new iworm malware found on system

Discussion in 'malware problems & news' started by misterxu, Oct 21, 2014.

  1. misterxu

    misterxu Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    5
    Hello, all ––

    A scan today turned up the iworm malware on my computer (OSX), and is giving me a headache.
    For those who haven't heard about it, here is a link: http://www.macissues.com/2014/10/02/new-iworm-botnet-discovered-affecting-os-x-systems/


    Now I'm faced with something of a predicament. Some information (see: https://docs.google.com/document/d/1YOfXRUQJgMjJSLBSoLiUaSZfiaS_vU3aG4Bvjmz6Dxs/edit?pli=1 ) suggests that if one has Little Snitch installed on their computer (which I do) then the malware will not run after installing for fear of being detected (I suppose). Thus I am hopeful that no damage has been done.

    It looks like the infected files were created about a month ago, and I do not have any backups from before that time; thus my only option seems to be to backup any essential files and then start from scratch, which I really, really do not want to do.

    So*: Does anyone know of any way I can check to see if 1. The info regarding little snitch is true, and I can verify that the malware has not been running, or 2. There is some other way to assess the situation and find a solution without doing a complete wipe and reinstall ?

    Many thanks ––
     
  2. misterxu

    misterxu Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    5
    No one?
     
  3. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    "A scan today turned up the iworm malware on my computer"

    What did you make the scan with? Antivirus or ?
     
  4. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    Just assume it has even if it didn't. Change all your passwords and the like after you clean it off.


    Wouldn't a typical AV provider detect and remove it?
     
  5. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    1,958
    Location:
    DC Metro Area
  6. misterxu

    misterxu Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    5
    I made the scan with Avast.
    Avast removed the files that the malware was originally located in, but I have no way of knowing what the malware has been doing in the meantime.


    Also, out of curiosity, how does malware steal passwords? How would using a password manager such as LastPass effect the threat of malware?
     
  7. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    Nowadays they use to inject the browser so that they can grab any information that you put there. LastPass wouldn't stop them.

    But, reading the description on macissues.com, it seems that the goal of this particular piece of malware would be to control your computer in order to use it, along with many others, to crack other's people passwords, not to grab yours. But, as has been said, you should assume that you have been compromised: wipe out your hard drive and change all your passwords.
     
  8. misterxu

    misterxu Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    5
    Thank you for your input. This is indeed my default assumption, though wiping the drive is going to be such a disastrous pain that I needed someone else to tell me before taking the plunge!
     
  9. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Good, then we know that it can't do any more harm if it now sits in the Avast quarantine. Have you seen anything that you believe is caused by the malware before it was quarantined?

    I guess it must have sneaked past the real-time protection, and Avast added detection for this piece at a later date wich is why it was detected during a scan and not when it entered the system.
     
  10. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    I'd check it isn't a false positive before doing anything drastic.
     
  11. misterxu

    misterxu Registered Member

    Joined:
    Sep 7, 2014
    Posts:
    5
    I'm not exactly sure what you mean by checking that it's not a false positive, but I did go into the Library/Preferences and found the "Java W" folder. I tried to figure out if there was anything I could do to check if the malware was running, and then finding nothing I deleted the files (a .plist and launch daemon, I believe).

    If it can't do any more harm from the quarantine (or deleted I hope), then why is it suggested to wipe/reinstall? Are you sure about this? I am not, it's just that in the limited information I could find in the the news about the worm, it was suggested that the malware could have installed more software or hidden itself somewhere else, or something along these lines.

    I haven't seen anything that I believe is caused by the malware, or noticed anything out of the ordinary. I took a look through the Activity Monitor for any suspicious processes, but I wasn't very thorough (looking up info on any process which I am unfamiliar with, which is a lot). I also looked through Little Snitch, since I often have it on silent mode, and can later look through the connections. I didn't see anything that looked very strange (always tons of ruby connections through, I still haven't managed to figure out what these are used for).

    Just in case there's an expert who wants to take quick look for anything unusual, I'm pasting my activity monitor processes below, organized by User, with ROOT at the top and USER processes at the bottom:
    Code:
    kernel_task    2.2    3:59.66    107    67    0    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    systemstatsd    0.0    5.42    2    0    1820    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    sysmond    0.5    1.88    3    0    147    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    coreservicesd    0.0    1.18    4    0    101    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    qmasterd    0.0    0.24    2    0    55    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    32 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.apple.ctkpcscd    0.0    0.02    2    0    104    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    wirelessproxd    0.0    0.04    2    0    58    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    SubmitDiagInfo    0.0    0.02    2    0    8772    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    findmydeviced    0.0    0.32    4    0    156    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    apsd    0.0    0.57    4    0    61    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    spindump    0.0    0.02    2    0    6097    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    com.apple.AmbientDisplayAgent    0.0    0.06    3    0    309    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    blued    0.0    0.34    3    0    70    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    TMCacheDelete    0.0    0.07    3    0    1219    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    syslogd    0.0    2.03    8    1    24    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    fseventsd    0.0    3.88    9    2    27    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    stackshot    0.0    0.01    3    0    76    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    logind    0.0    0.02    2    0    79    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    powerd    0.0    0.53    2    0    33    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    usbd    0.0    0.07    2    0    177    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    com.apple.ifdreader    0.0    0.01    2    0    180    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    filecoordinationd    0.0    0.06    2    0    1234    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    notifyd    0.1    4.06    3    0    85    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    securityd_service    0.0    0.09    3    0    1188    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    warmd    0.0    0.14    3    0    39    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    tccd    0.0    0.26    2    0    327    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    diagnosticd    0.0    0.01    2    0    88    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    mdflagwriter    0.0    0.00    2    0    2147    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    iconservicesagent    0.0    0.02    2    0    45    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    ctkd    0.0    0.01    2    0    146    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    wdhelper    0.0    0.02    2    0    51    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    UserEventAgent    0.0    1.83    5    3    23    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    kextd    0.0    2.54    2    0    26    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    thermald    0.0    0.07    2    0    29    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.apple.CodeSigningHelper    0.0    0.07    2    0    317    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    configd    0.0    3.05    9    0    32    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    nehelper    0.0    0.08    2    0    176    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    ntpd    0.0    0.45    2    1    179    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    taskgated    0.0    1.26    3    0    84    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    cron    0.0    0.01    1    0    182    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    watchdogd    0.0    0.12    3    0    1144    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    sandboxd    0.0    0.11    3    0    1242    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    authd    0.0    0.17    4    0    93    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Little Snitch Daemon    0.2    8.09    5    1    47    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    launchd    0.0    10.44    6    0    1    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.avast.proxy    0.0    1.21    2    1    1055    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    coreduetd    0.0    1.57    3    0    50    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    com.apple.AccountPolicyHelper    0.0    0.01    2    0    338    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    syspolicyd    0.0    0.01    2    0    9052    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    ocspd    0.0    0.03    1    0    10345    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    discoveryd_helper    0.0    0.01    2    0    292    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    awdd    0.0    0.06    2    0    53    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    opendirectoryd    0.1    5.08    10    0    56    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    amfid    0.0    0.43    2    0    105    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    coresymbolicationd    0.0    0.10    3    0    1254    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    secinitd    0.0    0.03    2    0    154    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    launchservicesd    0.0    3.00    4    0    62    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    AppleCameraAssistant    0.0    0.03    4    0    1260    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.avast.fileshield    0.0    1.62    3    0    1070    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    securityd    0.0    0.71    7    0    65    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    CVMServer    0.0    0.11    3    1    307    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    deleted    0.0    0.13    2    0    1217    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    autofsd    0.0    0.01    2    0    71    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    pia_openvpn    0.0    3.94    1    1    9407    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    revisiond    0.0    0.04    3    0    77    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    KernelEventAgent    0.0    0.01    3    0    80    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    hidd    0.5    30.84    5    0    83    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    CrashReporterSupportHelper    0.0    0.02    2    0    1425    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    airportd    0.0    2.33    3    0    37    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    corestoraged    0.0    0.02    2    0    181    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    mds_stores    0.0    27.85    4    1    279    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    mds    0.0    12.35    7    1    40    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    socketfilterfw    0.6    23.81    4    0    184    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    cfprefsd    0.0    1.45    4    0    89    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    suhelperd    0.0    0.02    2    0    1143    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.avast.daemon    0.0    3:33.02    26    2    282    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    networkd_privileged    0.0    0.02    2    0    285    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    diskarbitrationd    0.0    0.07    2    0    46    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.avast.service    0.1    3.90    2    0    334    root    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    networkd    0.2    1.53    4    0    185    _networkd    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    appleeventsd    0.0    0.15    2    0    31    _appleevents    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    discoveryd    0.7    6.70    33    3    60    _mdnsresponder    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    WindowServer    2.4    6:02.47    4    10    161    _windowserver    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    mdworker    0.0    0.19    4    0    1161    _spotlight    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    mdworker    0.0    0.08    4    0    1160    _spotlight    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    distnoted    0.0    0.03    2    0    1162    _spotlight    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    softwareupdated    0.0    0.15    2    0    1142    _softwareupdate    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    coreaudiod    0.9    55.44    4    78    1211    _coreaudiod    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    Yes 
    com.apple.audio.DriverHelper    0.0    0.04    2    0    1220    _coreaudiod    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    locationd    0.0    0.59    8    0    67    _locationd    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    usbmuxd    0.0    0.04    3    0    64    _usbmuxd    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    netbiosd    0.0    0.04    2    0    9410    _netbios    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    iconservicesd    0.0    0.03    2    0    44    _iconservices    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    distnoted    0.0    0.19    2    0    86    _distnote    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    nsurlsessiond    0.0    0.04    2    0    175    _nsurlsessiond    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    nsurlstoraged    0.0    0.02    2    0    284    _nsurlstoraged    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    displaypolicyd    0.0    0.02    5    0    69    _displaypolicyd    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    diagnostics_agent    0.0    0.19    2    0    1293    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    iTunes    0.0    1:53.12    15    0    1198    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    mdworker    0.0    0.14    2    0    4596    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    com.apple.audio.ComponentHelper    0.0    0.03    2    0    9048    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    usernoted    0.0    0.59    2    0    1201    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    storeaccountd    0.0    0.21    4    0    1345    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Opera Helper    0.0    0.72    10    0    9005    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    storeassetd    0.0    0.21    2    0    1250    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    TISwitcher    0.0    0.13    3    0    1299    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    pia_tray    0.6    42.56    11    14    1443    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    32 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    0.38    9    0    9008    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    LaterAgent    0.0    0.09    3    0    1492    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    CallHistorySyncHelper    0.0    0.07    2    0    1253    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    mdworker    0.0    0.57    4    0    1446    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    SystemUIServer    0.0    2.02    4    0    1207    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    cloudd    0.0    0.21    4    0    1256    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    Opera Helper    0.0    0.33    9    0    9011    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    mdworker    0.0    1.03    4    0    1449    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    secinitd    0.0    0.26    2    0    1210    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    fmfd    0.0    0.10    2    0    1259    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    Dashboard    0.3    37.48    13    3    1979    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.apple.notificationcenterui.WeatherSummary    0.0    0.02    2    0    1406    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    tccd    0.0    0.27    2    0    1216    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    CIJScannerRegister    0.0    1.58    5    2    1792    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Flux    0.1    4.31    5    2    1314    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    AppleSpell.service    0.0    0.20    2    0    1268    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    sharingd    0.0    0.38    3    0    1222    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    bird    0.0    0.20    5    0    1225    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    ruby    0.8    48.96    13    28    1369    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    32 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    rcd    0.0    0.14    2    0    1991    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    pploader    0.0    0.39    5    0    1323    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    quicklookd    0.0    0.19    4    0    8983    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Opera Helper    0.0    3.95    9    0    9032    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Keychain Circle Notification    0.0    0.11    3    0    1277    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    iconservicesagent    0.0    0.07    2    0    1231    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    gpg-agent    0.0    0.25    1    0    1375    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    32 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Notification Center    0.0    0.49    3    0    1280    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera    0.0    1:29.49    29    0    8989    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.avast.helper    0.0    0.63    4    0    1332    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    askpermissiond    0.0    0.03    2    0    1286    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    distnoted    0.0    2.65    5    0    1191    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    0.27    9    0    8992    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    cloudpaird    0.0    0.06    2    0    1289    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Opera Helper    0.0    0.31    9    0    8998    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Opera Helper    0.0    10.46    9    0    9620    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    com.apple.internetaccounts    0.0    0.44    3    0    1243    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    com.apple.audio.SandboxHelper    0.0    0.01    3    0    9047    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    Transmission    1.4    24.15    7    36    9574    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Wi-Fi    0.0    0.12    4    0    1292    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Activity Monitor    5.5    13.86    7    5    10530    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    0.43    9    0    9001    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    IMDPersistenceAgent    0.0    0.05    2    0    1246    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    VLC    2.5    42.91    13    54    9050    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Ulysses    0.0    2.04    3    0    1200    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    CloudKeychainProxy    0.0    0.02    2    0    1344    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    nsurlstoraged    0.0    0.34    5    0    1249    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    gfxCardStatus    0.0    0.26    5    0    1298    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Little Snitch Network Monitor    0.5    23.38    6    11    1347    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    0.45    9    0    9007    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    CalendarAgent    0.0    11.11    5    0    1206    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Opera Helper    0.0    4.50    9    0    9010    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    com.apple.NotesMigratorService    0.0    0.03    2    0    1255    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    mdworker    0.0    3.18    4    0    1448    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    pboard    0.0    0.01    1    0    1209    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    com.apple.InputMethodKit.UserDictionary    0.0    0.04    2    0    1356    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    AppleIDAuthAgent    0.0    0.12    6    0    1261    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    CalNCService    0.0    0.64    2    0    1215    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    Dashboard    0.1    0.99    12    0    1981    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Image Capture Extension    0.0    0.15    3    0    1791    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Spotlight    0.0    0.64    4    0    1267    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    ruby    0.0    0.05    2    0    1270    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    32 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    pbs    0.0    0.07    2    0    1224    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    identityservicesd    0.0    0.72    3    0    1227    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    loginwindow    0.0    1.33    2    0    78    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    NIHardwareAgent    0.0    0.23    4    0    1325    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    32 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    1.24    9    1    9990    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Little Snitch Agent    0.0    1.81    4    1    1279    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Firefox    10.2    4:27.64    47    192    9322    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    lsuseractivityd    0.0    0.16    2    0    1233    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    Opera Helper    0.0    0.36    4    1    8991    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    com.apple.dock.extra    0.0    0.29    3    0    1236    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    1.34    9    0    8994    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    storedownloadd    0.0    0.05    2    0    1239    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    cfprefsd    0.0    3.24    6    0    1193    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    0.81    9    1    8997    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Opera Helper    0.0    0.88    9    0    9000    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    accountsd    0.0    0.07    2    0    1245    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    CoreServicesUIAgent    0.0    0.26    3    0    1248    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    Dropbox    0.0    0.26    4    0    9579    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    nsurlsessiond    0.0    0.04    2    0    1202    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    com.apple.metadata.SpotlightNetHelper    0.0    0.41    6    0    1346    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    CallHistoryPluginHelper    0.0    0.04    2    0    1251    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    Opera Helper    0.0    0.87    9    0    9006    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Dock    0.0    2:38.55    3    0    1205    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    0.32    9    0    9009    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    mdworker    0.0    1.72    4    0    1447    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Finder    0.0    6.44    4    0    1208    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Caffeine    0.0    0.74    6    0    1352    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    callservicesd    0.0    0.31    2    0    1257    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    mdflagwriter    0.0    0.07    2    0    1214    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Dashboard    0.0    3.57    11    0    1980    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    32 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.apple.BKAgentService    0.0    0.02    2    0    1266    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    sleep    0.0    0.00    1    0    1318    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    pkd    0.0    0.30    2    0    1223    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    spindump_agent    0.0    0.01    2    0    1272    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    fontd    0.0    3.28    2    0    1226    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    SocialPushAgent    0.0    0.02    2    0    1275    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    pplogger    0.0    0.48    5    1    1324    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    AirPlayUIAgent    0.0    0.15    3    0    1229    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    secd    0.0    0.17    5    0    1232    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    BetterTouchTool    0.2    26.40    8    0    1952    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    storelegacy    0.0    0.03    2    0    1235    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    UserEventAgent    0.0    0.52    6    0    1189    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Dropbox    0.0    0.45    3    0    1238    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    bash    0.0    0.01    1    0    1287    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    universalaccessd    0.0    0.92    3    0    1192    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    1.82    9    0    8993    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    Opera Helper    0.0    0.39    9    0    8996    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    soagent    0.0    0.26    2    0    1241    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    QuickLookSatellite    0.0    0.54    2    0    9045    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    Yes        0 bytes    No 
    Opera Helper    0.0    4.67    9    0    9762    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    helpd    0.0    0.02    2    0    1290    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    com.apple.wifi.proxy    0.0    0.17    2    0    1339    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    imagent    0.0    0.20    2    0    1244    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    No        0 bytes    No 
    Opera Helper    0.0    1.27    9    0    8999    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    com.apple.appkit.xpc.openAndSavePanelService    0.0    0.26    3    1    10583    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    com.apple.iCloudHelper    0.0    0.09    2    1    10585    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    TextEdit    0.0    11.22    4    0    10581    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    printtool    0.0    0.01    2    0    10610    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No 
    CVMCompiler    0.0    0.06    3    0    10630    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    No    Yes        0 bytes    No 
    ScopedBookmarkAgent    0.0    0.02    2    0    10636    MisterXu    0 bytes    0 bytes    0    0    0 bytes    0 bytes            -    No    No    0 bytes    0 bytes    64 bit    0 bytes    0 bytes    0 bytes    Yes    No        0 bytes    No
     
    Last edited by a moderator: Oct 26, 2014
  12. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    @misterxu: 'I'm not exactly sure what you mean by checking that it's not a false positive'.

    I just meant that there are times when AV's label something as suspicious or malware accidentally. Although if you have discovered the Java W folder it is indicative of an actual infection.

    Have you asked about complete removal of this particular worm on the Avast! forums?
     
Loading...