Anon4876

Q: How to remove Adware?

Recently i've downloaded something and now I have all this adware on safari. Pop up ads and Certain words are highlited that when clicked go to ads for surveys and stuff etc. I've tried everything but i cant get rid of the highlighted text. Does anyone know how to fix this?

MacBook Pro

Posted on Mar 5, 2014 2:06 AM

Close

Q: How to remove Adware?

  • All replies
  • Helpful answers

first Previous Page 13 of 14 last Next
  • by ~Bee,

    ~Bee ~Bee Sep 18, 2015 7:38 AM in response to ransomhskr
    Level 7 (31,777 points)
    Mac OS X
    Sep 18, 2015 7:38 AM in response to ransomhskr

    so I downloaded the dedicated program Malwarebytes...ran it once, and voila goneno


    Excellent!

    Thanks for reporting your great results with MalwareBytes, as well!

  • by pinkstones,

    pinkstones pinkstones Sep 18, 2015 8:44 AM in response to ransomhskr
    Level 5 (4,209 points)
    Safari
    Sep 18, 2015 8:44 AM in response to ransomhskr

    I hope you uninstalled those anti-virus programs afterward, because as you discovered, they're useless.

  • by ~Bee,

    ~Bee ~Bee Sep 18, 2015 10:28 AM in response to pinkstones
    Level 7 (31,777 points)
    Mac OS X
    Sep 18, 2015 10:28 AM in response to pinkstones

    +1

  • by flyingfurball,

    flyingfurball flyingfurball Sep 29, 2015 9:40 PM in response to Linc Davis
    Level 1 (0 points)
    Sep 29, 2015 9:40 PM in response to Linc Davis

    Boot Mode: Normal

     

     

    Model: MacBookAir6,2

     

     

    Battery cycles: 358

     

     

    System load advisory

     

     

       combined level = Bad

       - user level = OK

       - battery level = Bad

       - thermal level = Great

     

     

    System diagnostics

     

     

       2015-09-12 deleted crash

       2015-09-21 com.apple.WebKit.WebContent spin

       2015-09-21 deleted crash

       2015-09-27 Finder hang

       2015-09-27 Finder spin

       2015-09-27 Finder spin

       2015-09-27 Scrivener spin

       2015-09-27 Scrivener spin

       2015-09-27 Scrivener spin

       2015-09-29 WindowServer crash

     

     

    User diagnostics

     

     

       2015-09-09 Google Chrome crash

       2015-09-13 Finder crash

       2015-09-19 EvernoteHelper crash

       2015-09-19 callservicesd crash

       2015-09-21 EvernoteHelper crash

       2015-09-21 diskimages-helper crash

     

     

    Kernel messages

     

     

       Sep 27 21:46:06   Over-release of kernel-internal importance assertions for pid 280 (sharingd), dropping 1 assertion(s) but task only has 33 remaining (33 external).

       Sep 27 22:50:55   wl0: Roamed or switched channel, reason #4, bssid f0:99:bf:05:0b:06, last RSSI -56

       Sep 27 22:56:08   wl0: Roamed or switched channel, reason #1, bssid 00:1c:b3:af:07:65, last RSSI -77

       Sep 28 08:46:08   wl0: Roamed or switched channel, reason #1, bssid f0:99:bf:05:0b:06, last RSSI -76

       Sep 28 11:11:02   wl0: Roamed or switched channel, reason #8, bssid f0:99:bf:05:0b:07, last RSSI -22

       Sep 28 11:44:32   wl0: Roamed or switched channel, reason #1, bssid f0:99:bf:05:0b:06, last RSSI -82

       Sep 28 14:30:25   wl0: Roamed or switched channel, reason #8, bssid 00:1c:b3:af:07:65, last RSSI -57

       Sep 28 16:47:35   wl0: Roamed or switched channel, reason #4, bssid f0:99:bf:05:0b:06, last RSSI -71

       Sep 28 17:11:55   process Google Chrome[18389] thread 1034192 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Sep 28 17:52:55   Over-release of kernel-internal importance assertions for pid 45 (syslogd), dropping 1 assertion(s) but task only has 0 remaining (0 external).

       Sep 28 17:53:18   wl0: Roamed or switched channel, reason #8, bssid 00:1c:b3:af:07:65, last RSSI -67

       Sep 28 22:39:02   wl0: Roamed or switched channel, reason #8, bssid f0:99:bf:05:0b:07, last RSSI -56

       Sep 28 22:59:14   wl0: Roamed or switched channel, reason #1, bssid 00:1c:b3:af:07:65, last RSSI -76

       Sep 29 09:24:06   wl0: Roamed or switched channel, reason #8, bssid f0:99:bf:05:0b:07, last RSSI -32

       Sep 29 10:14:32   process Google Chrome[19849] thread 1147939 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Sep 29 12:23:06   wl0: Roamed or switched channel, reason #1, bssid 00:1c:b3:af:07:65, last RSSI -80

       Sep 29 12:23:12   wl0: Roamed or switched channel, reason #1, bssid f0:99:bf:05:0b:06, last RSSI -76

       Sep 29 12:25:46   wl0: Roamed or switched channel, reason #1, bssid 00:1c:b3:af:07:65, last RSSI -77

       Sep 29 12:37:05   wl0: Roamed or switched channel, reason #1, bssid f0:99:bf:05:0b:06, last RSSI -76

       Sep 29 12:54:17   wl0: Roamed or switched channel, reason #8, bssid f0:99:bf:05:0b:07, last RSSI -27

       Sep 29 13:32:06   process Scrivener[25712] thread 1424990 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Sep 29 18:42:41   wl0: Roamed or switched channel, reason #1, bssid 00:1c:b3:af:07:65, last RSSI -77

       Sep 29 19:04:51   Over-release of kernel-internal importance assertions for pid 25723 (Dock), dropping 165 assertion(s) but task only has 164 remaining (0 external).

       Sep 29 19:10:14   process Google Chrome[25710] thread 1424983 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Sep 29 20:22:48   wl0: Roamed or switched channel, reason #8, bssid f0:99:bf:05:0b:07, last RSSI -55

     

     

    Pageouts (MiB): 8127

     

     

    Total CPU usage: user 13%, system 7%

     

     

    CPU usage by process "Google Chrome He" with UID 501: 11.2%

     

     

    Loaded extrinsic kernel extensions

     

     

       at.obdev.nke.LittleSnitch (4246)

     

     

    Extrinsic daemons

     

     

       com.lacie.RaidService

       at.obdev.littlesnitchd

       com.cocoatech.pathfinder.SMFHelper7

       com.microsoft.office.licensing.helper

       com.google.keystone.daemon

       com.lacie.WebService

       com.adobe.fpsaud

     

     

    Extrinsic agents

     

     

       N4RA379GBW.com.busymac.busycal2.alarm

       2BUA8C4S2C.com.agilebits.onepassword4-helper

       com.adobe.ARM.UUID

       com.google.keystone.system.agent

       at.obdev.LittleSnitchUIAgent

       com.valvesoftware.steamclean

       com.fiplab.MemoryCleanHelper

       com.spotify.webhelper

       com.digitalrebellion.PreferenceManagerAutoSave

     

     

    launchd items

     

     

       /Library/LaunchAgents/at.obdev.LittleSnitchUIAgent.plist

        (at.obdev.LittleSnitchUIAgent)

       /Library/LaunchAgents/com.google.keystone.agent.plist

        (com.google.keystone.system.agent)

       /Library/LaunchDaemons/at.obdev.littlesnitchd.plist

        (at.obdev.littlesnitchd)

       /Library/LaunchDaemons/com.adobe.fpsaud.plist

        (com.adobe.fpsaud)

       /Library/LaunchDaemons/com.cocoatech.pathfinder.SMFHelper7.plist

        (com.cocoatech.pathfinder.SMFHelper7)

       /Library/LaunchDaemons/com.google.keystone.daemon.plist

        (com.google.keystone.daemon)

       /Library/LaunchDaemons/com.lacie.RaidService.plist

        (com.lacie.RaidService)

       /Library/LaunchDaemons/com.lacie.WebService.plist

        (com.lacie.WebService)

       /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist

        (com.microsoft.office.licensing.helper)

       Library/LaunchAgents/com.adobe.ARM.UUID.plist

        (com.adobe.ARM.UUID)

       Library/LaunchAgents/com.digitalrebellion.PreferenceManagerAutoSave.plist

        (com.digitalrebellion.PreferenceManagerAutoSave)

       Library/LaunchAgents/com.spotify.webhelper.plist

        (com.spotify.webhelper)

       Library/LaunchAgents/com.valvesoftware.steamclean.plist

        (com.valvesoftware.steamclean)

     

     

    Extrinsic loadable bundles

     

     

       /System/Library/Extensions/GoodSysAudioCapture.kext

        (com.digiarty.driver.goodSysAudioCapture)

       /System/Library/Extensions/JMicronATA.kext

        (com.jmicron.JMicronATA)

       /Library/Extensions/DUB-13X2.kext

        (com.dlink.driver.DUB-13X2)

       /Library/Extensions/LaCieMvumi.kext

        (com.lacie.driver.mvumi)

       /Library/Extensions/LittleSnitch.kext

        (at.obdev.nke.LittleSnitch)

       /Library/Extensions/tap.kext

        (foo.tap)

       /Library/Extensions/tun.kext

        (foo.tun)

       /Library/Internet Plug-Ins/AdobePDFViewer.plugin

        (com.adobe.acrobat.pdfviewer)

       /Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin

        (com.adobe.acrobat.pdfviewerNPAPI)

       /Library/Internet Plug-Ins/Flash Player.plugin

        (com.macromedia.Flash Player.plugin)

       /Library/Internet Plug-Ins/JavaAppletPlugin.plugin

        (com.apple.java.JavaAppletPlugin)

       /Library/Internet Plug-Ins/NP_2020Player_IKEA.plugin

        (com.2020technologies.2020Player-IKEA.NP)

       /Library/Internet Plug-Ins/NP_2020Player_WEB.plugin

        (com.2020technologies.2020Player-WEB.NP)

       /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin

        (com.microsoft.sharepoint.browserplugin)

       /Library/Internet Plug-Ins/SharePointWebKitPlugin.webplugin

        (com.microsoft.sharepoint.webkitplugin)

       /Library/Internet Plug-Ins/Silverlight.plugin

        (com.microsoft.SilverlightPlugin)

       /Library/Internet Plug-Ins/Unity Web Player.plugin

        (com.unity.UnityWebPlayer)

       /Library/PreferencePanes/Flash Player.prefPane

        (com.adobe.flashplayerpreferences)

       /Library/QuickTime/AvidAV1xCodec.component

        (com.avid.qtcodecs.AvidAV1xCodec)

       /Library/QuickTime/AvidAVd1Codec.component

        (com.avid.qtcodecs.AvidAVd1Codec)

       /Library/QuickTime/AvidAVDJCodec.component

        (com.avid.qtcodecs.AvidAVDJCodec)

       /Library/QuickTime/AvidAVdnCodec.component

        (com.avid.qtcodecs.AvidAVdnCodec)

       /Library/QuickTime/AvidAVdvCodec.component

        (com.avid.qtcodecs.AvidAVdvCodec)

       /Library/QuickTime/AvidAVj2Codec.component

        (com.avid.qtcodecs.AvidAVj2Codec)

       /Library/QuickTime/AvidAVpkCodec.component

        (com.avid.qtcodecs.AvidAVpkCodec)

       /Library/QuickTime/AvidAVrpCodec.component

        (com.avid.qtcodecs.AvidAVrpCodec)

       /Library/QuickTime/AvidAVUICodec.component

        (com.avid.qtcodecs.AvidAVUICodec)

       Library/Address Book Plug-Ins/SkypeABDialer.bundle

        (com.skype.skypeabdialer)

       Library/Address Book Plug-Ins/SkypeABSMS.bundle

        (com.skype.skypeabsms)

       Library/Internet Plug-Ins/Aspera Web 3.6.0.106805.plugin

        (com.aspera.AsperaWeb)

       Library/Internet Plug-Ins/Google Earth Web Plug-in.plugin

        (com.Google.GoogleEarthPlugin.plugin)

     

     

    Extrinsic shared libraries

     

     

       /usr/lib/libeventshare.dylib

       /usr/lib/libmv_api.dylib

     

     

    DNS (not

    not

    not from DHCP): 208.67.222.222

     

     

    hosts

     

     

       97.74.215.83    www.softcns.com

       74.125.136.113    translate.google.com

       173.192.188.99    www.macxdvd.com

       173.192.188.99    macxdvd.com

       128.30.52.37    www.w3.org

       174.133.162.140    www.filecluster.com

       75.126.146.18    www.winxdvd.com

     

     

    User login items

     

     

       iTunesHelper.app

       Dropbox.app

       Google Chrome.app

       Spotify.app

       EvernoteHelper.app

       Things Helper.app

     

     

    Safari extensions

     

     

       Searchme

       DuckDuckGo

     

     

    Restricted user files: 633

     

     

    Elapsed time (s): 230

  • by lbowser490,

    lbowser490 lbowser490 Oct 9, 2015 7:56 PM in response to Linc Davis
    Level 1 (0 points)
    Oct 9, 2015 7:56 PM in response to Linc Davis

    I know this thread is from a while ago but I can't seem to delete the files that were flagged after scanning my computer because they were always in use somehow, even after I closed every open application using force quit and restarted finder. I was hoping this would get me some results.

     

     

     

     

    Boot Mode: Normal

     

     

    Model: MacBookPro9,2

     

     

    System diagnostics

     

     

       2015-10-07 configd crash

     

     

    User diagnostics

     

     

       2015-10-09 mac-os-x-installer crash

     

     

    Kernel messages

     

     

       Oct 5 13:22:49   wl0: Roamed or switched channel, reason #8, bssid 6c:f3:7f:4e:9a:30, last RSSI -55

       Oct 5 16:47:30   wl0: Roamed or switched channel, reason #8, bssid 24:de:c6:13:8d:70, last RSSI -60

       Oct 5 21:36:18   Over-release of kernel-internal importance assertions for pid 219 (cfprefsd), dropping 1 assertion(s) but task only has 0 remaining (0 external).

       Oct 7 10:50:17   wl0: Roamed or switched channel, reason #4, bssid 6c:f3:7f:bd:b2:53, last RSSI -82

       Oct 7 14:18:50   wl0: Roamed or switched channel, reason #8, bssid 9c:1c:12:a5:f1:75, last RSSI -51

       Oct 8 13:28:40   wl0: Roamed or switched channel, reason #8, bssid 6c:f3:7f:4e:94:30, last RSSI -55

       Oct 8 16:15:44   Over-release of kernel-internal importance assertions for pid 120 (cfprefsd), dropping 1 assertion(s) but task only has 0 remaining (0 external).

       Oct 8 16:15:56   wl0: Roamed or switched channel, reason #1, bssid 6c:f3:7f:bd:b2:53, last RSSI -81

       Oct 9 18:56:01   Previous shutdown cause: -60

       Oct 9 18:59:43   Sound assertion in AppleHDAFunctionGroup at line 1058

       Oct 9 21:36:44   Over-release of kernel-internal importance assertions for pid 247 (Dock), dropping 1 assertion(s) but task only has 1 remaining (1 external).

     

     

    Extrinsic daemons

     

     

       com.adobe.ARMDC.Communicator

       com.microsoft.office.licensing.helper

       com.ea.origin.ESHelper

       com.adobe.fpsaud

       com.adobe.ARMDC.SMJobBlessHelper

     

     

    Extrinsic agents

     

     

       com.WebTools.oiuqw343sQ9a

       com.mackeeper.MacKeeper.service.clean

       com.adobe.ARMDCHelper.UUID

       com.WebTools.oiuqw343sQ9a.helpd

       com.spotify.webhelper

       com.google.keystone.user.agent

       com.spigot.ApplicationManager

     

     

    launchd items

     

     

       /Library/LaunchAgents/com.adobe.ARMDCHelper.UUID.plist

        (com.adobe.ARMDCHelper.UUID)

       /Library/LaunchAgents/com.WebTools.oiuqw343sQ9a.helpd.plist

        (com.WebTools.oiuqw343sQ9a.helpd)

       /Library/LaunchAgents/com.WebTools.oiuqw343sQ9a.plist

        (com.WebTools.oiuqw343sQ9a)

       /Library/LaunchDaemons/com.adobe.ARMDC.Communicator.plist

        (com.adobe.ARMDC.Communicator)

       /Library/LaunchDaemons/com.adobe.ARMDC.SMJobBlessHelper.plist

        (com.adobe.ARMDC.SMJobBlessHelper)

       /Library/LaunchDaemons/com.adobe.fpsaud.plist

        (com.adobe.fpsaud)

       /Library/LaunchDaemons/com.ea.origin.ESHelper.plist

        (com.ea.origin.ESHelper)

       /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist

        (com.microsoft.office.licensing.helper)

       Library/LaunchAgents/com.bittorrent.uTorrent.plist

        (com.bittorrent.uTorrent)

       Library/LaunchAgents/com.google.keystone.agent.plist

        (com.google.keystone.user.agent)

       Library/LaunchAgents/com.spigot.ApplicationManager.plist

        (com.spigot.ApplicationManager)

       Library/LaunchAgents/com.spotify.webhelper.plist

        (com.spotify.webhelper)

       Library/LaunchAgents/com.WebTools.oiuqw343sQ9a.helpd.plist

        (com.WebTools.oiuqw343sQ9a.helpd)

       Library/LaunchAgents/com.WebTools.oiuqw343sQ9a.plist

        (com.WebTools.oiuqw343sQ9a)

     

     

    Extrinsic loadable bundles

     

     

       /Library/Internet Plug-Ins/AdobePDFViewer.plugin

        (com.adobe.acrobat.pdfviewer)

       /Library/Internet Plug-Ins/AdobePDFViewerNPAPI.plugin

        (com.adobe.acrobat.pdfviewerNPAPI)

       /Library/Internet Plug-Ins/Flash Player.plugin

        (com.macromedia.Flash Player.plugin)

       /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin

        (com.microsoft.sharepoint.browserplugin)

       /Library/Internet Plug-Ins/SharePointWebKitPlugin.webplugin

        (com.microsoft.sharepoint.webkitplugin)

       /Library/PreferencePanes/Flash Player.prefPane

        (com.adobe.flashplayerpreferences)

     

     

    Profiles: 1

     

     

    User login items

     

     

       iTunesHelper

       Spotify

     

     

    Restricted user files: 51

     

     

    Elapsed time (s): 167

  • by ~Bee,

    ~Bee ~Bee Oct 9, 2015 9:20 PM in response to flyingfurball
    Level 7 (31,777 points)
    Mac OS X
    Oct 9, 2015 9:20 PM in response to flyingfurball

    Flying Furball:

     

    I'm not Linc, but this caught my eye, as just another Mac user who's helped out here for a few years:

     

    combined level = Bad

       - user level = OK

       - battery level = Bad

       - thermal level = Great

     

    Also these (aka Junk):

    com.valvesoftware.steamclean

    com.fiplab.MemoryCleanHelper

     

    So do your homework on battery level, and the two "cleaning" apps, and delete or uninstall.

    Linc may come back with more advice.

  • by ~Bee,

    ~Bee ~Bee Oct 9, 2015 9:27 PM in response to lbowser490
    Level 7 (31,777 points)
    Mac OS X
    Oct 9, 2015 9:27 PM in response to lbowser490

    bowser --

     

    Linc hasn't come back here lately, but right off the bat, you've got two big problems:

    MacKeeper

    bitTorrents

     

    As long as you're using Torrents, you might as well plan on having tons of problems.

    By using that, you've opened up your Mac to anyone and anything.  Not good.

    Linc has advice in one of the earlier posts in this thread about getting rid of MacKeeper.  Torrents is up to you.

  • by JelenaYu,

    JelenaYu JelenaYu Jan 20, 2016 10:01 AM in response to Linc Davis
    Level 1 (0 points)
    Jan 20, 2016 10:01 AM in response to Linc Davis

    Boot Mode: Normal

     

     

    Model: MacBookAir7,2

     

     

    System diagnostics

     

     

       2016-01-20 com.purevpn.macapp crash

       2016-01-20 com.purevpn.macapp crash

       2016-01-20 com.purevpn.macapp crash

       2016-01-20 com.purevpn.macapp crash

       2016-01-20 com.purevpn.macapp crash

     

     

    User diagnostics

     

     

       2016-01-20 PureVPN crash

       2016-01-20 storeassetd crash

       2016-01-21 Activity Monitor crash

       2016-01-21 SystemUIServer crash

     

     

    Kernel messages

     

     

       Jan 20 09:39:44   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-82.10.1/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       Jan 20 09:39:50   [IGPU] Scheduler Throttle Cap = 100ms.

       Jan 20 16:21:06   Over-release of kernel-internal importance assertions for pid 701 (storeassetd), dropping 1 assertion(s) but task only has 59 remaining (59 external).

       Jan 20 23:11:01   hfs: mounted PopcornTime on device disk2s2

       Jan 20 23:18:50   hfs: unmount initiated on PopcornTime on device disk2s2

       Jan 20 23:38:36   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-82.10.1/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       Jan 20 23:38:37   [IGPU] Scheduler Throttle Cap = 100ms.

       Jan 21 00:30:33   Process launchd [1] disabling system-wide I/O Throttling

       Jan 21 00:30:33   Process launchd [1] disabling system-wide CPU Throttling

       Jan 21 00:30:48   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-82.10.1/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       Jan 21 00:30:49   [IGPU] Scheduler Throttle Cap = 100ms.

       Jan 21 01:15:31   Process launchd [1] disabling system-wide I/O Throttling

       Jan 21 01:15:31   Process launchd [1] disabling system-wide CPU Throttling

       Jan 21 01:15:45   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-82.10.1/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       Jan 21 01:15:46   [IGPU] Scheduler Throttle Cap = 100ms.

     

     

    Extrinsic daemons

     

     

       com.purevpn.macapp

       com.adobe.fpsaud

     

     

    Extrinsic agents

     

     

       com.ShopTool.agent

       com.SoftwareUpdater.agent

       com.google.keystone.user.agent

     

     

    launchd items

     

     

       /Library/LaunchAgents/com.ShopTool.agent.plist

        (com.ShopTool.agent)

       /Library/LaunchAgents/com.SoftwareUpdater.agent.plist

        (com.SoftwareUpdater.agent)

       /Library/LaunchDaemons/com.adobe.fpsaud.plist

        (com.adobe.fpsaud)

       /Library/LaunchDaemons/com.purevpn.macapp.plist

        (com.purevpn.macapp)

       Library/LaunchAgents/com.google.keystone.agent.plist

        (com.google.keystone.user.agent)

       Library/LaunchAgents/com.ShopTool.agent.plist

        (com.ShopTool.agent)

       Library/LaunchAgents/com.SoftwareUpdater.agent.plist

        (com.SoftwareUpdater.agent)

     

     

    Extrinsic loadable bundles

     

     

       /Library/Internet Plug-Ins/Flash Player.plugin

        (com.macromedia.Flash Player.plugin)

       /Library/PreferencePanes/Flash Player.prefPane

        (com.adobe.flashplayerpreferences)

     

     

    Proxies

     

     

       ProxyAutoConfigEnable : 0

       ProxyAutoDiscoveryEnable : 0

     

     

    DNS (not

    not from DHCP): 8.8.8.8

     

     

    Profiles: 1

     

     

    Restricted user files: 6

     

     

    Elapsed time (s): 92

     

     

    These are my results, please help

  • by NABerman123,

    NABerman123 NABerman123 Mar 7, 2016 9:14 AM in response to Anon4876
    Level 1 (0 points)
    Mar 7, 2016 9:14 AM in response to Anon4876

    Boot Mode: Normal

     

    Model: MacBookPro11,1

     

    System diagnostics

     

       2016-02-15 antiunionist crash

       2016-02-26 atelocardia crash

       2016-02-26 atelocardia crash

       2016-02-26 atelocardia crash

       2016-03-01 atelocardia crash

       2016-03-01 atelocardia crash

       2016-03-01 atelocardia crash

       2016-03-01 atelocardia crash

       2016-03-03 atelocardia crash

       2016-03-03 atelocardia crash

     

    User diagnostics

     

       2016-03-01 Chess crash

       2016-03-01 plugin-container crash

       2016-03-06 AppYM crash

       2016-03-06 AppYM crash

       2016-03-06 iTunes crash

       2016-03-07 AppYM crash

       2016-03-07 AppYM crash

       2016-03-07 AppYM crash

       2016-03-07 AppYM crash

       2016-03-07 AppYM crash

     

    Kernel messages

     

       Mar 1 12:14:42   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.20.2/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       Mar 1 13:29:18   process firefox[546] thread 24260 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Mar 1 14:06:02   process firefox[613] thread 31783 caught burning CPU! It used more than 50% CPU (Actual recent usage: 58%) over 180 seconds. thread lifetime cpu usage 272.975641 seconds, (261.267493 user, 11.708148 system) ledger info: balance: 90001467263 credit: 272162649008 debit: 182161181745 limit: 90000000000 (50%) period: 180000000000 time since last refill (ns): 154494082667

       Mar 1 15:20:57   process firefox[704] thread 63100 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Mar 1 18:22:36   process firefox[917] thread 114136 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Mar 1 19:57:38   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.20.2/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       Mar 1 21:07:37   process firefox[436] thread 3631 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Mar 2 20:31:47   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.20.2/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       --- last message repeated 1 time ---

       Mar 3 21:56:12   process firefox[489] thread 4696 caught burning CPU! It used more than 50% CPU (Actual recent usage: 58%) over 180 seconds. thread lifetime cpu usage 796.244136 seconds, (752.577014 user, 43.667122 system) ledger info: balance: 90004967646 credit: 793837041839 debit: 703832074193 limit: 90000000000 (50%) period: 180000000000 time since last refill (ns): 154029133129

       Mar 4 14:13:48   ARPT: 13390.837613: wl0: Roamed or switched channel, reason #2, bssid 18:1b:eb:15:25:56, last RSSI -77

       Mar 4 15:12:51   Process launchd [1] disabling system-wide I/O Throttling

       Mar 4 15:12:51   Process launchd [1] disabling system-wide CPU Throttling

       Mar 4 17:15:06   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.20.2/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       Mar 5 19:09:05   process firefox[620] thread 13479 caught burning CPU!; EXC_RESOURCE supressed due to audio playback

       Mar 5 19:44:12   004641.866415 HS05@14400000: AppleUSB20XHCIPort::resume: timeout waiting for U0

       Mar 6 21:45:18   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.20.2/AppleCredentialManager/AppleCredentialManager.cpp, line: 765

       --- last message repeated 1 time ---

     

    Extrinsic daemons

     

       com.reimage.cleaner

       com.period.searchprotectd

       com.pref.net-preferences

       com.microsoft.office.licensing.helper

       com.oracle.java.Helper-Tool

       com.cammask.videodevice.daemon

       com.5e275556e95e3ba9.config

       com.adobe.fpsaud

     

    Extrinsic agents

     

       com.adobe.PDApp.AAMUpdatesNotifier.70752.UUID

       InstallMac.download

       InstallMac.update

       com.adobe.AdobeCreativeCloud

       kAgent

       com.valvesoftware.steamclean

       com.valvesoftware.steam.ipctool

       InstallMac.AppRemoval

       com.oracle.java.Java-Updater

       InstallMac.ltvbit

       com.google.keystone.user.agent

     

    launchd items

     

       /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist

           (com.adobe.AAM.Startup-1.0)

       /Library/LaunchAgents/com.adobe.AdobeCreativeCloud.plist

           (com.adobe.AdobeCreativeCloud)

       /Library/LaunchAgents/com.oracle.java.Java-Updater.plist

           (com.oracle.java.Java-Updater)

       /Library/LaunchDaemons/com.adobe.fpsaud.plist

           (com.adobe.fpsaud)

       /Library/LaunchDaemons/com.antiunionist.net-preferences.plist

           (com.pref.net-preferences)

       /Library/LaunchDaemons/com.atelocardia.net-preferences.plist

           (com.pref.net-preferences)

       /Library/LaunchDaemons/com.cammask.videodevice.daemon.plist

           (com.cammask.videodevice.daemon)

       /Library/LaunchDaemons/com.leucocholyUpd.plist

           (com.5e275556e95e3ba9.config)

       /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist

           (com.microsoft.office.licensing.helper)

       /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist

           (com.oracle.java.Helper-Tool)

       /Library/LaunchDaemons/com.perion.searchprotectd.plist

           (com.period.searchprotectd)

       Library/LaunchAgents/com.google.keystone.agent.plist

           (com.google.keystone.user.agent)

       Library/LaunchAgents/com.valvesoftware.steamclean.plist

           (com.valvesoftware.steamclean)

       Library/LaunchAgents/gUpdater.plist

           (kAgent)

       Library/LaunchAgents/InstallMac.AppRemoval.plist

           (InstallMac.AppRemoval)

       Library/LaunchAgents/InstallMac.download.plist

           (InstallMac.download)

       Library/LaunchAgents/InstallMac.ltvbit.plist

           (InstallMac.ltvbit)

       Library/LaunchAgents/InstallMac.update.plist

           (InstallMac.update)

     

    Extrinsic loadable bundles

     

       /System/Library/Extensions/hp_fax_io.kext

           (com.hp.kext.hp-fax-io)

       /System/Library/Extensions/hp_Inkjet1_io_enabler.kext

           (com.hp.print.hpio.Inkjet1.kext)

       /System/Library/Extensions/hp_Inkjet8_io_enabler.kext

           (com.hp.print.hpio.inkjet8.kext)

       /System/Library/Extensions/JMicronATA.kext

           (com.jmicron.JMicronATA)

       /Library/Extensions/hp_io_enabler_compound.kext

           (com.hp.kext.io.enabler.compound)

       /Library/Extensions/Xone Driver.kext

           (com.vestigl.driver.Xone-Driver)

       /Library/Internet Plug-Ins/AdobeAAMDetect.plugin

           (com.AdobeAAMDetectLib.AdobeAAMDetect)

       /Library/Internet Plug-Ins/DirectorShockwave.plugin

           (com.adobe.director_12_0.shockwave.pluginshim)

       /Library/Internet Plug-Ins/Flash Player.plugin

           (com.macromedia.Flash Player.plugin)

       /Library/Internet Plug-Ins/JavaAppletPlugin.plugin

           (com.oracle.java.JavaAppletPlugin)

       /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin

           (com.microsoft.sharepoint.browserplugin)

       /Library/Internet Plug-Ins/SharePointWebKitPlugin.webplugin

           (com.microsoft.sharepoint.webkitplugin)

       /Library/Internet Plug-Ins/Unity Web Player.plugin

           (com.unity.UnityWebPlayer)

       /Library/PreferencePanes/Flash Player.prefPane

           (com.adobe.flashplayerpreferences)

       /Library/PreferencePanes/JavaControlPanel.prefPane

           (com.oracle.java.JavaControlPanel)

       /Library/PreferencePanes/Xone Driver Pref Pane.prefPane

           (com.vestigl.Xone-Driver-Pref-Pane)

       Library/Address Book Plug-Ins/SkypeABCaller.bundle

           (com.skype.SkypeABCaller)

       Library/Address Book Plug-Ins/SkypeABChatter.bundle

           (com.skype.SkypeABChatter)

       Library/Address Book Plug-Ins/SkypeABDialer.bundle

           (com.skype.SkypeABDialer)

       Library/Address Book Plug-Ins/SkypeABSMS.bundle

           (com.skype.SkypeABSMS)

       Library/Internet Plug-Ins/Google Earth Web Plug-in.plugin

           (com.Google.GoogleEarthPlugin.plugin)

       Library/Internet Plug-Ins/NPRoblox.plugin

           (com.Roblox.RobloxLauncherPlugin)

       Library/Internet Plug-Ins/TroviNPAPIPlugin.plugin

           (com.conduit.ConduitNPAPIPlugin)

     

    Application check

     

       com.google.GoogleDrive

     

    User login items

     

       Steam

       iTunesHelper

       Google Drive

       CamMask

       ManyCam

       ManyCam

       CamMask

       CamMask

     

    Safari extensions

     

       extension

       com

       searchExt

       com

       Oliverto

       com

     

    Restricted user files: 855

     

    Elapsed time (s): 100

     

    These are my results.  Please help me.

  • by NTKnow,

    NTKnow NTKnow May 16, 2016 6:08 PM in response to Linc Davis
    Level 1 (4 points)
    Mac OS X
    May 16, 2016 6:08 PM in response to Linc Davis

    I let the little girl next door play games on my laptop, under supervision of course. They were age-appropriate,

    she logged in through her grade school account.

    Since that time "ZipArcade" has taken over both Firefox, I rarely use, and Safari, my primary browser. I

    will assume the steps you outlined, thank you, for other types of malware/adware removal will work for

    "ZipArcade." also. Thank you.

  • by bibscy,

    bibscy bibscy Jun 3, 2016 4:37 PM in response to Linc Davis
    Level 1 (8 points)
    Jun 3, 2016 4:37 PM in response to Linc Davis

    In response to Linc Davis.

    I have the same issue, when I click on any link it takes me to adware pages and it happens in all my browsers ( firefox, chrome, safari).

    I have run the shell script as per your instructions and I am listing below the result. Let me know if you can help me. Thanks

     

    Last login: Fri Jun  3 23:58:50 on console

    Bogdans-Air:~ bogdanbarbulescu$ PATH=/usr/bin:/bin:/usr/sbin:/sbin; clear; Fb='%s\n\t(%s)\n'; Fm='\n%s\n\n%s\n'; Fr='\nRAM details\n%s\n'; Fs='\n%s: %s\n'; Fu='user %s%%, system %s%%'; AC="com.autodesk.AutoCAD  com.google.GoogleDrive"; H='^[[:space:]]*((127\.0\.0\.1|::1|fe80::1%lo0)[[:space:]]+local|(255\.){3}255[ [:space:]]*broadcast)host[[:space:]]*$'; NS=networksetup; PB="/usr/libexec/PlistBuddy -c Print"; A () { [[ a -eq 0 ]]; }; M () { find -L "$d" -type f | while read f; do file -b "$f" | egrep -lq XML\|exec && echo $f; done; }; AT () { o=`file -b "$1" | egrep -v '^(A.{16}t$|cann)'`; Ps "${1##*/} format"; }; Pc () { o=`grep -v '^ *#' "$2"`; l=`wc -l <<< "$o"`; [[ l -gt 25 ]] && o=`head -n25 <<< "$o"`$'\n'"[$((l-25)) more line(s)]"; Pm "$1"; AT "$1"; }; Pm () { [[ "$o" ]] && o=`sed -E '/^ *$/d; s/^ */   /; s/[-0-9A-Fa-f]{22,}/UUID/g' <<< "$o"` && printf "$Fm" "$1" "$o"; }; Pp () { o=`$PB "$2" | awk -F'= ' \/$3'/{print $2}'`; Pm "$1"; }; Ps () { o=`echo $o`; [[ ! "$o" =~ ^0?$ ]] && printf "$Fs" "$1" "$o"; }; R () { o=; [[ r -eq 0 ]]; }; SP () { system_profiler SP${1}DataType; }; id -G | grep -qw 80; a=$?; A && sudo true; r=$?; t=`date +%s`; clear; { A || echo $'No admin access\n'; A && ! R && echo $'No root access\n'; SP Software | sed '8!d;s/^ *//'; h=(`SP Hardware | awk '/ Id/{print $3}; /Mem/{print $2}'`); o=$h; Ps "Model"; o=$((h[1]<4?h[1]:0)); Ps "Total RAM (GB)"; o=`SP Memory | sed '1,5d;/[my].*:/d'`; [[ "$o" =~ s:\ [^O]|x([^08]|0[^2]|8[^0]) ]] && printf "$Fr" "$o"; o=`SP Diagnostics | sed '5,6!d'`; [[ "$o" =~ Pass ]] || Pm "POST"; p=`SP Power`; o=`awk '/Cy/{print $NF}' <<< "$p"`; o=$((o>=300?o:0)); Ps "Battery cycles"; o=`sed -n '/Cond.*: [^N]/{s/^.*://p;}' <<< "$p"`; Ps "Battery condition"; for b in Thunderbolt USB; do o=`SP $b | sed -En '1d;/:$/{s/ *:$//;x;s/\n//p;};/^ *V.* [0N].* /{s/ 0x.... //;s/[()]//g;s/(.*: )(.*)/ \(\2\)/;H;};/Apple|Genesy|Intel|SMSC/{s/.//g;h;}'`; Pm $b; done; o=`pmset -g therm | sed 's/^.*C/C/'`; [[ "$o" =~ No\ th|pms ]] && o=; Pm "Thermal conditions"; o=`pmset -g sysload | grep -v :`; [[ "$o" =~ =\ [^GO] ]] || o=; Pm "System load advisory"; o=`nvram boot-args | awk '{$1=""; print}'`; Ps "boot-args"; a=(/ ""); A=(System User); for i in 0 1; do o=`cd ${a[$i]}L*/Lo*/Diag* || continue; for f in *.{cr,h,pa,s}*; do [[ -f "$f" ]] || continue; d=$(stat -f%Sc -t%F "$f"); [[ "$f" =~ h$ ]] && grep -lq "^Thread c" "$f" && f="$f *"; echo "$d ${f%%_2*} ${f##*.}"; done | sort | tail`; Pm "${A[$i]} diagnostics"; done; grep -lq '*$' <<< "$o" && printf $'\n* Code injection\n'; o=`syslog -F bsd -k Sender kernel -k Message CReq 'caught bu|GPU |hfs: Ru|I/O e|last value [1-9]|n Cause: -|NVDA\(|pagin|proc: t|Roamed|SATA W|ssert|Thrott|timed? ?o' | tail -n25 | awk '/:/{$4=""; $5=""};1'`; Pm "Kernel messages"; o=`df -m / | awk 'NR==2 {print $4}'`; o=$((o<5120?o:0)); Ps "Free space (MiB)"; o=$(($(vm_stat | awk '/eo/{sub("\\.",""); print $2}')/256)); o=$((o>=1024?o:0)); Ps "Pageouts (MiB)"; s=( `sar -u 1 10 | sed '$!d'` ); [[ s[4] -lt 85 ]] && o=`printf "$Fu" ${s[1]} ${s[3]}` || o=; Ps "Total CPU usage" && { s=(`ps acrx -o comm,ruid,%cpu | sed '2!d'`); n=$((${#s[*]}-1)); c="${s[*]}"; o=${s[$n]}%; Ps "CPU usage by process \"${c% ${s[$((n-1))]}*}\" with UID ${s[$((n-1))]}"; }; s=(`top -R -l1 -n1 -o prt -stats command,uid,prt | sed '$!d'`); n=$((${#s[*]}-1)); s[$n]=${s[$n]%[+-]}; c="${s[*]}"; o=$((s[$n]>=25000?s[$n]:0)); Ps "Mach ports used by process \"${c% ${s[$((n-1))]}*}\" with UID ${s[$((n-1))]}"; o=`kextstat -kl | grep -v com\\.apple | cut -c53- | cut -d\< -f1`; Pm "Loaded extrinsic kernel extensions"; R && o=`sudo launchctl list | awk 'NR>1 && !/0x|com\.(apple|openssh|vix\.cron)|org\.(amav|apac|calendarse|cups|dove|isc|nt p|openld|post[fg]|x)/{print $3}'`; Pm "Extrinsic daemons"; o=`launchctl list | awk 'NR>1 && !/0x|com\.apple|org\.(x|openbsd)|\.[0-9]+$/{print $3}'`; Pm "Extrinsic agents"; o=`for d in {/,}L*/Lau*; do M; done | egrep -v 'com\.apple\.(CSConfig|server)' | while read f; do ID=$($PB\ :Label "$f") || ID="No job label"; printf "$Fb" "$f" "$ID"; done`; Pm "launchd items"; o=`for d in /{S*/,}L*/StartupItems; do M; done`; Pm "Startup items"; sys=`pkgutil --regexp --only-files --files com.apple.pkg.* | sort | uniq | sed 's:^:/:'`; b=`sed -E '/^.+Lib.+\/Contents\/Info.plist$/!d;s/\/Info.plist$//;/Contents\/./d' <<< "$sys"`; o=`find -L /S*/L*/{C*/Sec*A,E}* {/,}L*/{A*d,Compon,Ex,In,iTu,Keyb,Mail/B,P*P,Qu*T,Scripti,Sec,Servi,Spo}* -type d -name Contents -prune | grep -Fv "$b" | while read d; do test -f "$d/Info.plist" || continue; ID=$($PB\ :CFBundleIdentifier "$_") || ID="No bundle ID"; printf "$Fb" "${d%/Contents}" "$ID"; done`; Pm "Extrinsic loadable bundles"; l=`egrep '^/usr/lib/.+dylib$' <<< "$sys"`; o=`find /usr/lib -type f -name *.dylib | grep -Fv "$l"`; Pm "Extrinsic shared libraries"; o=`for e in INSERT_LIBRARIES LIBRARY_PATH; do launchctl getenv DYLD_$e; done`; Pm "Environment"; o=`find -L {,/u*/lo*}/e*/periodic -type f -mtime -10d`; Pm "Modified periodic scripts"; o=`scutil --proxy | grep Prox`; Pm "Proxies"; o=`scutil --dns | awk '/r\[0\] /{if ($NF !~ /^1(0|72\.(1[6-9]|2[0-9]|3[0-1])|92\.168)\./) print $NF; exit}'`; i=`route -n get default | awk '/e:/{print $2}'`; I=`$NS -listnetworkserviceorder | sed -En '/ '$i'\)$/{x;s/^\(.+\) //p;q;};x'`; n=`$NS -getdnsservers "$I" | awk '!/^T/{print "not "}'`; Ps "DNS (${n}from DHCP)"; o=`$NS -getinfo "$I" | awk '/k:/{if ($3 !~ "(255\.){3}0") print $3}'`; Ps "Netmask"; R && o=`sudo profiles -P | grep : | wc -l`; Ps "Profiles"; f=auto_master; [[ `md5 -q /etc/$f` =~ ^b166 ]] || Pc $f /etc/$f; for f in fstab sysctl.conf crontab launchd.conf; do Pc $f /etc/$f; done; f=/etc/hosts; Pc "hosts" <(egrep -v "$H" $f ); AT $f; Pc "User launchd" ~/.launchd*; R && Pc "Root crontab" <(sudo crontab -l); Pc "User crontab" <(crontab -l | sed -E 's:/Users/[^/]+/:/Users/USER/:g'); R && o=`sudo defaults read com.apple.loginwindow LoginHook`; Pm "Login hook"; LD="$(`find /S*/*/F* -type f -name lsregister | head -n1` -dump)"; o=`for ID in $AC; do [[ "$LD" =~ $ID ]] && echo $ID; done`; Pm "Application check"; Pp "Global login items" /L*/P*/loginw* Path; Pp "User login items" L*/P*/*loginit* Name; Pp "Safari extensions" L*/Saf*/*/E*.plist Bundle | sed -E 's/(\..*$|-[1-9])//g'; o=`find ~ $TMPDIR.. \( -flags +sappnd,schg,uappnd,uchg -o ! -user $UID -o ! -perm -600 \) | wc -l`; Ps "Restricted user files"; cd; o=`SP Fonts | egrep 'id: N|te: Y' | wc -l`; Ps "Font problems"; o=`find L*/{Con,Pref}* -type f ! -size 0 -name *.plist | while read f; do plutil -s "$f" >&- || echo $f; done`; Pm "Bad plists"; d=(Desktop L*/Keyc*); n=(20 7); for i in 0 1; do o=`find "${d[$i]}" -type f -maxdepth 1 | wc -l`; o=$((o<=n[$i]?0:o)); Ps "${d[$i]##*/} file count"; done; o=; [[ UID -eq 0 ]] && o=root; Ps "UID"; o=$((`date +%s`-t)); Ps "Elapsed time (s)"; } 2>/dev/null | pbcopy; exit 2>&-

  • by Eric Root,

    Eric Root Eric Root Jun 4, 2016 10:47 AM in response to bibscy
    Level 9 (70,011 points)
    iTunes
    Jun 4, 2016 10:47 AM in response to bibscy

    You might want to consider starting a new discussion. Since this one is marked solved, less people are likely to look at it. You can link to this one.

  • by MrBean1440,

    MrBean1440 MrBean1440 Aug 8, 2016 7:15 PM in response to Anon4876
    Level 1 (12 points)
    Safari
    Aug 8, 2016 7:15 PM in response to Anon4876

    Boot Mode: Normal

     

     

    Model: MacBookPro6,2

     

     

    Battery cycles: 1089

     

     

    System diagnostics

     

     

       2016-07-16 Safari hang

       2016-07-29 Kernel panic

       2016-07-29 Kernel panic

       2016-08-05 Kernel panic

     

     

    User diagnostics

     

     

       2016-07-23 Photos crash

       2016-07-28 Photos crash

     

     

    Kernel messages

     

     

       Aug 1 07:09:17   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.40.3/AppleCredentialManager/AppleCredentialManager.cpp, line: 785

       --- last message repeated 1 time ---

       Aug 3 19:46:59   Previous shutdown cause: -62

       Aug 3 20:56:02   wl0: Roamed or switched channel, reason #3, bssid 90:84:0d:db:0a:44

       Aug 3 20:56:43   Process launchd [1] disabling system-wide I/O Throttling

       Aug 3 20:56:43   Process launchd [1] disabling system-wide CPU Throttling

       Aug 4 20:01:02   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.40.3/AppleCredentialManager/AppleCredentialManager.cpp, line: 785

       Aug 4 20:01:13   wl0: Roamed or switched channel, reason #3, bssid 90:84:0d:db:0a:44

       Aug 8 20:18:38   Process launchd [1] disabling system-wide I/O Throttling

       Aug 8 20:18:38   Process launchd [1] disabling system-wide CPU Throttling

       Aug 8 20:20:29   AssertMacros: tmpData (value: 0x0), file: /BuildRoot/Library/Caches/com.apple.xbs/Sources/AppleCredentialManager/AppleCre dentialManager-83.40.3/AppleCredentialManager/AppleCredentialManager.cpp, line: 785

       --- last message repeated 1 time ---

     

     

    Extrinsic daemons

     

     

       com.sonos.SonosLibraryServer

       com.google.keystone.daemon

       com.adobe.fpsaud

     

     

    Extrinsic agents

     

     

       com.google.keystone.system.agent

       com.ShoppyTool.agent

       com.jdibackup.ZipCloud.autostart

       com.Software-Updater.agent

       com.spotify.webhelper

       com.amazon.music

       com.jdibackup.ZipCloud.notify

       com.amazon.cloud-player

     

     

    launchd items

     

     

       /Library/LaunchAgents/com.google.keystone.agent.plist

        (com.google.keystone.system.agent)

       /Library/LaunchDaemons/com.adobe.fpsaud.plist

        (com.adobe.fpsaud)

       /Library/LaunchDaemons/com.google.keystone.daemon.plist

        (com.google.keystone.daemon)

       /Library/LaunchDaemons/com.sonos.SonosLibraryServer.plist

        (com.sonos.SonosLibraryServer)

       Library/LaunchAgents/com.amazon.cloud-player.plist

        (com.amazon.cloud-player)

       Library/LaunchAgents/com.amazon.music.plist

        (com.amazon.music)

       Library/LaunchAgents/com.jdibackup.ZipCloud.autostart.plist

        (com.jdibackup.ZipCloud.autostart)

       Library/LaunchAgents/com.jdibackup.ZipCloud.notify.plist

        (com.jdibackup.ZipCloud.notify)

       Library/LaunchAgents/com.ShoppyTool.agent.plist

        (com.ShoppyTool.agent)

       Library/LaunchAgents/com.Software-Updater.agent.plist

        (com.Software-Updater.agent)

       Library/LaunchAgents/com.spotify.webhelper.plist

        (com.spotify.webhelper)

     

     

    Startup items

     

     

       /Library/StartupItems/Virex/Resources/English.lproj/Localizable.strings

       /Library/StartupItems/Virex/Resources/French.lproj/Localizable.strings

       /Library/StartupItems/Virex/Resources/German.lproj/Localizable.strings

       /Library/StartupItems/Virex/Virex

     

     

    Extrinsic loadable bundles

     

     

       /System/Library/Extensions/BJUSBLoad.kext

        (jp.co.canon.bj.print.BJUSBLoad)

       /System/Library/Extensions/BJUSBMP.kext

        (jp.co.canon.bj.kext.BJUSBMP)

       /System/Library/Extensions/hp_designjet_series.kext

        (com.hp.print.hpio.Designjet.kext)

       /System/Library/Extensions/hp_Deskjet_io_enabler.kext

        (com.hp.print.hpio.Deskjet.kext)

       /System/Library/Extensions/hp_fax_io.kext

        (com.hp.kext.hp-fax-io)

       /System/Library/Extensions/hp_Inkjet1_io_enabler.kext

        (com.hp.print.hpio.Inkjet1.kext)

       /System/Library/Extensions/hp_Inkjet2_io_enabler.kext

        (com.hp.print.hpio.Inkjet2.kext)

       /System/Library/Extensions/hp_Inkjet3_io_enabler.kext

        (com.hp.print.hpio.Inkjet3.kext)

       /System/Library/Extensions/hp_Inkjet4_io_enabler.kext

        (com.hp.print.hpio.Inkjet4.kext)

       /System/Library/Extensions/hp_Inkjet5_io_enabler.kext

        (com.hp.print.hpio.Inkjet5.kext)

       /System/Library/Extensions/hp_Inkjet7_io_enabler.kext

        (com.hp.print.hpio.inkjet7.kext)

       /System/Library/Extensions/hp_Inkjet8_io_enabler.kext

        (com.hp.print.hpio.inkjet8.kext)

       /System/Library/Extensions/hp_Inkjet_io_enabler.kext

        (com.hp.print.hpio.Inkjet.kext)

       /System/Library/Extensions/hp_Laserjet_io_enabler.kext

        (com.hp.print.hpio.Laserjet.kext)

       /System/Library/Extensions/hp_Officejet_io_enabler.kext

        (com.hp.print.hpio.Officejet.kext)

       /System/Library/Extensions/hp_Photosmart_io_enabler.kext

        (com.hp.print.hpio.Photosmart.kext)

       /System/Library/Extensions/hp_PhotosmartPro_io_enabler.kext

        (com.hp.print.hpio.PhotosmartPro.kext)

       /System/Library/Extensions/hp_qc_io_enabler.kext

        (com.hp.hpio.hp_psa530_630_io_enabler)

       /System/Library/Extensions/LexmarkUSBMerge.kext

        (com.lexmark.print.usbmerge)

       /Library/Audio/Plug-Ins/HAL/DVCPROHDAudio.plugin

        (com.apple.DVCPROHDAudio)

       /Library/Internet Plug-Ins/AmazonMP3DownloaderPlugin101750.plugin

        (com.AmazonMP3DownloaderPluginLib.Amazon MP3 Downloader Plugin)

       /Library/Internet Plug-Ins/Disabled Plug-Ins/Windows Media Plugin

        (com.microsoft.WMP.defaultplugin)

       /Library/Internet Plug-Ins/DivXBrowserPlugin.plugin

        (com.divx.DivXBrowserPlugin)

       /Library/Internet Plug-Ins/DRM Plugin.bundle

        (com.microsoft.DRMPlugin)

       /Library/Internet Plug-Ins/Flash Player.plugin

        (com.macromedia.Flash Player.plugin)

       /Library/Internet Plug-Ins/Flip4Mac WMV Plugin.plugin

        (net.telestream.wmv.plugin)

       /Library/Internet Plug-Ins/Flip4Mac WMV Plugin.webplugin

        (net.telestream.wmv.webplugin)

       /Library/Internet Plug-Ins/googletalkbrowserplugin.plugin

        (com.google.googletalkbrowserplugin)

       /Library/Internet Plug-Ins/JavaAppletPlugin.plugin

        (com.apple.java.JavaAppletPlugin)

       /Library/Internet Plug-Ins/o1dbrowserplugin.plugin

        (com.google.o1dbrowserplugin)

       /Library/Internet Plug-Ins/OfficeLiveBrowserPlugin.plugin

        (com.microsoft.officelive.browserplugin)

       /Library/Internet Plug-Ins/Silverlight.plugin

        (com.microsoft.SilverlightPlugin)

       /Library/PreferencePanes/DivX.prefPane

        (com.divx.divxprefs)

       /Library/PreferencePanes/Flash Player.prefPane

        (com.adobe.flashplayerpreferences)

       /Library/PreferencePanes/Flip4Mac WMV.prefPane

        (net.telestream.wmv.prefpane)

       /Library/QuickTime/DesktopVideoOut.component

        (com.apple.DesktopVideoOut)

       /Library/QuickTime/DVCPROHDMuxer.component

        (com.apple.DVCPROHDMuxer)

       /Library/QuickTime/DVCPROHDVideoDigitizer.component

        (com.apple.DVCPROHDVideoDigitizer)

       /Library/QuickTime/DVCPROHDVideoOutput.component

        (com.apple.DVCPROHDVideoOutput)

       /Library/QuickTime/DVCPROHDVideoOutputClock.component

        (com.apple.DVCPROHDVideoOutputClock)

       /Library/QuickTime/DVCPROHDVideoOutputCodec.component

        (com.apple.DVCPROHDVideoOutputCodec)

       /Library/QuickTime/LiveType.component

        (com.apple.LiveType.component)

       /Library/QuickTime/TSCC.component

        (com.techsmith.TSCCComponentBundle)

       /Library/Spotlight/iMovie.mdimporter

        (com.apple.iMovieMDImporter)

       /Library/Spotlight/iWeb.mdimporter

        (com.apple.MDImporter.iWeb)

       /Library/Spotlight/Microsoft Entourage.mdimporter

        (com.microsoft.entourageMDImporter)

       Library/Address Book Plug-Ins/SkypeABDialer.bundle

        (com.skype.skypeabdialer)

       Library/Address Book Plug-Ins/SkypeABSMS.bundle

        (com.skype.skypeabsms)

     

     

    Extrinsic shared libraries

     

     

       /usr/lib/libgutenprint.2.0.3.dylib

     

     

    Safari extensions

     

     

       LastPass

       com

     

     

    Restricted user files: 422

     

     

    Elapsed time (s): 140

  • by AmondSolun,

    AmondSolun AmondSolun Aug 9, 2016 3:02 AM in response to MrBean1440
    Level 1 (12 points)
    Mac OS X
    Aug 9, 2016 3:02 AM in response to MrBean1440

    Hi MrBean,

     

    From the log your provided, there are at least 2 adwares in your Mac:

    launchd items

       /Library/LaunchAgents/com.ShopTool.agent.plist  (com.ShopTool.agent)

       /Library/LaunchAgents/com.SoftwareUpdater.agent.plist(com.SoftwareUpdater.agent )

     

    Suggest to use Adware Removal Pro to remove adware on your Mac automatically.

     

     

    <Link Edited by Host>

  • by Kaz990,

    Kaz990 Kaz990 Aug 21, 2016 4:22 PM in response to Anon4876
    Level 1 (8 points)
    Aug 21, 2016 4:22 PM in response to Anon4876

    Boot Mode: Normal

     

    Model: MacBookPro11,1

     

    USB

     

       v165w (Hewlett Packard)

     

    System diagnostics

     

       2016-08-01 firefox spin

       2016-08-01 firefox spin

       2016-08-06 com.apple.AmbientDisplayAgent crash

       2016-08-07 uTorrent spin

       2016-08-08 sphericalness crash

       2016-08-14 sphericalness crash

       2016-08-14 sphericalness crash

       2016-08-15 sphericalness crash

       2016-08-19 sphericalness crash

       2016-08-22 Preview spin

     

    User diagnostics

     

       2016-07-25 Silverlight crash

       2016-07-25 Silverlight crash

       2016-07-25 Silverlight crash

       2016-07-25 Silverlight crash

       2016-07-28 Silverlight crash

       2016-07-31 VLC crash

       2016-08-01 plugin-container crash

     

    Kernel messages

     

       Aug 19 15:44:16   com_apple_driver_AppleUSBCardReaderDriverNub::setPowerState(0xa6448822533de8ad, 0 -> 2) timed out after 10556 ms

       Aug 20 09:22:25   Sound Assert: IOAudioEngine::startClient timed out waiting

       Aug 21 11:09:16   151979.059168 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 12:45:17   154146.089463 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 13:47:19   154272.371407 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 14:48:04   154321.828442 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 15:48:50   154371.456748 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 16:49:35   154420.988928 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 17:50:21   154471.003060 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 18:51:06   154520.439684 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 18:55:23   154570.387579 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 20:29:34   160145.612719 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 21:30:32   160208.972968 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 22:31:18   160259.008091 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 21 23:33:20   160385.205696 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 00:34:05   160434.628649 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 01:34:51   160484.040726 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 02:35:36   160533.450890 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 03:36:22   160583.463052 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 04:37:07   160632.918416 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 05:37:53   160682.813470 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 06:38:38   160732.272533 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 07:39:24   160782.287941 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 07:41:07   160831.665282 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

       Aug 22 08:22:15   161541.591643 HS02@14200000: AppleUSB20XHCIPort::resetAndCreateDevice: asserting reset

     

    Free space (MiB): 368

     

    Extrinsic daemons

     

       scarlatiniformUpd.plist

       com.microsoft.office.licensing.helper

       com.sphericalness.plist

       com.adobe.fpsaud

       com.sierrawireless.SWoCTool

     

    Extrinsic agents

     

       com.mackeeper.MacKeeper.Helper

     

    launchd items

     

       /Library/LaunchDaemons/com.adobe.fpsaud.plist

           (com.adobe.fpsaud)

       /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist

           (com.microsoft.office.licensing.helper)

       /Library/LaunchDaemons/com.sierrawireless.SWoCTool.plist

           (com.sierrawireless.SWoCTool)

       Library/LaunchAgents/com.mackeeper.MacKeeper.Helper.plist

           (com.mackeeper.MacKeeper.Helper)

     

    Extrinsic loadable bundles

     

       /System/Library/Extensions/Option72.kext

           (com.option.driver.Option72)

       /System/Library/Extensions/OptionMSD.kext

           (com.option.driver.OptionMSD)

       /System/Library/Extensions/SierraDevSupport.kext

           (com.sierrawireless.driver.SierraDevSupport)

       /System/Library/Extensions/SierraDIPSupport.kext

           (com.sierrawireless.driver.SierraDIPSupport)

       /System/Library/Extensions/SierraFSRSupport.kext

           (com.sierrawireless.driver.SierraFSRSupport)

       /System/Library/Extensions/SierraHSRSupport.kext

           (com.sierrawireless.driver.SierraHSRSupport)

       /System/Library/Extensions/SierraIPDirect.kext

           (com.sierrawireless.driver.SierraIPDirect)

       /Library/Extensions/hp_io_enabler_compound.kext

           (com.hp.kext.io.enabler.compound)

       /Library/Internet Plug-Ins/Flash Player.plugin

           (com.macromedia.Flash Player.plugin)

       /Library/Internet Plug-Ins/SharePointBrowserPlugin.plugin

           (com.microsoft.sharepoint.browserplugin)

       /Library/Internet Plug-Ins/SharePointWebKitPlugin.webplugin

           (com.microsoft.sharepoint.webkitplugin)

       /Library/Internet Plug-Ins/Silverlight.plugin

           (com.microsoft.SilverlightPlugin)

       /Library/PreferencePanes/Flash Player.prefPane

           (com.adobe.flashplayerpreferences)

     

    User login items

     

       iTunesHelper

       uTorrent

     

    Restricted user files: 2941

     

    Elapsed time (s): 95

first Previous Page 13 of 14 last Next