Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Ethereum mailing list breach exposes 35,000 to crypto draining attack

Featured Deal: Upgrade your iPad with an Apple Magic Keyboard Folio for under $90

Latest Buyer's Guide:    Best web browsers with built in VPN: Boost online privacy

Generic User Avatar

LKM Trojan please help remove

Started by XxghostsyncxX , Sep 08 2023 02:11 AM

  • Please log in to reply
36 replies to this topic

#31 XxghostsyncxX

XxghostsyncxX
  • Topic Starter

  • Avatar image
  • Members
  • 23 posts
  • OFFLINE
    •  
  • Local time:12:04 PM

Posted 22 September 2023 - 04:47 PM

os=macOS

os_name=macOS

os_fullname=macOS Sonoma (14.0)

os_version=14.0

os_kernel_version=23.0.0

hostname=ghostjs-MacBook-Air

test_category=all

test_group=all

plugin_directory=./plugins

lynis_update_available=0

binaries_count=1305

binaries_suid_count=/usr/sbin/traceroute /usr/sbin/traceroute6 /bin/ps /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/batch /usr/bin/crontab /usr/bin/login /usr/bin/newgrp /usr/bin/quota /usr/bin/su /usr/bin/sudo /usr/bin/top 

binaries_sgid_count=/usr/sbin/postdrop /usr/sbin/postqueue /usr/bin/write 

binary_paths=/sbin,/usr/sbin,/bin,/usr/bin,/System/Cryptexes/App/usr/bin

vm=2

container=0

systemd=0

plugin_enabled_phase1[]=pam|1.0.5|

authentication_two_factor_enabled=0

authentication_two_factor_required=0

plugin_enabled_phase1[]=systemd|1.0.4|

plugins_enabled=1

hostid=2d6fe7ffe41f800fdbb30f07ac8b55f23d07ca0a

hostid2=5a54d5ba5f56152899ff00d1552a6bb511d942a9d6340ae09e82dddb4920dac8

uptime_in_seconds=2276

uptime_in_days=0

boot_loader=macOS-boot-EFI

boot_uefi_booted=0

boot_uefi_booted_secure=0

service_manager=launchd

auth_group_ids_unique=1

auth_group_names_unique=1

real_user[]=ghost,501

suggestion[]=AUTH-9262|Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc|-|-|

manual_event[]=AUTH-9328:03

auth_failed_logins_logged=0

ldap_auth_enabled=0

ldap_pam_enabled=0

password_min_days=-1

password_max_days=-1

available_shell[]=/bin/bash

available_shell[]=/bin/csh

available_shell[]=/bin/dash

available_shell[]=/bin/ksh

available_shell[]=/bin/sh

available_shell[]=/bin/tcsh

available_shell[]=/bin/zsh

session_timeout_enabled=0

suggestion[]=FILE-6310|Symlinked mount point needs to be checked manually|/home||

suggestion[]=FILE-6310|Symlinked mount point needs to be checked manually|/tmp||

suggestion[]=FILE-6310|Symlinked mount point needs to be checked manually|/var||

resolv_conf_search_domain[]=hsd1.in.comcast.net

domainname=local

suggestion[]=NAME-4404|Add the IP name and FQDN to /etc/hosts for proper name resolving|-|-|

name_cache_used=0

suggestion[]=PKGS-7398|Install a package audit tool to determine vulnerable packages|-|-|

installed_kernel_packages=0

unattended_upgrade_option_available=0

nameserver[]=2001:558:feed::1

nameserver[]=2001:558:feed::2

nameserver[]=75.75.75.75

nameserver[]=75.75.76.76

default_gateway[]=10.0.0.1

default_gateway[]=fe80::1e9d:72ff:fefd:f147%en0

default_gateway[]=fe80::%utun0

default_gateway[]=fe80::%utun1

default_gateway[]=fe80::%utun2

default_gateway[]=fe80::%utun3

default_gateway[]=fe80::%utun4

network_interface[]=lo0

network_interface[]=gif0

network_interface[]=stf0

network_interface[]=en3

network_interface[]=ap1

network_interface[]=en0

network_interface[]=awdl0

network_interface[]=llw0

network_interface[]=en2

network_interface[]=en1

network_interface[]=bridge0

network_interface[]=utun0

network_interface[]=utun1

network_interface[]=utun2

network_interface[]=utun3

network_interface[]=utun4

network_mac_address[]=82:5b:a4:e4:5c:00

network_mac_address[]=82:5b:a4:e4:5c:01

network_mac_address[]=a4:83:e7:81:c3:77

network_mac_address[]=a6:83:e7:81:c3:77

network_mac_address[]=ac:de:48:00:11:22

network_mac_address[]=ca:83:84:91:95:b5

network_ipv4_address[]=127.0.0.1

network_ipv4_address[]=10.0.0.179

network_ipv6_address[]=::1

network_ipv6_address[]=fe80::1%lo0

network_ipv6_address[]=fe80::aede:48ff:fe00:1122%en3

network_ipv6_address[]=fe80::a483:e7ff:fe81:c377%ap1

network_ipv6_address[]=fe80::448:3f67:f9bb:a9cc%en0

network_ipv6_address[]=2601:807:180:2030:1c41:3adc:c9f1:cf09

network_ipv6_address[]=2601:807:180:2030:a48e:a443:448c:e7c5

network_ipv6_address[]=2601:807:180:2030::db14

network_ipv6_address[]=fe80::c883:84ff:fe91:95b5%awdl0

network_ipv6_address[]=fe80::c883:84ff:fe91:95b5%llw0

network_ipv6_address[]=fe80::17ed:5ad8:f820:e274%utun0

network_ipv6_address[]=fe80::4860:5ea7:f686:6c7a%utun1

network_ipv6_address[]=fe80::1ebd:aca4:3f4f:f35e%utun2

network_ipv6_address[]=fe80::ce81:b1c:bd2c:69e%utun3

network_ipv6_address[]=fe80::9285:635f:38fa:799f%utun4

network_listen_port[]=10.0.0.179:49800|

network_listen_port[]=10.0.0.179:49824|

network_listen_port[]=:*|ICMPV6|configd|

network_listen_port[]=:*|UDP|ControlCe|

network_listen_port[]=:*|UDP|PerfPower|

network_listen_port[]=:*|UDP|WiFiAgent|

network_listen_port[]=:*|UDP|WirelessR|

network_listen_port[]=:*|UDP|airportd|

network_listen_port[]=:*|UDP|bluetooth|

network_listen_port[]=:*|UDP|configd|

network_listen_port[]=:*|UDP|identitys|

network_listen_port[]=:*|UDP|locationd|

network_listen_port[]=:*|UDP|rapportd|

network_listen_port[]=:*|UDP|sharingd|

network_listen_port[]=:*|UDP|symptomsd|

network_listen_port[]=:*|UDP|systemsta|

network_listen_port[]=:*|UDP|wifip2pd|

network_listen_port[]=:*|UDP|wifiveloc|

network_listen_port[]=:137|UDP|launchd|

network_listen_port[]=:137|UDP|netbiosd|

network_listen_port[]=:138|UDP|launchd|

network_listen_port[]=:138|UDP|netbiosd|

network_listen_port[]=:49694|UDP|chronod|

network_listen_port[]=:5353|UDP|mDNSRespo|

network_listen_port[]=:56251|UDP|syslogd|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49370|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49371|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49372|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49780|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49781|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49802|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49806|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49821|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49825|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:49826|

network_listen_port[]=[2601:807:180:2030:a48e:a443:448c:e7c5]:55924|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49153|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49154|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49155|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49156|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49157|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49158|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49159|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49160|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49161|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49162|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49163|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49164|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49164|TCP|remoted|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49165|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49166|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49167|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49172|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49197|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49266|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49470|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49471|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49472|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49473|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49475|

network_listen_port[]=[fe80:4::aede:48ff:fe00:1122]:49494|

imap_daemon=

pop3_daemon=

smtp_daemon=

firewall_software[]=pf

firewall_software[]=macosx-app-fw

app_fw[]=macosx-app-fw

manual[]=Verify if there is a formal process for testing and applying firewall rules

manual[]=Verify all traffic is filtered the right way between the different security zones

manual[]=Verify if a list is available with all required services

manual[]=Make sure an explicit deny all is the default policy for all unmatched traffic

apache_version=2.4.56

apache_module[]=/usr/libexec/apache2/mod_access_compat.so

apache_module[]=/usr/libexec/apache2/mod_actions.so

apache_module[]=/usr/libexec/apache2/mod_alias.so

apache_module[]=/usr/libexec/apache2/mod_allowmethods.so

apache_module[]=/usr/libexec/apache2/mod_asis.so

apache_module[]=/usr/libexec/apache2/mod_auth_basic.so

apache_module[]=/usr/libexec/apache2/mod_auth_digest.so

apache_module[]=/usr/libexec/apache2/mod_auth_form.so

apache_module[]=/usr/libexec/apache2/mod_authn_anon.so

apache_module[]=/usr/libexec/apache2/mod_authn_core.so

apache_module[]=/usr/libexec/apache2/mod_authn_dbd.so

apache_module[]=/usr/libexec/apache2/mod_authn_dbm.so

apache_module[]=/usr/libexec/apache2/mod_authn_file.so

apache_module[]=/usr/libexec/apache2/mod_authn_socache.so

apache_module[]=/usr/libexec/apache2/mod_authnz_ldap.so

apache_module[]=/usr/libexec/apache2/mod_authnz_od_apple.so

apache_module[]=/usr/libexec/apache2/mod_authz_core.so

apache_module[]=/usr/libexec/apache2/mod_authz_dbd.so

apache_module[]=/usr/libexec/apache2/mod_authz_dbm.so

apache_module[]=/usr/libexec/apache2/mod_authz_groupfile.so

apache_module[]=/usr/libexec/apache2/mod_authz_host.so

apache_module[]=/usr/libexec/apache2/mod_authz_owner.so

apache_module[]=/usr/libexec/apache2/mod_authz_user.so

apache_module[]=/usr/libexec/apache2/mod_autoindex.so

apache_module[]=/usr/libexec/apache2/mod_buffer.so

apache_module[]=/usr/libexec/apache2/mod_cache.so

apache_module[]=/usr/libexec/apache2/mod_cache_disk.so

apache_module[]=/usr/libexec/apache2/mod_cache_socache.so

apache_module[]=/usr/libexec/apache2/mod_cgi.so

apache_module[]=/usr/libexec/apache2/mod_cgid.so

apache_module[]=/usr/libexec/apache2/mod_charset_lite.so

apache_module[]=/usr/libexec/apache2/mod_data.so

apache_module[]=/usr/libexec/apache2/mod_dav.so

apache_module[]=/usr/libexec/apache2/mod_dav_fs.so

apache_module[]=/usr/libexec/apache2/mod_dav_lock.so

apache_module[]=/usr/libexec/apache2/mod_dbd.so

apache_module[]=/usr/libexec/apache2/mod_deflate.so

apache_module[]=/usr/libexec/apache2/mod_dialup.so

apache_module[]=/usr/libexec/apache2/mod_dir.so

apache_module[]=/usr/libexec/apache2/mod_dumpio.so

apache_module[]=/usr/libexec/apache2/mod_echo.so

apache_module[]=/usr/libexec/apache2/mod_env.so

apache_module[]=/usr/libexec/apache2/mod_expires.so

apache_module[]=/usr/libexec/apache2/mod_ext_filter.so

apache_module[]=/usr/libexec/apache2/mod_file_cache.so

apache_module[]=/usr/libexec/apache2/mod_filter.so

apache_module[]=/usr/libexec/apache2/mod_headers.so

apache_module[]=/usr/libexec/apache2/mod_heartbeat.so

apache_module[]=/usr/libexec/apache2/mod_heartmonitor.so

apache_module[]=/usr/libexec/apache2/mod_hfs_apple.so

apache_module[]=/usr/libexec/apache2/mod_http2.so

apache_module[]=/usr/libexec/apache2/mod_imagemap.so

apache_module[]=/usr/libexec/apache2/mod_include.so

apache_module[]=/usr/libexec/apache2/mod_info.so

apache_module[]=/usr/libexec/apache2/mod_lbmethod_bybusyness.so

apache_module[]=/usr/libexec/apache2/mod_lbmethod_byrequests.so

apache_module[]=/usr/libexec/apache2/mod_lbmethod_bytraffic.so

apache_module[]=/usr/libexec/apache2/mod_lbmethod_heartbeat.so

apache_module[]=/usr/libexec/apache2/mod_ldap.so

apache_module[]=/usr/libexec/apache2/mod_log_config.so

apache_module[]=/usr/libexec/apache2/mod_log_debug.so

apache_module[]=/usr/libexec/apache2/mod_log_forensic.so

apache_module[]=/usr/libexec/apache2/mod_logio.so

apache_module[]=/usr/libexec/apache2/mod_macro.so

apache_module[]=/usr/libexec/apache2/mod_mime.so

apache_module[]=/usr/libexec/apache2/mod_mime_magic.so

apache_module[]=/usr/libexec/apache2/mod_mpm_event.so

apache_module[]=/usr/libexec/apache2/mod_mpm_prefork.so

apache_module[]=/usr/libexec/apache2/mod_mpm_worker.so

apache_module[]=/usr/libexec/apache2/mod_negotiation.so

apache_module[]=/usr/libexec/apache2/mod_perl.so

apache_module[]=/usr/libexec/apache2/mod_proxy.so

apache_module[]=/usr/libexec/apache2/mod_proxy_ajp.so

apache_module[]=/usr/libexec/apache2/mod_proxy_balancer.so

apache_module[]=/usr/libexec/apache2/mod_proxy_connect.so

apache_module[]=/usr/libexec/apache2/mod_proxy_express.so

apache_module[]=/usr/libexec/apache2/mod_proxy_fcgi.so

apache_module[]=/usr/libexec/apache2/mod_proxy_fdpass.so

apache_module[]=/usr/libexec/apache2/mod_proxy_ftp.so

apache_module[]=/usr/libexec/apache2/mod_proxy_hcheck.so

apache_module[]=/usr/libexec/apache2/mod_proxy_html.so

apache_module[]=/usr/libexec/apache2/mod_proxy_http.so

apache_module[]=/usr/libexec/apache2/mod_proxy_scgi.so

apache_module[]=/usr/libexec/apache2/mod_proxy_uwsgi.so

apache_module[]=/usr/libexec/apache2/mod_proxy_wstunnel.so

apache_module[]=/usr/libexec/apache2/mod_ratelimit.so

apache_module[]=/usr/libexec/apache2/mod_reflector.so

apache_module[]=/usr/libexec/apache2/mod_remoteip.so

apache_module[]=/usr/libexec/apache2/mod_reqtimeout.so

apache_module[]=/usr/libexec/apache2/mod_request.so

apache_module[]=/usr/libexec/apache2/mod_rewrite.so

apache_module[]=/usr/libexec/apache2/mod_sed.so

apache_module[]=/usr/libexec/apache2/mod_session.so

apache_module[]=/usr/libexec/apache2/mod_session_cookie.so

apache_module[]=/usr/libexec/apache2/mod_session_dbd.so

apache_module[]=/usr/libexec/apache2/mod_setenvif.so

apache_module[]=/usr/libexec/apache2/mod_slotmem_plain.so

apache_module[]=/usr/libexec/apache2/mod_slotmem_shm.so

apache_module[]=/usr/libexec/apache2/mod_socache_dbm.so

apache_module[]=/usr/libexec/apache2/mod_socache_memcache.so

apache_module[]=/usr/libexec/apache2/mod_socache_redis.so

apache_module[]=/usr/libexec/apache2/mod_socache_shmcb.so

apache_module[]=/usr/libexec/apache2/mod_speling.so

apache_module[]=/usr/libexec/apache2/mod_ssl.so

apache_module[]=/usr/libexec/apache2/mod_status.so

apache_module[]=/usr/libexec/apache2/mod_substitute.so

apache_module[]=/usr/libexec/apache2/mod_unique_id.so

apache_module[]=/usr/libexec/apache2/mod_unixd.so

apache_module[]=/usr/libexec/apache2/mod_userdir.so

apache_module[]=/usr/libexec/apache2/mod_usertrack.so

apache_module[]=/usr/libexec/apache2/mod_version.so

apache_module[]=/usr/libexec/apache2/mod_vhost_alias.so

apache_module[]=/usr/libexec/apache2/mod_watchdog.so

apache_module[]=/usr/libexec/apache2/mod_xml2enc.so

suggestion[]=HTTP-6640|Install Apache mod_evasive to guard webserver against DoS/brute force attempts|-|-|

suggestion[]=HTTP-6643|Install Apache modsecurity to guard webserver against web application attacks|-|-|

ssh_daemon_running=0

openssh_daemon_running=0

remote_syslog_configured=1

log_directory[]=/var/log

log_directory[]=/var/log

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AMPDevice)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(APFSUserA)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ASConfigu)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Accessibi)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AccountSu)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AirPlayUI)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AirPlayXP)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AppSSOAge)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AppSSODae)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Appearanc)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AppleCred)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AppleIDSe)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AppleSpel)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AssetCach)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(AudioComp)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Authentic)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Batteries)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(BiomeAgen)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(BlueTool)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CMFSyncAg)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CVMServer)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CalendarF)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CalendarW)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CallHisto)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CarbonCom)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Categorie)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Classroom)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CommCente)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ContextSe)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ContextSt)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Continuit)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ControlCe)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CoreLocat)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CoreServi)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CrashRepo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(CursorUIV)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Dock)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(EscrowSec)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Family)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(FamilySet)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Finder)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(FollowUpS)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Headphone)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(IMDPersis)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Intellige)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Interacti)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(KernelEve)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Keychain)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(KonaSynth)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(LegacyPro)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(LookupVie)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(MTLCompil)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(MacinTalk)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(MailShort)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ManagedCo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ManagedSe)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Managemen)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(MauiAUSP)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(MessagesA)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(NewsToday)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Notificat)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(OSDUIHelp)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(PasscodeS)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(PasswordB)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(PerfPower)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(PlugInLib)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(PowerPref)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(PowerUIAg)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Protected)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(QuickLook)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ReportCra)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Safari)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SafariBoo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SafariLau)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SafariLin)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SafeEject)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ScopedBoo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ScreenSha)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ScreenTim)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SecurityS)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ShareShee)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SiriAUSP)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SoftwareU)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SpeechSyn)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Spotlight)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(StatusKit)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(StocksWid)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SubmitDia)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(System)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(SystemUIS)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Terminal)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(TextInput)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(UIKitSyst)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(UVCAssist)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(UsageTrac)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(UserEvent)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(VDCAssist)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(VPN)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(VTDecoder)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ViewBridg)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(Wallpaper)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WardaSynt)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WeatherWi)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WiFiAgent)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WiFiCloud)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WiFiVeloc)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WindowMan)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WindowSer)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WirelessR)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(WorldCloc)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(XProtectB)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(XProtectP)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(XprotectS)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(accountsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(adid)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(adprivacy)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(airportd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(akd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(amfid)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(amsaccoun)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(amsengage)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(analytics)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(aned)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(aneuserd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(apfsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(appleacco)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(appleeven)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(appstorea)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(apsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(askpermis)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(assistant)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(audioacce)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(audioanal)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(audiocloc)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(audiomxd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(authd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(autofsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(automount)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(avconfere)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(awdd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(axassetsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(backgroun)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(backupd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(backupd-h)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(biomed)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(biomesync)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(biometric)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(bird)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(bluetooth)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(bootinsta)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(bosUpdate)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(calaccess)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(callservi)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(captiveag)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(cdpd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(cfprefsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(chronod)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(cloudd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(cloudphot)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(colorsync)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(com.apple)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(commerce)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(configd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(contactsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(container)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(contentli)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(contextst)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(coreaudio)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(coreauthd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(corebrigh)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(coreduetd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(corekdld)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(coreservi)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(corespeec)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(corespotl)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(coresymbo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(countryd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(cryptexd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(csnamedda)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ctkahp)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ctkd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(dasd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(dataacces)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(deleted)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(deviceche)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(diagnosti)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(diskarbit)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(displaypo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(distnoted)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(dmd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(donotdist)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(endpoints)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(extension)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(fairplayd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(familycir)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(filecoord)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(fileprovi)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(financed)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(findmybea)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(findmydev)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(findmyloc)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(fmfd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(followupd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(fontd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(fontworke)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(fseventsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(gamecontr)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(heard)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(hidd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(homed)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(iCloudNot)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(icdd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(iconservi)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(identitys)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(idleasset)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(imagent)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(imklaunch)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(installco)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(installd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(installer)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(intellige)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(itunesclo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(kernelman)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(keybagd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(keyboards)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(knowledge)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(launchser)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(linkd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(localizat)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(locationd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(lockdownm)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(lockoutag)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(logd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(login)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(logind)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(loginwind)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(lsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mDNSRespo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(maild)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mdbulkimp)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mds)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mds_store)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mdworker)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mdworker_)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mediaremo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mobileact)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mobileass)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(mobiletim)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(multivers)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(naturalla)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(ndoagent)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(neagent)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(nearbyd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(nehelper)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(netbiosd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(networkse)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(nfcd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(nsattribu)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(nsurlsess)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(online-au)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(opendirec)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(osanalyti)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(parsecd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(passd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(pboard)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(pbs)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(photoanal)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(photolibr)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(pkd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(powerd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(progressd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(promotedc)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(rapportd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(remindd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(remoted)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(remoteman)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(replayd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(reversete)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(revisiond)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(routined)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(rtcreport)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(runningbo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(sandboxd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(searchpar)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(secd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(secinitd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(securityd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(seld)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(seservice)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(sharedfil)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(sharingd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(siriactio)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(siriinfer)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(siriknowl)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(smd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(sociallay)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(socketfil)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(softwareu)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(spindump)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(spindump_)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(storageki)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(studentd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(suggestd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(suhelperd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(swcd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(symptomsd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(syncdefau)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(sysextd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(syspolicy)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(system_in)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(systemsou)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(systemsta)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(talagent)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(tccd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(thermald)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(thermalmo)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(timed)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(translati)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(transpare)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(triald)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(trustd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(trustdFil)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(tzd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(uninstall)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(universal)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(usbd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(usbmuxd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(useractiv)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(usermanag)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(usernoted)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(usernotif)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(voicebank)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(wallpaper)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(watchdogd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(weatherd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(webprivac)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(wifianaly)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(wifip2pd)

deleted_file[]=/Library/Preferences/Logging/.plist-cache.YfmPbV0P(wifiveloc)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/blocklist.bundle/blocklist.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/blocklist.bundle/blocklist.dat(Safari)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/blocklist.bundle/blocklistidmap.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/blocklist.bundle/blocklistidmap.dat(Safari)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/fst.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/fst.dat(Safari)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/morphology-v2.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/morphology-v2.dat(Safari)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/override-variants.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/override-variants.dat(Safari)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/qp_blocklist.bundle/blocklist.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/qp_blocklist.bundle/blocklist.dat(Safari)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/qp_blocklist.bundle/blocklistidmap.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/qp_blocklist.bundle/blocklistidmap.dat(Safari)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/variants.dat(AppleSpel)

deleted_file[]=/System/Library/AssetsV2/com_apple_MobileAsset_LinguisticData/046a64dd33314b17496b7fad9f7bd85b1898eb87.asset.purged/AssetData/en.lm/variants.dat(Safari)

deleted_file[]=/Users/ghost/Library/Containers/com.apple.ScreenTimeWidgetApplication.ScreenTimeWidgetExtension/Data/SystemData/com.apple.chrono/timelines/com.apple.ScreenTimeWidgetApplication/systemMedium--7227504733474769685----344.00w--164.00h--20.00r--0f--0.00t-0.00l-0.00b0.00t.chrono-timeline(Notificat)

deleted_file[]=/Users/ghost/Library/Containers/com.apple.clock.WorldClockWidget/Data/SystemData/com.apple.chrono/timelines/com.apple.mobiletimer.WorldClock/systemMedium---2984044431525779019----344.00w--164.00h--20.00r--0f--0.00t-0.00l-0.00b0.00t.chrono-timeline(Notificat)

deleted_file[]=/Users/ghost/Library/Containers/com.apple.news.widget/Data/SystemData/com.apple.chrono/timelines/today/systemLarge--3270473718301326798----344.00w--344.00h--20.00r--0f--0.00t-0.00l-0.00b0.00t.chrono-timeline(Notificat)

deleted_file[]=/Users/ghost/Library/Containers/com.apple.stocks.widget/Data/SystemData/com.apple.chrono/timelines/overview/systemMedium--2869606942239245177----344.00w--164.00h--20.00r--0f--0.00t-0.00l-0.00b0.00t.chrono-timeline(Notificat)

deleted_file[]=/Users/ghost/Library/Containers/com.apple.weather.widget/Data/SystemData/com.apple.chrono/timelines/com.apple.weather/systemSmall--1289529871828302290----164.00w--164.00h--20.00r--0f--0.00t-0.00l-0.00b0.00t.chrono-timeline(Notificat)

deleted_file[]=/Users/ghost/Library/Metadata/CoreSpotlight/Priority/tmp.uTCwA5(corespotl)

deleted_file[]=/Users/ghost/Library/Metadata/CoreSpotlight/index.spotlightV3/tmp.3BYnOc(corespotl)

deleted_file[]=/Users/ghost/Library/Trial/NamespaceDescriptors/v2/activeFactorProviders.plplist(Safari)

deleted_file[]=/Users/ghost/Library/Trial/NamespaceDescriptors/v2/activeFactorProviders.plplist(assistant)

deleted_file[]=/Users/ghost/Library/Trial/NamespaceDescriptors/v2/activeFactorProviders.plplist(corespeec)

deleted_file[]=/Users/ghost/Library/Trial/NamespaceDescriptors/v2/activeFactorProviders.plplist(corespotl)

deleted_file[]=/Users/ghost/Library/Trial/NamespaceDescriptors/v2/activeFactorProviders.plplist(knowledge)

deleted_file[]=/Users/ghost/Library/Trial/NamespaceDescriptors/v2/activeFactorProviders.plplist(suggestd)

deleted_file[]=/Users/ghost/Library/Trial/NamespaceDescriptors/v2/activeFactorProviders.plplist(triald)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(FamilySet)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(Safari)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(ScopedBoo)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(accountsd)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(callservi)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(com.apple)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(identitys)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(talagent)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(trustd)

deleted_file[]=/private/var/db/mds/messages/501/se_SecurityMessages(webprivac)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(Appearanc)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(AppleIDSe)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(AudioComp)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(Batteries)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(CalendarF)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(CalendarW)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(Classroom)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(FamilySet)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(FollowUpS)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(Headphone)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(KonaSynth)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(MacinTalk)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(MailShort)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(MauiAUSP)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(MessagesA)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(NewsToday)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(PowerPref)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(SafariLin)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(ScreenTim)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(ShareShee)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(SiriAUSP)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(StocksWid)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(System)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(VPN)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(Wallpaper)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(WardaSynt)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(WeatherWi)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(WorldCloc)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/0/com.apple.LaunchServices.dv/com.apple.LaunchServices-5019-v2(d6c560ad~).csstore(chronod)

deleted_file[]=/private/var/folders/67/jmmpkdm51mvfyfx00504pz100000gn/T/com.apple.parsecd/B0EC6B2D-DC17-47C9-8BAD-F206A509421D-445-0000000810A8F926_bag.plist(parsecd)

suggestion[]=LOGG-2190|Check what deleted files are still in use and why.|-|-|

open_empty_log_file[]=displaypo,/private/var/log/displaypolicyd.stdout.log

open_empty_log_file[]=socketfil,/private/var/log/alf.log

log_rotation_config_found=1

log_rotation_tool=newsyslog

audit_daemon_running=0

ntp_config_file[]=/etc/ntp.conf

ntp_config_found=1

ntp_config_type_daemon=1

ntp_config_type_eventbased=0

ntp_config_type_scheduled=0

ntp_config_type_startup=0

ntp_daemon=timed

ntp_daemon_running=1

certificate[]=/etc/ssl/cert.pem|0|cn:Autoridad;notafter:Dec 31 08:38:15 2030 GMT;|

certificates=1

rng_found=0

framework_grsecurity=0

framework_selinux=0

file_integrity_tool[]=mtree

suggestion[]=TOOL-5002|Determine if automation tools are present for system management|-|-|

automation_tool_present=0

malware_scanner_installed=0

suggestion[]=FILE-7524|Consider restricting file permissions|See screen output or log file|text:Use chmod to change file permissions|

home_directory[]=/Library/WebServer

home_directory[]=/var/db/accessoryupdater

home_directory[]=/var/db/analyticsd

home_directory[]=/var/db/appinstalld

home_directory[]=/var/db/applepay

home_directory[]=/var/db/appstore

home_directory[]=/var/db/astris

home_directory[]=/var/db/audiomxd

home_directory[]=/var/db/biome

home_directory[]=/var/db/cmiodalassistants

home_directory[]=/var/db/coreml

home_directory[]=/var/db/darwindaemon

home_directory[]=/var/db/datadetectors

home_directory[]=/var/db/diagnostics

home_directory[]=/var/db/diskimagesiod

home_directory[]=/var/db/findmydevice

home_directory[]=/var/db/fpsd

home_directory[]=/var/db/geod

home_directory[]=/var/db/hidd

home_directory[]=/var/db/installcoordinationd

home_directory[]=/var/db/knowledgegraphd

home_directory[]=/var/db/locationd

home_directory[]=/var/db/lockdown

home_directory[]=/var/db/mmaintenanced

home_directory[]=/var/db/nearbyd

home_directory[]=/var/db/neuralengine

home_directory[]=/var/db/nsurlsessiond

home_directory[]=/var/db/ondemand

home_directory[]=/var/db/reportmemoryexception

home_directory[]=/var/db/rmd

home_directory[]=/var/db/securityagent

home_directory[]=/var/db/softwareupdate

home_directory[]=/var/db/timed

home_directory[]=/var/empty

home_directory[]=/var/ma

home_directory[]=/var/networkd

home_directory[]=/var/root

home_directory[]=/var/spool/cups

home_directory[]=/var/spool/postfix

home_directory[]=/var/spool/uucp

suggestion[]=HOME-9304|Double check the permissions of home directories as some might be not strict enough.|-|-|

compiler_world_executable[]=/usr/bin/as

compiler_world_executable[]=/usr/bin/cc

compiler_world_executable[]=/usr/bin/clang

compiler_world_executable[]=/usr/bin/gcc

suggestion[]=HRDN-7222|Harden compilers like restricting access to root user only|-|-|

suggestion[]=HRDN-7230|Harden the system by installing at least one malware scanner, to perform periodic file system scans|-|Install a tool like rkhunter, chkrootkit, OSSEC, Wazuh|

compiler_installed=1

lynis_tests_done=167

report_datetime_end=2023-09-22 17:38:55

dhcp_client_running=0

arpwatch_running=0

firewall_active=1

firewall_empty_ruleset=0

firewall_installed=1

package_audit_tool=

package_audit_tool_found=0

vulnerable_packages_found=0

hardening_index=72

tests_executed=HRDN-7230|HRDN-7222|HRDN-7220|HOME-9350|HOME-9310|HOME-9306|HOME-9304|HOME-9302|FILE-7524|MALW-3290|MALW-3284|MALW-3282|MALW-3280|MALW-3278|MALW-3276|MALW-3275|MALW-3274|TOOL-5190|TOOL-5128|TOOL-5126|TOOL-5130|TOOL-5122|TOOL-5120|TOOL-5102|TOOL-5002|FINT-4350|FINT-4344|FINT-4338|FINT-4330|FINT-4328|FINT-4326|FINT-4322|FINT-4318|FINT-4314|FINT-4310|MACF-6290|RBAC-6272|MACF-6240|MACF-6232|MACF-6204|CONT-8102|CRYP-7902|TIME-3170|TIME-3104|SCHD-7718|SCHD-7704|SCHD-7702|BANN-7128|BANN-7124|INSE-8050|INSE-8102|LOGG-2192|LOGG-2190|LOGG-2180|LOGG-2170|LOGG-2164|LOGG-2162|LOGG-2160|LOGG-2154|LOGG-2240|LOGG-2230|LOGG-2210|LOGG-2136|LOGG-2132|LOGG-2130|SQD-3602|PHP-2211|LDAP-2219|DBS-1880|DBS-1860|DBS-1840|DBS-1826|DBS-1820|DBS-1818|DBS-1804|SNMP-3302|SSH-7402|HTTP-6702|HTTP-6643|HTTP-6641|HTTP-6640|HTTP-6632|HTTP-6626|HTTP-6624|HTTP-6622|FIRE-4594|FIRE-4590|FIRE-4586|FIRE-4534|FIRE-4532|FIRE-4524|FIRE-4520|FIRE-4518|MAIL-8880|MAIL-8860|MAIL-8838|MAIL-8820|MAIL-8814|MAIL-8802|PRNT-2314|PRNT-2304|NETW-3200|NETW-3030|NETW-3028|NETW-3012|NETW-3008|NETW-3006|NETW-3004|NETW-3001|NETW-2705|NETW-2704|NETW-2400|PKGS-7420|PKGS-7410|PKGS-7398|NAME-4406|NAME-4404|NAME-4402|NAME-4304|NAME-4230|NAME-4202|NAME-4034|NAME-4032|NAME-4028|NAME-4020|NAME-4018|NAME-4016|STRG-1920|STRG-1906|STRG-1904|STRG-1902|FILE-6430|FILE-6363|FILE-6354|FILE-6310|SHLL-6230|SHLL-6220|SHLL-6211|AUTH-9408|AUTH-9402|AUTH-9328|AUTH-9278|AUTH-9266|AUTH-9264|AUTH-9262|AUTH-9252|AUTH-9250|AUTH-9242|AUTH-9240|AUTH-9234|AUTH-9229|AUTH-9226|AUTH-9222|AUTH-9208|AUTH-9204|PROC-3614|PROC-3612|BOOT-5202|BOOT-5155|BOOT-5142|BOOT-5139|BOOT-5121|BOOT-5116|BOOT-5106|BOOT-5104|PLGN-0010|CORE-1000|

tests_skipped=HRDN-7231|KRNL-6000|MALW-3288|MALW-3286|TOOL-5104|FINT-4402|FINT-4341|FINT-4340|FINT-4339|FINT-4336|FINT-4334|FINT-4316|FINT-4315|MACF-6242|MACF-6234|MACF-6208|CONT-8108|CONT-8107|CONT-8106|CONT-8104|CONT-8004|CRYP-8006|CRYP-8005|CRYP-8004|CRYP-8002|CRYP-7931|CRYP-7930|TIME-3185|TIME-3182|TIME-3181|TIME-3180|TIME-3160|TIME-3148|TIME-3136|TIME-3132|TIME-3128|TIME-3124|TIME-3120|TIME-3116|TIME-3112|TIME-3106|ACCT-9672|ACCT-9670|ACCT-9662|ACCT-9660|ACCT-9656|ACCT-9654|ACCT-9652|ACCT-9650|ACCT-9636|ACCT-9634|ACCT-9632|ACCT-9630|ACCT-9628|ACCT-9626|ACCT-9622|ACCT-2760|ACCT-2754|SCHD-7724|SCHD-7720|BANN-7130|BANN-7126|BANN-7113|INSE-8320|INSE-8318|INSE-8316|INSE-8314|INSE-8322|INSE-8310|INSE-8304|INSE-8300|INSE-8200|INSE-8116|INSE-8106|INSE-8104|INSE-8100|INSE-8016|INSE-8006|INSE-8004|INSE-8002|INSE-8000|LOGG-2153|LOGG-2152|LOGG-2150|LOGG-2148|LOGG-2146|LOGG-2142|LOGG-2138|LOGG-2134|SQD-3680|SQD-3630|SQD-3624|SQD-3620|SQD-3616|SQD-3614|SQD-3613|SQD-3610|SQD-3606|SQD-3604|PHP-2382|PHP-2378|PHP-2376|PHP-2374|PHP-2372|PHP-2368|PHP-2320|LDAP-2224|DBS-1888|DBS-1886|DBS-1884|DBS-1882|DBS-1828|DBS-1816|SNMP-3306|SNMP-3304|SSH-7440|SSH-7408|SSH-7406|SSH-7404|HTTP-6720|HTTP-6716|HTTP-6714|HTTP-6712|HTTP-6710|HTTP-6708|HTTP-6706|HTTP-6704|FIRE-4540|FIRE-4538|FIRE-4536|FIRE-4530|FIRE-4526|FIRE-4513|FIRE-4512|FIRE-4508|FIRE-4502|MAIL-8920|MAIL-8818|MAIL-8817|MAIL-8816|MAIL-8804|PRNT-2420|PRNT-2418|PRNT-2316|PRNT-2308|PRNT-2307|PRNT-2306|PRNT-2302|NETW-3032|NETW-3015|NETW-3014|NETW-2706|NETW-2600|PKGS-7395|PKGS-7394|PKGS-7393|PKGS-7392|PKGS-7390|PKGS-7388|PKGS-7387|PKGS-7386|PKGS-7384|PKGS-7383|PKGS-7382|PKGS-7381|PKGS-7380|PKGS-7378|PKGS-7370|PKGS-7366|PKGS-7354|PKGS-7352|PKGS-7350|PKGS-7348|PKGS-7346|PKGS-7345|PKGS-7334|PKGS-7332|PKGS-7330|PKGS-7328|PKGS-7322|PKGS-7320|PKGS-7314|PKGS-7312|PKGS-7310|PKGS-7308|PKGS-7306|PKGS-7304|PKGS-7303|PKGS-7302|PKGS-7301|PKGS-7200|NAME-4408|NAME-4306|NAME-4238|NAME-4236|NAME-4232|NAME-4210|NAME-4206|NAME-4204|NAME-4036|NAME-4026|NAME-4024|STRG-1930|STRG-1928|STRG-1926|STRG-1846|USB-3000|USB-2000|USB-1000|FILE-6410|FILE-6394|FILE-6376|FILE-6374|FILE-6372|FILE-6368|FILE-6362|FILE-6344|FILE-6336|FILE-6332|FILE-6439|FILE-6330|FILE-6329|FILE-6324|FILE-6323|FILE-6312|FILE-6311|SHLL-6202|AUTH-9410|AUTH-9409|AUTH-9406|AUTH-9340|AUTH-9308|AUTH-9306|AUTH-9304|AUTH-9288|AUTH-9286|AUTH-9284|AUTH-9283|AUTH-9282|AUTH-9268|AUTH-9254|AUTH-9230|AUTH-9228|AUTH-9218|AUTH-9216|AUTH-9212|PROC-3802|PROC-3604|PROC-3602|KRNL-5830|KRNL-5820|KRNL-5788|KRNL-5770|KRNL-5831|KRNL-5745|KRNL-5730|KRNL-5728|KRNL-5726|KRNL-5723|KRNL-5695|KRNL-5677|KRNL-5622|BOOT-5264|BOOT-5263|BOOT-5262|BOOT-5260|BOOT-5184|BOOT-5180|BOOT-5177|BOOT-5170|BOOT-5165|BOOT-5159|BOOT-5140|BOOT-5126|BOOT-5261|BOOT-5124|BOOT-5122|BOOT-5117|BOOT-5109|BOOT-5108|BOOT-5102|PLGN-3860|PLGN-3856|PLGN-3834|PLGN-3832|PLGN-3830|PLGN-3820|PLGN-3818|PLGN-3816|PLGN-3814|PLGN-3812|PLGN-3810|PLGN-3808|PLGN-3806|PLGN-3804|PLGN-3802|PLGN-3800|PLGN-0008|

finish=true


BC AdBot (Login to Remove)

 

#32 XxghostsyncxX

XxghostsyncxX
  • Topic Starter

  • Avatar image
  • Members
  • 23 posts
  • OFFLINE
    •  
  • Local time:12:04 PM

Posted 22 September 2023 - 04:49 PM

that's from lynis and because I checked the files from virus total today and got some hits on malware and trojan from the files 


all this network crap shouldn't be ether


#33 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 35,304 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:11:04 AM

Posted 22 September 2023 - 04:54 PM

that's from lynis and because I checked the files from virus total today and got some hits on malware and trojan from the files 

all this network crap shouldn't be ether


You have anything prior to this so called virus activity.

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#34 XxghostsyncxX

XxghostsyncxX
  • Topic Starter

  • Avatar image
  • Members
  • 23 posts
  • OFFLINE
    •  
  • Local time:12:04 PM

Posted 15 October 2023 - 01:57 PM

I do not. I didnt really check my logs before all this, so Ive been working on my windows computer because this is where it all started. Im thinking it might be a worm because of how it spread. I finally got some hits with some open source virus scanners found.
Win.rootkit.shadowhammer from asus live update. And also. Win.packed.mikey which would explain where all the other Trojans came from its still running, so maybe itll find more think theyre from Chinese hackers. Any insights?

#35 XxghostsyncxX

XxghostsyncxX
  • Topic Starter

  • Avatar image
  • Members
  • 23 posts
  • OFFLINE
    •  
  • Local time:12:04 PM

Posted 15 October 2023 - 02:00 PM

And on my Lennox, as far as all my file permissions that lynis is saying is bad what should I change them to with chmod? Like the command and set permissions should normally be. Im sorry Im going all over the place but its like when I hit a dead end on one system I bounced to the next because I know they all got an infection then I had a breakthrough sometimes . Malware analysis isnt the easiest task lol

#36 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 35,304 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:11:04 AM

Posted 15 October 2023 - 02:01 PM

What files were detected and was this clamtk being used?

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#37 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 35,304 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:11:04 AM

Posted 15 October 2023 - 02:15 PM

And on my Lennox, as far as all my file permissions that lynis is saying is bad what should I change them to with chmod? Like the command and set permissions should normally be. Im sorry Im going all over the place but its like when I hit a dead end on one system I bounced to the next because I know they all got an infection then I had a breakthrough sometimes . Malware analysis isnt the easiest task lol


Permissions where?

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

Back to Linux & Unix


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Alternative Operating Systems Support
  3. Linux & Unix
  4. Privacy Policy
  5. Rules ·