Hello, all –– A scan today turned up the iworm malware on my computer (OSX), and is giving me a headache. For those who haven't heard about it, here is a link: http://www.macissues.com/2014/10/02/new-iworm-botnet-discovered-affecting-os-x-systems/ Now I'm faced with something of a predicament. Some information (see: https://docs.google.com/document/d/1YOfXRUQJgMjJSLBSoLiUaSZfiaS_vU3aG4Bvjmz6Dxs/edit?pli=1 ) suggests that if one has Little Snitch installed on their computer (which I do) then the malware will not run after installing for fear of being detected (I suppose). Thus I am hopeful that no damage has been done. It looks like the infected files were created about a month ago, and I do not have any backups from before that time; thus my only option seems to be to backup any essential files and then start from scratch, which I really, really do not want to do. So*: Does anyone know of any way I can check to see if 1. The info regarding little snitch is true, and I can verify that the malware has not been running, or 2. There is some other way to assess the situation and find a solution without doing a complete wipe and reinstall ? Many thanks ––
"A scan today turned up the iworm malware on my computer" What did you make the scan with? Antivirus or ?
Just assume it has even if it didn't. Change all your passwords and the like after you clean it off. Wouldn't a typical AV provider detect and remove it?
it appears to be an updated re-emergence of an ancient trojan: http://www.symantec.com/security_response/writeup.jsp?docid=2009-012620-2836-99
I made the scan with Avast. Avast removed the files that the malware was originally located in, but I have no way of knowing what the malware has been doing in the meantime. Also, out of curiosity, how does malware steal passwords? How would using a password manager such as LastPass effect the threat of malware?
Nowadays they use to inject the browser so that they can grab any information that you put there. LastPass wouldn't stop them. But, reading the description on macissues.com, it seems that the goal of this particular piece of malware would be to control your computer in order to use it, along with many others, to crack other's people passwords, not to grab yours. But, as has been said, you should assume that you have been compromised: wipe out your hard drive and change all your passwords.
Thank you for your input. This is indeed my default assumption, though wiping the drive is going to be such a disastrous pain that I needed someone else to tell me before taking the plunge!
Good, then we know that it can't do any more harm if it now sits in the Avast quarantine. Have you seen anything that you believe is caused by the malware before it was quarantined? I guess it must have sneaked past the real-time protection, and Avast added detection for this piece at a later date wich is why it was detected during a scan and not when it entered the system.
I'm not exactly sure what you mean by checking that it's not a false positive, but I did go into the Library/Preferences and found the "Java W" folder. I tried to figure out if there was anything I could do to check if the malware was running, and then finding nothing I deleted the files (a .plist and launch daemon, I believe). If it can't do any more harm from the quarantine (or deleted I hope), then why is it suggested to wipe/reinstall? Are you sure about this? I am not, it's just that in the limited information I could find in the the news about the worm, it was suggested that the malware could have installed more software or hidden itself somewhere else, or something along these lines. I haven't seen anything that I believe is caused by the malware, or noticed anything out of the ordinary. I took a look through the Activity Monitor for any suspicious processes, but I wasn't very thorough (looking up info on any process which I am unfamiliar with, which is a lot). I also looked through Little Snitch, since I often have it on silent mode, and can later look through the connections. I didn't see anything that looked very strange (always tons of ruby connections through, I still haven't managed to figure out what these are used for). Just in case there's an expert who wants to take quick look for anything unusual, I'm pasting my activity monitor processes below, organized by User, with ROOT at the top and USER processes at the bottom: Code: kernel_task 2.2 3:59.66 107 67 0 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No systemstatsd 0.0 5.42 2 0 1820 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No sysmond 0.5 1.88 3 0 147 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No coreservicesd 0.0 1.18 4 0 101 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No qmasterd 0.0 0.24 2 0 55 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 32 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.apple.ctkpcscd 0.0 0.02 2 0 104 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No wirelessproxd 0.0 0.04 2 0 58 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No SubmitDiagInfo 0.0 0.02 2 0 8772 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No findmydeviced 0.0 0.32 4 0 156 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No apsd 0.0 0.57 4 0 61 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No spindump 0.0 0.02 2 0 6097 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No com.apple.AmbientDisplayAgent 0.0 0.06 3 0 309 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No blued 0.0 0.34 3 0 70 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No TMCacheDelete 0.0 0.07 3 0 1219 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No syslogd 0.0 2.03 8 1 24 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No fseventsd 0.0 3.88 9 2 27 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No stackshot 0.0 0.01 3 0 76 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No logind 0.0 0.02 2 0 79 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No powerd 0.0 0.53 2 0 33 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No usbd 0.0 0.07 2 0 177 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No com.apple.ifdreader 0.0 0.01 2 0 180 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No filecoordinationd 0.0 0.06 2 0 1234 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No notifyd 0.1 4.06 3 0 85 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No securityd_service 0.0 0.09 3 0 1188 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No warmd 0.0 0.14 3 0 39 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No tccd 0.0 0.26 2 0 327 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No diagnosticd 0.0 0.01 2 0 88 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No mdflagwriter 0.0 0.00 2 0 2147 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No iconservicesagent 0.0 0.02 2 0 45 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No ctkd 0.0 0.01 2 0 146 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No wdhelper 0.0 0.02 2 0 51 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No UserEventAgent 0.0 1.83 5 3 23 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No kextd 0.0 2.54 2 0 26 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No thermald 0.0 0.07 2 0 29 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.apple.CodeSigningHelper 0.0 0.07 2 0 317 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No configd 0.0 3.05 9 0 32 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No nehelper 0.0 0.08 2 0 176 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No ntpd 0.0 0.45 2 1 179 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No taskgated 0.0 1.26 3 0 84 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No cron 0.0 0.01 1 0 182 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No watchdogd 0.0 0.12 3 0 1144 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No sandboxd 0.0 0.11 3 0 1242 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No authd 0.0 0.17 4 0 93 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Little Snitch Daemon 0.2 8.09 5 1 47 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No launchd 0.0 10.44 6 0 1 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.avast.proxy 0.0 1.21 2 1 1055 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No coreduetd 0.0 1.57 3 0 50 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No com.apple.AccountPolicyHelper 0.0 0.01 2 0 338 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No syspolicyd 0.0 0.01 2 0 9052 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No ocspd 0.0 0.03 1 0 10345 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No discoveryd_helper 0.0 0.01 2 0 292 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No awdd 0.0 0.06 2 0 53 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No opendirectoryd 0.1 5.08 10 0 56 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No amfid 0.0 0.43 2 0 105 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No coresymbolicationd 0.0 0.10 3 0 1254 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No secinitd 0.0 0.03 2 0 154 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No launchservicesd 0.0 3.00 4 0 62 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No AppleCameraAssistant 0.0 0.03 4 0 1260 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.avast.fileshield 0.0 1.62 3 0 1070 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No securityd 0.0 0.71 7 0 65 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No CVMServer 0.0 0.11 3 1 307 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No deleted 0.0 0.13 2 0 1217 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No autofsd 0.0 0.01 2 0 71 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No pia_openvpn 0.0 3.94 1 1 9407 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No revisiond 0.0 0.04 3 0 77 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No KernelEventAgent 0.0 0.01 3 0 80 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No hidd 0.5 30.84 5 0 83 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No CrashReporterSupportHelper 0.0 0.02 2 0 1425 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No airportd 0.0 2.33 3 0 37 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No corestoraged 0.0 0.02 2 0 181 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No mds_stores 0.0 27.85 4 1 279 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No mds 0.0 12.35 7 1 40 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No socketfilterfw 0.6 23.81 4 0 184 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No cfprefsd 0.0 1.45 4 0 89 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No suhelperd 0.0 0.02 2 0 1143 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.avast.daemon 0.0 3:33.02 26 2 282 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No networkd_privileged 0.0 0.02 2 0 285 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No diskarbitrationd 0.0 0.07 2 0 46 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.avast.service 0.1 3.90 2 0 334 root 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No networkd 0.2 1.53 4 0 185 _networkd 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No appleeventsd 0.0 0.15 2 0 31 _appleevents 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No discoveryd 0.7 6.70 33 3 60 _mdnsresponder 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No WindowServer 2.4 6:02.47 4 10 161 _windowserver 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No mdworker 0.0 0.19 4 0 1161 _spotlight 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No mdworker 0.0 0.08 4 0 1160 _spotlight 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No distnoted 0.0 0.03 2 0 1162 _spotlight 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No softwareupdated 0.0 0.15 2 0 1142 _softwareupdate 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No coreaudiod 0.9 55.44 4 78 1211 _coreaudiod 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes Yes com.apple.audio.DriverHelper 0.0 0.04 2 0 1220 _coreaudiod 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No locationd 0.0 0.59 8 0 67 _locationd 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No usbmuxd 0.0 0.04 3 0 64 _usbmuxd 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No netbiosd 0.0 0.04 2 0 9410 _netbios 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No iconservicesd 0.0 0.03 2 0 44 _iconservices 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No distnoted 0.0 0.19 2 0 86 _distnote 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No nsurlsessiond 0.0 0.04 2 0 175 _nsurlsessiond 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No nsurlstoraged 0.0 0.02 2 0 284 _nsurlstoraged 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No displaypolicyd 0.0 0.02 5 0 69 _displaypolicyd 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No diagnostics_agent 0.0 0.19 2 0 1293 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No iTunes 0.0 1:53.12 15 0 1198 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No mdworker 0.0 0.14 2 0 4596 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No com.apple.audio.ComponentHelper 0.0 0.03 2 0 9048 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No usernoted 0.0 0.59 2 0 1201 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No storeaccountd 0.0 0.21 4 0 1345 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Opera Helper 0.0 0.72 10 0 9005 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No storeassetd 0.0 0.21 2 0 1250 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No TISwitcher 0.0 0.13 3 0 1299 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No pia_tray 0.6 42.56 11 14 1443 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 32 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 0.38 9 0 9008 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No LaterAgent 0.0 0.09 3 0 1492 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No CallHistorySyncHelper 0.0 0.07 2 0 1253 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No mdworker 0.0 0.57 4 0 1446 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No SystemUIServer 0.0 2.02 4 0 1207 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No cloudd 0.0 0.21 4 0 1256 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No Opera Helper 0.0 0.33 9 0 9011 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No mdworker 0.0 1.03 4 0 1449 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No secinitd 0.0 0.26 2 0 1210 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No fmfd 0.0 0.10 2 0 1259 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No Dashboard 0.3 37.48 13 3 1979 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.apple.notificationcenterui.WeatherSummary 0.0 0.02 2 0 1406 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No tccd 0.0 0.27 2 0 1216 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No CIJScannerRegister 0.0 1.58 5 2 1792 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Flux 0.1 4.31 5 2 1314 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No AppleSpell.service 0.0 0.20 2 0 1268 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No sharingd 0.0 0.38 3 0 1222 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No bird 0.0 0.20 5 0 1225 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No ruby 0.8 48.96 13 28 1369 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 32 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No rcd 0.0 0.14 2 0 1991 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No pploader 0.0 0.39 5 0 1323 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No quicklookd 0.0 0.19 4 0 8983 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Opera Helper 0.0 3.95 9 0 9032 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Keychain Circle Notification 0.0 0.11 3 0 1277 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No iconservicesagent 0.0 0.07 2 0 1231 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No gpg-agent 0.0 0.25 1 0 1375 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 32 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Notification Center 0.0 0.49 3 0 1280 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera 0.0 1:29.49 29 0 8989 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.avast.helper 0.0 0.63 4 0 1332 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No askpermissiond 0.0 0.03 2 0 1286 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No distnoted 0.0 2.65 5 0 1191 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 0.27 9 0 8992 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No cloudpaird 0.0 0.06 2 0 1289 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Opera Helper 0.0 0.31 9 0 8998 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Opera Helper 0.0 10.46 9 0 9620 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No com.apple.internetaccounts 0.0 0.44 3 0 1243 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No com.apple.audio.SandboxHelper 0.0 0.01 3 0 9047 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No Transmission 1.4 24.15 7 36 9574 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Wi-Fi 0.0 0.12 4 0 1292 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Activity Monitor 5.5 13.86 7 5 10530 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 0.43 9 0 9001 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No IMDPersistenceAgent 0.0 0.05 2 0 1246 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No VLC 2.5 42.91 13 54 9050 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Ulysses 0.0 2.04 3 0 1200 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No CloudKeychainProxy 0.0 0.02 2 0 1344 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No nsurlstoraged 0.0 0.34 5 0 1249 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No gfxCardStatus 0.0 0.26 5 0 1298 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Little Snitch Network Monitor 0.5 23.38 6 11 1347 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 0.45 9 0 9007 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No CalendarAgent 0.0 11.11 5 0 1206 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Opera Helper 0.0 4.50 9 0 9010 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No com.apple.NotesMigratorService 0.0 0.03 2 0 1255 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No mdworker 0.0 3.18 4 0 1448 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No pboard 0.0 0.01 1 0 1209 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No com.apple.InputMethodKit.UserDictionary 0.0 0.04 2 0 1356 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No AppleIDAuthAgent 0.0 0.12 6 0 1261 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No CalNCService 0.0 0.64 2 0 1215 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No Dashboard 0.1 0.99 12 0 1981 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Image Capture Extension 0.0 0.15 3 0 1791 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Spotlight 0.0 0.64 4 0 1267 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No ruby 0.0 0.05 2 0 1270 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 32 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No pbs 0.0 0.07 2 0 1224 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No identityservicesd 0.0 0.72 3 0 1227 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No loginwindow 0.0 1.33 2 0 78 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No NIHardwareAgent 0.0 0.23 4 0 1325 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 32 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 1.24 9 1 9990 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Little Snitch Agent 0.0 1.81 4 1 1279 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Firefox 10.2 4:27.64 47 192 9322 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No lsuseractivityd 0.0 0.16 2 0 1233 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No Opera Helper 0.0 0.36 4 1 8991 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No com.apple.dock.extra 0.0 0.29 3 0 1236 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 1.34 9 0 8994 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No storedownloadd 0.0 0.05 2 0 1239 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No cfprefsd 0.0 3.24 6 0 1193 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 0.81 9 1 8997 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Opera Helper 0.0 0.88 9 0 9000 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No accountsd 0.0 0.07 2 0 1245 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No CoreServicesUIAgent 0.0 0.26 3 0 1248 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No Dropbox 0.0 0.26 4 0 9579 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No nsurlsessiond 0.0 0.04 2 0 1202 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No com.apple.metadata.SpotlightNetHelper 0.0 0.41 6 0 1346 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No CallHistoryPluginHelper 0.0 0.04 2 0 1251 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No Opera Helper 0.0 0.87 9 0 9006 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Dock 0.0 2:38.55 3 0 1205 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 0.32 9 0 9009 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No mdworker 0.0 1.72 4 0 1447 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Finder 0.0 6.44 4 0 1208 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Caffeine 0.0 0.74 6 0 1352 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No callservicesd 0.0 0.31 2 0 1257 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No mdflagwriter 0.0 0.07 2 0 1214 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Dashboard 0.0 3.57 11 0 1980 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 32 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.apple.BKAgentService 0.0 0.02 2 0 1266 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No sleep 0.0 0.00 1 0 1318 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No pkd 0.0 0.30 2 0 1223 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No spindump_agent 0.0 0.01 2 0 1272 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No fontd 0.0 3.28 2 0 1226 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No SocialPushAgent 0.0 0.02 2 0 1275 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No pplogger 0.0 0.48 5 1 1324 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No AirPlayUIAgent 0.0 0.15 3 0 1229 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No secd 0.0 0.17 5 0 1232 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No BetterTouchTool 0.2 26.40 8 0 1952 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No storelegacy 0.0 0.03 2 0 1235 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No UserEventAgent 0.0 0.52 6 0 1189 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Dropbox 0.0 0.45 3 0 1238 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No bash 0.0 0.01 1 0 1287 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No universalaccessd 0.0 0.92 3 0 1192 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 1.82 9 0 8993 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No Opera Helper 0.0 0.39 9 0 8996 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No soagent 0.0 0.26 2 0 1241 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No QuickLookSatellite 0.0 0.54 2 0 9045 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes Yes 0 bytes No Opera Helper 0.0 4.67 9 0 9762 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No helpd 0.0 0.02 2 0 1290 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No com.apple.wifi.proxy 0.0 0.17 2 0 1339 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No imagent 0.0 0.20 2 0 1244 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No No 0 bytes No Opera Helper 0.0 1.27 9 0 8999 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No com.apple.appkit.xpc.openAndSavePanelService 0.0 0.26 3 1 10583 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No com.apple.iCloudHelper 0.0 0.09 2 1 10585 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No TextEdit 0.0 11.22 4 0 10581 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No printtool 0.0 0.01 2 0 10610 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No CVMCompiler 0.0 0.06 3 0 10630 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes No Yes 0 bytes No ScopedBookmarkAgent 0.0 0.02 2 0 10636 MisterXu 0 bytes 0 bytes 0 0 0 bytes 0 bytes - No No 0 bytes 0 bytes 64 bit 0 bytes 0 bytes 0 bytes Yes No 0 bytes No
@misterxu: 'I'm not exactly sure what you mean by checking that it's not a false positive'. I just meant that there are times when AV's label something as suspicious or malware accidentally. Although if you have discovered the Java W folder it is indicative of an actual infection. Have you asked about complete removal of this particular worm on the Avast! forums?