Advanced Mac Cleaner est un virus ! Ce n’est pas un logiciel !

2 x served & 0 x viewed

Combien de fois il faut le dire ! Ceci est un virus !

Et si vous avez vous pouvez tracer les actions de ce virus !

Une fois il va se connecter sur st.mcydlv.com  ( Malware ) :

Et ensuite sur lqozem.com ( Malware ) :

Ses deux sites sont souvent utilisés pour des faux logiciels Acrobat Reader : AcroRd32.exe (sous Windows) .

Pour plus d’information lire : https://lesvirus.fr/le-virus-advanced-mac-cleaner/ : Le virus Advanced Mac Cleaner. Comment supprimer? (Guide de désinstallation)

Misère.

 

 

Comment désinstaller Chromium sous Mac ?

1 x served & 0 x viewed

C’est assez simple … il est très important de le supprimer.

Etape n°1 :

Supprimer l’application qui est dans /Users/XXXXXX/Applications/Chromium.app avec XXXXXX qui est le nom de votre utilisataur.

Etape n°2 :

Supprimer le fichier plist org.chromium.Chromium.plist dans Library/Preferences/.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>LastRunAppBundlePath</key>
        <string>/Users/XXXXXX/Applications/Chromium.app</string>
</dict>
</plist>

Etape 3 :

Supprimer le répertoire Library/Application\ Support/Chromium/ .

Etape 4 :

Aller dans Préférences Système, puis Utilisateur & Groupes, puis choisir Ouverture et supprimer Chromium.

Et c’est fini !

 

Mac : Adobe download vers fpdownload.macromedia.com

40 x served & 11 x viewed

Bizarre …  com.adobe.fpsaud qui pointe vers fpdownload.macromedia.cm .

Si je regarde plus en détail dans /System/Library/LaunchDaemons/ je n’ai aucun com.adobe.fpsaud . Mais si je regarde dans /Library/LaunchDaemons/ :

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>com.adobe.fpsaud</string>
	<key>ProgramArguments</key>
	<array>
		<string>/Library/Application Support/Adobe/Flash Player Install Manager/fpsaud</string>
	</array>
	<key>StartInterval</key>
	<integer>3600</integer>
	<key>KeepAlive</key>
	<false/>
</dict>
</plist>

On a les ip qui sont en dur dans le programme … misère.

$ hexdump -C /Library/Application\ Support/Adobe/Flash\ Player\ Install\ Manager/fpsaud | grep "download"
0017b030  64 6f 77 6e 6c 6f 61 64  2e 6d 61 63 72 6f 6d 65  |download.macrome|
0017b3e0  20 64 6f 77 6e 6c 6f 61  64 65 72 20 64 6f 65 73  | downloader does|
0017b480  73 20 64 6f 77 6e 6c 6f  61 64 65 64 20 64 61 74  |s downloaded dat|
0017bad0  2f 2f 66 70 64 6f 77 6e  6c 6f 61 64 32 2e 6d 61  |//fpdownload2.ma|
0017bf30  65 20 6f 6e 20 64 6f 77  6e 6c 6f 61 64 65 64 20  |e on downloaded |
00187ef0  00 64 6f 77 6e 6c 6f 61  64 44 69 64 46 61 69 6c  |.downloadDidFail|
00187f00  00 64 6f 77 6e 6c 6f 61  64 44 69 64 50 72 6f 67  |.downloadDidProg|
00187fa0  64 6f 77 6e 6c 6f 61 64  65 64 44 61 74 61 00 67  |downloadedData.g|
00188030  3a 00 6d 5f 64 6f 77 6e  6c 6f 61 64 50 61 74 68  |:.m_downloadPath|
00188040  00 6d 5f 64 6f 77 6e 6c  6f 61 64 46 69 6c 65 48  |.m_downloadFileH|
00188960  64 6f 77 6e 6c 6f 61 64  65 72 00 6d 5f 64 6d 67  |downloader.m_dmg|
002597d0  69 74 68 55 52 4c 3a 64  6f 77 6e 6c 6f 61 64 50  |ithURL:downloadP|
00259a10  6d 5f 64 6f 77 6e 6c 6f  61 64 50 61 74 68 00 5f  |m_downloadPath._|
00259a70  6d 5f 64 6f 77 6e 6c 6f  61 64 46 69 6c 65 48 61  |m_downloadFileHa|
0025af50  74 61 6c 6c 65 72 20 64  6f 77 6e 6c 6f 61 64 50  |taller downloadP|
0025afc0  65 72 2e 6d 5f 64 6f 77  6e 6c 6f 61 64 65 72 00  |er.m_downloader.|
0025d3f0  6e 6c 6f 61 64 20 64 6f  77 6e 6c 6f 61 64 65 64  |nload downloaded|
00264ee0  5f 64 6f 77 6e 6c 6f 61  64 44 61 74 61 52 65 63  |_downloadDataRec|
00264ff0  64 2e 6d 5f 64 6f 77 6e  6c 6f 61 64 53 74 61 74  |d.m_downloadStat|
002654e0  65 72 2e 6d 5f 64 6f 77  6e 6c 6f 61 64 65 72 00  |er.m_downloader.|

Python : How to clean ressources of Joplin not used ?

78 x served & 22 x viewed

Here the script in Python : https://github.com/CYBERNEURONES/Python/blob/master/JoplinCleanRessource.py

#
# Version 1 
# for Python 3
# 
#   ARIAS Frederic
#   Sorry ... It's difficult for me the python :)
#

from time import gmtime, strftime
import time
import json
import requests
import os
import sqlite3
import re

#conn = sqlite3.connect('my_db.db')
find_this = "\(:/"

#c = conn.cursor()
#c.execute('''DROP TABLE LINK''')
#conn.commit()
#c.execute('''CREATE TABLE LINK (ID_NOTE text, ID_RESOURCE text, CHECKSUM_MD5 text)''')
#conn.commit()

#IP
ip = "127.0.0.1"
port = "41184"
token = "Put the token here"
nb_request = 0
my_body = ""
headers = {'Content-type': 'application/json', 'Accept': 'text/plain'}
url_notes = (
    "http://"+ip+":"+port+"/notes?"
    "token="+token
)
nb_total_ressource = 0
nb_local_ressource = 0
ALL_ID = {}
try:
    resp = requests.get(url_notes, headers=headers)
    nb_request += 1
    resp.raise_for_status()
    resp_dict = resp.json()
    #print(resp_dict)
    for my_note in resp_dict:
        nb_local_ressource = 0
        my_body = my_note.get('body')
        my_ressource = [m.start() for m in re.finditer(find_this, my_body)]
        for my_ressource_x in my_ressource:
             nb_total_ressource += 1
             nb_local_ressource += 1
             my_ressource_id = my_body[my_ressource_x+3:my_ressource_x+32+3]
             print(nb_local_ressource,":",my_note.get('id'),":",my_ressource_id)
             ALL_ID[my_ressource_id]=my_note.get('id')
             
             #c.execute(sql_request)
             #conn.commit()
except requests.exceptions.HTTPError as e:
    print("Bad HTTP status code:", e)
except requests.exceptions.RequestException as e:
    print("Network error:", e)

nb_keep = 0
nb_remove = 0
url_resources = (
    "http://"+ip+":"+port+"/resources?"
    "token="+token
)
try:
    resp = requests.get(url_resources, headers=headers)
    nb_request += 1
    resp.raise_for_status()
    resp_dict = resp.json()
    #print(resp_dict)
    for my_resource in resp_dict:
        my_id = my_resource.get('id')
        if my_id in ALL_ID:
            print("Keep for notes",ALL_ID[my_id])
            nb_keep += 1
        else:
            print("Remove");
            nb_remove += 1
            url_resources_delete = (
    "http://"+ip+":"+port+"/resources/"+my_id+"?"
    "token="+token
)
            try:
                 resp2 = requests.delete(url_resources_delete, headers=headers)
                 resp.raise_for_status()
                 nb_request += 1
            except requests.exceptions.HTTPError as e:
                 print("Bad HTTP status code:", e)
            except requests.exceptions.RequestException as e:
                 print("Network error:", e)
except requests.exceptions.HTTPError as e:
    print("Bad HTTP status code:", e)
except requests.exceptions.RequestException as e:
    print("Network error:", e)

#conn.close()
print("nb_request",nb_request,"nb_total_ressource : ",nb_total_ressource," nb_local_ressource : ",nb_local_ressource)
print("nb_keep",nb_keep,"nb_remove",nb_remove);

Here the result :

$ grep "Total resources:" .config/joplin-desktop/log.txt | awk '{print $1 " " $5}' | uniq | tail -f
2019-02-25 10191"
2019-02-25 10194"
2019-02-25 10190"
2019-02-26 10190"
2019-02-27 10190"
2019-02-28 10190"
2019-02-28 10192"
2019-03-01 10192"
2019-03-01 2919"
2019-03-01 2814"

Mojave : Build dlib : issue : fatal error: ‘X11/Xlib.h’ file not found

69 x served & 19 x viewed

Quand j’essaye de faire le build de dlib j’ai l’erreur suivante :

In file included from /private/var/folders/72/mwd843qs5dnfxxzc5zzwx5mw0000gn/T/pip-install-yx4dc86g/dlib/dlib/gui_widgets/fonts.cpp:16:
    /private/var/folders/72/mwd843qs5dnfxxzc5zzwx5mw0000gn/T/pip-install-yx4dc86g/dlib/dlib/gui_widgets/nativefont.h:27:10: fatal error: 'X11/Xlib.h' file not found
    #include <X11/Xlib.h>
             ^~~~~~~~~~~~
    1 error generated.
    make[2]: *** [dlib_build/CMakeFiles/dlib.dir/gui_widgets/fonts.cpp.o] Error 1
    make[2]: *** Waiting for unfinished jobs....
    make[1]: *** [dlib_build/CMakeFiles/dlib.dir/all] Error 2
    make: *** [all] Error 2

Pour fixer le problème :

ln -s /opt/X11/include/X11 /usr/local/include/X11

J’ai donc pu faire la compilation de dlib qui est utilisé par face_recognition :

$ pip install face_recognition
Collecting face_recognition
  Using cached https://files.pythonhosted.org/packages/3f/ed/ad9a28042f373d4633fc8b49109b623597d6f193d3bbbef7780a5ee8eef2/face_recognition-1.2.3-py2.py3-none-any.whl
Requirement already satisfied: numpy in /usr/local/lib/python3.7/site-packages (from face_recognition) (1.16.1)
Requirement already satisfied: Pillow in /usr/local/lib/python3.7/site-packages (from face_recognition) (5.4.1)
Collecting dlib>=19.7 (from face_recognition)
  Using cached https://files.pythonhosted.org/packages/35/8d/e4ddf60452e2fb1ce3164f774e68968b3f110f1cb4cd353235d56875799e/dlib-19.16.0.tar.gz
Requirement already satisfied: face-recognition-models>=0.3.0 in /usr/local/lib/python3.7/site-packages (from face_recognition) (0.3.0)
Collecting Click>=6.0 (from face_recognition)
  Using cached https://files.pythonhosted.org/packages/fa/37/45185cb5abbc30d7257104c434fe0b07e5a195a6847506c074527aa599ec/Click-7.0-py2.py3-none-any.whl
Building wheels for collected packages: dlib
  Building wheel for dlib (setup.py) ... done
  Stored in directory: /Users/.../Library/Caches/pip/wheels/ce/f9/bc/1c51cd0b40a2b5dfd46ab79a73832b41e7c3aa918a508154f0
Successfully built dlib
Installing collected packages: dlib, Click, face-recognition
Successfully installed Click-7.0 dlib-19.16.0 face-recognition-1.2.3

A suivre.