EtreCheckPro version: 6.8.0 (68018) Report generated: 2023-01-11 21:36:00 Download EtreCheckPro from https://etrecheck.com Runtime: 2:48 Performance: Excellent Problem: Other problem Description: My Mac seems to be infected by malware or adware. I keep getting a pop up that appears, not just when Safari is open, but when it is closed. The popup has the System Settings icon on the left side and a message on the right side. It seems to cycle through different messages, but w ith the same kind of idea, that my system is infected by viruses and s uggests that I click on the OK, which leads me to a webpage that tells me the same thing in more detail and urges me to click in further to run a virus scan. The Macafee company is mentioned behind this detaile d second warning. I have not clicked on this second warning. Major Issues: None Minor Issues: These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. Apps with heavy CPU usage - There have been numerous cases of apps with heavy CPU usage. Clean up - There are orphan files that could be removed. Unsigned files - There are unsigned software files installed. These files could be old, incompatible, and cause problems. They should be reviewed. System modifications - There are a large number of system modifications running in the background. Limited permissions - More information may be available with Full Disk Access. Kernel extensions present - This computer has kernel extensions that may not work in the future. Hardware Information: MacBook Pro (16-inch, 2019) Status: Supported Under warranty: Yes Warranty expiration: 2023-07-01 MacBook Pro Model: MacBookPro16,1 2.6 GHz 6-Core Intel Core i7 (i7-9750H) CPU: 6-core 16 GB RAM - Not upgradeable BANK 0/ChannelA-DIMM0 - 8 GB DDR4 2667 BANK 2/ChannelB-DIMM0 - 8 GB DDR4 2667 Battery: Health = Normal - Cycle count = 340 Video Information: Intel UHD Graphics 630 - VRAM: 1536 MB Color LCD (built-in) 3584 x 2240 AMD Radeon Pro 5300M - VRAM: 4 GB Drives: disk0 - APPLE SSD AP0512N 500.28 GB (Solid State - TRIM: Yes) Internal PCI-Express 8.0 GT/s x4 NVM Express disk0s1 - EFI [EFI] 315 MB disk0s2 [APFS Container] 499.96 GB disk1 [APFS Virtual drive] 499.96 GB (Shared by 6 volumes) disk1s1 (APFS) [APFS Container] (8.87 GB used) disk1s1s1 - Macintosh HD (APFS) [APFS Snapshot] (8.87 GB used) disk1s2 - Macintosh HD - Data (APFS) [APFS Virtual drive] (457.81 GB used) disk1s3 - Preboot (APFS) [APFS Preboot] (1.81 GB used) disk1s4 - Recovery (APFS) [Recovery] (1.12 GB used) disk1s5 - VM (APFS) [APFS VM] (25 KB used) disk1s6 - Update (APFS) (26 MB used) disk2 - WD Elements 25A1 2.00 TB External USB 5 Gbit/s USB disk2s1 - 2********p 2.00 TB disk3 - Emtec X200 1.02 TB External USB 5 Gbit/s USB disk3s1 - E***C (Journaled HFS+) 1.02 TB (1.02 TB used) Mounted Volumes: disk1s1s1 - Macintosh HD [APFS Snapshot] Filesystem: APFS Mount point: / Read-only: Yes Used: 8.87 GB Shared values Size: 499.96 GB Free: 30.17 GB Available: 33.83 GB disk1s2 - Macintosh HD - Data [APFS Virtual drive] Filesystem: APFS Mount point: /System/Volumes/Data Encrypted Used: 457.81 GB Shared values Size: 499.96 GB Free: 30.17 GB Available: 33.83 GB disk1s3 - Preboot [APFS Preboot] Filesystem: APFS Mount point: /System/Volumes/Preboot Used: 1.81 GB Shared values Size: 499.96 GB Free: 30.17 GB disk1s5 - VM [APFS VM] Filesystem: APFS Mount point: /System/Volumes/VM Used: 25 KB Shared values Size: 499.96 GB Free: 30.17 GB disk1s6 - Update Filesystem: APFS Mount point: /System/Volumes/Update Used: 26 MB Shared values Size: 499.96 GB Free: 30.17 GB disk2s1 - 2********p Mount point: /Volumes/2********p Size: 2.00 TB disk3s1 - E***C Filesystem: Journaled HFS+ Mount point: /Volumes/E***C Owners enabled: No Used: 1.02 TB Size: 1.02 TB Free: 3.74 GB Available: 3.75 GB Network: Interface en5: USB 10/100/1000 LAN Interface en0: Wi-Fi 802.11 a/b/g/n/ac Interface en7: iPhone Interface bridge0: Thunderbolt Bridge System Software: macOS Ventura 13.1 (22C65) Time since boot: Less than an hour Notifications: Creative Cloud.app 2 notifications Loopback.app one notification Safari.app 3 notifications Security: Gatekeeper: App Store and identified developers System Integrity Protection: Enabled Antivirus software: Apple and Malwarebytes Unsigned Files: Launchd: /Library/LaunchDaemons/com.microsoft.teams.TeamsUpdaterDaemon.plist Executable: /Applications/Microsoft Teams.app/Contents/TeamsUpdaterDaemon.xpc/Contents/MacOS/TeamsUpdaterDaemon Details: Restrictive config permissions - possibly malware Applications: 564 apps 112 x86-only apps 3 unsigned apps Kernel Extensions: /Library/Application Support/CleverFiles/BackService.app [Not Loaded] SecureDisk_11.kext - com.cleverfiles.SecureDisk-11 (1.0 - SDK 10.16) /Library/Extensions [Not Loaded] EPSONUSBPrintClass.kext - com.epson.print.kext.USBPrintClass (2.7.3) [Not Loaded] NovationUSBAudio.kext - com.novationmusic.driver.usb.audio (3.1 - SDK 10.14) System Launch Daemons: [Not Loaded] 37 Apple tasks [Loaded] 183 Apple tasks [Running] 164 Apple tasks [Other] 2 Apple tasks System Launch Agents: [Not Loaded] 18 Apple tasks [Loaded] 188 Apple tasks [Running] 185 Apple tasks Launch Daemons: [Loaded] com.adobe.ARMDC.Communicator.plist (Adobe Inc. - installed 2022-09-18) Executable: /Library/PrivilegedHelperTools/com.adobe.ARMDC.Communicator [Loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Inc. - installed 2022-09-18) Executable: /Library/PrivilegedHelperTools/com.adobe.ARMDC.SMJobBlessHelper [Running] com.adobe.acc.installer.v2.plist (Adobe Inc. - installed 2022-10-04) Executable: /Library/PrivilegedHelperTools/com.adobe.acc.installer.v2 [Running] com.adobe.agsservice.plist (Adobe Inc. - installed 2022-09-30) Executable: /Library/Application Support/Adobe/AdobeGCClient/AGSService [Running] com.cleverfiles.cfbackd.plist (Justin Johnson - installed 2022-09-18) Executable: /Library/Application Support/CleverFiles/BackService.app/Contents/MacOS/cfbackd [Running] com.focusrite.ControlServer.plist (Focusrite Audio Engineering Ltd. - installed 2022-09-18) Command: /Applications/Focusrite Control.app/Contents/Library/LoginItems/FocusriteControlServer.app/Contents/MacOS/FocusriteControlServer daemon [Loaded] com.google.keystone.daemon.plist (Google LLC - installed 2022-10-19) Executable: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/MacOS/GoogleSoftwareUpdateDaemon [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2023-01-10) Command: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app/Contents/MacOS/RTProtectionDaemon -i Malwarebytes-Mac-4.17.8.4831.pkg [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2023-01-10) Executable: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/SettingsDaemon.app/Contents/MacOS/SettingsDaemon [Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2023-01-11) Executable: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2022-09-18) Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensingV2.helper [Loaded] com.microsoft.teams.TeamsUpdaterDaemon.plist (Not signed - installed 2022-10-20) Executable: /Applications/Microsoft Teams.app/Contents/TeamsUpdaterDaemon.xpc/Contents/MacOS/TeamsUpdaterDaemon [Loaded] com.rogueamoeba.aceagent.plist (Rogue Amoeba Software, LLC - installed 2022-09-18) Executable: /Library/Audio/Plug-Ins/HAL/ACE.driver/Contents/Resources/aceagent.app/Contents/MacOS/aceagent [Loaded] com.rogueamoeba.acetool.plist (Rogue Amoeba Software, LLC - installed 2022-09-18) Executable: /Library/Audio/Plug-Ins/HAL/ACE.driver/Contents/Resources/acetool Launch Agents: [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Inc. - installed 2022-09-18) Executable: /Library/Application Support/Adobe/ARMDC/Application/Acrobat Update Helper.app/Contents/MacOS/Acrobat Update Helper [Running] com.adobe.AdobeCreativeCloud.plist (Adobe Inc. - installed 2022-10-04) Command: /Applications/Utilities/Adobe Creative Cloud/ACC/Creative Cloud.app/Contents/MacOS/Creative Cloud --showwindow=false --onOSstartup=true [Running] com.adobe.GC.AGM.plist (Adobe Inc. - installed 2022-09-30) Command: /Library/Application Support/Adobe/AdobeGCClient/AGMService -mode=logon [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Inc. - installed 2022-09-30) Command: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility -mode=logon [Loaded] com.adobe.ccxprocess.plist (Adobe Inc. - installed 2022-12-14) Command: /usr/bin/open -a '/Applications/Utilities/Adobe Creative Cloud Experience/CCXProcess/CCXProcess.app' [Other] com.epson.esua.launcher.plist (Not signed - installed 2022-09-18) Executable: /Applications/Epson Software/EPSON Software Updater.app/Contents/EPSON Software Updater Agent.app/Contents/MacOS/EPSON Software Updater Agent [Other] com.epson.eventmanager.agent.plist (Not signed - installed 2022-09-18) Executable: /Applications/Epson Software/Event Manager.app/Contents/Resources/Assistants/Event Manager/EEventManager.app/Contents/MacOS/EEventManager [Running] com.epson.scannermonitor.plist (Seiko Epson Corporation - installed 2022-09-18) Executable: /Library/Application Support/EPSON/Scanner/ScannerMonitor/Epson Scanner Monitor.app/Contents/MacOS/Epson Scanner Monitor [Loaded] com.google.keystone.agent.plist (Google LLC - installed 2022-10-19) Command: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent -runMode ifneeded [Loaded] com.google.keystone.xpcservice.plist (Google LLC - installed 2022-10-19) Command: /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent -runMode xpchost [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2023-01-10) Executable: /Library/Application Support/Malwarebytes/MBAM/Engine.bundle/Contents/PlugIns/FrontendAgent.app/Contents/MacOS/FrontendAgent [Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2023-01-11) Command: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant --launchByAgent [Running] com.smarttech.SBWDKServiceSigned.plist (SMART Technologies ULC - installed 2022-09-18) Command: /Applications/SMART Technologies/SMART Settings.app/Contents/bin/sbsdk-server/SBWDKService '/Applications/SMART Technologies/SMART Settings.app/Contents/bin/sbsdk-server/sbsdk-server.js' [Not Loaded] com.smarttech.boardservice.login.plist (SMART Technologies ULC - installed 2022-09-18) Command: /Applications/SMART Technologies/SMART Settings.app/Contents/bin/SMARTBoardService.app/Contents/MacOS/SMARTBoardService -root [Running] com.smarttech.boardservice.plist (SMART Technologies ULC - installed 2022-09-18) Executable: /Applications/SMART Technologies/SMART Settings.app/Contents/bin/SMARTBoardService.app/Contents/MacOS/SMARTBoardService [Running] com.smarttech.ink.plist (SMART Technologies ULC - installed 2022-09-18) Command: /Applications/SMART Technologies/SMART Ink.app/Contents/MacOS/SMART Ink fromDaemon [Running] com.smarttech.smartnotification.plist (SMART Technologies ULC - installed 2022-09-18) Executable: /Applications/SMART Technologies/SMART Settings.app/Contents/bin/SystemNotifications.app/Contents/MacOS/SystemNotifications [Other] com.wdc.WD-Discovery.plist (Not signed - installed 2022-09-18) Command: /Applications/WD Discovery/WD Discovery.app/Contents/MacOS/WD Discovery --autolaunch [Other] com.wdc.WDTrashObserver.plist (Not signed - installed 2022-09-18) Executable: /Applications/WD Discovery/WD Discovery.app/Contents/WDTrashObserver User Launch Agents: [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Inc. - installed 2022-09-30) Command: /Library/Application Support/Adobe/AdobeGCClient/agcinvokerutility -mode=scheduled [Loaded] com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2022-06-18) Command: ~/Library/Dropbox/DropboxMacUpdate.app/Contents/MacOS/DropboxMacUpdate -check periodic [Loaded] com.rogueamoeba.loopbackd.plist (Rogue Amoeba Software, LLC - installed 2022-01-31) Executable: ~/Library/Application Support/Loopback/Loopback.app/Contents/MacOS/Loopback User Login Items: [Not Loaded] FocusriteControlServer (Focusrite Audio Engineering Ltd. - installed 2022-08-15) Modern Login Item /Applications/Focusrite Control.app/Contents/Library/LoginItems/FocusriteControlServer.app [Not Loaded] LaunchHelper (App Store - installed 2020-10-26) Modern Login Item /Applications/Mail for Gmail.app/Contents/Library/LoginItems/LaunchHelper.app [Running] Messenger Helper (Facebook, Inc. - installed 2022-07-14) Modern Login Item /Applications/Messenger.app/Contents/Library/LoginItems/Messenger Helper.app [Loaded] Messenger Login Helper (Facebook, Inc. - installed 2022-07-14) Modern Login Item /Applications/Messenger.app/Contents/Library/LoginItems/Messenger Login Helper.app [Not Loaded] StartUpHelper (Spotify - installed 2022-12-20) Modern Login Item /Applications/Spotify.app/Contents/Library/LoginItems/StartUpHelper.app [Loaded] Loop (App Store - installed 2022-12-23) Modern Login Item /Applications/VOX.app/Contents/Library/LoginItems/Loop.app [Not Loaded] VOXAgent (App Store - installed 2022-12-23) Modern Login Item /Applications/VOX.app/Contents/Library/LoginItems/VOXAgent.app [Not Loaded] WhatsApp Login Helper (App Store - installed 2022-12-15) Modern Login Item /Applications/WhatsApp.app/Contents/Library/LoginItems/WhatsApp Login Helper.app App Extensions: Finder sync extensions: Adobe Content Synchronizer Helper - /Applications/Utilities/Adobe Sync/CoreSync/Core Sync.app Dropbox Finder Extension - /Applications/Dropbox.app VPNs: MFVExtension - /Applications/Free VPN.app Share services: Dropbox Transfer - /Applications/Dropbox.app OneNote - /Applications/Microsoft OneNote.app File providers: Dropbox - /Applications/Dropbox.app QuickLook Previews: MainStageQuickLook - /Applications/MainStage 3.app com.apple.mainstage.concert *.concert EtreCheckQuickLook - ~/Downloads/EtreCheckPro.app com.etresoft.etrecheck4 *.etrecheck QuickLook Previews (legacy): Skim - /Applications/SMART Technologies/SMART Ink Document Viewer.app net.sourceforge.skim-app.skimnotes *.skim net.sourceforge.skim-app.pdfd *.pdfd LogicXQLGenerator - /Applications/Logic Pro X.app com.apple.logicx.project *.logicx Internet Plug-ins: AdobePDFViewerNPAPI: 17.012.20098 (Adobe Systems, Inc. - installed 2022-09-18) AdobeAAMDetect: 3.0.0.0 (Adobe Inc. - installed 2022-10-04) AdobePDFViewer: 21.005.20058 (Adobe Systems, Inc. - installed 2022-09-18) Audio Plug-ins: MSTeamsAudioDevice: 2020.42.00.9 (Microsoft Corporation - installed 2020-10-13) ACE: 11.7.7 (Rogue Amoeba Software, LLC - installed 2022-01-31) ZoomAudioDevice: 1.0 (Zoom Video Communications, Inc. - installed 2020-07-20) RDUSB01D6Audio: 1.0.3 (Roland Corporation - installed 2020-12-04) CoreMediaIO Plug-ins: SDC450Driver: 7.0 (SMART Technologies ULC - installed 2022-09-18) 3rd Party Preference panels: SMART Board (SMART Technologies ULC - installed 2021-08-05) Backup: Time Machine information is limited without Full Disk Access Destinations: M*****k [Local] (Last used) Performance: System Load: 1.79 (1 min ago) 1.61 (5 min ago) 1.85 (15 min ago) Nominal I/O usage: 9.25 MB/s File system: 15.90 seconds Write speed: 1033 MB/s Read speed: 3124 MB/s CPU Usage Snapshot: Type Overall System: 1 % User: 5 % Idle: 94 % Top Processes Snapshot by CPU: Process (count) CPU (Source - Location) parsec-fbf 25.10 % (Apple) RTProtectionDaemon 20.36 % (Malwarebytes Corporation) UVFSService 13.10 % (Apple) WindowServer 12.54 % (Apple) EtreCheckPro 5.44 % (Etresoft, Inc.) Top Processes Snapshot by Memory: Process (count) RAM usage (Source - Location) com.apple.WebKit.WebContent (6) 1.01 GB (Apple) Creative Cloud UI Helper (Renderer) 927 MB (Adobe Inc.) EtreCheckPro 798 MB (Etresoft, Inc.) mediaanalysisd 247 MB (Apple) kernel_task 237 MB (Apple) Top Processes Snapshot by Network Use: Process (count) Input / Output (Source - Location) corespeechd 2 KB / 6 MB (Apple) com.apple.WebKit.Networking 2 MB / 335 KB (Apple) mDNSResponder 172 KB / 103 KB (Apple) apsd 102 KB / 103 KB (Apple) trustd 57 KB / 46 KB (Apple) Top Processes Snapshot by Energy Use: Process (count) Energy (0-100) (Source - Location) parsec-fbf 11 (Apple) UVFSService 7 (Apple) RTProtectionDaemon 7 (Malwarebytes Corporation) WindowServer 4 (Apple) mdbulkimport (2) 2 (Apple) Virtual Memory Information: Physical RAM: 16 GB Free RAM: 380 MB Used RAM: 8.43 GB Cached files: 7.20 GB Available RAM: 7.57 GB Swap Used: 0 B Software Installs (past 60 days): Install Date Name (Version) 2022-11-19 Adobe Acrobat (22.003.20281) (22.003.20281) 2022-11-30 Numbers (12.1) 2022-11-30 Pages (12.1) 2022-11-30 Keynote (12.1) 2022-12-03 HP Smart (14.1.0.1457) 2022-12-10 XProtectPayloads (86) 2022-12-15 Google Earth (1.3.17.192) 2022-12-15 Logic Pro (10.7.6) 2022-12-15 WhatsApp (2.2246.10) 2022-12-15 MainStage (3.6.3) 2022-12-23 VOX (3.5.4) 2022-12-23 Friendly Streaming (5.9.31) 2023-01-03 GT-1 Driver (1.0.3) 2023-01-03 Safari (16.2) 2023-01-07 macOS 13.1 (13.1) 2023-01-07 MRTConfigData (1.93) 2023-01-10 Malwarebytes for Mac (1.0) 2023-01-10 Adobe Acrobat (22.003.20310) (22.003.20310) 2023-01-11 Microsoft AutoUpdate (4.55.23010700) 2023-01-11 Microsoft OneNote (16.69.23010700) 2023-01-11 Microsoft PowerPoint (16.69.23010700) 2023-01-11 Microsoft Word (16.69.23010700) Clean up: /Library/LaunchAgents/com.epson.eventmanager.agent.plist /Applications/Epson Software/Event Manager.app/Contents/Resources/Assistants/Event Manager/EEventManager.app/Contents/MacOS/EEventManager Executable not found /Library/LaunchAgents/com.wdc.WDTrashObserver.plist /Applications/WD Discovery/WD Discovery.app/Contents/WDTrashObserver Executable not found /Library/LaunchAgents/com.wdc.WD-Discovery.plist /Applications/WD Discovery/WD Discovery.app/Contents/MacOS/WD Discovery Executable not found /Library/LaunchAgents/com.epson.esua.launcher.plist /Applications/Epson Software/EPSON Software Updater.app/Contents/EPSON Software Updater Agent.app/Contents/MacOS/EPSON Software Updater Agent Executable not found Diagnostics Information (past 7-30 days): 2023-01-10 18:57:05 RTProtectionDaemon.app High CPU Use Executable: /Library/Application Support/Malwarebytes/*/Engine.bundle/Contents/PlugIns/RTProtectionDaemon.app 2023-01-10 15:20:04 photoanalysisd High CPU Use (3 times) Executable: /System/Library/PrivateFrameworks/PhotoAnalysis.framework/Versions/A/Support/photoanalysisd 2023-01-08 22:57:58 MainStage 3.app High CPU Use Executable: /Applications/MainStage 3.app 2023-01-08 21:30:49 signpost_reporter High CPU Use Executable: /usr/libexec/signpost_reporter 2023-01-07 06:13:11 MIDIServer Crash (4 times) Executable: /System/Library/Frameworks/CoreMIDI.framework/MIDIServer Details: libsystem_c.dylib: abort() called 2023-01-07 03:07:05 /Library/Logs/DiagnosticReports/ProxiedDevice-Bridge/Retired/recoverylogd-2023-01-07-030705.ips Crash (2 times) 2023-01-07 03:06:35 /Library/Logs/DiagnosticReports/ProxiedDevice-Bridge/Retired/recoverylogd-2023-01-07-030635.ips Crash (2 times) 2023-01-07 03:06:00 /Library/Logs/DiagnosticReports/ProxiedDevice-Bridge/Retired/recoverylogd-2023-01-07-030600.ips Crash (2 times) 2023-01-07 03:05:48 /Library/Logs/DiagnosticReports/ProxiedDevice-Bridge/Retired/recoverylogd-2023-01-07-030548.ips Crash (2 times) 2023-01-07 03:05:35 /Library/Logs/DiagnosticReports/ProxiedDevice-Bridge/Retired/recoverylogd-2023-01-07-030535.ips Crash (2 times) 2023-01-06 16:14:07 triald High CPU Use Executable: /usr/libexec/triald 2023-01-06 13:56:24 Logic Pro X.app High CPU Use Executable: /Applications/Logic Pro X.app 2023-01-06 13:37:42 rpcsvchost High CPU Use Executable: /usr/libexec/rpcsvchost End of report