API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 7th, 2015
729
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 47.23 KB | None | 0 0
raw download clone embed print report
  1. 1 Start time: 15:02:24 10/07/15
  2. 2
  3. 3 Revision: 1350
  4. 4
  5. 5 Model Identifier: MacBookAir6,2
  6. 6 System Version: OS X 10.10.5 (14F27)
  7. 7 Kernel Version: Darwin 14.5.0
  8. 8 Time since boot: 2 days 6:21
  9. 9
  10. 10 UID: 32159029
  11. 11
  12. 12 Graphics/Displays
  13. 13
  14. 14 Intel HD Graphics 5000
  15. 15
  16. 16 Color LCD (Main)
  17. 17 S24B300
  18. 18
  19. 19 USB
  20. 20
  21. 21 Yubico Yubikey II (Yubico)
  22. 22 C-Media USB Audio Device (C-MEDIA ELECTRONICS INC.)
  23. 23
  24. 24 Bluetooth
  25. 25
  26. 26 Apple Magic Mouse
  27. 27
  28. 28 FileVault 2
  29. 29
  30. 30 FileVault is On.
  31. 31 FileVault master keychain appears to be installed.
  32. 32
  33. 33 Activity
  34. 34
  35. 35 CPU: user 19%, system 6%
  36. 36
  37. 37 CPU usage (%)
  38. 38
  39. 39 NetSpot (UID 32159029): 46.1
  40. 40 Google Chrome He (UID 32159029): 28.0
  41. 41
  42. 42 System errors (per sec)
  43. 43
  44. 44 Google Chrome H (UID 32159029, error 316): 163
  45. 45 firefox (UID 32159029, error 316): 148
  46. 46 plugin-containe (UID 32159029, error 316): 125
  47. 47
  48. 48 Energy (lifetime)
  49. 49
  50. 50 Google Chrome Helper (UID 32159029): 17.84
  51. 51 firefox (UID 32159029): 12.68
  52. 52 WindowServer (UID 88): 7.94
  53. 53 Google Chrome Helper (UID 32159029): 6.15
  54. 54
  55. 55 Energy (sampled)
  56. 56
  57. 57 Google Chrome Helper (UID 32159029): 30.04
  58. 58 firefox (UID 32159029): 21.32
  59. 59
  60. 60 Login hook
  61. 61
  62. 62 /Library/Application Support/JAMF/ManagementFrameworkScripts/loginhook.sh
  63. 63
  64. 64 Profiles: 31
  65. 65
  66. 66 Trust settings: admin 2, user 2
  67. 67
  68. 68 Firewall: On
  69. 69
  70. 70 Listeners
  71. 71
  72. 72 kdc: kerberos
  73. 73 launchd: ssh
  74. 74
  75. 75 System caches/logs
  76. 76
  77. 77 2.4 GiB: /System/Library/Caches/com.apple.coresymbolicationd/data
  78. 78
  79. 79 Diagnostic reports
  80. 80
  81. 81 2015-09-09 BESAgent crash x20
  82. 82 2015-09-09 BESClientUI crash x20
  83. 83 2015-09-09 dnscrypt-proxy crash
  84. 84 2015-09-10 BESAgent crash x20
  85. 85 2015-09-10 BESClientUI crash x20
  86. 86 2015-09-11 BESAgent crash x20
  87. 87 2015-09-11 BESClientUI crash x20
  88. 88 2015-09-11 EvernoteHelper crash
  89. 89 2015-09-12 BESAgent crash x6
  90. 90 2015-09-12 BESClientUI crash x6
  91. 91 2015-09-22 BESClientUI crash
  92. 92 2015-09-22 EvernoteHelper crash
  93. 93 2015-09-23 BESAgent crash x20
  94. 94 2015-09-23 BESClientUI crash x20
  95. 95 2015-09-23 EvernoteHelper crash
  96. 96 2015-09-24 BESClientUI crash
  97. 97 2015-09-24 EvernoteHelper crash
  98. 98 2015-09-24 dnscrypt-proxy crash x3
  99. 99 2015-09-27 BESClientUI crash
  100. 100 2015-09-29 plugin-container crash
  101. 101 2015-09-30 EvernoteHelper crash
  102. 102 2015-10-01 BESClientUI crash
  103. 103 2015-10-01 EvernoteHelper crash
  104. 104
  105. 105 HID errors: 2
  106. 106
  107. 107 Kernel log
  108. 108
  109. 109 Oct 4 12:06:23 SIOCPROTODETACH_IN6: utun0 error=6
  110. 110 Oct 5 07:37:41 SIOCPROTODETACH_IN6: utun0 error=6
  111. 111 Oct 5 08:41:09 SATA WARNING: IDENTIFY DEVICE checksum not implemented.
  112. 112 Oct 5 08:41:18 SIOCPROTODETACH_IN6: utun0 error=6
  113. 113 Oct 5 08:42:18 firefox (map: 0xffffff801d1ba5a0) triggered DYLD shared region unnest for map: 0xffffff801d1ba5a0, region 0x7fff90e00000->0x7fff91000000. While not abnormal for debuggers, this increases system memory footprint until the target exits.
  114. 114 Oct 5 08:42:21 firefox (map: 0xffffff801d6ab3c0) triggered DYLD shared region unnest for map: 0xffffff801d6ab3c0, region 0x7fff90e00000->0x7fff91000000. While not abnormal for debuggers, this increases system memory footprint until the target exits.
  115. 115 Oct 5 08:45:37 utun_start: ifnet_disable_output returned error 12
  116. 116 Oct 5 09:54:00 ARPT: 4374.828350: MacAuthEvent en0 Auth result for: a0:63:91:31:d9:cb Auth timed out
  117. 117 Oct 5 15:04:52 ARPT: 23026.039397: MacAuthEvent en0 Auth result for: a0:63:91:31:d9:cb Auth timed out
  118. 118 Oct 5 17:29:36 SIOCPROTODETACH_IN6: utun0 error=6
  119. 119 Oct 5 22:05:51 ARPT: 48284.354437: MacAuthEvent en0 Auth result for: a0:63:91:31:d9:cb Auth timed out
  120. 120 Oct 6 09:58:21 IOHIDSystem: postEvent LLEventQueue overflow.
  121. 121 Oct 6 13:42:11 IOHIDSystem: postEvent LLEventQueue overflow.
  122. 122 Oct 7 09:47:00 SIOCPROTODETACH_IN6: utun0 error=6
  123. 123 Oct 7 14:05:46 ARPT: 100936.405502: directed SSID scan fail
  124. 124 Oct 7 14:05:49 ARPT: 100939.703332: directed SSID scan fail
  125. 125 Oct 7 14:06:04 ARPT: 100954.238429: directed SSID scan fail
  126. 126 Oct 7 14:08:58 ARPT: 101128.469143: directed SSID scan fail
  127. 127 Oct 7 14:09:01 ARPT: 101131.782079: directed SSID scan fail
  128. 128 Oct 7 14:15:54 SIOCPROTODETACH_IN6: utun0 error=6
  129. 129 Oct 7 14:19:27 Limiting icmp ping response from 281 to 250 packets per second
  130. 130 Oct 7 14:19:29 Limiting icmp ping response from 295 to 250 packets per second
  131. 131 Oct 7 14:19:31 Limiting icmp ping response from 333 to 250 packets per second
  132. 132 Oct 7 14:53:45 ARPT: 103815.493787: MacAuthEvent en0 Auth result for: a0:63:91:31:d9:cb Auth timed out
  133. 133 Oct 7 14:59:57 Limiting closed port RST response from 465 to 250 packets per second
  134. 134
  135. 135 System log
  136. 136
  137. 137 Oct 7 14:53:49 apsd: tcp_connection_destination_prepare_complete 643 connectx to 17.172.239.101:443@0 failed: Permission denied
  138. 138 Oct 7 14:53:49 apsd: tcp_connection_destination_prepare_complete 643 connectx to 17.172.239.72:443@0 failed: Permission denied
  139. 139 Oct 7 14:53:49 apsd: tcp_connection_destination_prepare_complete 643 connectx to 17.172.239.11:443@0 failed: Permission denied
  140. 140 Oct 7 14:53:49 apsd: tcp_connection_destination_prepare_complete 643 connectx to 17.172.238.35:443@0 failed: Permission denied
  141. 141 Oct 7 14:53:49 apsd: tcp_connection_destination_prepare_complete 643 connectx to 17.172.232.217:443@0 failed: Permission denied
  142. 142 Oct 7 14:53:49 apsd: tcp_connection_destination_prepare_complete 643 connectx to 17.172.232.127:443@0 failed: Permission denied
  143. 143 Oct 7 14:53:49 acvpnagent: Function: GetPrimaryInterfaceIndex File: ../../vpn/Common/Utility/NetInterface_unix.cpp Line: 422 Unable to get global IPv6 information from system configuration.
  144. 144 Oct 7 14:53:50 acvpnagent: Function: GetPrimaryGatewayAddress File: ../../vpn/Common/Utility/NetInterface_unix.cpp Line: 340 Unable to get global IPv6 information from system configuration.
  145. 145 Oct 7 14:53:50 configd: IPMonitor: siocdradd_in6(utun0, fe80::725a:4487:5663:9061) failed, Network is unreachable
  146. 146 Oct 7 14:53:54 acvpnagent: Function: GetPrimaryInterfaceIndex File: ../../vpn/Common/Utility/NetInterface_unix.cpp Line: 422 Unable to get global IPv6 information from system configuration.
  147. 147 Oct 7 14:53:54 acvpnagent: Function: executeRouteCmd File: ../../vpn/AgentUtilities/Routing/RouteTableMac.cpp Line: 211 Invoked Function: ::write Return Code: 3 (0x00000003) Description: unknown No such process, route cmd route delete - dest FE80:9:0:0:725A:4487:5663:9061/128, defGw 0:0:0:0:0:0:0:0, intf lo0 (idx 1), metric 0, link-level (link index 9)
  148. 148 Oct 7 14:53:54 acvpnagent: Function: deleteRouteV6 File: ../../vpn/AgentUtilities/Routing/RouteTableCommonUnix.cpp Line: 170 Invoked Function: CRouteTableCommonUnix::executeRouteCmd Return Code: -24117208 (0xFE900028) Description: ROUTETABLE_ERROR_SOCKET_WRITE_FAILED
  149. 149 Oct 7 14:53:54 acvpnagent: Function: cleanupVALoopbackRoutesV6 File: ../../vpn/AgentUtilities/Routing/RouteHandlerMac.cpp Line: 1058 Invoked Function: IRouteTable::DeleteRoute Return Code: -24117208 (0xFE900028) Description: ROUTETABLE_ERROR_SOCKET_WRITE_FAILED
  150. 150 Oct 7 14:53:54 acvpnagent: Function: executeRouteCmd File: ../../vpn/AgentUtilities/Routing/RouteTableMac.cpp Line: 211 Invoked Function: ::write Return Code: 3 (0x00000003) Description: unknown No such process, route cmd route delete - dest FE80:9:0:0:9EF3:87FF:FEBF:72EC/128, defGw 0:0:0:0:0:0:0:0, intf lo0 (idx 1), metric 0, link-level (link index 9)
  151. 151 Oct 7 14:53:54 acvpnagent: Function: deleteRouteV6 File: ../../vpn/AgentUtilities/Routing/RouteTableCommonUnix.cpp Line: 170 Invoked Function: CRouteTableCommonUnix::executeRouteCmd Return Code: -24117208 (0xFE900028) Description: ROUTETABLE_ERROR_SOCKET_WRITE_FAILED
  152. 152 Oct 7 14:53:54 acvpnagent: Function: cleanupVALoopbackRoutesV6 File: ../../vpn/AgentUtilities/Routing/RouteHandlerMac.cpp Line: 1058 Invoked Function: IRouteTable::DeleteRoute Return Code: -24117208 (0xFE900028) Description: ROUTETABLE_ERROR_SOCKET_WRITE_FAILED
  153. 153 Oct 7 14:53:54 acvpnagent: Function: afterRouteChangesRevert File: ../../vpn/AgentUtilities/Routing/RouteHandlerMac.cpp Line: 336 Invoked Function: CRouteHandlerMac::cleanupVALoopbackRoutesV6 Return Code: -24117208 (0xFE900028) Description: ROUTETABLE_ERROR_SOCKET_WRITE_FAILED
  154. 154 Oct 7 14:53:54 acvpnagent: Function: GetPrimaryInterfaceIndex File: ../../vpn/Common/Utility/NetInterface_unix.cpp Line: 422 Unable to get global IPv6 information from system configuration.
  155. 155 Oct 7 14:53:55 acvpnagent: Function: GetPrimaryGatewayAddress File: ../../vpn/Common/Utility/NetInterface_unix.cpp Line: 340 Unable to get global IPv6 information from system configuration.
  156. 156 Oct 7 14:53:55 configd: IPMonitor: siocdradd_in6(utun0, fe80::725a:4487:5663:9061) failed, Network is unreachable
  157. 157 Oct 7 14:53:56 WindowServer: disable_update_timeout: UI updates were forcibly disabled by application "NetSpot" for over 1.00 seconds. Server has re-enabled them.
  158. 158 Oct 7 14:55:44 fseventsd: check_vol_last_mod_time:XXX failed to get mount time (25; &mount_time == 0x10b87f498)
  159. 159 Oct 7 14:55:44 fseventsd: log dir: /Volumes/TW EXTERNAL/.fseventsd getting new uuid: UUID
  160. 160 Oct 7 14:59:44 WindowServer: WSGetSurfaceInWindow : Invalid surface 426528322 for window 7542
  161. 161 Oct 7 15:02:25 fseventsd: Logging disabled completely for device:1: /Volumes/Recovery HD
  162. 162
  163. 163 launchd log
  164. 164
  165. 165 Oct 1 07:31:10 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not import service from caller: caller = otherbsd.890, service = com.evernote.EvernoteHelper, error = 119: Service is disabled
  166. 166 Oct 1 07:31:10 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not import service from caller: caller = otherbsd.890, service = com.techsmith.snagit.SnagitLaunchAtLogin, error = 119: Service is disabled
  167. 167 Oct 1 07:31:10 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not import service from caller: caller = otherbsd.890, service = com.hp.devicemonitor, error = 119: Service is disabled
  168. 168 Oct 1 07:31:12 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not read path: path = /Users/USER/Library/LaunchAgents/com.apple.FolderActions.folders.plist, error = 2: No such file or directory
  169. 169 Oct 1 07:31:12 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not read path: path = /Users/USER/Library/LaunchAgents/com.apple.FolderActions.folders.plist, error = 2: No such file or directory
  170. 170 Oct 1 07:41:11 com.WebTools.oiuqw343sQ9a.helpd: Interval spawn of service failed: 139: Service cannot presently execute
  171. 171 Oct 5 08:42:18 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not import service from caller: caller = otherbsd.886, service = com.evernote.EvernoteHelper, error = 119: Service is disabled
  172. 172 Oct 5 08:42:18 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not import service from caller: caller = otherbsd.886, service = com.techsmith.snagit.SnagitLaunchAtLogin, error = 119: Service is disabled
  173. 173 Oct 5 08:42:18 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not import service from caller: caller = otherbsd.886, service = com.hp.devicemonitor, error = 119: Service is disabled
  174. 174 Oct 5 08:42:18 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not read path: path = /Users/USER/Library/LaunchAgents/com.apple.FolderActions.folders.plist, error = 2: No such file or directory
  175. 175 Oct 5 08:42:19 com.apple.xpc.launchd.user.32159029.100005.Aqua: Could not read path: path = /Users/USER/Library/LaunchAgents/com.apple.FolderActions.folders.plist, error = 2: No such file or directory
  176. 176 Oct 5 08:52:18 com.WebTools.oiuqw343sQ9a.helpd: Interval spawn of service failed: 139: Service cannot presently execute
  177. 177
  178. 178 System services loaded
  179. 179
  180. 180 com.adobe.fpsaud
  181. 181 com.apple.spindump
  182. 182 - status: 75
  183. 183 com.apple.watchdogd
  184. 184 com.bigfix.BESAgent
  185. 185 com.cisco.anyconnect.ciscod
  186. 186 com.cisco.anyconnect.vpnagentd
  187. 187 com.crashplan.engine
  188. 188 com.facebook.osqueryd
  189. 189 - status: 1
  190. 190 com.google.keystone.daemon
  191. 191 com.jamfsoftware.jamf.daemon
  192. 192 com.jamfsoftware.task.Every 60 Minutes
  193. 193 com.kontiki.sfdc
  194. 194 com.microsoft.office.licensing.helper
  195. 195 com.oracle.java.Helper-Tool
  196. 196 com.sfdc-security.baseline
  197. 197 com.sfdc.passwd
  198. 198
  199. 199 Login services loaded
  200. 200
  201. 201 com.WebTools.oiuqw343sQ9a
  202. 202 - status: 78
  203. 203 com.WebTools.oiuqw343sQ9a.helpd
  204. 204 - status: 78
  205. 205 com.apple.mrt.uiagent
  206. 206 com.cisco.anyconnect.gui
  207. 207 com.citrixonline.GoToMeeting.G2MUpdate
  208. 208 com.google.keystone.system.agent
  209. 209 com.jamfsoftware.jamf.agent
  210. 210 - status: 1
  211. 211 com.megabackup.MegaBackupAgent
  212. 212 com.oracle.java.Java-Updater
  213. 213
  214. 214 Login services disabled
  215. 215
  216. 216 com.hp.devicemonitor
  217. 217
  218. 218 User services disabled
  219. 219
  220. 220 com.hp.devicemonitor
  221. 221
  222. 222 User login items
  223. 223
  224. 224 UNKNOWN
  225. 225 - missing value
  226. 226 iTunesHelper
  227. 227 - /Applications/iTunes.app/Contents/MacOS/iTunesHelper.app
  228. 228 Google Chrome
  229. 229 - /Applications/Google Chrome.app
  230. 230 Skype
  231. 231 - /Applications/Skype.app
  232. 232 Evernote
  233. 233 - /Applications/Evernote.app
  234. 234 Firefox
  235. 235 - /Applications/Firefox.app
  236. 236 Google Drive
  237. 237 - /Applications/Google Drive.app
  238. 238 Caffeine
  239. 239 - /Applications/Caffeine.app
  240. 240 EvernoteHelper
  241. 241 - /Applications/Evernote.app/Contents/Library/LoginItems/EvernoteHelper.app
  242. 242 Salesforce Files
  243. 243 - /Applications/Salesforce Files.app
  244. 244
  245. 245 Parental Controls: On
  246. 246
  247. 247 Firefox extensions
  248. 248
  249. 249 Salesforce inspector
  250. 250 ColorfulTabs
  251. 251 Firebug
  252. 252 robcee
  253. 253 Firebug Working Group
  254. 254 Workbench Tools for Firefox
  255. 255 LastPass Password Manager
  256. 256
  257. 257 iCloud errors
  258. 258
  259. 259 comapple.CloudPhotosConfiguration 2
  260. 260 cloudphotosd 2
  261. 261 cloudd 2
  262. 262
  263. 263 Continuity errors
  264. 264
  265. 265 sharingd 1
  266. 266
  267. 267 Restricted files: 120
  268. 268
  269. 269 Lockfiles: 1
  270. 270
  271. 271 Contents of /Library/LaunchAgents/com.WebTools.oiuqw343sQ9a.helpd.plist
  272. 272 - mod date: Sep 28 21:19:25 2015
  273. 273 - size (B): 754
  274. 274 - checksum: 2651249360
  275. 275
  276. 276 <?xml version="1.0" encoding="UTF-8"?>
  277. 277 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  278. 278 <plist version="1.0">
  279. 279 <dict>
  280. 280 <key>EnableGlobbing</key>
  281. 281 <true/>
  282. 282 <key>KeepAlive</key>
  283. 283 <true/>
  284. 284 <key>Label</key>
  285. 285 <string>com.WebTools.oiuqw343sQ9a.helpd</string>
  286. 286 <key>OnDemand</key>
  287. 287 <true/>
  288. 288 <key>ProgramArguments</key>
  289. 289 <array>
  290. 290 <string>/Users/USER/Library/Application Support/WebTools/oiuqw343sQ9a/maintenance.sh</string>
  291. 291 </array>
  292. 292 <key>RunAtLoad</key>
  293. 293 <true/>
  294. 294 <key>StandardErrorPath</key>
  295. 295 <string>/dev/null</string>
  296. 296 <key>StandardOutPath</key>
  297. 297 <string>/dev/null</string>
  298. 298 <key>StartInterval</key>
  299. 299 <integer>600</integer>
  300. 300 <key>ThrottleInterval</key>
  301. 301
  302. 302 ...and 3 more line(s)
  303. 303
  304. 304 Contents of /Library/LaunchAgents/com.WebTools.oiuqw343sQ9a.plist
  305. 305 - mod date: Sep 28 21:19:25 2015
  306. 306 - size (B): 846
  307. 307 - checksum: 4066684186
  308. 308
  309. 309 <?xml version="1.0" encoding="UTF-8"?>
  310. 310 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  311. 311 <plist version="1.0">
  312. 312 <dict>
  313. 313 <key>Label</key>
  314. 314 <string>com.WebTools.oiuqw343sQ9a</string>
  315. 315 <key>EnableGlobbing</key>
  316. 316 <true/>
  317. 317 <key>ProgramArguments</key>
  318. 318 <array>
  319. 319 <string>/Users/USER/Library/Application Support/WebTools/oiuqw343sQ9a/launch</string>
  320. 320 <string>-guid</string>
  321. 321 <string>NONE</string>
  322. 322 <string>-source</string>
  323. 323 <string>mt-1540</string>
  324. 324 <string>-brand</string>
  325. 325 <string>WebTools</string>
  326. 326 </array>
  327. 327 <key>KeepAlive</key>
  328. 328 <true/>
  329. 329 <key>RunAtLoad</key>
  330. 330 <true/>
  331. 331 <key>OnDemand</key>
  332. 332 <true/>
  333. 333 <key>StandardErrorPath</key>
  334. 334
  335. 335 ...and 7 more line(s)
  336. 336
  337. 337 Contents of /Library/LaunchAgents/com.cisco.anyconnect.gui.plist
  338. 338 - mod date: Feb 19 17:03:21 2015
  339. 339 - size (B): 635
  340. 340 - checksum: 1087717482
  341. 341
  342. 342 <?xml version="1.0" encoding="UTF-8"?>
  343. 343 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  344. 344 <plist version="1.0">
  345. 345 <dict>
  346. 346 <key>KeepAlive</key>
  347. 347 <dict>
  348. 348 <key>PathState</key>
  349. 349 <dict>
  350. 350 <key>/opt/cisco/anyconnect/gui_keepalive</key>
  351. 351 <true/>
  352. 352 </dict>
  353. 353 </dict>
  354. 354 <key>Label</key>
  355. 355 <string>com.cisco.anyconnect.gui</string>
  356. 356 <key>LimitLoadToSessionType</key>
  357. 357 <string>Aqua</string>
  358. 358 <key>ProgramArguments</key>
  359. 359 <array>
  360. 360 <string>open</string>
  361. 361 <string>--wait-apps</string>
  362. 362 <string>/Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app</string>
  363. 363 </array>
  364. 364 </dict>
  365. 365 </plist>
  366. 366
  367. 367 Contents of /Library/LaunchAgents/com.jamfsoftware.jamf.agent.plist
  368. 368 - mod date: Oct 7 14:52:33 2015
  369. 369 - size (B): 539
  370. 370 - checksum: 1718379912
  371. 371
  372. 372 <?xml version="1.0" encoding="UTF-8"?>
  373. 373 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  374. 374 <plist version="1.0">
  375. 375 <dict>
  376. 376 <key>AbandonProcessGroup</key>
  377. 377 <true/>
  378. 378 <key>KeepAlive</key>
  379. 379 <true/>
  380. 380 <key>Label</key>
  381. 381 <string>com.jamfsoftware.jamf.agent</string>
  382. 382 <key>Nice</key>
  383. 383 <integer>20</integer>
  384. 384 <key>ProgramArguments</key>
  385. 385 <array>
  386. 386 <string>/usr/sbin/jamfAgent</string>
  387. 387 </array>
  388. 388 <key>RunAtLoad</key>
  389. 389 <true/>
  390. 390 <key>WorkingDirectory</key>
  391. 391 <string>/usr/sbin</string>
  392. 392 </dict>
  393. 393 </plist>
  394. 394
  395. 395 Contents of /Library/LaunchAgents/com.oracle.java.Java-Updater.plist
  396. 396 - mod date: Aug 6 09:02:39 2015
  397. 397 - size (B): 104
  398. 398 - checksum: 2694187246
  399. 399
  400. 400 <?xml version="1.0" encoding="UTF-8"?>
  401. 401 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  402. 402 <plist version="1.0">
  403. 403 <dict>
  404. 404 <key>Label</key>
  405. 405 <string>com.oracle.java.Java-Updater</string>
  406. 406 <key>ProgramArguments</key>
  407. 407 <array>
  408. 408 <string>/Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater</string>
  409. 409 <string>-bgcheck</string>
  410. 410 </array>
  411. 411 <key>StandardErrorPath</key>
  412. 412 <string>/dev/null</string>
  413. 413 <key>StandardOutPath</key>
  414. 414 <string>/dev/null</string>
  415. 415 <key>StartCalendarInterval</key>
  416. 416 <dict>
  417. 417 <key>Hour</key>
  418. 418 <integer>11</integer>
  419. 419 <key>Minute</key>
  420. 420 <integer>22</integer>
  421. 421 <key>Weekday</key>
  422. 422 <integer>3</integer>
  423. 423 </dict>
  424. 424 </dict>
  425. 425
  426. 426 ...and 1 more line(s)
  427. 427
  428. 428 Contents of /Library/LaunchDaemons/BESAgentDaemon.plist
  429. 429 - mod date: Mar 24 21:54:05 2015
  430. 430 - size (B): 529
  431. 431 - checksum: 1720098315
  432. 432
  433. 433 <?xml version="1.0" encoding="UTF-8"?>
  434. 434 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  435. 435 <plist version="1.0">
  436. 436 <dict>
  437. 437 <key>Label</key>
  438. 438 <string>com.bigfix.BESAgent</string>
  439. 439 <key>OnDemand</key>
  440. 440 <false/>
  441. 441 <key>ProgramArguments</key>
  442. 442 <array>
  443. 443 <string>/Library/BESAgent/BESAgent.app/Contents/MacOS/BESAgent</string>
  444. 444 <string>-noservice</string>
  445. 445 </array>
  446. 446 <key>WorkingDirectory</key>
  447. 447 <string>/Library/BESAgent/BESAgent.app/Contents/MacOS</string>
  448. 448 </dict>
  449. 449 </plist>
  450. 450
  451. 451 Contents of /Library/LaunchDaemons/com.cisco.anyconnect.ciscod.plist
  452. 452 - mod date: Feb 19 17:00:10 2015
  453. 453 - size (B): 586
  454. 454 - checksum: 3285045201
  455. 455
  456. 456 <?xml version="1.0" encoding="UTF-8"?>
  457. 457 <!DOCTYPE plist PUBLIC -//Apple Computer//DTD PLIST 1.0//EN
  458. 458 http://www.apple.com/DTDs/PropertyList-1.0.dtd >
  459. 459 <plist version="1.0">
  460. 460 <dict>
  461. 461 <key>Label</key>
  462. 462 <string>com.cisco.anyconnect.ciscod</string>
  463. 463 <key>ProgramArguments</key>
  464. 464 <array>
  465. 465 <string>/opt/cisco/hostscan/bin/ciscod</string>
  466. 466 <string>-d</string>
  467. 467 </array>
  468. 468 <key>KeepAlive</key>
  469. 469 <true/>
  470. 470 <key>RunAtLoad</key>
  471. 471 <true/>
  472. 472 <key>AbandonProcessGroup</key>
  473. 473 <true/>
  474. 474 <key>EnableTransactions</key>
  475. 475 <false/>
  476. 476 </dict>
  477. 477 </plist>
  478. 478
  479. 479 Contents of /Library/LaunchDaemons/com.cisco.anyconnect.vpnagentd.plist
  480. 480 - mod date: Feb 19 17:03:21 2015
  481. 481 - size (B): 611
  482. 482 - checksum: 2630047092
  483. 483
  484. 484 <?xml version="1.0" encoding="UTF-8"?>
  485. 485 <!DOCTYPE plist PUBLIC -//Apple Computer//DTD PLIST 1.0//EN
  486. 486 http://www.apple.com/DTDs/PropertyList-1.0.dtd >
  487. 487 <plist version="1.0">
  488. 488 <dict>
  489. 489 <key>Label</key>
  490. 490 <string>com.cisco.anyconnect.vpnagentd</string>
  491. 491 <key>ProgramArguments</key>
  492. 492 <array>
  493. 493 <string>/opt/cisco/anyconnect/bin/vpnagentd</string>
  494. 494 <string>-execv_instance</string>
  495. 495 </array>
  496. 496 <key>KeepAlive</key>
  497. 497 <true/>
  498. 498 <key>RunAtLoad</key>
  499. 499 <true/>
  500. 500 <key>AbandonProcessGroup</key>
  501. 501 <true/>
  502. 502 <key>EnableTransactions</key>
  503. 503 <false/>
  504. 504 </dict>
  505. 505 </plist>
  506. 506
  507. 507 Contents of /Library/LaunchDaemons/com.crashplan.engine.plist
  508. 508 - mod date: Aug 4 11:16:05 2015
  509. 509 - size (B): 1759
  510. 510 - checksum: 3372274874
  511. 511
  512. 512 <?xml version="1.0" encoding="UTF-8"?>
  513. 513 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  514. 514 <plist version="1.0">
  515. 515 <dict>
  516. 516 <key>Label</key>
  517. 517 <string>com.crashplan.engine</string>
  518. 518 <key>UserName</key>
  519. 519 <string>root</string>
  520. 520 <key>GroupName</key>
  521. 521 <string>wheel</string>
  522. 522 <key>Nice</key>
  523. 523 <integer>20</integer>
  524. 524 <key>KeepAlive</key>
  525. 525 <true/>
  526. 526 <key>OnDemand</key>
  527. 527 <false/>
  528. 528 <key>RunAtLoad</key>
  529. 529 <true/>
  530. 530 <key>AbandonProcessGroup</key>
  531. 531 <true/>
  532. 532 <key>WorkingDirectory</key>
  533. 533 <string>/Applications/CrashPlan.app/Contents/Resources/Java</string>
  534. 534 <key>ProgramArguments</key>
  535. 535 <array>
  536. 536 <string>/Applications/CrashPlan.app/Contents/MacOS/CrashPlanService</string>
  537. 537
  538. 538 ...and 26 more line(s)
  539. 539
  540. 540 Contents of /Library/LaunchDaemons/com.facebook.osqueryd.plist
  541. 541 - mod date: Jul 30 18:09:26 2015
  542. 542 - size (B): 691
  543. 543 - checksum: 1022610951
  544. 544
  545. 545 <?xml version="1.0" encoding="UTF-8"?>
  546. 546 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  547. 547 <plist version="1.0">
  548. 548 <dict>
  549. 549 <key>KeepAlive</key>
  550. 550 <true/>
  551. 551 <key>Disabled</key>
  552. 552 <false/>
  553. 553 <key>Label</key>
  554. 554 <string>com.facebook.osqueryd</string>
  555. 555 <key>ProgramArguments</key>
  556. 556 <array>
  557. 557 <string>/usr/local/bin/osqueryd</string>
  558. 558 <string>--enable_monitor</string>
  559. 559 </array>
  560. 560 <key>RunAtLoad</key>
  561. 561 <true/>
  562. 562 <key>StandardErrorPath</key>
  563. 563 <string>/var/log/osqueryd.error.log</string>
  564. 564 <key>StandardOutPath</key>
  565. 565 <string>/var/log/osqueryd.log</string>
  566. 566 <key>ThrottleInterval</key>
  567. 567 <integer>60</integer>
  568. 568 </dict>
  569. 569 </plist>
  570. 570
  571. 571 Contents of /Library/LaunchDaemons/com.jamfsoftware.jamf.daemon.plist
  572. 572 - mod date: Oct 7 14:52:33 2015
  573. 573 - size (B): 744
  574. 574 - checksum: 2215685936
  575. 575
  576. 576 <?xml version="1.0" encoding="UTF-8"?>
  577. 577 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  578. 578 <plist version="1.0">
  579. 579 <dict>
  580. 580 <key>AbandonProcessGroup</key>
  581. 581 <true/>
  582. 582 <key>GroupName</key>
  583. 583 <string>wheel</string>
  584. 584 <key>KeepAlive</key>
  585. 585 <true/>
  586. 586 <key>Label</key>
  587. 587 <string>com.jamfsoftware.jamf.daemon</string>
  588. 588 <key>Nice</key>
  589. 589 <integer>20</integer>
  590. 590 <key>ProgramArguments</key>
  591. 591 <array>
  592. 592 <string>/usr/sbin/jamf</string>
  593. 593 <string>launchDaemon</string>
  594. 594 <string>-enforceRestrictions</string>
  595. 595 <string>-monitorNetworkStateChanges</string>
  596. 596 </array>
  597. 597 <key>RunAtLoad</key>
  598. 598 <true/>
  599. 599 <key>UserName</key>
  600. 600 <string>root</string>
  601. 601
  602. 602 ...and 4 more line(s)
  603. 603
  604. 604 Contents of /Library/LaunchDaemons/com.jamfsoftware.startupItem.plist
  605. 605 - mod date: Oct 7 14:52:32 2015
  606. 606 - size (B): 474
  607. 607 - checksum: 3710582262
  608. 608
  609. 609 <?xml version="1.0" encoding="UTF-8"?>
  610. 610 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  611. 611 <plist version="1.0">
  612. 612 <dict>
  613. 613 <key>Label</key>
  614. 614 <string>com.jamfsoftware.startupItem</string>
  615. 615 <key>LaunchOnlyOnce</key>
  616. 616 <true/>
  617. 617 <key>RunAtLoad</key>
  618. 618 <true/>
  619. 619 <key>ProgramArguments</key>
  620. 620 <array>
  621. 621 <string>/Library/Application Support/JAMF/ManagementFrameworkScripts/StartupScript.sh</string>
  622. 622 </array>
  623. 623 </dict>
  624. 624 </plist>
  625. 625
  626. 626 Contents of /Library/LaunchDaemons/com.jamfsoftware.task.1.plist
  627. 627 - mod date: Oct 7 14:52:32 2015
  628. 628 - size (B): 528
  629. 629 - checksum: 2735306590
  630. 630
  631. 631 <?xml version="1.0" encoding="UTF-8"?>
  632. 632 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  633. 633 <plist version="1.0">
  634. 634 <dict>
  635. 635 <key>Label</key>
  636. 636 <string>com.jamfsoftware.task.Every 60 Minutes</string>
  637. 637 <key>ProgramArguments</key>
  638. 638 <array>
  639. 639 <string>/usr/sbin/jamf</string>
  640. 640 <string>policy</string>
  641. 641 <string>-randomDelaySeconds</string>
  642. 642 <string>300</string>
  643. 643 </array>
  644. 644 <key>StartInterval</key>
  645. 645 <integer>3600</integer>
  646. 646 <key>UserName</key>
  647. 647 <string>root</string>
  648. 648 </dict>
  649. 649 </plist>
  650. 650
  651. 651 Contents of /Library/LaunchDaemons/com.kontiki.plist
  652. 652 - mod date: Oct 3 14:28:01 2014
  653. 653 - size (B): 433
  654. 654 - checksum: 3153918393
  655. 655
  656. 656 <?xml version="1.0" encoding="UTF-8"?>
  657. 657 <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  658. 658 <plist version="1.0">
  659. 659 <dict>
  660. 660 <key>Label</key>
  661. 661 <string>com.kontiki.sfdc</string>
  662. 662 <key>OnDemand</key>
  663. 663 <false/>
  664. 664 <key>ProgramArguments</key>
  665. 665 <array>
  666. 666 <string>/Applications/Kontiki.app/Contents/MacOS/Kontiki</string>
  667. 667 </array>
  668. 668 <key>KeepAlive</key>
  669. 669 <true/>
  670. 670 </dict>
  671. 671 </plist>
  672. 672
  673. 673 Contents of /Library/LaunchDaemons/com.sfdc-security.baseline.plist
  674. 674 - mod date: Feb 3 20:21:42 2015
  675. 675 - size (B): 614
  676. 676 - checksum: 634742066
  677. 677
  678. 678 <?xml version="1.0" encoding="UTF-8"?>
  679. 679 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  680. 680 <plist version="1.0">
  681. 681 <dict>
  682. 682 <key>Label</key>
  683. 683 <string>com.sfdc-security.baseline</string>
  684. 684 <key>ProgramArguments</key>
  685. 685 <array>
  686. 686 <string>/Library/ClientEngineering/SFDC-security/sfdc-security.sh</string>
  687. 687 </array>
  688. 688 <key>RunAtLoad</key>
  689. 689 <true/>
  690. 690 <key>StartInterval</key>
  691. 691 <integer>3600</integer>
  692. 692 <key>StandardOutPath</key>
  693. 693 <string>/var/log/sfdc-securityd.log</string>
  694. 694 <key>StandardErrorPath</key>
  695. 695 <string>/var/log/sfdc-securityd_error.log</string>
  696. 696 </dict>
  697. 697 </plist>
  698. 698
  699. 699 Contents of /Library/LaunchDaemons/com.sfdc.passwd.plist
  700. 700 - Apple binary property list
  701. 701 - mod date: Feb 3 20:21:42 2015
  702. 702 - size (B): 196
  703. 703 - checksum: 1452385174
  704. 704
  705. 705 Dict {
  706. 706 ProgramArguments = Array {
  707. 707 /Library/ClientEngineering/PasswordNotifier/passwordnotify.sh
  708. 708 }
  709. 709 StartInterval = 7200
  710. 710 RunAtLoad = true
  711. 711 Label = com.sfdc.passwd
  712. 712 }
  713. 713
  714. 714 Contents of /System/Library/LaunchAgents/com.apple.SafariPlugInUpdateNotifier.plist
  715. 715 - mod date: Sep 11 04:55:18 2015
  716. 716 - size (B): 779
  717. 717 - checksum: 941105980
  718. 718
  719. 719 <?xml version="1.0" encoding="UTF-8"?>
  720. 720 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  721. 721 <plist version="1.0">
  722. 722 <dict>
  723. 723 <key>EnablePressuredExit</key>
  724. 724 <true/>
  725. 725 <key>Label</key>
  726. 726 <string>com.apple.SafariPlugInUpdateNotifier</string>
  727. 727 <key>Program</key>
  728. 728 <string>/usr/libexec/SafariPlugInUpdateNotifier</string>
  729. 729 <key>LaunchEvents</key>
  730. 730 <dict>
  731. 731 <key>com.apple.fsevents.matching</key>
  732. 732 <dict>
  733. 733 <key>UserFlashPlugInModified</key>
  734. 734 <dict>
  735. 735 <key>Path</key>
  736. 736 <string>~/Library/Internet Plug-Ins/Flash Player.plugin</string>
  737. 737 </dict>
  738. 738 <key>SystemFlashPlugInModified</key>
  739. 739 <dict>
  740. 740 <key>Path</key>
  741. 741 <string>/Library/Internet Plug-Ins/Flash Player.plugin</string>
  742. 742 </dict>
  743. 743 </dict>
  744. 744
  745. 745 ...and 3 more line(s)
  746. 746
  747. 747 Contents of /System/Library/LaunchDaemons/org.apache.httpd.plist
  748. 748 - mod date: Aug 21 04:02:45 2015
  749. 749 - size (B): 554
  750. 750 - checksum: 3012644940
  751. 751
  752. 752 <?xml version="1.0" encoding="UTF-8"?>
  753. 753 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  754. 754 <plist version="1.0">
  755. 755 <dict>
  756. 756 <key>Disabled</key>
  757. 757 <true/>
  758. 758 <key>Label</key>
  759. 759 <string>org.apache.httpd</string>
  760. 760 <key>EnvironmentVariables</key>
  761. 761 <dict>
  762. 762 <key>XPC_SERVICES_UNAVAILABLE</key>
  763. 763 <string>1</string>
  764. 764 </dict>
  765. 765 <key>ProgramArguments</key>
  766. 766 <array>
  767. 767 <string>/usr/sbin/httpd-wrapper</string>
  768. 768 <string>-D</string>
  769. 769 <string>FOREGROUND</string>
  770. 770 </array>
  771. 771 <key>OnDemand</key>
  772. 772 <false/>
  773. 773 </dict>
  774. 774 </plist>
  775. 775
  776. 776 Contents of /private/etc/syslog.conf
  777. 777 - mod date: Aug 4 10:25:03 2015
  778. 778 - size (B): 144
  779. 779 - checksum: 2281411783
  780. 780
  781. 781 install.* @127.0.0.1:32376
  782. 782 auth.err /var/log/secure.log
  783. 783
  784. 784 Contents of Library/LaunchAgents/.DS_Store
  785. 785 - data
  786. 786 - mod date: Sep 29 08:55:21 2015
  787. 787 - size (B): 6148
  788. 788 - checksum: 3609089456
  789. 789
  790. 790 [N/A]
  791. 791
  792. 792 Contents of Library/LaunchAgents/com.citrixonline.GoToMeeting.G2MUpdate.plist
  793. 793 - mod date: Sep 22 12:43:51 2015
  794. 794 - size (B): 465
  795. 795 - checksum: 2159057811
  796. 796
  797. 797 <?xml version="1.0" encoding="UTF-8"?>
  798. 798 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  799. 799 <plist version="1.0">
  800. 800 <dict>
  801. 801 <key>Label</key>
  802. 802 <string>com.citrixonline.GoToMeeting.G2MUpdate</string>
  803. 803 <key>ProgramArguments</key>
  804. 804 <array>
  805. 805 <string>/Users/USER/Library/Application Support/CitrixOnline/GoToMeeting/G2MUpdate</string>
  806. 806 </array>
  807. 807 <key>StartInterval</key>
  808. 808 <integer>3660</integer>
  809. 809 </dict>
  810. 810 </plist>
  811. 811
  812. 812 Bad plists
  813. 813
  814. 814 Library/Preferences/ByHost/com.apple.coreservices.lsuseractivityd.UUID.plist
  815. 815
  816. 816 Applications
  817. 817
  818. 818 /Applications/AlohaKey/Aloha_Key.app
  819. 819 - com.intel.nw
  820. 820 /Applications/Chatter Desktop.app
  821. 821 - sfdc-desktop.UUID.1
  822. 822 /Applications/Cisco/Cisco AnyConnect DART.app
  823. 823 - com.cisco.Cisco-AnyConnect-DART
  824. 824 /Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app
  825. 825 - com.cisco.Cisco-AnyConnect-Secure-Mobility-Client
  826. 826 /Applications/Cisco/Uninstall AnyConnect.app
  827. 827 - com.cisco.uninstaller
  828. 828 /Applications/Microsoft Office 2011/Office/Add-Ins/Solver.app
  829. 829 - com.microsoft.ASApplication
  830. 830 /Applications/Microsoft Office 2011/Office/Equation Editor.app
  831. 831 - com.microsoft.EquationEditor
  832. 832 /Applications/Microsoft Office 2011/Office/Microsoft Office Setup Assistant.app
  833. 833 - com.microsoft.office.setupassistant
  834. 834 /Applications/Microsoft Office 2011/Office/Microsoft Query.app
  835. 835 - com.microsoft.Query
  836. 836 /Applications/SecurID.app
  837. 837 - com.rsa.securid.softwaretoken
  838. 838 /Library/ClientEngineering/PasswordNotifier/CocoaDialog.app
  839. 839 - org.sporkstorms.CocoaDialog
  840. 840 /Library/ClientEngineering/PasswordNotifier/terminal-notifier.app
  841. 841 - nl.superalloy.oss.terminal-notifier
  842. 842 /Library/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/Template.app
  843. 843 - com.adobe.air.Template
  844. 844 /Library/Printers/hp/Fax/fax.backend
  845. 845 - com.hp.fax
  846. 846 /Library/Printers/hp/Fax/rastertofax.filter
  847. 847 - com.hp.rastertofax
  848. 848 /Library/Printers/hp/cups/filters/commandtohp.filter
  849. 849 - com.hp.print.cups.filter.commandtohp
  850. 850 /Library/Printers/hp/cups/filters/pdftopdf.filter
  851. 851 - com.hp.print.cups.filter.pdftopdf
  852. 852 /Library/Printers/hp/cups/tools/autosetup.tool
  853. 853 - com.hp.print.autosetup
  854. 854 /SFDC-Source/Installers/AnyConnect Installer.app
  855. 855 - com.apple.ScriptEditor.id.AnyConnect
  856. 856 /SFDC-Source/LaunchDFS.app
  857. 857 - com.apple.automator.LaunchDFSv2
  858. 858 /SFDC-Source/SFDC-Provisioning-Tool.app
  859. 859 - com.apple.ScriptEditor.id.SFDC-Mac-Provisioning-Tool
  860. 860 /SFDC-Source/System Utilities/Deeper.app
  861. 861 - com.titanium.Deeper
  862. 862 /SFDC-Source/System Utilities/Disk Inventory X.app
  863. 863 - com.derlien.DiskInventoryX
  864. 864 /SFDC-Source/System Utilities/OnyX.app
  865. 865 - com.titanium.OnyX
  866. 866 /Users/USER/Applications/Chrome Apps.localized/Default apdfllckaahabafndbhieahigkjlhalf.app
  867. 867 - com.google.Chrome.app.Default-apdfllckaahabafndbhieahigkjlhalf
  868. 868 /Users/USER/Applications/Chrome Apps.localized/Default djejicklhojeokkfmdelnempiecmdomj.app
  869. 869 - com.google.Chrome.app.Default-djejicklhojeokkfmdelnempiecmdomj
  870. 870 /Users/USER/Applications/Chrome Apps.localized/Default ejidjjhkpiempkbhmpbfngldlkglhimk.app
  871. 871 - com.google.Chrome.app.Default-ejidjjhkpiempkbhmpbfngldlkglhimk
  872. 872 /Users/USER/Applications/Chrome Apps.localized/Default ejjicmeblgpmajnghnpcppodonldlgfn.app
  873. 873 - com.google.Chrome.app.Default-ejjicmeblgpmajnghnpcppodonldlgfn
  874. 874 /Users/USER/Applications/Chrome Apps.localized/app_list.app
  875. 875 - com.google.Chrome.app.Default-app_list
  876. 876 /Users/USER/Downloads/MplayerOSXB8r5/MPlayer OS X 2.app
  877. 877 - org.mplayerosx.MplayerOSX
  878. 878 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_apdfllckaahabafndbhieahigkjlhalf/Default apdfllckaahabafndbhieahigkjlhalf.app
  879. 879 - com.google.Chrome.app.Default-apdfllckaahabafndbhieahigkjlhalf-internal
  880. 880 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo/Default blpcfgokakmgnkcojhhkbfbldkacnbeo.app
  881. 881 - com.google.Chrome.app.Default-blpcfgokakmgnkcojhhkbfbldkacnbeo-internal
  882. 882 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_coobgpohoikkiipiblmjeljniedjpjpf/Default coobgpohoikkiipiblmjeljniedjpjpf.app
  883. 883 - com.google.Chrome.app.Default-coobgpohoikkiipiblmjeljniedjpjpf-internal
  884. 884 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_djejicklhojeokkfmdelnempiecmdomj/Default djejicklhojeokkfmdelnempiecmdomj.app
  885. 885 - com.google.Chrome.app.Default-djejicklhojeokkfmdelnempiecmdomj-internal
  886. 886 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_ejidjjhkpiempkbhmpbfngldlkglhimk/Default ejidjjhkpiempkbhmpbfngldlkglhimk.app
  887. 887 - com.google.Chrome.app.Default-ejidjjhkpiempkbhmpbfngldlkglhimk-internal
  888. 888 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_ejjicmeblgpmajnghnpcppodonldlgfn/Default ejjicmeblgpmajnghnpcppodonldlgfn.app
  889. 889 - com.google.Chrome.app.Default-ejjicmeblgpmajnghnpcppodonldlgfn-internal
  890. 890 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_ooaoeobbhfgkohkegpbidjjnkhjfccao/Default ooaoeobbhfgkohkegpbidjjnkhjfccao.app
  891. 891 - com.google.Chrome.app.Default-ooaoeobbhfgkohkegpbidjjnkhjfccao-internal
  892. 892 /Users/USER/Library/Application Support/Google/Chrome/Default/Web Applications/_crx_pjkljhegncpnkpknbcohdijeoejaedia/Default pjkljhegncpnkpknbcohdijeoejaedia.app
  893. 893 - com.google.Chrome.app.Default-pjkljhegncpnkpknbcohdijeoejaedia-internal
  894. 894 /opt/cisco/anyconnect/bin/vpndownloader.app
  895. 895 - com.yourcompany.vpndownloader
  896. 896
  897. 897 Frameworks
  898. 898
  899. 899 /Library/Frameworks/Adobe AIR.framework
  900. 900 - com.adobe.AIR
  901. 901 /Library/Frameworks/stauto32.framework
  902. 902 - com.rsa.securid.softwaretoken.framework
  903. 903 /Library/Frameworks/stauto32.framework/Frameworks/QtCore.framework
  904. 904 - N/A
  905. 905 /Library/Frameworks/stauto32.framework/Frameworks/QtGui.framework
  906. 906 - N/A
  907. 907 /Library/Frameworks/stauto32.framework/Frameworks/QtNetwork.framework
  908. 908 - N/A
  909. 909
  910. 910 PrefPane
  911. 911
  912. 912 /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/deploy/JavaControlPanel.prefPane
  913. 913 - com.oracle.java.JavaControlPanel
  914. 914 /Library/PreferencePanes/Flash Player.prefPane
  915. 915 - com.adobe.flashplayerpreferences
  916. 916
  917. 917 Bundles
  918. 918
  919. 919 /Library/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/AdobeCP15.plugin
  920. 920 - com.adobe.adobecp
  921. 921 /Library/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/Flash Player.plugin
  922. 922 - com.macromedia.FlashPlayer-10.6.plugin
  923. 923 /Library/Internet Plug-Ins/Flash Player.plugin
  924. 924 - com.macromedia.Flash Player.plugin
  925. 925 /Library/Internet Plug-Ins/JavaAppletPlugin.plugin
  926. 926 - com.oracle.java.JavaAppletPlugin
  927. 927 /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin
  928. 928 - com.microsoft.sharepoint.browserplugin
  929. 929 /Library/Internet Plug-Ins/WebEx64.plugin
  930. 930 - com.cisco_webex.plugin.gpc64
  931. 931 /Library/Internet Plug-Ins/googletalkbrowserplugin.plugin
  932. 932 - com.google.googletalkbrowserplugin
  933. 933 /Library/Internet Plug-Ins/o1dbrowserplugin.plugin
  934. 934 - com.google.o1dbrowserplugin
  935. 935 /Users/USER/Library/Address Book Plug-Ins/SkypeABDialer.bundle
  936. 936 - com.skype.skypeabdialer
  937. 937 /Users/USER/Library/Address Book Plug-Ins/SkypeABSMS.bundle
  938. 938 - com.skype.skypeabsms
  939. 939 /Users/USER/Library/Application Support/Google/Chrome/PepperFlash/18.0.0.209/PepperFlashPlayer.plugin
  940. 940 - com.macromedia.PepperFlashPlayer.pepper
  941. 941 /Users/USER/Library/Internet Plug-Ins/CitrixOnlineWebDeploymentPlugin.plugin
  942. 942 - com.citrixonline.mac.WebDeploymentPlugin
  943. 943 /Users/USER/Library/Internet Plug-Ins/WebEx64.plugin
  944. 944 - com.cisco_webex.plugin.gpc64
  945. 945
  946. 946 Library paths
  947. 947
  948. 948 /Applications/Microsoft Office 2011/Office/MicrosoftSetupUI.framework/Libraries/mbupgx.dylib
  949. 949 /Applications/Microsoft Office 2011/Office/OPF.framework/Versions/14/Resources/OPF_Common.dylib
  950. 950 /Library/Frameworks/Adobe AIR.framework/Versions/1.0/Resources/WebKit.dylib
  951. 951 /Library/Frameworks/stauto32.framework/Versions/4/Resources/libRSAClientLogger.dylib
  952. 952 /Library/Frameworks/stauto32.framework/Versions/4/Resources/liblog4cxx.dylib
  953. 953 /Users/USER/Library/Application Support/Firefox/Profiles/n78eod9q.default/extensions/EMAIL/platform/Darwin/components/lpxpcom.dylib
  954. 954 /Users/USER/Library/Application Support/Firefox/Profiles/n78eod9q.default/extensions/EMAIL/platform/Darwin_x86_64-gcc3/components/lpxpcom_x86_64.dylib
  955. 955 /Users/USER/Library/Application Support/Firefox/Profiles/n78eod9q.default/gmp-gmpopenh264/1.4/libgmpopenh264.dylib
  956. 956 /Users/USER/Library/Application Support/Google/Chrome/WidevineCDM/1.4.8.824/_platform_specific/mac_x64/libwidevinecdm.dylib
  957. 957 /Users/USER/Library/Application Support/WebEx Folder/1524/cmcrypto-29.13.0.1.dylib
  958. 958 /Users/USER/Library/Application Support/WebEx Folder/1524/libcrypto-0.1.4.7.dylib
  959. 959 /Users/USER/Library/Application Support/WebEx Folder/1524/libssl-0.1.4.7.dylib
  960. 960 /Users/USER/Library/Application Support/WebEx Folder/1524/xml-29.0.0.1.dylib
  961. 961 /Users/USER/Library/Application Support/WebEx Folder/T30_EC/cmcrypto-30.0.0.2.dylib
  962. 962 /Users/USER/Library/Application Support/WebEx Folder/T30_EC/libcrypto-0.2.5.3.dylib
  963. 963 /Users/USER/Library/Application Support/WebEx Folder/T30_EC/libssl-0.2.5.3.dylib
  964. 964 /Users/USER/Library/Application Support/WebEx Folder/T30_EC/rtp-29.0.0.1.dylib
  965. 965 /Users/USER/Library/Application Support/WebEx Folder/T30_EC/xml-29.0.0.1.dylib
  966. 966 /Users/USER/Library/Application Support/WebEx Folder/T30_MC/cmcrypto-30.0.0.2.dylib
  967. 967 /Users/USER/Library/Application Support/WebEx Folder/T30_MC/libcrypto-0.2.5.3.dylib
  968. 968 /Users/USER/Library/Application Support/WebEx Folder/T30_MC/libssl-0.2.5.3.dylib
  969. 969 /Users/USER/Library/Application Support/WebEx Folder/T30_MC/xml-29.0.0.1.dylib
  970. 970 /opt/cisco/anyconnect/bin/plugins/libacfeedback.dylib
  971. 971 /opt/cisco/anyconnect/bin/plugins/libvpnapishim.dylib
  972. 972 /opt/cisco/anyconnect/bin/plugins/libvpnipsec.dylib
  973. 973 /opt/cisco/anyconnect/lib/libac_sock_fltr_api.dylib
  974. 974 /opt/cisco/anyconnect/lib/libacciscocrypto.dylib
  975. 975 /opt/cisco/anyconnect/lib/libacciscossl.dylib
  976. 976 /opt/cisco/anyconnect/lib/libaccurl.4.dylib
  977. 977 /opt/cisco/anyconnect/lib/libvpnagentutilities.dylib
  978. 978 /opt/cisco/anyconnect/lib/libvpnapi.dylib
  979. 979 /opt/cisco/anyconnect/lib/libvpncommon.dylib
  980. 980 /opt/cisco/anyconnect/lib/libvpncommoncrypt.dylib
  981. 981 /opt/cisco/hostscan/lib/libacciscocrypto.dylib
  982. 982 /opt/cisco/hostscan/lib/libacciscossl.dylib
  983. 983 /opt/cisco/hostscan/lib/libaccurl.4.dylib
  984. 984 /opt/cisco/hostscan/lib/libcsd.dylib
  985. 985 /opt/cisco/hostscan/lib/libhostscan.dylib
  986. 986 /opt/cisco/hostscan/lib/libinspector.dylib
  987. 987
  988. 988 App extensions
  989. 989
  990. 990 com.evernote.Evernote.SharingExtension
  991. 991 com.google.GoogleDrive.FinderSyncAPIExtension
  992. 992
  993. 993 Modifications
  994. 994
  995. 995 file modified: /Applications/Data Loader.app/Contents/Resources/conf/config.properties
  996. 996 file modified: /Applications/Data Loader.app/Contents/Resources/conf/ui_lastRun.properties
  997. 997 file modified: /Applications/Salesforce Files.app/Contents/Resources/snapshot.xml
  998. 998 file added: /Library/Frameworks/Adobe AIR.framework/Versions/Current/Resources/Adobe AIR Updater.app/Contents/_CodeSignature/CodeResources
  999. 999 file added: /Library/Frameworks/Adobe AIR.framework/Versions/Current/Resources/Adobe AIR Updater.app/Contents/Info.plist
  1000. 1000 file added: /Library/Frameworks/Adobe AIR.framework/Versions/Current/Resources/Adobe AIR Updater.app/Contents/MacOS/Adobe AIR Installer
  1001. 1001 file added: /Library/Frameworks/Adobe AIR.framework/Versions/Current/Resources/Adobe AIR Updater.app/Contents/PkgInfo
  1002. 1002 file added: /Library/Frameworks/Adobe AIR.framework/Versions/Current/Resources/Adobe AIR Updater.app/Contents/Resources/Adobe AIR Installer.icns
  1003. 1003 file added: /Library/Frameworks/Adobe AIR.framework/Versions/Current/Resources/Adobe AIR Updater.app/Contents/Resources/setup.swf
  1004. 1004 file added: /Library/Frameworks/Adobe AIR.framework/Versions/Current/Resources/Adobe AIR Updater.app/Contents/Resources/stylesNative.swf
  1005. 1005
  1006. 1006 Installations
  1007. 1007
  1008. 1008 MegaBackup: 9/28/15, 9:23 PM
  1009. 1009 MegaBackup: 9/28/15, 9:23 PM
  1010. 1010 Adobe Flash Player: 9/26/15, 11:30 AM
  1011. 1011 Office 2011 14.5.5 Update: 9/21/15, 4:21 PM
  1012. 1012 osquery_8.24.15: 9/11/15, 9:00 AM
  1013. 1013
  1014. 1014 Elapsed time (sec): 260
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!