Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: petr113
petr113 Author
User level: Level 1
8 points

How to get rid of TapuFind browser hijacker

How to safely get rid of TapuFind browser hijacker. It is kind of Safari extension which does not have good reputation. I have also mozzila developer edition and it is infected too...


I checked some advices on google but they always try to make me download anti-virus like softwares. However I got confused because there are also information saying that these softwares are not safe either.


So I tried manually. I could not find it among applications as some tutorials said but in MacintoshHD/Users/Shared and there are many folders named like App_(some long crazy name) containing documents MacAppExtensions.app. One of theme had logo of TapuFind. I cleared the whole folder so there was nothing left. I also typed Tapufind in my finder and looked for whatever file related to it and deleted as well.


After that I restarted my safari, cleaned caches and history and after few days TapuFind is back even when nothing new was installed in those days.


Any safe suggestions?


Thank you very much.


Macbook (2016 or later)

Posted on Jan 9, 2019 2:53 AM

Reply
Question marked as Top-ranking reply
User profile for user: dominic23
dominic23
User level: Level 10
83,976 points

Posted on Jan 9, 2019 4:45 AM

From the report:

Configuration Profiles:

    This computer has configuration profiles installed.


1. Remove any Profile you have not installed knowingly.


     Profiles

     System Preferences > Profiles

     How to remove a configuration profile?  https://support.apple.com/kb/PH25680?locale=en_US




2. I am not familiar with this file.


            Executable: /Applications/Microsoft Teams.app/Contents/TeamsUpdaterDaemon.xpc/Contents/MacOS/TeamsUpdaterDaemon

        Details: Restrictive config permissions - possibly adware



You can remove adware using either  one of these two methods.


  1. Using EtreCheck


Run EtreCheck again.

     Scroll up the sidebar and click the “Security” button.



   “Adware” and the “Unsigned” files will be listed on the right hand side pane along with a “Remove” button.

    Click the ”Remove” button wherever you see “adware”.

    Restart your Mac. Launch Safari holding the “Shift” key down.


2. Using “Malwarebytes for Mac”:


     Use  the latest release of MalwareBytes for Mac to remove malware/adware.


     Install guide:       https://support.malwarebytes.com/docs/DOC-1817

     Uninstall Guide:  https://support.malwarebytes.com/docs/DOC-1190


     The installer may ask you to allow it in Security & Privacy  /System Preference. Allow it.


     Click the blue “Scan Now” button.

     When first scan is done, repeat it.


Please let us know the result.

View in context

Similar questions

12 replies
Sort By: 
Question marked as Top-ranking reply
User profile for user: dominic23
dominic23
User level: Level 10
83,976 points

Jan 9, 2019 4:45 AM in response to petr113

From the report:

Configuration Profiles:

    This computer has configuration profiles installed.


1. Remove any Profile you have not installed knowingly.


     Profiles

     System Preferences > Profiles

     How to remove a configuration profile?  https://support.apple.com/kb/PH25680?locale=en_US




2. I am not familiar with this file.


            Executable: /Applications/Microsoft Teams.app/Contents/TeamsUpdaterDaemon.xpc/Contents/MacOS/TeamsUpdaterDaemon

        Details: Restrictive config permissions - possibly adware



You can remove adware using either  one of these two methods.


  1. Using EtreCheck


Run EtreCheck again.

     Scroll up the sidebar and click the “Security” button.



   “Adware” and the “Unsigned” files will be listed on the right hand side pane along with a “Remove” button.

    Click the ”Remove” button wherever you see “adware”.

    Restart your Mac. Launch Safari holding the “Shift” key down.


2. Using “Malwarebytes for Mac”:


     Use  the latest release of MalwareBytes for Mac to remove malware/adware.


     Install guide:       https://support.malwarebytes.com/docs/DOC-1817

     Uninstall Guide:  https://support.malwarebytes.com/docs/DOC-1190


     The installer may ask you to allow it in Security & Privacy  /System Preference. Allow it.


     Click the blue “Scan Now” button.

     When first scan is done, repeat it.


Please let us know the result.

Reply
User profile for user: dominic23
dominic23
User level: Level 10
83,976 points

Jan 9, 2019 6:01 AM in response to petr113

Sorry.

Remove a configuration profile.

The link I posted is not opening the page.


     Profiles


     System Preferences > Profiles


     Launch System Preferences. Do you see any profiles added to the pane at the bottom?



     If you see Profiles listed, click on it. 


     When the Profiles pane opens, select the profile and click the “-“  button at the bottom left corner to remove it.

Reply
User profile for user: dominic23
dominic23
User level: Level 10
83,976 points

Jan 9, 2019 4:06 AM in response to petr113

      Download EtreCheck: https://etrecheck.com/maspro.  and post the report here.


      Click “Click to Download” button,  open Downloads folder, click on it to open, and then select ”Open”.

      Click on the bouncing  EtreCheck icon in the Dock.

      “Choose a problem” from the popup menu box, and then “Start EtreCheck” in the dialog.


      Click “Share Report” button in the toolbar, select “Copy to Clipboard” .

      Please  post the report here when you reply.

Reply
User profile for user: petr113
petr113 Author
User level: Level 1
8 points

Jan 9, 2019 4:13 AM in response to dominic23

EtreCheck version: 5.1 (5020)

Report generated: 2019-01-09 13:10:24

Download EtreCheck from https://etrecheck.com

Runtime: 1:50

Performance: Excellent

Sandbox: Enabled

Full drive access: Disabled


Problem: Other problem

Description: 

        Browser Hijacker TapuFind


Major Issues:

    Anything that appears on this list needs immediate attention. 


    No Time Machine backup - Time Machine backup not found.

    Unsigned files - There are unsigned software files installed that could be adware and should be reviewed.


Minor Issues:

    These issues do not need immediate attention but they may indicate future problems. 


    Configuration profiles present - This machine has configuration profiles. These are sometimes used by adware and malware.

    32-bit Apps - This machine has 32-bits apps that may have problems in the future.

    Limited drive access - More information may be available with Full Drive Access.



Reply
User profile for user: petr113
petr113 Author
User level: Level 1
8 points

Jan 9, 2019 4:15 AM in response to petr113


Hardware Information:

    MacBook Pro (13-inch, 2017, Two Thunderbolt 3 ports)

    MacBook Pro Model: MacBookPro14,1

    1 2,3 GHz Intel Core i5 (i5-7360U) CPU: 2-core

    16 GB RAM - Not upgradeable

    BANK 0/DIMM0 - 8 GB LPDDR3 2133 ok

    BANK 1/DIMM0 - 8 GB LPDDR3 2133 ok

    Battery: Health = Normal - Cycle count = 61


Video Information:

    Intel Iris Plus Graphics 640 - VRAM: 1536 MB

    Color LCD 2880 x 1800


Drives:

    disk0 - APPLE SSD AP0256J 251.00 GB (Solid State - TRIM: Yes)

    Internal PCI-Express 8.0 GT/s x4 NVM Express

        disk0s1 - EFI [EFI] 315 MB

        disk0s2 [APFS Container] 250.69 GB

            disk1 [APFS Virtual drive] 250.69 GB (Shared by 4 volumes)

                disk1s1 - Macintosh HD (APFS) (Shared - 124.58 GB used)

                disk1s2 - Preboot (APFS) [APFS Preboot] (Shared)

                disk1s3 - Recovery (APFS) [Recovery] (Shared - 517 MB used)

                disk1s4 - VM (APFS) [APFS VM] (Shared - 3.22 GB used)


Mounted Volumes:

    disk1s1 - Macintosh HD 250.69 GB (122.18 GB free)

        APFS

        Mount point: /

        Encrypted


    disk1s3 - Recovery [Recovery] 250.69 GB (122.18 GB free)

        APFS

        Mount point: /Volumes/Recovery


    disk1s4 - VM [APFS VM] (Shared - 3.22 GB used)

        APFS

        Mount point: /private/var/vm


Network:

    Interface en6: iPhone

    Interface en4: iPad

    Interface en0: Wi-Fi

        802.11 a/b/g/n/ac

        Proxy Auto Discovery

    Interface en3: Bluetooth PAN

    Interface bridge0: Thunderbolt Bridge


System Software:

    macOS Mojave 10.14.2 (18C54) 

    Time since boot: About 20 days


Configuration Files:

    /etc/hosts - Count: 4


Configuration Profiles:

    This computer has configuration profiles installed.


Security:

    GatekeeperEnabled

    System Integrity ProtectionEnabled











Reply
User profile for user: petr113
petr113 Author
User level: Level 1
8 points

Jan 9, 2019 4:16 AM in response to petr113


Unsigned Files:

    Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchDaemons/com.microsoft.teams.TeamsUpdaterDaemon.plist

        Executable: /Applications/Microsoft Teams.app/Contents/TeamsUpdaterDaemon.xpc/Contents/MacOS/TeamsUpdaterDaemon

        Details: Restrictive config permissions - possibly adware


    Launchd: /Library/LaunchAgents/com.ysoft.client.agent.plist

        Executable: /Applications/YSoft SafeQ Client.app/Contents/MacOS/YSoft SafeQ Client

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/JavaUpdater.app/Contents/MacOS/JavaUpdater -bgcheck

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/JavaUpdater.app/Contents/MacOS/JavaUpdater -bgcheck

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist

        Executable: /Applications/Tunnelblick.app/Contents/Resources/tunnelblickd

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchDaemons/com.ysoft.service.DHCPOption.plist

        Executable: /usr/libexec/cups/backend/sqport --dhcp-sync

        Details: Exact match found in the whitelist - probably OK


    Launchd: ~/Library/LaunchAgents/net.tunnelblick.tunnelblick.LaunchAtLogin.plist

        Executable: /Applications/Tunnelblick.app/Contents/Resources/launchAtLogin.sh

        Details: Exact match found in the whitelist - probably OK


32-bit Applications:

    10 32-bit apps


System Launch Agents:

    [Not Loaded] 16 Apple tasks

    [Loaded] 148 Apple tasks

    [Running] 134 Apple tasks

    [Other] One Apple task


System Launch Daemons:

    [Not Loaded] 38 Apple tasks

    [Loaded] 171 Apple tasks

    [Running] 125 Apple tasks

    [Other] One Apple task


Launch Agents:

    [Not Loaded] com.oracle.java.Java-Updater.plist (? a7e56f0b - installed 2018-09-01)

    [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2018-12-28)

    [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2018-10-26)

    [Loaded] com.ysoft.client.agent.plist (? 3f61a8bb - installed 2017-06-05)

    [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-12-28)






Reply
User profile for user: dominic23
dominic23
User level: Level 10
83,976 points

Jan 9, 2019 11:45 AM in response to petr113

petr 113 wrote:


In the profiles there is only my Eduroam profile for wifi authentication. Do you think there is possibility it can cause the mess?

I got rid of the Teams Microsoft thing and new report is attached
<report 2.log>

If Eduroam is a known configuration profile, we dont have to worry about it.

Is it easy to remove and reconfigure it?



  Use  the latest release of MalwareBytes for Mac to remove malware/adware. 


     Install guide:       https://support.malwarebytes.com/docs/DOC-1817

     Uninstall Guide:  https://support.malwarebytes.com/docs/DOC-1190


     The installer may ask you to allow it in Security & Privacy  /System Preference. Allow it.


     Click the “Scan Now” button. Do another scan. Let us see how it can help us here.



Reply
User profile for user: petr113
petr113 Author
User level: Level 1
8 points

Jan 9, 2019 4:19 AM in response to petr113

EtreCheck version: 5.1 (5020) Report generated: 2019-01-09 13:10:24 Download EtreCheck from https://etrecheck.com Runtime: 1:50 Performance: Excellent Sandbox: Enabled Full drive access: Disabled Problem: Other problem Description: Browser Hijacker TapuFind Major Issues: Anything that appears on this list needs immediate attention. No Time Machine backup - Time Machine backup not found. Unsigned files - There are unsigned software files installed that could be adware and should be reviewed. Minor Issues: These issues do not need immediate attention but they may indicate future problems. Configuration profiles present - This machine has configuration profiles. These are sometimes used by adware and malware. 32-bit Apps - This machine has 32-bits apps that may have problems in the future. Limited drive access - More information may be available with Full Drive Access. Hardware Information: MacBook Pro (13-inch, 2017, Two Thunderbolt 3 ports) MacBook Pro Model: MacBookPro14,1 1 2,3 GHz Intel Core i5 (i5-7360U) CPU: 2-core 16 RAM - Not upgradeable BANK 0/DIMM0 - 8 GB LPDDR3 2133 ok BANK 1/DIMM0 - 8 GB LPDDR3 2133 ok Battery: Health = Normal - Cycle count = 61 Video Information: Intel Iris Plus Graphics 640 - VRAM: 1536 MB Color LCD 2880 x 1800 Drives: disk0 - APPLE SSD AP0256J 251.00 GB (Solid State - TRIM: Yes) Internal PCI-Express 8.0 GT/s x4 NVM Express disk0s1 - EFI [EFI] 315 MB disk0s2 [APFS Container] 250.69 GB disk1 [APFS Virtual drive] 250.69 GB (Shared by 4 volumes) disk1s1 - Macintosh HD (APFS) (Shared - 124.58 GB used) disk1s2 - Preboot (APFS) [APFS Preboot] (Shared) disk1s3 - Recovery (APFS) [Recovery] (Shared - 517 MB used) disk1s4 - VM (APFS) [APFS VM] (Shared - 3.22 GB used) Mounted Volumes: disk1s1 - Macintosh HD 250.69 GB (122.18 GB free) APFS Mount point: / Encrypted disk1s3 - Recovery [Recovery] 250.69 GB (122.18 GB free) APFS Mount point: /Volumes/Recovery disk1s4 - VM [APFS VM] (Shared - 3.22 GB used) APFS Mount point: /private/var/vm Network: Interface en6: iPhone Interface en4: iPad Interface en0: Wi-Fi 802.11 a/b/g/n/ac Proxy Auto Discovery Interface en3: Bluetooth PAN Interface bridge0: Thunderbolt Bridge System Software: macOS Mojave 10.14.2 (18C54) Time since boot: About 20 days Configuration Files: /etc/hosts - Count: 4 Configuration Profiles: This computer has configuration profiles installed. Security: System Status Gatekeeper Enabled System Integrity Protection Enabled Unsigned Files: Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.microsoft.teams.TeamsUpdaterDaemon.plist Executable: /Applications/Microsoft Teams.app/Contents/TeamsUpdaterDaemon.xpc/Contents/MacOS/TeamsUpdaterDaemon Details: Restrictive config permissions - possibly adware Launchd: /Library/LaunchAgents/com.ysoft.client.agent.plist Executable: /Applications/YSoft SafeQ Client.app/Contents/MacOS/YSoft SafeQ Client Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/JavaUpdater.app/Contents/MacOS/JavaUpdater -bgcheck Details: Exact match found in the whitelist - probably OK Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/JavaUpdater.app/Contents/MacOS/JavaUpdater -bgcheck Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist Executable: /Applications/Tunnelblick.app/Contents/Resources/tunnelblickd Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.ysoft.service.DHCPOption.plist Executable: /usr/libexec/cups/backend/sqport --dhcp-sync Details: Exact match found in the whitelist - probably OK Launchd: ~/Library/LaunchAgents/net.tunnelblick.tunnelblick.LaunchAtLogin.plist Executable: /Applications/Tunnelblick.app/Contents/Resources/launchAtLogin.sh Details: Exact match found in the whitelist - probably OK 32-bit Applications: 10 32-bit apps System Launch Agents: [Not Loaded] 16 Apple tasks [Loaded] 148 Apple tasks [Running] 134 Apple tasks [Other] One Apple task System Launch Daemons: [Not Loaded] 38 Apple tasks [Loaded] 171 Apple tasks [Running] 125 Apple tasks [Other] One Apple task Launch Agents: [Not Loaded] com.oracle.java.Java-Updater.plist (? a7e56f0b - installed 2018-09-01) [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2018-12-28) [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2018-10-26) [Loaded] com.ysoft.client.agent.plist (? 3f61a8bb - installed 2017-06-05) [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-12-28) Launch Daemons: [Loaded] com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2018-10-26) [Loaded] com.microsoft.teams.TeamsUpdaterDaemon.plist (? 0 - installed 2018-10-26) [Loaded] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2018-12-28) [Running] com.ysoft.service.DHCPOption.plist (? 57db1f34 - installed 2017-06-05) [Loaded] net.tunnelblick.tunnelblick.tunnelblickd.plist (? 606fa614 - installed 2018-09-26) [Not Loaded] com.oracle.java.Helper-Tool.plist (? fa56dec8 - installed 2018-09-01) [Loaded] com.apple.installer.osmessagetracing.plist (Apple - installed 2018-11-30) [Loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2018-10-26) User Launch Agents: [Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-10-02) [Loaded] net.tunnelblick.tunnelblick.LaunchAtLogin.plist (? 0 - installed 2018-06-26) Internet Plug-ins: jdk: (installed 2018-09-01) QuickTime Plugin: 7.7.3 (installed 2018-12-20) JavaAppletPlugin: Java 10.0.2 build 13 (installed 2018-09-01) 3rd Party Preference Panes: Java (installed 2018-06-28) YSoft SafeQ Client (installed 2017-06-05) Time Machine: Time Machine Not Configured! Performance: System Load: 1.76 (1 min ago) 1.42 (5 min ago) 1.27 (15 min ago) Nominal I/O speed: 0.27 MB/s File system: 33.23 seconds Write speed: 1317 MB/s Read speed: 1999 MB/s CPU Usage: Type Overall System 14 % User 3 % Idle 84 % Top Processes by CPU: Process (count) CPU (Source - Location) Other processes 59.81 % (?) EtreCheck 4.89 % (App Store) Activity Monitor 0.07 % (Apple) Dock 0.07 % (Apple) sharingd 0.04 % (Apple) Top Processes by Memory: Process (count) RAM usage (Source - Location) com.apple.WebKit.WebContent (5) 584 MB (Apple) EtreCheck 578 MB (App Store) App Store 318 MB (Apple) Finder 252 MB (Apple) Safari 193 MB (Apple) Top Processes by Network Use: Process Input / Output (Source - Location) mDNSResponder 26 MB / 7 MB (Apple) com.apple.WebKit.Networking 7 MB / 231 KB (Apple) netbiosd 967 KB / 250 KB (Apple) Safari 111 KB / 8 KB (Apple) commerce 105 KB / 4 KB (Apple) Virtual Memory Information: Available RAM 8.02 GB Free RAM 3.35 GB Used RAM 7.98 GB Cached files 4.67 GB Swap Used 660 MB Software Installs (past 30 days): Install Date Name (Version) 2018-12-13 XProtectPlistConfigData (2101) 2018-12-13 MRTConfigData (1.38) 2018-12-17 NetBeans 8.2 2018-12-19 MAMP & MAMP PRO 5.2 2019-01-08 Disk Speed Test (3.2) 2019-01-09 EtreCheck (5.1) Diagnostics Information (past 7 days): Directory /Library/Logs/DiagnosticReports is not accessible without Full Drive Access. End of report

The whole report is here :)

Reply
User profile for user: petr113
petr113 Author
User level: Level 1
8 points

Jan 9, 2019 11:27 AM in response to dominic23

In the profiles there is only my Eduroam profile for wifi authentication. Do you think there is possibility it can cause the mess?


I got rid of the Teams Microsoft thing and new report is attached

EtreCheck version: 5.1 (5020) Report generated: 2019-01-09 18:59:22 Download EtreCheck from https://etrecheck.com Runtime: 1:52 Performance: Excellent Sandbox: Enabled Full drive access: Disabled Problem: No problem - just checking Major Issues: Anything that appears on this list needs immediate attention. No Time Machine backup - Time Machine backup not found. Minor Issues: These issues do not need immediate attention but they may indicate future problems. Configuration profiles present - This machine has configuration profiles. These are sometimes used by adware and malware. Clean up - There are orphan files that could be removed. Unsigned files - There are unsigned software files installed. They appear to be legitimate but should be reviewed. 32-bit Apps - This machine has 32-bits apps that may have problems in the future. Limited drive access - More information may be available with Full Drive Access. Hardware Information: MacBook Pro (13-inch, 2017, Two Thunderbolt 3 ports) MacBook Pro Model: MacBookPro14,1 1 2,3 GHz Intel Core i5 (i5-7360U) CPU: 2-core 16 RAM - Not upgradeable BANK 0/DIMM0 - 8 GB LPDDR3 2133 ok BANK 1/DIMM0 - 8 GB LPDDR3 2133 ok Battery: Health = Normal - Cycle count = 62 Video Information: Intel Iris Plus Graphics 640 - VRAM: 1536 MB Color LCD 2880 x 1800 Drives: disk0 - APPLE SSD AP0256J 251.00 GB (Solid State - TRIM: Yes) Internal PCI-Express 8.0 GT/s x4 NVM Express disk0s1 - EFI [EFI] 315 MB disk0s2 [APFS Container] 250.69 GB disk1 [APFS Virtual drive] 250.69 GB (Shared by 4 volumes) disk1s1 - Macintosh HD (APFS) (Shared - 124.35 GB used) disk1s2 - Preboot (APFS) [APFS Preboot] (Shared) disk1s3 - Recovery (APFS) [Recovery] (Shared) disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07 GB used) Mounted Volumes: disk1s1 - Macintosh HD 250.69 GB (124.56 GB free) APFS Mount point: / Encrypted disk1s4 - VM [APFS VM] (Shared - 1.07 GB used) APFS Mount point: /private/var/vm Network: Interface en6: iPhone Interface en4: iPad Interface en0: Wi-Fi 802.11 a/b/g/n/ac Proxy Auto Discovery Interface en3: Bluetooth PAN Interface bridge0: Thunderbolt Bridge System Software: macOS Mojave 10.14.2 (18C54) Time since boot: Less than an hour Configuration Files: /etc/hosts - Count: 4 Configuration Profiles: This computer has configuration profiles installed. Security: System Status Gatekeeper Enabled System Integrity Protection Enabled Unsigned Files: Launchd: /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist Executable: /Applications/Tunnelblick.app/Contents/Resources/tunnelblickd Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/JavaUpdater.app/Contents/MacOS/JavaUpdater -bgcheck Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.ysoft.service.DHCPOption.plist Executable: /usr/libexec/cups/backend/sqport --dhcp-sync Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool Details: Exact match found in the whitelist - probably OK Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/JavaUpdater.app/Contents/MacOS/JavaUpdater -bgcheck Details: Exact match found in the whitelist - probably OK Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool Details: Exact match found in the whitelist - probably OK 32-bit Applications: 10 32-bit apps System Launch Agents: [Not Loaded] 16 Apple tasks [Loaded] 171 Apple tasks [Running] 112 Apple tasks System Launch Daemons: [Not Loaded] 36 Apple tasks [Loaded] 188 Apple tasks [Running] 110 Apple tasks [Other] One Apple task Launch Agents: [Not Loaded] com.oracle.java.Java-Updater.plist (? a7e56f0b - installed 2018-09-01) [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2018-12-28) [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2018-10-26) [Other] com.ysoft.client.agent.plist (? 3f61a8bb - installed 2017-06-05) [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-12-28) Launch Daemons: [Loaded] com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2018-10-26) [Running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2018-12-28) [Running] com.ysoft.service.DHCPOption.plist (? 57db1f34 - installed 2017-06-05) [Loaded] net.tunnelblick.tunnelblick.tunnelblickd.plist (? 606fa614 - installed 2018-09-26) [Not Loaded] com.oracle.java.Helper-Tool.plist (? fa56dec8 - installed 2018-09-01) [Loaded] com.apple.installer.osmessagetracing.plist (Apple - installed 2018-11-30) [Loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2018-10-26) User Launch Agents: [Other] net.tunnelblick.tunnelblick.LaunchAtLogin.plist (? 0 - installed 2018-06-26) User Login Items: EOS Utility.app (? - installed 2016-12-27) (/Applications/Canon Utilities/EOS Utility/EOS Utility.app) Internet Plug-ins: jdk: (installed 2018-09-01) QuickTime Plugin: 7.7.3 (installed 2018-12-20) JavaAppletPlugin: Java 10.0.2 build 13 (installed 2018-09-01) 3rd Party Preference Panes: Java (installed 2018-06-28) YSoft SafeQ Client (installed 2017-06-05) Time Machine: Time Machine Not Configured! Performance: System Load: 1.05 (1 min ago) 1.17 (5 min ago) 1.21 (15 min ago) Nominal I/O speed: 1.45 MB/s File system: 30.63 seconds Write speed: 1178 MB/s Read speed: 2625 MB/s CPU Usage: Type Overall System 2 % User 2 % Idle 96 % Top Processes by CPU: Process (count) CPU (Source - Location) EtreCheck 7.16 % (App Store) Other processes 4.62 % (?) com.apple.WebKit.WebContent (8) 1.83 % (Apple) com.apple.WebKit.Networking 0.37 % (Apple) Safari 0.20 % (Apple) Top Processes by Memory: Process (count) RAM usage (Source - Location) com.apple.WebKit.WebContent (8) 966 MB (Apple) EtreCheck 532 MB (App Store) Safari 213 MB (Apple) photoanalysisd 131 MB (Apple) com.apple.WebKit.Networking 97 MB (Apple) Top Processes by Network Use: Process Input / Output (Source - Location) com.apple.WebKit.Networking 54 MB / 679 KB (Apple) mDNSResponder 237 KB / 77 KB (Apple) cloudd 103 KB / 18 KB (Apple) netbiosd 8 KB / 3 KB (Apple) apsd 4 KB / 8 KB (Apple) Virtual Memory Information: Available RAM 9.88 GB Free RAM 6.11 GB Used RAM 6.12 GB Cached files 3.78 GB Swap Used 0 B Software Installs (past 30 days): Install Date Name (Version) 2018-12-13 XProtectPlistConfigData (2101) 2018-12-13 MRTConfigData (1.38) 2018-12-17 NetBeans 8.2 2018-12-19 MAMP & MAMP PRO 5.2 2019-01-08 Disk Speed Test (3.2) 2019-01-09 EtreCheck (5.1) 2019-01-09 Gatekeeper Configuration Data (158) Clean up: ~/Library/LaunchAgents/net.tunnelblick.tunnelblick.LaunchAtLogin.plist /Applications/Tunnelblick.app/Contents/Resources/launchAtLogin.sh Executable not found /Library/LaunchAgents/com.ysoft.client.agent.plist /Applications/YSoft SafeQ Client.app/Contents/MacOS/YSoft SafeQ Client Executable not found Diagnostics Information (past 7 days): Directory /Library/Logs/DiagnosticReports is not accessible without Full Drive Access. End of report


Reply

How to get rid of TapuFind browser hijacker

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up