Excessive data use on my internet plan and troubleshooting question

Wow, that was super cool! Here's the high level insight from downloading and running EtreCheckPro.

Major Issues:

    Anything that appears on this list needs immediate attention.

    Automatic updates disabled

- Automatic updates are disabled. This computer is at risk of malware infection.

    Security updates disabled

- Security updates are disabled. This computer is at risk of malware infection.

    Heavy CPU usage - Some processes are using an unusually high amount of CPU.

    Apple security disabled - Apple security software is disabled. This computer is at risk of malware infection.

Minor Issues:

    These issues do not need immediate attention but they may indicate future problems or opportunities for

improvement.

    System extensions installed

- This computer has system extensions installed. System extensions can be difficult to uninstall.

    Heavy RAM usage - Apps are using a large amount of RAM.

    Apps with heavy CPU usage

- There have been numerous cases of apps with heavy CPU usage.

    Unsigned files - There are unsigned software files installed. These files could be old, incompatible, and cause problems. They should be reviewed.

    System modifications - There are a large number of system modifications running in the background.

    Runaway user process - A user process is using a large percentage of your CPU.

    Limited permissions - More information may be available with Full Disk Access.

    Sharing enabled - This computer has sharing services enabled that could be a security risk.

Hardware Information:

    iMac (Retina 5K, 27-inch, 2020)

        Status: Supported

    iMac Model: iMac20,2

    3.6 GHz 10-Core Intel Core i9 (i9-10910) CPU: 10-core

128 GB RAM - At maximum

Video Information:

    AMD Radeon Pro 5700 XT - VRAM: 16GB

iMac (built-in) 5120 x 2880

 (I'm omitting Drives section where my disk and partitions are explained in detail and my Security details. If this is useful information, please let me know which part is useful. I'm trying to be conservative about what info is made available for the world to see.)

System Launch Daemons:

    [Not Loaded] 39 Apple tasks

    [Loaded] 186 Apple tasks

    [Running] 170 Apple tasks

    [Other] 4 Apple tasks

System Launch Agents:

    [Not Loaded] 20 Apple tasks

    [Loaded] 212 Apple tasks

    [Running] 189 Apple tasks

(I'm omitting Launch Daemons, Launch Agents, User Launch Agents, User Login Items which we can go back to if needed.)

Applications:

    637 apps

    73 x86-only apps

    5 unsigned apps

Performance:

    System Load: 5.54 (1 min ago)

5.95 (5 min ago) 5.34 (15 min ago)

    Nominal I/O usage: 4.76 MB/s

    File system: 24.34 seconds

    Write speed: 2698 MB/s

    Read speed: 2542 MB/s

CPU Usage Snapshot:

    Type Overall

    System: 3 %

    User: 12 %

    Idle: 84 %

Top Processes Snapshot by CPU:

    Process (count) CPU (Source - Location)

    remindd 110.02 % (Apple)

    suggestd 49.08 % (Apple)

    coreduetd 31.02 % (Apple)

    WindowServer 15.72 % (Apple)

    EtreCheckPro 15.26 % (Etresoft, Inc.)

Top Processes Snapshot by Memory:

    Process (count) RAM usage (Source - Location)

    BDLDaemon 2.89 GB (Bitdefender SRL)

    EtreCheckPro 1.22 GB (Etresoft, Inc.

    MTLCompilerService (5) 895 MB (Apple)

    plugin-container (9) 574 MB (Mozilla Corporation)

    mds_stores 525 MB (Apple)

Top Processes Snapshot by Network Use:

    Process Input / Output (Source - Location)

    corespeechd 3 KB / 15 MB (Apple)

    exchangesyncd 343 KB / 565 KB (Apple)

    apsd 125 KB / 525 KB (Apple)

    mDNSResponder 117 KB / 100 KB (Apple)

    firefox 107 KB / 104 KB (Mozilla Corporation)

Top Processes Snapshot by Energy Use:

    Process (count) Energy(0-100) (Source - Location)

    remindd 45 (Apple)

    suggestd 21 (Apple)

    coreduetd 17 (Apple)

    corespotlightd 4 (Apple)

    biomed 4 (Apple)

Virtual Memory Information:

    Physical RAM: 128 GB

    Free RAM: 99.93 GB

    Used RAM: 16.25 GB

    Cached files: 11.81 GB

    Available RAM: 111.75 GB

    Swap Used: 0 B

Please let me know if any of what I've shared gives any clues. There's more info in the report than what I've included above but I'm really nervous about publishing in a general forum like this for all to see. I saved a copy onto my computer in a Word doc so I have the full report handy to go back to.

Thank you very much for your help! I'm reaching the end of my troubleshooting skills for problems like this at this point but I certainly don't mind putting in the time to learn and figure out what's happening.

Before I ran etrecheck this morning, I also did the following:

1. I disabled iCloud Apps using iCloud: Photos, iCloud Drive, iCloud Mail but left iCloud Passwords & Keychain ON. I'm now observing ZERO nsurlsessiond byte exchanges between my computer and the Apple Data Center, as expected. Yesterday, I had not changed these settings. I'm including yesterday's report from etrecheck.
2. I've disabled a few items that were being allowed to run in the background. (Adobe Creative Cloud, Dropbox, HP Diagnose & Fix, iWifi, Microsoft OneDrive, Zoom).
3. I removed one item from Open at Login: AirPort Utility.
4. I've re-enabled settings which addressed the Major findings from this report for things like SW/security updates.
5. I updated my iMac iOS to the latest macOS Sonoma 14.3.
6. I updated MS Outlook this morning.

Everything should be the latest app updates as of the time I re-ran etrecheck this morning. Hope this is helpful info to have. Thanks again!

Hi steve626,

While in activity monitor and while reviewing the article in the link which you've provided, I noticed remindd showed up in my activity monitor as taking greater than 100% CPU (something like 125%) so I killed it and it hasn't come back after about 10 minutes so far. I'd found a few Apple Community posts from others dating 2 years ago, where experts advised killing the process so that's what I did. I noticed CPU Load dropped significantly. My line is showing very low use which is what I'd expect given that I only have a couple text-only web pages open and no video streaming. I've got Weatherbug app running but User % is still teetering around 1%.

I finished a video call a few minutes ago through MS Teams. I was on the call for less than an hour and my total data usage on the internet was around 2GB which also included everything else I've done on the computer for 2.5 hours. That's around what I'd expect for a normally functioning computer. I think something was going on with my iCloud account and possibly related to the enormous Photo gallery I have. I've got approximately 42K photos and just under 2K videos. I might just have to consolidate everything on my Mac, wipe everything out in the cloud, then re-load the cloud during next month's internet data cycle and monitor internet traffic afterwards to see if the problem re-appears.

For now, I'm going to keep iCloud turned OFF on this computer since it seems I may be onto something...

Hi Old Toad,

I've been online this morning for a couple hours and cleaning up my Mac. I've uninstalled a few more apps using the uninstall programs in some cases, or deleting the app from the App folder in other cases.

I've also done a little more digging into a non responsive process having to do with Family. There were 2 processes. One was red and the other was black. The red one, I was able to trace the folder structure to a non-existent structure that may have always existed since I migrated data to this machine. Not sure. In any case, I've removed a bunch of erroneous folders which had duplicate data in them from earlier iCloud Doc sync attempts that I didn't know were there. Since I did all my clean-up, it seems much of the problem I was having, if not all, are gone (knock on wood).

CPU percentage for me at the moment is around 0.5% to 2% as my machine is doing its thing.

I decided to pay for the etrecheck app and run the report a couple more times. I've done further clean-up and looks like I'm to the point where if I muck with anything else, I could end up doing something unintentional and creating problems.

I'll bolo for any further crashes and will note what I was doing. Will also continue monitoring data utilization of my internet plan. For now, it seems like all the hints on things to look at in combination with Wireshark and etrecheck were able to address the high data streaming which I'll chalk up to either a rogue app that I've since removed or iCloud sync of my massive photo collection. Since I have everything stored in the cloud and I needed to do photo organization anyway, I'll keep iPhotos sync turned OFF for now. Everything else seems to be working just fine.

THANK YOU Old Toad, Tesserax, and steve626 for helping me out and for all that you do to help people like me. The app was very helpful along with Activity Monitor and a few links I received on things to look for. I appreciate everyone who contributed.

Final etrecheck report post-purchase, also attached.

The original problem was fixed when I uninstalled Adobe photo processing apps and also stopped iCloud from syncing photos. Since then, I've re-enabled iCloud Drive but I've kept iCloud Photos turned off because I'm not sure if the Photos sync or if the Adobe app were misbehaving.

In any case, I'm glad the massive data consumption issue seems to be addressed with this band-aid of stopping these apps but I'd really like to get them back. I don't need either for the time being.

I didn't go so far as to contact Apple. I was going to today but after monitoring data consumption all day, I've only consumed 12GB whereas a week ago, I would have been around 40GB in a 12 hour stretch during the day. I'm very happy at the moment, to have at least stopped the massive data consumption that was happening while we weren't using our devices.

I think this thread can be closed now. Thanks!

Hi and thanks for responding!

To answer your question about iCloud, yes, I am using iCloud but that's not changed for any of my devices since I've owned Apple products. I have all choices selected for backup except for my folder contents on that computer. For my MacBook Pro, I've got all documents sync'd because I don't have many docs on this device. My main computer is the iMac. I think I have maybe 50-100 documents in total, that I keep in the cloud from my MacBook Pro but I move those from the MacBook, to the cloud first, then I remove them from the cloud and put them on the iMac when I'm done with whatever it is I was doing. The size of these files is miniscule.

I've checked the settings on every app for every device connected but forgot to mention that, but what made me think it's not the streaming apps is that one night a few days ago, my house consumed 10GB of data while we were sleeping. That didn't make sense, how could there be that much traffic on the internet while we were sleeping! We were very careful to exit apps on AppleTV after we were done streaming for the night (not logging out, but exiting to the main screen) and closed all apps on our phones before we've been going to bed.

I have an encrypted SSD plugged into each coputer via the USB-C port of each of those devices so I have a physical backup. Since that's all within my home network, I wouldn't expect there to be any traffic coming to my iMac from the Apple data server. I used to use Dropbox but really don't any more. I do have Microsoft OneNote with cloud connectivity but I've been using that for a long time, too (several years) without any issues.

Since the IP address from the Data Center was communicating only with my iMac, I shut off my iMac for the night and checked data consumption over the past hour. It's only 1GB in an hour versus what I was seeing when I was on that particular computer. I've left everything else alone.

I haven't heard the issues about Antivirus and VPN but I'll have a look at what you're saying, then will weigh the pros and cons. I've been very happy with the brand I chose. Tech support has been great and there have been malware intercepted before anything bad has happened. VPN isn't something I use often. I find that it causes web connectivity to be problematic with some sites, but the Antivirus app I've been using for almost 4 years has been nearly flawless. I'd hate to think that they're harvesting data and selling it but I will have a closer look. Thanks for the warning.

Something changed in January and I've got to get to the bottom of it. I have 10 days remaining and only 200GB before I hit the 1.2TB cap and risk penalties.

I'll post an update tomorrow with the data consumption. When I checked previously, I was seeing anywhere from 7GB to 10GB consumption over night. Our daily use is around 50GB per day and a vast majority of the day, I'm not streaming movies or TV shows and I'm only reading web contents. I have no gaming consoles connected in my house either. It's completely baffling.

I believe I've narrowed the issue to my iMAC of the 10 or so Apple devices on my home network.

There seems to be something going on with a rogue process called nsurlsessiond which I'm now in the process of figuring out how to address. I started a new thread on that topic. I don't expect this one to go much further but I would like to come back and make an update if indeed, addressing that process fixes my excessive data usage issue.

In addition to the above uninstalled apps, this morning, I uninstalled a few other apps that I've decided also need to go in order to figure out why I keep seeing a CPU process that's running > 100% (remindd). The other process nsurlsessiond is no longer showing up as an issue in Activity Monitor. Steps I've taken along the way seems to have gotten rid of that issue. Out of curiosity, I want to see if I can induce the issue by re-installing bitdefender suite and keep an eye on data streams as well as CPU performance.

I've uninstalled Adobe's Photoshop suite along with an authenticity checker app of theirs and an empty Adobe folder.

I've uninstalled Angry IP Scanner.

I've uninstalled Duplicate File Finder.

Then I re-ran EtreCheck. I'm still getting a diagnostics warning for a Major issue having to do with Kernel panics and will keep an eye on what I'm working on when this happens. The last time it happened was 3 days ago. When I can locate a wired keyboard and mouse, I'll reboot and go into the special menus available to run RAM tests. I have 128GB RAM and would like to verify that RAM is ok.