0		[U502]		/System/Library/PrivateFrameworks/CoreSpeech.framework/corespeechd 
1		518		0.0		[U502]		/Applications/Wacom Tablet.localized/.Tablet/WacomTabletDriver.app/Contents/MacOS/WacomTabletDriver 
1		519		0.0		[U502]		/System/Library/CoreServices/SocialPushAgent.app/Contents/MacOS/SocialPushAgent 
1		521		0.0		[U502]		/Library/PrivilegedHelperTools/com.wacom.DataStoreMgr.app/Contents/MacOS/com.wacom.DataStoreMgr 
1		522		0.0		[U502]		/System/Library/Frameworks/InputMethodKit.framework/Resources/imklaunchagent 
1		523		0.0		[U502]		/System/Library/Image Capture/Support/icdd 
1		525		0.0		[U502]		/Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent 
1		527		0.0		[U502]		/Library/PrivilegedHelperTools/com.wacom.IOManager.app/Contents/MacOS/com.wacom.IOManager 
1		528		0.0		[U502]		/System/Library/PrivateFrameworks/AskPermission.framework/Versions/A/Resources/askpermissiond 
1		530		0.0		[U502]		/Library/Application Support/Adobe/AdobeGCClient/AGMService -mode=logon 
1		531		0.0		[U502]		/System/Library/CoreServices/AirPlayUIAgent.app/Contents/MacOS/AirPlayUIAgent --launchd 
1		532		0.0		[U502]		/System/Library/CoreServices/cloudpaird 
1		535		0.0		[U502]		/System/Library/CoreServices/diagnostics_agent 
1		537		0.0		[U502]		/System/Library/CoreServices/TextInputMenuAgent.app/Contents/MacOS/TextInputMenuAgent 
1		538		0.0		[U502]		/System/Library/PrivateFrameworks/AppleMediaServices.framework/Resources/amsaccountsd 
1		540		0.0		root		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp -d 
1		541		0.0		_fpsd		/System/Library/PrivateFrameworks/CoreADI.framework/adid 
1		542		0.0		[U502]		/System/Library/Frameworks/CryptoTokenKit.framework/ctkahp.bundle/Contents/MacOS/ctkahp 
1		543		0.0		_captiveagent		/usr/libexec/captiveagent 
1		544		0.0		_netbios		/usr/sbin/netbiosd 
1		545		0.0		_nsurlstoraged		/usr/libexec/nsurlstoraged --privileged 
1		551		0.0		[U502]		/System/Library/PrivateFrameworks/CacheDelete.framework/deleted 
1		552		0.0		root		/System/Library/PrivateFrameworks/CacheDelete.framework/deleted_helper 
1		554		0.0		_assetcache		/usr/libexec/AssetCache/AssetCache 
1		555		0.0		root		/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd 
1		556		0.0		[U502]		/System/Library/PrivateFrameworks/FileProvider.framework/Support/fileproviderd 
1		557		0.0		root		/System/Library/PrivateFrameworks/CoreSymbolication.framework/coresymbolicationd 
1		558		0.0		[U502]		/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/storedownloadd 
1		559		0.0		root		/System/Library/PrivateFrameworks/PackageKit.framework/Resources/system_installd 
1		560		0.0		[U502]		/usr/libexec/replayd 
1		575		0.0		root		/Applications/OneDrive.app/Contents/StandaloneUpdaterDaemon.xpc/Contents/MacOS/StandaloneUpdaterDaemon 
1		578		0.0		root		/System/Library/PrivateFrameworks/AssetCacheServicesExtensions.framework/XPCServices/AssetCacheTetheratorService.xpc/Contents/MacOS/AssetCacheTetheratorService 
1		579		0.0		[U502]		/System/Library/PrivateFrameworks/SoftwareUpdate.framework/Resources/SoftwareUpdateNotificationManager.app/Contents/MacOS/SoftwareUpdateNotificationManager 
1		580		0.0		_softwareupdate		/System/Library/CoreServices/Software Update.app/Contents/Resources/softwareupdated 
1		581		0.0		root		/System/Library/CoreServices/Software Update.app/Contents/Resources/suhelperd 
1		593		0.0		[U502]		/System/Library/CoreServices/CoreServicesUIAgent.app/Contents/MacOS/CoreServicesUIAgent 
1		601		0.0		[U502]		/Applications/Wacom Tablet.localized/.Tablet/TabletDriver.app/Contents/MacOS/TabletDriver -psn_0_151589 
1		603		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		604		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		605		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		607		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		608		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		609		0.0		[U502]		/Applications/Wacom Tablet.localized/.Tablet/WacomTouchDriver.app/Contents/MacOS/WacomTouchDriver -psn_0_155686 
1		612		0.0		[U502]		/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Support/fontworker 
1		613		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-bundle -c MDSImporterBundleFinder -m com.apple.mdworker.bundles 
1		614		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker -s mdworker-bundle -c MDSImporterBundleFinder -m com.apple.mdworker.bundles 
1		615		0.0		root		/usr/libexec/sysmond 
1		616		0.0		root		/System/Library/CoreServices/CrashReporterSupportHelper server-init 
159		617		0.0		root		/usr/sbin/systemstats --logger-helper /private/var/db/systemstats 
1		618		0.0		[U502]		/usr/libexec/adprivacyd 
1		620		0.0		[U502]		/System/Library/CoreServices/ReportCrash agent 
1		621		0.0		_spotlight		/usr/libexec/trustd --agent 
1		622		0.0		[U502]		/usr/libexec/remindd 
1		623		0.0		root		/System/Library/CoreServices/ReportCrash daemon 
1		629		0.0		root		/usr/libexec/rtcreportingd 
1		630		0.0		root		/usr/libexec/smd 
1		633		0.0		[U502]		/System/Library/PrivateFrameworks/HelpData.framework/Versions/A/Resources/helpd 
1		634		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		635		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		636		0.0		_spotlight		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		637		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		638		0.1		[U502]		/Applications/DetectX Swift.app/Contents/MacOS/DetectX Swift 
1		639		0.0		[U502]		/System/Library/Frameworks/CoreServices.framework/Frameworks/Metadata.framework/Versions/A/Support/mdworker_shared -s mdworker -c MDSImporterWorker -m com.apple.mdworker.shared 
1		839		0.0		[U502]		/System/Library/PrivateFrameworks/MobileAccessoryUpdater.framework/Support/fudHelperAgent 
1		840		0.0		root		/System/Library/PrivateFrameworks/MobileAccessoryUpdater.framework/Support/fud 30 
1		841		0.0		[U502]		/System/Library/PrivateFrameworks/IMDMessageServices.framework/XPCServices/IMDMessageServicesAgent.xpc/Contents/MacOS/IMDMessageServicesAgent 
1		842		0.0		[U502]		/System/Library/Services/AppleSpell.service/Contents/MacOS/AppleSpell 
1		843		0.0		[U502]		/usr/libexec/keyboardservicesd 

«»EOF»«
und hier etre Check. ich finde es sehr frustrierend, dass angegeben wird, es sei noch totalAv in den Programmen vorhanden, ich es aber nirgends finden kann.........

Code:
ATTFilter
EtreCheckPro version: 6.4.4 (6E015)
Report generated: 2021-05-04 11:00:38
Download EtreCheckPro from https://etrecheck.com
Runtime: 3:45
Performance: Excellent

Problem: No problem - just checking

Major Issues:
  Anything that appears on this list needs immediate attention. 
  Time Machine backup out-of-date - The last Time Machine backup is over 10 days old.
  System extension blocked - There are system extensions awaiting user approval.

Minor Issues:
  These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. 
  SSD too slow - SSD is showing poor performance.
  Time Machine auto backup disabled - Time Machine auto backups are disabled.
  High battery cycle count - Your battery may be losing capacity.
  Unsigned files - There are unsigned software files installed. Apple has said that unsigned software will not run by default in a future version of the operating system.
  System modifications - There are a large number of system modifications running in the background.
  Kernel extensions present - This computer has kernel extensions that may not work in the future.

Hardware Information:
  MacBook Pro (13-inch, Mid 2012)
  MacBook Pro Model: MacBookPro9,2
  2,5 GHz Dual-Core Intel Core i5 (i5-3210M) CPU: 2-core
  4 GB RAM - Upgradeable
    BANK 0/DIMM0 - 2 GB DDR3 1600  
    BANK 1/DIMM0 - 2 GB DDR3 1600  
  Battery: Health = Replace Soon - Cycle count = 1165

Video Information:
  Intel HD Graphics 4000 - VRAM: 1536 MB
    Color LCD 1280 x 800

Drives:
  disk0 - Crucial_CT525MX300SSD1 525.11 GB (Solid State - TRIM: No) 
  Internal SATA 6 Gigabit Serial ATA
    disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB
    disk0s2 [APFS Container] 524.90 GB
      disk1 [APFS Virtual drive] 524.90 GB (Shared by 5 volumes)
        disk1s1 - M******************n (APFS) [APFS Virtual drive] (Shared - 248.57 GB used)
        disk1s2 - Preboot (APFS) [APFS Preboot] (Shared - 30 MB used)
        disk1s3 - Recovery (APFS) [Recovery] (Shared - 526 MB used)
        disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07 GB used)
        disk1s5 - Macintosh HD (APFS) (Shared - 11.26 GB used)

Mounted Volumes:
  disk1s1 - M******************n [APFS Virtual drive]
    524.90 GB (Shared - 248.57 GB used, 271.79 GB available, 263.28 GB free)
    APFS
    Mount point: /System/Volumes/Data
    Encrypted

  disk1s4 - VM [APFS VM]
    524.90 GB (Shared - 1.07 GB used, 263.28 GB free)
    APFS
    Mount point: /private/var/vm

  disk1s5 - Macintosh HD
    524.90 GB (Shared - 11.26 GB used, 271.79 GB available, 263.28 GB free)
    APFS
    Mount point: /
    Encrypted
    Read-only: Yes

Network:
  Interface en0: Ethernet
  Interface en1: Wi-Fi
    802.11 a/b/g/n
  Interface fw0: FireWire
  Interface en3: Bluetooth PAN
  Interface bridge0: Thunderbolt Bridge

System Software:
  macOS Catalina 10.15.7 (19H114) 
  Time since boot: Less than an hour

Configuration Files:
  /etc/hosts - Count: 20

Notifications:
  EtreCheckPro.app
    2 notifications

Security:
  Gatekeeper: App Store and identified developers
  System Integrity Protection: Enabled

  Antivirus software: Apple and Malwarebytes

Unsigned Files:
  Launchd: /Library/LaunchDaemons/hdjsd.plist
    Executable: /var/hercules/hdjsd
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/org.virtualbox.startup.plist
    Executable: /Library/Application Support/VirtualBox/LaunchDaemons/VirtualBoxStartup.sh restart
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist
    Executable: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility -mode=logon
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.anchorfree.ajaxserver.plist
    Executable: /Library/Application Support/Hotspot Shield/ajaxserver
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist
    Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper
    Details: Exact match found in the legitimate list - probably OK

  Launchd: /Library/LaunchDaemons/com.adobe.SwitchBoard.plist
    Executable: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard
    Details: Exact match found in the legitimate list - probably OK

  Launchd: ~/Library/LaunchAgents/com.BlueStacks.AppPlayer.Service.plist
    Executable: /Applications/BlueStacks.app/Contents/MacOS/bstservice Android
    Details: Exact match found in the legitimate list - probably OK

  Plugin: /Library/Internet Plug-Ins/EPPEX Plugin.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin
  Plugin: /Library/Internet Plug-Ins/AdobePDFViewer.plugin
  Plugin: /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin
  Plugin: /Library/Internet Plug-Ins/Unity Web Player.plugin
  Plugin: /Library/Internet Plug-Ins/VLC Plugin.plugin

  Preference Pane: /Library/PreferencePanes/MacFUSE.prefPane
  Preference Pane: /Library/PreferencePanes/NIUSBAudio.prefPane

  Apps: 11


System Extensions:
  [Waiting for authorization] TotalAV 5 Real-Time Extension - version 1.0 (SS Protect Limited - 2021-03-15)
    Application: /Applications/TotalAV.app - version 1.0

Kernel Extensions:
  /Applications/BlueStacks.app
    [Not Loaded] VBoxDrv.kext - com.bluestacks.kext.Hypervisor (5.2.20)

  /Library/Application Support/Hotspot Shield
    [Not Loaded] tun10.9.kext - com.anchorfree.tun (1.1.1 - SDK 10.8)

  /Library/Application Support/VirtualBox
    [Loaded] VBoxDrv.kext - org.virtualbox.kext.VBoxDrv (6.1.4)
    [Loaded] VBoxNetAdp.kext - org.virtualbox.kext.VBoxNetAdp (6.1.4)
    [Loaded] VBoxNetFlt.kext - org.virtualbox.kext.VBoxNetFlt (6.1.4)
    [Loaded] VBoxUSB.kext - org.virtualbox.kext.VBoxUSB (6.1.4)

  /Library/Extensions
    [Not Loaded] FTDIKext.kext - com.FTDI.driver.D2XXHelper (1.0 - SDK 10.14)
    [Not Loaded] NIUSBAudio2DJ.kext - com.caiaq.driver.NIUSBAudio2DJDriver (2.3.14)
    [Not Loaded] NIUSBAudio4DJ.kext - com.caiaq.driver.NIUSBAudio4DJDriver (2.3.14)
    [Not Loaded] NIUSBAudioDriver.kext - com.caiaq.driver.NIUSBHardwareDriver (2.3.14)
    [Not Loaded] NIUSBTraktorKontrolX1.kext - com.caiaq.driver.NIUSBTraktorKontrolX1Driver (2.3.14)
    [Not Loaded] fabio.kext - com.dvdfab.kext.fabio (1.0)
    [Not Loaded] Dropbox.kext - com.getdropbox.dropbox.kext (1.11.0 - SDK 10.14)
    [Not Loaded] hp_fax_io.kext - com.hp.kext.hp-fax-io (5.11.0 - SDK 10.8)
    [Not Loaded] hp_io_enabler_compound.kext - com.hp.kext.io.enabler.compound (3.4.0)
    [Not Loaded] JMicronATA.kext - com.jmicron.JMicronATA (1.1.6)
    [Not Loaded] NIUSBDeviceHelper.kext - com.native-instruments.driver.NIUSBDeviceHelper (1.0.8 (R32))
    [Not Loaded] SiLabsUSBDriver64.kext - com.silabs.driver.CP210xVCPDriver64 (3.0.0d1)
    [Not Loaded] Wacom Tablet.kext - com.wacom.kext.wacomtablet (Wacom Tablet 6.3.34-1 - SDK 10.14)
    [Not Loaded] BJUSBLoad.kext - jp.co.canon.bj.print.BJUSBLoad (10.75.21 - SDK 10.8)
    [Not Loaded] CIJUSBLoad.kext - jp.co.canon.ij.print.CIJUSBLoad (16.0.10 - SDK 10.9)

System Launch Agents:
  [Not Loaded]  16 Apple tasks
  [Loaded]  194 Apple tasks
  [Running]  103 Apple tasks

System Launch Daemons:
  [Not Loaded]  33 Apple tasks
  [Loaded]  191 Apple tasks
  [Running]  113 Apple tasks

Launch Agents:
  [Not Loaded] com.adobe.AAM.Updater-1.0.plist (? ffb65062  - installed 2018-01-09)
  [Loaded] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Loaded] com.microsoft.OneDriveStandaloneUpdater.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2021-04-14)
  [Running] com.wacom.DataStoreMgr.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.IOManager.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Running] com.wacom.wacomtablet.plist (Wacom Technology Corp. - installed 2020-09-25)

Launch Daemons:
  [Loaded] com.BlueStacks.AppPlayer.bstservice_helper.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.adobe.SwitchBoard.plist (? 68cad67  - installed 2014-11-19)
  [Loaded] com.adobe.acc.installer.plist (Adobe Systems, Inc. - installed 2017-11-02)
  [Loaded] com.adobe.acc.installer.v2.plist (Adobe Inc. - installed 2020-11-18)
  [Running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2021-04-25)
  [Loaded] com.anchorfree.ajaxserver.plist (? b7821fb8  - installed 2013-11-08)
  [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2021-04-29)
  [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2021-03-24)
  [Running] com.microsoft.OneDriveStandaloneUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.OneDriveUpdaterDaemon.plist (Microsoft Corporation - installed 2021-03-04)
  [Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2021-04-14)
  [Loaded] com.microsoft.office.licensing.helper.plist (? 6d8cb30e  - installed 2015-06-04)
  [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2020-11-09)
  [Loaded] com.microsoft.teams.TeamsUpdaterDaemon.plist (Microsoft Corporation - installed 2020-12-07)
  [Not Loaded] com.oracle.java.Helper-Tool.plist (? 0  - installed )
  [Running] com.wacom.UpdateHelper.plist (Wacom Technology Corp. - installed 2020-09-25)
  [Loaded] com.wacom.displayhelper.plist (Apple - installed 2020-12-09)
  [Running] hdjsd.plist (? 70ae2dc0  - installed 2013-12-25)
  [Not Loaded] org.virtualbox.startup.plist (? 700b9385  - installed 2020-03-02)

User Launch Agents:
  [Loaded] com.BlueStacks.AppPlayer.Service.plist (? 0  - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.UninstallWatcher.plist (BlueStack Systems, Inc. - installed 2021-01-15)
  [Loaded] com.BlueStacks.AppPlayer.Updater.plist (BlueStack Systems, Inc. - installed 2021-01-15)

User Login Items:
  [Not Loaded] AppCleaner SmartDelete (Julien Ramseier - installed 2021-05-03)
    Modern Login Item
    /Applications/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app

  [Not Loaded] Launcher Disabler (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/Launcher Disabler.app

  [Not Loaded] OneDrive Launcher (Microsoft Corporation - installed 2021-03-04)
    Modern Login Item
    /Applications/OneDrive.app/Contents/Library/LoginItems/OneDrive Launcher.app

Internet Plug-ins:
  AdobeAAMDetect: 3.0.0.0 (Adobe Systems, Inc. - installed 2017-11-02)
  EPPEX Plugin: 10.0 (? - installed 2012-05-25)
  AdobePDFViewerNPAPI: 11.0.0 (? - installed 2012-09-24)
  AdobePDFViewer: 11.0.0 (? - installed 2012-09-24)
  SharePointBrowserPlugin: 14.5.2 (? - installed 2020-09-01)
  Unity Web Player: UnityPlayer version 4.5.5f1 (? - installed 2014-10-08)
  VLC Plugin: 2.2.4 (? - installed 2016-06-02)

Safari Extensions:
  Honey (App Store - installed 2021-04-21)

3rd Party Preference Panes:
  MacFUSE (? - installed 2008-12-19)
  Native Instruments USB Audio (? - installed 2013-10-23)
  WacomTablet (Wacom Technology Corp. - installed 2020-09-25)

Backup:
  Skip System Files: No
  Mobile backups: No
  Auto backup: No
  Volumes being backed up: 
    M******************n: Disk size: 524.90 GB - Disk used: 261.62 GB 
  Destinations: 
    T*********T [Local] (Last used)
      Total size: 999.86 GB
      Total number of backups: 1
      Oldest backup: 2017-02-08 10:22:24
      Last backup: 2017-02-08 10:22:24

Performance:
  System Load: 2.33 (1 min ago) 5.30 (5 min ago) 3.05 (15 min ago)
  Nominal I/O speed: 0.00 MB/s
  File system: 25.54 seconds
  Write speed: 225 MB/s
  Read speed: 404 MB/s

CPU Usage Snapshot:
  Type Overall
  System: 5 %
  User: 8 %
  Idle: 87 %

Top Processes Snapshot by CPU:
  Process (count) CPU (Source - Location)
  com.apple.WebKit.WebContent (2) 16.54 % (Apple)
  WindowServer 16.48 % (Apple)
  EtreCheckPro 9.62 % (Etresoft, Inc.)
  kernel_task 3.68 % (Apple)
  Safari 1.28 % (Apple)

Top Processes Snapshot by Memory:
  Process (count) RAM usage (Source - Location)
  EtreCheckPro 228 MB (Etresoft, Inc.)
  com.apple.WebKit.WebContent (2) 206 MB (Apple)
  kernel_task 94 MB (Apple)
  AppleSpell 80 MB (Apple)
  Finder 78 MB (Apple)

Top Processes Snapshot by Network Use:
  Process (count) Input / Output (Source - Location)
  mDNSResponder 20 KB / 19 KB (Apple)
  RTProtectionDaemon 17 KB / 4 KB (Malwarebytes Corporation)
  apsd 4 KB / 3 KB (Apple)
  netbiosd 522 B / 354 B (Apple)
  SystemUIServer 0 B / 56 B (Apple)

Top Processes Snapshot by Energy Use:
  Process (count) Energy (0-100) (Source - Location)
  com.apple.WebKit.WebContent (2) 9 (Apple)
  WindowServer 8 (Apple)
  Safari 2 (Apple)
  RTProtectionDaemon 0 (Malwarebytes Corporation)
  WacomTabletDriver 0 (Wacom Technology Corp.)

Virtual Memory Information:
  Physical RAM: 4 GB

  Free RAM: 32 MB
  Used RAM: 2.67 GB
  Cached files: 1.30 GB

  Available RAM: 1.33 GB
  Swap Used: 0 B

Software Installs (past 60 days):
  Install Date Name (Version)
  2021-03-05 iMovie (10.2.3)
  2021-03-24 Pages (11.0)
  2021-04-14 Microsoft AutoUpdate (4.34.21041102)
  2021-04-14 Microsoft Excel (16.48.21041102)
  2021-04-14 Microsoft OneNote (16.48.21041102)
  2021-04-14 Microsoft PowerPoint (16.48.21041102)
  2021-04-14 Microsoft Word (16.48.21041102)
  2021-04-19 Microsoft Outlook (16.48.21041102)
  2021-04-21 Honey (12.8.6)
  2021-04-27 Anki Notes (3.00)
  2021-04-28 TotalAV
  2021-04-29 Malwarebytes for Mac (1.0)
  2021-04-30 MRTConfigData (1.78)
  2021-04-30 XProtectPlistConfigData (2145)
  2021-05-03 Paint S (5.10.1)

Diagnostics Information (past 7-30 days):
  2021-05-03 21:49:11 VDC.plugin Crash (2 times)
    Executable: /System/Library/Frameworks/CoreMediaIO.framework/Versions/A/Resources/VDC.plugin
    Details:
      dyld3 mode

  2021-05-03 14:34:56 spindump Crash
    Executable: /usr/sbin/spindump
    Details:
      dyld3 mode
      API MISUSE: Over-release of an object

  2021-05-03 13:56:24 AdobeGCClient.app Crash
    Executable: /Library/Application Support/Adobe/*/AdobeGCClient.app
    Details:
      dyld: in dlopen()
      *** CFHash() called with NULL ***

  2021-05-01 23:07:01 com.apple.WebKit.WebContent High CPU Use
    Executable: /Library/Apple/*/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent

  2021-04-29 16:21:05 net.protected.macos.AVHelper High CPU Use
    Executable: /Library/PrivilegedHelperTools/net.protected.macos.AVHelper

  2021-04-27 23:14:25 trustd High CPU Use
    Executable: /usr/libexec/trustd

  2021-04-27 12:11:08 BlueStacks.app High CPU Use
    Executable: /Applications/BlueStacks.app


End of report
Es geht um dieses File net.protected.macos.TotalAV.ESAVExtension.systemextension
und es lässt sich nicht löschen...

The operation can’t be completed because you don’t have permission to access some of the items.

Wie kann das sein?

Thema geschlossen
Seite 1 von 3 1 23

Themen zu Ursnif Trojaner auf Mac
aktiv, blockiert, datei, einiger, email, entdeck, entdeckt, entfernen, erlaubt, frage, heute, hoffe, laufen, mac, macintosh, mehrfach, nichts, nötig, passwort, phänomen, quelle, runter, trojaner, ursnif, verschickt, woche, würde


« mehrere Macs über iCloud verbinden - geht das? | Wechsel von WIN 10 zu Linux Manjaro »


Ähnliche Themen: Ursnif Trojaner auf Mac


  1. Aktuelle Welle: Ursnif-Trojaner versteckt sich in Zip-Archiven
    Nachrichten - 22.01.2020 (0)
  2. TR/URSNIF.18.34 in C:\WINDOWS\SYSTEM32\clipgers.dll => Ebay & Bank Konto betroffen
    Plagegeister aller Art und deren Bekämpfung - 23.10.2010 (4)
  3. TR/ Ursnif.C Auf meinen Laptop?
    Plagegeister aller Art und deren Bekämpfung - 21.10.2010 (0)
  4. Trojan Spy.Win32.Ursnif ....kann ich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 05.03.2010 (35)
  5. 'TR/Spy.Ursnif.34816I.1' wieder losgeworden!?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ursnif Trojaner auf Mac - Hallo! Ich habe letzte Woche eine email bekommen, mit einer zip Datei inkl. Passwort, welches eine Word Datei beinhaltete. Nachdem ich heute erfuhr, dass diese email nicht von der Person - Ursnif Trojaner auf Mac...
Archiv
Du betrachtest: Ursnif Trojaner auf Mac auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132