EtreCheckPro version: 6.8.1 (68024) Report generated: 2023-04-14 21:57:31 Download EtreCheckPro from https://etrecheck.com Runtime: 3:45 Performance: Good Problem: Other problem Description: Whenever I search in safari start page it always redirects me to chill search.xyz Major Issues: Anything that appears on this list needs immediate attention. Malware - Malware detected. Unsigned files - There are unsigned software files installed that could be malicious and should be reviewed. Minor Issues: These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. No Time Machine backup - Time Machine backup not found. Clean up - There are orphan files that could be removed. Unsigned files - There are unsigned software files installed. These files could be old, incompatible, and cause problems. They should be reviewed. Limited permissions - More information may be available with Full Disk Access. Hardware Information: MacBook Air (Retina, 13-inch, 2019) Status: Supported MacBook Air Model: MacBookAir8,2 1.6 GHz Dual-Core Intel Core i5 (i5-8210Y) CPU: 2-core 8 GB RAM - Not upgradeable BANK 0/DIMM0 - 4 GB LPDDR3 2133 BANK 1/DIMM0 - 4 GB LPDDR3 2133 Battery: Health = Normal - Cycle count = 209 Video Information: Intel UHD Graphics 617 - VRAM: 1536 MB Color LCD (built-in) 2880 x 1800 2D HD LG TV 1366 x 768 Drives: disk0 - APPLE SSD AP0256N 251.00 GB (Solid State - TRIM: Yes) Internal PCI-Express 8.0 GT/s x4 NVM Express disk0s1 - EFI [EFI] 315 MB disk0s2 [APFS Container] 250.69 GB disk1 [APFS Virtual drive] 250.69 GB (Shared by 6 volumes) disk1s1 - Macintosh HD - Data (APFS) [APFS Virtual drive] (11.90 GB used) disk1s2 - Preboot (APFS) [APFS Preboot] (1.81 GB used) disk1s3 - Recovery (APFS) [Recovery] (1.14 GB used) disk1s4 (APFS) [APFS Container] (9.07 GB used) disk1s4s1 - Macintosh HD (APFS) [APFS Snapshot] (9.07 GB used) disk1s5 - Update (APFS) (3 MB used) disk1s6 - VM (APFS) [APFS VM] (20 KB used) Mounted Volumes: disk1s1 - Macintosh HD - Data [APFS Virtual drive] Filesystem: APFS Mount point: /System/Volumes/Data Encrypted Used: 11.90 GB Shared values Size: 250.69 GB Free: 226.62 GB Available: 228.09 GB disk1s2 - Preboot [APFS Preboot] Filesystem: APFS Mount point: /System/Volumes/Preboot Used: 1.81 GB Shared values Size: 250.69 GB Free: 226.62 GB disk1s4s1 - Macintosh HD [APFS Snapshot] Filesystem: APFS Mount point: / Read-only: Yes Used: 9.07 GB Shared values Size: 250.69 GB Free: 226.62 GB Available: 228.09 GB disk1s5 - Update Filesystem: APFS Mount point: /System/Volumes/Update Used: 3 MB Shared values Size: 250.69 GB Free: 226.62 GB disk1s6 - VM [APFS VM] Filesystem: APFS Mount point: /System/Volumes/VM Used: 20 KB Shared values Size: 250.69 GB Free: 226.62 GB Network: Interface bridge0: Thunderbolt Bridge Interface en0: Wi-Fi 802.11 a/b/g/n/ac System Software: macOS Ventura 13.3 (22E252) Time since boot: About 7 hours Security: Gatekeeper: App Store and identified developers System Integrity Protection: Enabled Antivirus software: Apple Malware: Launchd: /Library/LaunchDaemons/com.ryderd.plist Executable: /Library/ryderd/ryderd Reason: Malware pattern match Unsigned Files: Launchd: ~/Library/LaunchAgents/com.nbp.plist Executable: ~/Library/Application Support/com.nbp/nbp.app/Contents/MacOS/nbp Launchd: ~/Library/LaunchAgents/com.progambling.cj.plist Executable: ~/Library/progambling.cj/progambling.cj.app/Contents/MacOS/progambling.cj Launchd: ~/Library/LaunchAgents/com.suggestd.plist Executable: ~/Library/Application Support/com.suggestd/suggestd Launchd: ~/Library/LaunchAgents/com.Hatchway.plist Executable: ~/Library/Application Support/com.Hatchway/Hatchway.app/Contents/MacOS/Hatchway Launchd: ~/Library/LaunchAgents/com.ryder.plist Executable: ~/Library/ryder/ryder Launchd: ~/Library/LaunchAgents/com.UpdateData.plist Executable: ~/Library/UpdateData/UpdateData.app/Contents/MacOS/UpdateData Launchd: ~/Library/LaunchAgents/com.TimeTest.plist Executable: ~/Library/TimeTest/TimeTest.app/Contents/MacOS/TimeTest Launchd: ~/Library/LaunchAgents/com.Cyucc.plist Executable: ~/Library/qf5oO/BkQHw Launchd: ~/Library/LaunchAgents/com.sometime-sisel.plist Executable: ~/Library/uptear-soldier/vyhFelbh/ZDboWaik/sometime-sisel Apps: 6 Applications: 435 apps 12 x86-only apps 8 unsigned apps System Launch Daemons: [Not Loaded] 40 Apple tasks [Loaded] 190 Apple tasks [Running] 158 Apple tasks [Other] One Apple task System Launch Agents: [Not Loaded] 23 Apple tasks [Loaded] 200 Apple tasks [Running] 173 Apple tasks Launch Daemons: [Running] com.adobe.ARMDC.Communicator.plist (Adobe Inc. - installed 2023-04-07) Executable: /Library/PrivilegedHelperTools/com.adobe.ARMDC.Communicator [Running] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Inc. - installed 2023-04-07) Executable: /Library/PrivilegedHelperTools/com.adobe.ARMDC.SMJobBlessHelper [Not Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2023-04-03) Executable: /Library/PrivilegedHelperTools/com.microsoft.autoupdate.helper [Loaded] com.ryderd.plist (Malware - installed 2023-04-04) Executable: /Library/ryderd/ryderd Launch Agents: [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Inc. - installed 2023-04-07) Executable: /Library/Application Support/Adobe/ARMDC/Application/Acrobat Update Helper.app/Contents/MacOS/Acrobat Update Helper [Not Loaded] com.microsoft.update.agent.plist (Not signed - installed 2023-04-03) Command: /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant --launchByAgent User Launch Agents: [Killed] com.Cyucc.plist (Not signed - installed 2023-04-06) Executable: ~/Library/qf5oO/BkQHw [Running] com.Hatchway.plist (Not signed - installed 2023-04-04) Executable: ~/Library/Application Support/com.Hatchway/Hatchway.app/Contents/MacOS/Hatchway [Loaded] com.TimeTest.plist (Not signed - installed 2023-04-12) Executable: ~/Library/TimeTest/TimeTest.app/Contents/MacOS/TimeTest [Loaded] com.UpdateData.plist (Not signed - installed 2023-04-12) Executable: ~/Library/UpdateData/UpdateData.app/Contents/MacOS/UpdateData [Running] com.nbp.plist (Not signed - installed 2023-04-04) Executable: ~/Library/Application Support/com.nbp/nbp.app/Contents/MacOS/nbp [Other] com.progambling.cj.plist (Not signed - installed 2023-04-06) Executable: ~/Library/progambling.cj/progambling.cj.app/Contents/MacOS/progambling.cj [Loaded] com.ryder.plist (Not signed - installed 2023-04-04) Executable: ~/Library/ryder/ryder [Loaded] com.sometime-sisel.plist (Not signed - installed 2023-04-06) Executable: ~/Library/uptear-soldier/vyhFelbh/ZDboWaik/sometime-sisel [Loaded] com.suggestd.plist (Not signed - installed 2023-04-04) Executable: ~/Library/Application Support/com.suggestd/suggestd [Other] com.valvesoftware.steamclean.plist (Not signed - installed 2023-04-04) Command: ~/Library/Application Support/Steam/SteamApps/steamclean Public User Login Items: [Not Loaded] WhatsApp Login Helper (App Store - installed 2023-04-01) Modern Login Item /Applications/WhatsApp.app/Contents/Library/LoginItems/WhatsApp Login Helper.app App Extensions: Widgets: Microsoft Edge Widgets - /Applications/Microsoft Edge.app QuickLook Previews: EtreCheckQuickLook - ~/Downloads/EtreCheckPro.app com.etresoft.etrecheck4 *.etrecheck Backup: Time Machine Not Configured! Performance: System Load: 1.87 (1 min ago) 2.09 (5 min ago) 2.16 (15 min ago) Nominal I/O usage: 0.08 MB/s File system: 34.36 seconds Write speed: 1071 MB/s Read speed: 1098 MB/s CPU Usage Snapshot: Type Overall System: 4 % User: 8 % Idle: 88 % Top Processes Snapshot by CPU: Process (count) CPU (Source - Location) WindowServer 16.92 % (Apple) EtreCheckPro 8.64 % (Etresoft, Inc.) Hatchway 4.82 % (Not signed - ~/Library/Application Support/com.Hatchway/Hatchway.app) mdbulkimport (2) 4.04 % (Apple) tccd (2) 3.46 % (Apple) Top Processes Snapshot by Memory: Process (count) RAM usage (Source - Location) com.apple.WebKit.WebContent (9) 1.31 GB (Apple) EtreCheckPro 708 MB (Etresoft, Inc.) Mail 294 MB (Apple) kernel_task 202 MB (Apple) Safari 145 MB (Apple) Top Processes Snapshot by Network Use: Process (count) Input / Output (Source - Location) com.apple.WebKit.Networking 8 MB / 670 KB (Apple) biometrickitd 2 MB / 936 KB (Apple) apsd 110 KB / 582 KB (Apple) remoted 180 KB / 246 KB (Apple) mDNSResponder 227 KB / 124 KB (Apple) Top Processes Snapshot by Energy Use: Process (count) Energy (0-100) (Source - Location) WindowServer 8 (Apple) tccd (2) 2 (Apple) trustd (4) 1 (Apple) Hatchway 1 (Not signed - ~/Library/Application Support/com.Hatchway/Hatchway.app) nbp 0 (Not signed - ~/Library/Application Support/com.nbp/nbp.app) Virtual Memory Information: Physical RAM: 8 GB Free RAM: 42 MB Used RAM: 5.44 GB Cached files: 2.52 GB Available RAM: 2.56 GB Swap Used: 0 B Software Installs (past 60 days): Install Date Name (Version) 2023-04-01 MRTConfigData (1.93) 2023-04-01 XProtectPlistConfigData (2167) 2023-04-01 XProtectPayloads (95) 2023-04-01 Asphalt 9 (40009) 2023-04-01 WhatsApp (2.2310.9) 2023-04-02 Final Video Player (1.0.7) 2023-04-03 Microsoft Edge (111.0.1661.62) 2023-04-03 Microsoft AutoUpdate (4.57.23031200) 2023-04-07 Adobe Acrobat Reader (Continuous) (23.001.20063) 2023-04-14 Adobe Acrobat Reader (23.001.20143) (23.001.20143) Clean up: /Library/LaunchAgents/com.microsoft.update.agent.plist /Library/Application Support/Microsoft/MAU2.0/Microsoft AutoUpdate.app/Contents/MacOS/Microsoft Update Assistant.app/Contents/MacOS/Microsoft Update Assistant Executable not found ~/Library/LaunchAgents/com.valvesoftware.steamclean.plist ~/Library/Application Support/Steam/SteamApps/steamclean Executable not found ~/Library/LaunchAgents/com.progambling.cj.plist ~/Library/progambling.cj/progambling.cj.app/Contents/MacOS/progambling.cj Executable not found Diagnostics Information (past 7-30 days): 2023-04-14 15:05:45 Ravenwise Crash 2023-04-14 14:18:24 com.apple.WebKit.WebContent High CPU Use (2 times) Executable: /Volumes/VOLUME/*/W**************k/V******s/A/X*********s/c*****************************c/C******s/M***S/c*************************t End of report