Previous 1 2 3 4 5 6 7 Next 103 Replies Latest reply: Mar 19, 2015 7:20 PM by HackedUser123 Go to original post
  • Yagra Level 1 Level 1 (0 points)

    I have this question too.  My emails and twitter account were compromised.  Often I have to change passwords.  So who's using my passwords and how do thye know?  My Mac seems slow and grinding the gears. 

     

    I followed your steps for terminal and got this result.  There is a long list of fonts included for some reason. At the very bottom I noted this :

    'tell application "System Events" to get name of every login item' 2> /dev/null

    iTunesHelper, Kodak EasyShare Wireless Listener, AdobeResourceSynchronizer, SPanel

     

    Anything suspicious on this list that I must remove?  If so how?  Your  recoomendations are highly appreciated.               Edith

     

    kextstat -kl | awk '!/com\.apple/{printf "%s %s\n", $6, $7}'

     

     

    sudo launchctl list | sed 1d | awk '!/0x|com\.(apple|openssh|vix)|edu\.mit|org\.(amavis|apache|cups|isc|ntp|postfi x|x)/{print $3}'

     

    ls -1A /e*/mach* {,/}L*/{Ad,Compon,Ex,Fram,In,Keyb,La,Mail/Bu,P*P,Priv,Qu,Scripti,Servi,Spo,Sta} * L*/Fonts 2> /dev/null

     

    osascript -e 'tell application "System Events" to get name of every login item' 2> /dev/null

     

     

    RESULST 7.28.13

     

    Last login: Mon Jul 29 11:45:09 on console

    You have mail.

    71-88-35-31:~ edithreimers$ kextstat -kl | awk '!/com\.apple/{printf "%s %s\n", $6, $7}'

    71-88-35-31:~ edithreimers$ sudo launchctl list | sed 1d | awk '!/0x|com\.(apple|openssh|vix)|edu\.mit|org\.(amavis|apache|cups|isc|ntp|postfi x|x)/{print $3}'

     

    WARNING: Improper use of the sudo command could lead to data loss

    or the deletion of important system files. Please double-check your

    typing when using sudo. Type "man sudo" for more information.

     

    To proceed, enter your password, or type Ctrl-C to abort.

     

    Password:

    com.quark.quarkupdate

    com.barebones.textwrangler

    com.barebones.authd

    com.adobe.SwitchBoard

    com.adobe.fpsaud

    71-88-35-31:~ edithreimers$ ls -1A /e*/mach* {,/}L*/{Ad,Compon,Ex,Fram,In,Keyb,La,Mail/Bu,P*P,Priv,Qu,Scripti,Servi,Spo,Sta} * L*/Fonts 2> /dev/null

    /Library/Components:

     

    /Library/Extensions:

     

    /Library/Frameworks:

    Adobe AIR.framework

    EWSMac.framework

    KodakCMS.framework

    LogoSync.framework

    NyxAudioAnalysis.framework

    PluginManager.framework

    QuarkUpdateInterface.framework

    TSLicense.framework

    Xalan-c-cw9.framework

    Xalan-c-xc.framework

    Xerces-c-cw9.framework

    Xerces-c-xc.framework

    iTunesLibrary.framework

     

    /Library/Input Methods:

     

    /Library/Internet Plug-Ins:

    .DS_Store

    AdobePDFViewer.plugin

    Flash Player.plugin

    Flip4Mac WMV Plugin.plugin

    JavaAppletPlugin.plugin

    NP-PPC-Dir-Shockwave

    Quartz Composer.webplugin

    QuickTime Plugin.plugin

    Scorch.plugin

    Silverlight.plugin

    flashplayer.xpt

    iPhotoPhotocast.plugin

    nsIQTScriptablePlugin.xpt

     

    /Library/Keyboard Layouts:

    Showtime.ttf

     

    /Library/LaunchAgents:

    com.adobe.AAM.Updater-1.0.plist

    com.quark.quarkupdate.agent.plist

     

    /Library/LaunchDaemons:

    com.adobe.SwitchBoard.plist

    com.adobe.fpsaud.plist

    com.barebones.authd.plist

    com.barebones.textwrangler.plist

    com.quark.quarkupdate.plist

     

    /Library/PreferencePanes:

    Flash Player.prefPane

    Flip4Mac WMV.prefPane

    QUPreferencePane.prefPane

     

    /Library/PrivilegedHelperTools:

    com.barebones.authd

    com.barebones.textwrangler

    com.quark.quarkupdate

     

    /Library/QuickLook:

    GBQLGenerator.qlgenerator

    QuarkXPress.qlgenerator

    iWork.qlgenerator

     

    /Library/QuickTime:

    .DS_Store

    AppleIntermediateCodec.component

    AppleMPEG2Codec.component

    Flip4Mac WMV Advanced.component

    Flip4Mac WMV Export.component

    Flip4Mac WMV Import.component

    Flix Flv.component

    Flix Swf.component

     

    /Library/ScriptingAdditions:

    Adobe Unit Types.osax

    QXPScriptingAdditions.osax

     

    /Library/Spotlight:

    AppleWorks.mdimporter

    GBSpotlightImporter.mdimporter

    Microsoft Office.mdimporter

    QuarkXPress.mdimporter

    iWeb.mdimporter

    iWork.mdimporter

     

    /Library/StartupItems:

     

    /etc/mach_init.d:

    dashboardadvisoryd.plist

     

    /etc/mach_init_per_login_session.d:

     

    /etc/mach_init_per_user.d:

    com.adobe.SwitchBoard.monitor.plist

     

    Library/Address Book Plug-Ins:

     

    Library/Fonts:

    .DS_Store

    2001 Adobe Font Collections

    4YEOVAL_.TTF

    ANIMALS2.TTF

    AOASWFTE.TTF

    ARBOF___.TTF

    Abadi MT Condensed Extra Bold

    Abadi MT Condensed Light

    Advantage Book

    AlphaGarden.ttf

    Andale Mono

    Apple Chancery

    Apple LiGothic Medium.dfont

    AppleGothic.dfont

    AquaKanaBold.otf

    AquaKanaRegular.otf

    Arial

    Arial Black

    Arial Black copy

    Arial Narrow

    Arial Rounded Bold

    BATBATS.TTF

    Baskerville Old Face

    Bauhaus 93

    Beesk

    Bell MT

    Bernard MT Condensed

    BernhModBol

    Bernhard Modern Bold

    BernhardModernStd-Bold.otf

    BernhardModernStd-BoldIt.otf

    BernhardModernStd-Italic.otf

    BernhardModernStd-Roman.otf

    BickhamScriptStd-Bold.otf

    Book Antiqua

    Bookman Old Style

    Braggadocio

    Britannic Bold

    Brush Script

    Butterfl.ttf

    CRAFL___.TTF

    CS Benwood.otf

    Calisto MT

    Candcu__.ttf

    CantoMTLig

    Cantoria 2 Light

    Century

    Century Gothic

    Century Schoolbook

    Christmas3.ttf

    ChristmasDebbie.ttf

    ChristmasLightsOutdoor.ttf

    ChristmasTime.ttf

    Colonna

    Comic Sans MS

    Cooper Black

    Copperplate Gothic Bold

    Copperplate Gothic Light

    Courier.dfont

    Culinary Art 2.ttf

    Curlz MT

    Desdemona

    Edwardian Script ITC

    Engravers MT

    Equestrian by Darrian 2.ttf

    Eurostile

    FROSTY__.TTF

    Font Pro 3-Designer's Type TTF

    Food!.ttf

    Footlight Light

    GENAUTIC.TTF

    Garamond

    Georgia

    Gill Sans Ultra Bold

    GillSans.dfont

    GillSansStd-BoldCondensed.otf

    GillSansStd-Italic.otf

    GillSansStd.otf

    Gloucester MT Extra Condensed

    Goudy Old Style

    Haettenschweiler

    Harrington

    HelveLTMM

    Helvetica LT MM

    HeyValentine.ttf

    Hoefler Text.dfont

    ICHIGC__.TTF

    ITC Beesknees

    ITC Ozwald

    Impact

    Imprint MT Shadow

    KAISG___.TTF

    KOOLDING.TTF

    KR All Sport.ttf

    KR Eight Santas.ttf

    KR Silver Spoons.ttf

    KabelLTStd-Black.otf

    KabelLTStd-Book.otf

    KabelLTStd-Heavy.otf

    KabelLTStd-Light.otf

    KellyAnnGothic.ttf

    Kino

    KinoMT

    LABYRINT 2.TTF

    LABYRINT.TTF

    LITTLELO.TTF

    Lucida Blackletter

    Lucida Bright

    Lucida Calligraphy

    Lucida Fax

    Lucida Handwriting

    Lucida Sans

    Lucida Sans Typewriter

    MT Extra

    MTCORSVA.TTF

    Magik.ttf

    Majestic Bold

    Matura Script Capitals

    Medici Text.ttf

    Missi

    Missionary.SF

    Mistral

    Modern No. 20

    Monotype Corsiva

    Monotype Sorts

    Moonstar.ttf

    Murphys.ttf

    News Gothic MT

    OLDENGLT.TTF

    Onyx

    Ozwal

    PEGASUS.TTF

    PTVALENTINE.TTF

    Palm Desktop Fonts

    Paris

    Parisian

    Party LET Fonts

    Perpetua Titling MT

    Playbill

    Rockwell

    Rockwell Extra Bold

    Rose.ttf

    SARSAPAR.TTF

    SEASG___.TTF

    SUGAC___.TTF

    Shatter LET Fonts

    Showtime.ttf

    Someone Special.ttf

    Stencil

    Stone Sans OS ITC TT

    TT HolidayPi BT

    Tahoma

    Techno

    Times LT MM

    Times New Roman

    Times.dfont

    TimesLTMM

    Trebuchet MS

    Type Embellishmnt One LET

    UniveRom

    University Roman

    University Roman Bold LET

    VRINDA.TTF

    ValentineHearts.ttf

    Veggi_Terra.TTF

    Verdana

    WINPETS2.TTF

    Wide Latin

    Wingdings

    Wingdings 2

    Wingdings 3

    WoodtypeOrnamentsStd.otf

    XMASTYME.TTF

    Xmas Clipart 2.ttf

    Xmasclip.ttf

    YEEHAW.TTF

    ZapfDingbats.dfont

    Zapfino.dfont

    abctrain.ttf

    carbon bl.ttf

    carbon phyber.ttf

    ck_jewels.ttf

    fauxsnow.ttf

    funfish_sg.ttf

    jd_jessica.ttf

    kr.TTF

    riesling.ttf

    sloop-scriptone.ttf

    wm-christmas1.ttf

    wm-christmas2.ttf

    wm-christmas3.ttf

    wm-food1.ttf

    wm-food2.ttf

     

    Library/Internet Plug-Ins:

    .DS_Store

    KickStartPlugIn64.plugin

     

    Library/Keyboard Layouts:

     

    Library/LaunchAgents:

    com.adobe.AAM.Updater-1.0.plist

    com.adobe.ARM.df0ab5bbe6f698196fcc21e3c1e66dcb758bd911f4d637272d9d8109.plist

    com.apple.SafariBookmarksSyncer.plist

    71-88-35-31:~ edithreimers$ osascript -e 'tell application "System Events" to get name of every login item' 2> /dev/null

    iTunesHelper, Kodak EasyShare Wireless Listener, AdobeResourceSynchronizer, SPanel

    71-88-35-31:~ edithreimers$

  • MadMacs0 Level 5 Level 5 (4,545 points)

    Yagra wrote:

     

    I have this question too.  My emails and twitter account were compromised.  Often I have to change passwords.  So who's using my passwords and how do thye know?

    See Someone is sending messages from my e-mail address.

    There is a long list of fonts included for some reason.

    You seem to be using Page Layout software which normally come with their own font collections, so I'm not sure why you are surprised about that.

    At the very bottom I noted this :

    ...

    iTunesHelper, Kodak EasyShare Wireless Listener, AdobeResourceSynchronizer, SPanel

    What's your question here? Is there something you don't recognize.

     

    And while were at it, is there any software mentioned in the rest of the list that you don't use any more? Perhaps it was not properly removed. If so, that could be contributing to the slowness you are seeing. Software should always be removed by running an un-installer provided by the developer and not just by dragging the application to the trash.

     

    Nothing jumps out at me from the list. You should be aware that in order for somebody to have installed a keylogger you would have had to give them physical access to the machine or shared access to it from your network.  A-V software is not generally designed to detect them either since they are all commercial or hack software that has legitimate uses. The only one the specializes in that is MacScan from SecureMac and it has problems with false positives, so make certain that what it identifies is actually something you don't want before deleting it. It also isn't very good at identifying malware (MacScan disappoints).

     

    This is a very old thread and you may notice that none of the folks who have posted to it lately have received any responses. If a day or two go by and you haven't heard from anybody else, consider re-posting it as a new topic and you will start to hear from folks.

  • Yagra Level 1 Level 1 (0 points)

    Thank you very much for your time and for your input - much ease to my mind. 

     

    Great suggestion for removing inactive software.  I was using the demo version of MacScan and they usully removed tracking cookies.

     

    As for fonts, I purchase and share fonts.  I use Quark, Adobe CS 5.5 for magazine layout and design.  Sometimes a corrupt font will interfere with PDF output.  Just can't tell by looking at them though.

     

    I did not recognize:

         Wireless Listener at the bottom

    and

         tell application "System Events" to get name of every login item'

     

    No need to reply if they are OK.    Thanks again.

  • MadMacs0 Level 5 Level 5 (4,545 points)

    Yagra wrote:

     

    I purchase and share fonts.  I use Quark, Adobe CS 5.5 for magazine layout and design.  Sometimes a corrupt font will interfere with PDF output.  Just can't tell by looking at them though.

    • Type Command-Space and begin typing "font book" without the quotes until that app is highlighted, then hit the return/enter key.
    • Select "All Fonts" from the left-hand column and then the first font listed in the right-hand column.
    • Select "Select All" from the Edit menu or type Command-A.
    • Now select "Validate Fonts" from the File menu and wait for it to finish.
    • That should tell you what you need to know.

    I did not recognize:

         Wireless Listener at the bottom

    I believe the full name is "Kodak Easyshare Wireless Listener." My guess is this is a feature of a Kodak camera that you use to transfer pictures over your Wi-Fi system.

    tell application "System Events" to get name of every login item'

    That's part of what you pasted into Terminal to get a list of all the Login Items which you can find in System Preferences->Accounts->Login Items tab.

  • kidnemo Level 1 Level 1 (0 points)

    These are my results.. I'd hate to jump on the band wagon.. but a while ago I had a 'friend'  install some software and I've reformatted... gotten a new drive... etc.. but I still think my information is being hacked.. If I check my network status it shows that I have double information going out than coming in.  Maybe thats why my internet is **** slow.  Any advice or anything you see here that jumps out at you as weird?

     

    com.google.Chrome.framework.service_process/Users/jbook/Library/Application_Supp ort/Google/Chrome

    com.kodak.BonjourAgent

    com.gopro.stereomodestatus

    com.adobe.AdobeCreativeCloud

    com.nero.HSMMonitor

    com.nds.pcshow.uninstall

    com.nds.pcshow

    com.kodak.StatisticCollection

    com.kodak.KODAK

    com.kodak.KODAK

    com.google.keystone.user.agent

    com.adobe.ARM.de23d1e3aa2d00ce38d73f10fcbdc8dcaaaf6be989610710a1ddda77

    com.adobe.AAM.Scheduler-1.0

    Juans-MacBook:~ jbook$ ls -1A /e*/mach* {,/}L*/{Ad,Compon,Ex,Fram,In,Keyb,La,Mail/Bu,P*P,Priv,Qu,Scripti,Servi,Spo,Sta} * L*/Fonts 2> /dev/null

    /Library/Components:

     

     

    /Library/Extensions:

     

     

    /Library/Frameworks:

    AEProfiling.framework

    AERegistration.framework

    Adobe AIR.framework

    AudioMixEngine.framework

    NyxAudioAnalysis.framework

    PluginManager.framework

    iTunesLibrary.framework

     

     

    /Library/Input Methods:

     

     

    /Library/Internet Plug-Ins:

    AdobePDFViewer.plugin

    AdobePDFViewerNPAPI.plugin

    DirectorShockwave.plugin

    Flash Player.plugin

    JavaAppletPlugin.plugin

    QuickTime Plugin.plugin

    SharePointBrowserPlugin.plugin

    SharePointWebKitPlugin.webplugin

    webplugin.plugin

     

     

    /Library/Keyboard Layouts:

     

     

    /Library/LaunchAgents:

    com.adobe.AAM.Updater-1.0.plist

    com.adobe.AdobeCreativeCloud.plist

    com.gopro.stereomodestatus.plist

    com.kodak.BonjourAgent.plist

     

     

    /Library/LaunchDaemons:

    com.adobe.fpsaud.plist

     

     

    /Library/PreferencePanes:

    Flash Player.prefPane

     

     

    /Library/PrivilegedHelperTools:

     

     

    /Library/QuickLook:

    CC_QL.qlgenerator

    iBooksAuthor.qlgenerator

    iWork.qlgenerator

     

     

    /Library/QuickTime:

    AppleAVCIntraCodec.component

    AppleHDVCodec.component

    AppleIntermediateCodec.component

    AppleMPEG2Codec.component

    AppleProResCodec.component

    CFHDCompressor.component

    CFHDDecompressor.component

    DVCPROHDCodec.component

    FCP Uncompressed 422.component

    IMXCodec.component

     

     

    /Library/ScriptingAdditions:

    Adobe Unit Types.osax

     

     

    /Library/Spotlight:

    Microsoft Office.mdimporter

    iBooksAuthor.mdimporter

    iWork.mdimporter

     

     

    /Library/StartupItems:

     

     

    /etc/mach_init.d:

     

     

    /etc/mach_init_per_login_session.d:

     

     

    /etc/mach_init_per_user.d:

     

     

    Library/Fonts:

     

     

    Library/Input Methods:

    .localized

     

     

    Library/Internet Plug-Ins:

    PlayerPlugin.bundle

     

     

    Library/Keyboard Layouts:

     

     

    Library/LaunchAgents:

    com.adobe.AAM.Updater-1.0.plist

    com.adobe.ARM.de23d1e3aa2d00ce38d73f10fcbdc8dcaaaf6be989610710a1ddda77.plist

    com.apple.AddressBook.ScheduledSync.PHXCardDAVSource.0F88385D-8406-487D-AB74-36F D36F3AC15.plist

    com.apple.AddressBook.ScheduledSync.PHXCardDAVSource.954783AB-B69F-418E-A6FC-C24 01F6C0CE7.plist

    com.apple.AddressBook.ScheduledSync.PHXCardDAVSource.B1991C43-91AC-4072-9945-A3A E609305F1.plist

    com.google.Chrome.framework.plist

    com.google.keystone.agent.plist

    com.kodak.KODAK AiO Firmware Updater.plist

    com.kodak.KODAK AiO Software Updater.plist

    com.kodak.StatisticCollection.plist

    com.nds.pcshow.plist

    com.nds.pcshow.uninstall.plist

    com.nero.HSMMonitor.plist

     

     

    Library/PreferencePanes:

    MusicManager.prefPane

    Juans-MacBook:~ jbook$ osascript -e 'tell application "System Events" to get name of every login item' 2> /dev/null

    iTunesHelper

    Juans-MacBook:~ jbook$

  • kidnemo Level 1 Level 1 (0 points)

    Oh i should mention.. when he installed the software .. I new something was up immediately.. I spent 4 days going through lines of code in the activity monitor until I could prove it to my ex who thought I was crazy.

  • Yagra Level 1 Level 1 (0 points)

    Thanks once again.  You solved dangling concerns.   Font search perfecto - found 12 flawed ones.

     

    Clear for take off!  Thank you!

  • NY Jetman Level 1 Level 1 (0 points)

    I have the same problem and I'm 100% sure i have one.   Do you see something I should be worried about?   PLease help...

     

    Part 1

     

    com.rim.driver.BlackBerryUSBDriverInt (0.0.68)
    com.AmbrosiaSW.AudioSupport (4.1.2)
    com.kaspersky.kext.klif (3.0.0d23)
    com.kaspersky.nke (1.0.2d43)
    com.kaspersky.kext.kimul.44 (44)

     


    Part 2

     

    com.microsoft.office.licensing.helper
    com.macpaw.CleanMyMac2.Agent
    com.kaspersky.kav
    com.cleverfiles.cfbackd
    com.ambrosiasw.ambrosiaaudiosupporthelper.daemon
    com.adobe.SwitchBoard
    com.adobe.fpsaud

     

    Part 3

     

    com.wacom.pentablet
    com.sierrawireless.SwitchTool
    com.kaspersky.kav.gui
    com.divx.update.agent
    com.divx.dms.agent
    com.adobe.AdobeCreativeCloud
    com.microsoft.SyncServicesAgent
    com.macpaw.CleanMyMac2Helper.trashWatcher
    com.macpaw.CleanMyMac2Helper.scheduledScan
    com.divx.agent.postinstall
    com.adobe.ARM.de23d1e3aa2d00ce38d73f10fcbdc8dcaaaf6be989610710a1ddda77
    com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae
    com.adobe.AAM.Scheduler-1.0

     

    Part 4

     

    /Library/Components:

     

    /Library/Extensions:

     

    /Library/Frameworks:
    AEProfiling.framework
    AERegistration.framework
    Adobe AIR.framework
    AudioMixEngine.framework
    DivX Toolkit.framework
    EWSMac-GC.framework
    EWSMac.framework
    FxPlug.framework
    HPDeviceModel.framework
    HPPml.framework
    HPServicesInterface.framework
    HPSmartPrint.framework
    MacFUSE.framework
    NyxAudioAnalysis.framework
    PluginManager.framework
    ProFX.framework
    ProMetadataSupport.framework
    Python.framework
    RIM_VSP.framework
    RimBlackBerryUSB.framework
    RubyCocoa.framework
    TSLicense.framework
    WacomMultiTouch.framework
    XSKey.framework
    iLifeFaceRecognition.framework
    iLifeKit.framework
    iLifePageLayout.framework
    iLifeSQLAccess.framework
    iLifeSlideshow.framework
    iTunesLibrary.framework

     

    /Library/Input Methods:

     

    /Library/Internet Plug-Ins:
    .DS_Store
    AdobeAAMDetect.plugin
    AdobePDFViewer.plugin
    AdobePDFViewerNPAPI.plugin
    CANONiMAGEGATEWAYDL.plugin
    DivX Plus Web Player.plugin
    Flash Player.plugin
    Flip4Mac WMV Plugin.plugin
    JavaAppletPlugin.plugin
    OVSHelper.plugin
    OfficeLiveBrowserPlugin.plugin
    Quartz Composer.webplugin
    QuickTime Plugin.plugin
    RealPlayer Plugin.plugin
    SharePointBrowserPlugin.plugin
    SharePointWebKitPlugin.webplugin
    Silverlight.plugin
    SkyCaddiePlugIn.plugin
    WacomNetscape.plugin
    WacomSafari.plugin
    ebldetect.bundle
    flashplayer.xpt
    iPhotoPhotocast.plugin
    nsIQTScriptablePlugin.xpt

     

    /Library/Keyboard Layouts:

     

    /Library/LaunchAgents:
    com.adobe.AAM.Updater-1.0.plist
    com.adobe.AdobeCreativeCloud.plist
    com.divx.dms.agent.plist
    com.divx.update.agent.plist
    com.kaspersky.kav.gui.plist
    com.sierrawireless.SwitchTool.plist
    com.wacom.pentablet.plist

     

    /Library/LaunchDaemons:
    com.adobe.SwitchBoard.plist
    com.adobe.fpsaud.plist
    com.ambrosiasw.ambrosiaaudiosupporthelper.daemon.plist
    com.apple.aelwriter.plist
    com.cleverfiles.cfbackd.plist
    com.kaspersky.kav.plist
    com.macpaw.CleanMyMac2.Agent.plist
    com.microsoft.office.licensing.helper.plist

     

    /Library/PreferencePanes:
    Flash Player.prefPane
    Flip4Mac WMV.prefPane
    MacFUSE.prefPane
    PenTablet.prefPane

     

    /Library/PrivilegedHelperTools:
    com.macpaw.CleanMyMac2.Agent
    com.microsoft.office.licensing.helper

     

    /Library/QuickLook:
    GBQLGenerator.qlgenerator
    ParallelsQL.qlgenerator
    iBooksAuthor.qlgenerator
    iWork.qlgenerator

     

    /Library/QuickTime:
    AppleAVCIntraCodec.component
    AppleHDVCodec.component
    AppleIntermediateCodec.component
    AppleMPEG2Codec.component
    AppleProResCodec.component
    CanonMJPEGAVI.component
    CanonMJPEGAVIDec.component
    CanonText.component
    DVCPROHDCodec.component
    DesktopVideoOut.component
    DivX Decoder.component
    DivX Encoder.component
    FCP Uncompressed 422.component
    Flip4Mac WMV Advanced.component
    Flip4Mac WMV Export.component
    Flip4Mac WMV Import.component
    IMXCodec.component
    LiveType.component

     

    /Library/ScriptingAdditions:
    Adobe Unit Types.osax

     

    /Library/Spotlight:
    GBSpotlightImporter.mdimporter
    LogicPro.mdimporter
    Microsoft Office.mdimporter
    ParallelsMD.mdimporter
    iBooksAuthor.mdimporter
    iWork.mdimporter

     

    /Library/StartupItems:
    Jaksta
    ParallelsDesktopTransporter

     

    /etc/mach_init.d:

     

    /etc/mach_init_per_login_session.d:

     

    /etc/mach_init_per_user.d:
    com.adobe.SwitchBoard.monitor.plist

     

    Library/Address Book Plug-Ins:
    .DS_Store
    SkypeABDialer.bundle
    SkypeABSMS.bundle
    YMsgrCallABPlugin.bundle
    YMsgrMsnABPlugin.bundle
    YMsgrSmsABPlugin.bundle
    YMsgrYimABPlugin.bundle

     

    Library/Fonts:
    .DS_Store

     

    Library/Frameworks:
    EWSMac-GC.framework
    EWSMac.framework

     

    Library/Input Methods:
    .localized

     

    Library/Internet Plug-Ins:
    BrowserPlus_2.9.8.plugin
    CitrixOnlineWebDeploymentPlugin.plugin
    WebEx.plugin
    WebEx64.plugin
    fbplugin_1_0_3.plugin

     

    Library/Keyboard Layouts:

     

    Library/LaunchAgents:
    .DS_Store
    com.adobe.AAM.Updater-1.0.plist
    com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist
    com.adobe.ARM.de23d1e3aa2d00ce38d73f10fcbdc8dcaaaf6be989610710a1ddda77.plist
    com.divx.agent.postinstall.plist
    com.macpaw.CleanMyMac.helperTool.plist
    com.macpaw.CleanMyMac.trashSizeWatcher.plist
    com.macpaw.CleanMyMac2Helper.scheduledScan.plist
    com.macpaw.CleanMyMac2Helper.trashWatcher.plist
    com.microsoft.LaunchAgent.SyncServicesAgent.plist

     

    Library/PreferencePanes:
    BrowserPlusPrefs.prefPane

     

    Library/Services:
    ToastIt.service

     


    Part 5

     

    EEventManager, RealPlayer Downloader Agent, Boingo Wi-Finder, EEventManager, BambooCore

  • PrfctGrl Level 1 Level 1 (0 points)

    Have you been experiencing slower performance on your Mac? If so, then it sounds more like a virus. Keyloggers are NOT viruses and this day in age technology is so advanced that it would not slow down your systems performance. Keyloggers are virtually undetectable unless you do a scan of the system. Unless you are handeling very sensitive and valuable information I do notsee why you would have a keylogger issue. Although designing them is trivial, installing them without being caught is hard. Has anyone had access to your Mac? Maybe a repair shop, or law enforcement? Law enforcement officials are notorious for installing keyloggers.Anytime they ask you "can we look through your computer or phone" always answer NO. They are not supposed to look in your computer and open files etc., right procedure is to power down the system and make a bit stream copy of the Hard Drive then return it to you, and you should present does not take long to do.Do you use a wireless or bluetooth kepboard by chance? I noticed from the info provided you have legitimate software on there , such Adoabe, a Pentablet which all come from legitimate sources. Maybe a roommate could have had access to your system? It is very difficult to "spy" on your computers activity without having had physical access to it at some point in time.

  • PrfctGrl Level 1 Level 1 (0 points)

    I would recommend staying away from scanning software that you get from a thrid party vendor. Mac's are designed to "repair" themselves. If you are wanting to have your system checked I would recommend finding an Apple authorized place to do that or take it to the Apple store. These online softwares are okay, but why take your Mercedez to a guy who works on Chevy's? Get what I mean.

  • AlexisAwesome Level 1 Level 1 (0 points)

    No I don't think you have a keylogger. What leads you to think this?

  • AlexisAwesome Level 1 Level 1 (0 points)

    what makes you think it's a keylogger

  • samheller Level 1 Level 1 (0 points)

    i also think i may have a keylogger on ym mac as someone tried to log into my facebook account from a country i have never been to.

    can someone check to see if there is anything on my mac

    out put after 1:

    com.rim.driver.BlackBerryUSBDriverInt (0.0.74)

    com.rim.driver.BlackBerryUSBDriverVSP (0.0.74)

     

    output after 2:

    com.rim.BBDaemon

    com.mac.adg.SquidMan

    com.adobe.fpsaud

     

    outputafter 3:

    com.rim.BBLaunchAgent

    com.rim.RimAlbumArtDaemon

    com.spotify.webhelper

    com.pando.PMB

    com.google.keystone.user.agent

    com.codecm.uploader

    com.valvesoftware.steamclean

    com.google.Chrome.framework.service_process/Users/samuelheller/Library/Applicati on_Support/Google/Chrome

    com.valvesoftware.steam.ipctool

     

    output after 4:

    /Library/Components:

     

     

    /Library/Extensions:

     

     

    /Library/Frameworks:

    Adobe AIR.framework

    DivX Toolkit.framework

    NyxAudioAnalysis.framework

    PluginManager.framework

    RIM_VSP.framework

    RimBlackBerryUSB.framework

    iTunesLibrary.framework

     

     

    /Library/Input Methods:

     

     

    /Library/Internet Plug-Ins:

    DirectorShockwave.plugin

    DivXBrowserPlugin.plugin

    Flash Player.plugin

    JavaAppletPlugin.plugin

    NP-PPC-Dir-Shockwave

    OVSHelper.plugin

    OfficeLiveBrowserPlugin.plugin

    PandoWebPlugin.plugin

    Quartz Composer.webplugin

    QuickTime Plugin.plugin

    Silverlight.plugin

    Unity Web Player.plugin

    Unused

    flashplayer.xpt

    iPhotoPhotocast.plugin

    nsIQTScriptablePlugin.xpt

     

     

    /Library/Internet Plug-Ins (Disabled):

    Flash Player.plugin

     

     

    /Library/Keyboard Layouts:

     

     

    /Library/LaunchAgents:

    com.rim.BBAlbumArtCacher.plist

    com.rim.BBLaunchAgent.plist

     

     

    /Library/LaunchDaemons:

    com.adobe.fpsaud.plist

    com.apple.third_party_32b_kext_logger.plist

    com.mac.adg.SquidMan.plist

    com.rim.BBDaemon.plist

     

     

    /Library/PreferencePanes:

    DivX.prefPane

    Flash Player.prefPane

    MediaBooster.prefPane

     

     

    /Library/PrivilegedHelperTools:

    com.mac.adg.SquidMan

     

     

    /Library/QuickLook:

    GBQLGenerator.qlgenerator

    iWork.qlgenerator

     

     

    /Library/QuickTime:

    AppleIntermediateCodec.component

    AppleMPEG2Codec.component

    DivX Decoder.component

    DivX Encoder.component

     

     

    /Library/Spotlight:

    AppleWorks.mdimporter

    GBSpotlightImporter.mdimporter

    Microsoft Office.mdimporter

    iWork.mdimporter

     

     

    /Library/StartupItems:

     

     

    /etc/mach_init.d:

    dashboardadvisoryd.plist

     

     

    /etc/mach_init_per_login_session.d:

     

     

    /etc/mach_init_per_user.d:

     

     

    Library/Address Book Plug-Ins:

    SkypeABDialer.bundle

    SkypeABSMS.bundle

     

     

    Library/Fonts:

     

     

    Library/Input Methods:

    .localized

     

     

    Library/Internet Plug-Ins:

     

     

    Library/Keyboard Layouts:

     

     

    Library/LaunchAgents:

    .DS_Store

    com.apple.FTMonitor.plist

    com.apple.FolderActions.enabled.plist

    com.apple.FolderActions.folders.plist

    com.apple.imagent.plist

    com.apple.marcoagent.plist

    com.codecm.uploader.plist

    com.google.keystone.agent.plist

    com.pando.PMB.plist

    com.spotify.webhelper.plist

    com.valvesoftware.steamclean.plist

     

     

    Library/PreferencePanes:

     

    output after 5: Skype, SpeechSynthesisServer, iTunesHelper, Steam, Spotify, Android File Transfer Agent

  • tololo Level 1 Level 1 (0 points)

    Please if you read this could you please help me too?? I also have the same problem and have followed your instructions and would like to post my findings so you can help me with the outputs I recieved...I am desperate trying to sort out a series of very mysterious happenig in my life right now which are driving me crazy....thank you.

  • tololo Level 1 Level 1 (0 points)

    If you can please help me....this is what I got..please.

     

    Output after 1st:

    localhost:~ lamalika$

     

    Output after 2nd

    1. com.google.keystone.daemon
    2. com.adobe.fpsaud

     

    Output after 3rd

    1. com.google.keystone.system.agent

     

    Output after 4th

    localhost:~ lamalika$ ls -1A /e*/mach* {,/}L*/{Ad,Compon,Ex,Fram,In,Keyb,La,Mail/Bu,P*P,Priv,Qu,Scripti,Servi,Spo,Sta} * L*/Fonts 2> /dev/null

    /Library/Components:

     

    /Library/Extensions:

     

    /Library/Frameworks:

    1. NyxAudioAnalysis.framework
    2. PluginManager.framework
    3. TSLicense.framework
    4. iLifeFaceRecognition.framework
    5. iLifeKit.framework
    6. iLifePageLayout.framework
    7. iLifeSQLAccess.framework
    8. iLifeSlideshow.framework
    9. iTunesLibrary.framework

     

    /Library/Input Methods:

     

    /Library/Internet Plug-Ins:

    1. CitrixICAClientPlugIn.plugin

    Flash Player.plugin

    Flip4Mac WMV Plugin.plugin

    1. JavaAppletPlugin.plugin
    • OfficeLiveBrowserPlugin.plugin

    Quartz Composer.webplugin

    QuickTime Plugin.plugin

    1. Silverlight.plugin

    Unity Web Player.plugin

    Unused

    1. flashplayer.xpt
    2. googletalkbrowserplugin.plugin
    3. iPhotoPhotocast.plugin

    npgtpo3dautoplugin.plugin

    1. nsIQTScriptablePlugin.xpt

    o1dbrowserplugin.plugin

     

    /Library/Keyboard Layouts:

     

    /Library/LaunchAgents:

    1. com.google.keystone.agent.plist

     

    /Library/LaunchDaemons:

    1. com.adobe.fpsaud.plist
    2. com.apple.third_party_32b_kext_logger.plist
    3. com.google.keystone.daemon.plist

     

    /Library/PreferencePanes:

    Citrix online plug-in.prefPane

    Flash Player.prefPane

    Flip4Mac WMV.prefPane

     

    /Library/PrivilegedHelperTools:

     

    /Library/QuickLook:

    1. GBQLGenerator.qlgenerator
    2. iWork.qlgenerator

     

    /Library/QuickTime:

    AC3MovieImport.component

    1. AppleIntermediateCodec.component

    AppleMPEG2Codec.component

    Flip4Mac WMV Advanced.component

    Flip4Mac WMV Export.component

    Flip4Mac WMV Import.component

    1. Perian.component

     

    /Library/Spotlight:

    1. AppleWorks.mdimporter
    2. GBSpotlightImporter.mdimporter
    3. LogicPro.mdimporter

    Microsoft Office.mdimporter

    1. iWork.mdimporter

     

    /Library/StartupItems:

     

    /etc/mach_init.d:

    1. dashboardadvisoryd.plist

     

    /etc/mach_init_per_login_session.d:

     

    /etc/mach_init_per_user.d:

     

    Library/Address Book Plug-Ins:

    1. SkypeABDialer.bundle
    2. SkypeABSMS.bundle
    3. YMsgrCallABPlugin.bundle
    4. YMsgrMsnABPlugin.bundle
    5. YMsgrSmsABPlugin.bundle
    6. YMsgrYimABPlugin.bundle

     

    Library/Fonts:

     

    Library/Frameworks:

    1. SamsungKiesFoundation.framework
    2. SamsungKiesSerialPort.framework

     

    Library/Input Methods:

    .localized

     

    Library/Internet Plug-Ins:

    .DS_Store

    KickStartPlugIn64.plugin

     

    Library/Keyboard Layouts:

     

    Library/LaunchAgents:

    1. com.apple.CSConfigDotMacCert-***-SharedServices.Agent.plist
    2. com.apple.FolderActions.enabled.plist
    3. com.apple.FolderActions.folders.plist

     

    Library/PreferencePanes:

     

    Output After 5th

     

    iTunesHelper, Safari, Skype, KiesAgent, KiesViaWiFiAgent, fuspredownloader

    localhost:~ lamalika$

     

    Thank you so so much

     

    <Email Edited By Host>