How to remove of potentially harmful plist file

I think the bigger concern is your are sending spam.

you should stop.

or you should elaborate on what the problem is by stating what's going on.

for instance

are you sending spam, or is spam being sent by some other entity using your address or is your mac mail sending out spam without your consent?

also a PLIST file is a preference file, quit out of the application using the plist and delete it from it's location it resides in

generally in Library/Preferences or ~/Library/Preferences

however can you elaborate on why it's potentially harmful or why you feel that it is or is it related to your email query?

you seem to have to disconnected and incomplete questions pending. Clear them up and we can provide an answer that is not a guessing game show.

I am currently looking if I have any adware/malware/spyware on my computer. I have followed the steps on other discussions like removing the .agent.plist and other daemon.plist. Right now I'm not seeing any symptoms (like force redirect to website or just completely frozen screen) but I'm not sure if there's anything else left. Could anyone please check it for me? Thank you!

EtreCheck version: 2.9.11 (264)

Report generated 2016-04-25 00:02:30

Download EtreCheck from https://etrecheck.com

Runtime 3:13

Performance: Good

Click the [Support] links for help with non-Apple products.

Click the [Details] links for more information about that line.

Problem: No problem - just checking

Hardware Information: ⓘ

MacBook Pro (13-inch, Mid 2012)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro9,2

1 2.5 GHz Intel Core i5 CPU: 2-core

4 GB RAM Upgradeable - [Instructions]

BANK 0/DIMM0

2 GB DDR3 1600 MHz ok

BANK 1/DIMM0

2 GB DDR3 1600 MHz ok

Bluetooth: Good - Handoff/Airdrop2 supported

Wireless: en1: 802.11 a/b/g/n

Battery: Health = Normal - Cycle count = 548

Video Information: ⓘ

Intel HD Graphics 4000

Color LCD 1280 x 800

System Software: ⓘ

OS X Yosemite 10.10 (14A389) - Time since boot: less than an hour

Disk Information: ⓘ

APPLE HDD HTS547550A9E384 disk0 : (500.11 GB) (Rotational)

EFI (disk0s1) <not mounted> : 210 MB

Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB

Media (disk0s4) /Volumes/Media : 160.00 GB (152.46 GB free)

Macintosh HD 2 (disk0s5) /Volumes/Macintosh HD 2 : 114.62 GB (114.40 GB free)

Macintosh HD 3 (disk0s6) /Volumes/Macintosh HD 3 : 114.22 GB (16.80 GB free)

Macintosh HD (disk1) / : 109.63 GB (34.57 GB free)

Core Storage: disk0s2 110.00 GB Online

MATSHITADVD-R UJ-8A8 disk2 : (196.8 MB) ()

USB Information: ⓘ

Apple Inc. FaceTime HD Camera (Built-in)

Apple Inc. BRCM20702 Hub

Apple Inc. Bluetooth USB Host Controller

Apple Computer, Inc. IR Receiver

Apple Inc. Apple Internal Keyboard / Trackpad

Thunderbolt Information: ⓘ

Apple Inc. thunderbolt_bus

Gatekeeper: ⓘ

Mac App Store

Kernel Extensions: ⓘ

/System/Library/Extensions

[not loaded] com.devguru.driver.SamsungComposite (1.4.18 - SDK 10.6 - 2016-03-22) [Support]

/System/Library/Extensions/ssuddrv.kext/Contents/PlugIns

[not loaded] com.devguru.driver.SamsungACMControl (1.4.18 - SDK 10.6 - 2014-01-27) [Support]

[not loaded] com.devguru.driver.SamsungACMData (1.4.18 - SDK 10.6 - 2014-01-27) [Support]

[not loaded] com.devguru.driver.SamsungMTP (1.4.18 - SDK 10.5 - 2014-01-27) [Support]

[not loaded] com.devguru.driver.SamsungSerial (1.4.18 - SDK 10.6 - 2014-01-27) [Support]

System Launch Agents: ⓘ

[not loaded] 5 Apple tasks

[loaded] 142 Apple tasks

[running] 56 Apple tasks

System Launch Daemons: ⓘ

[not loaded] 45 Apple tasks

[loaded] 137 Apple tasks

[running] 80 Apple tasks

Launch Daemons: ⓘ

[loaded] com.adobe.SwitchBoard.plist (2012-08-11) [Support]

[loaded] com.adobe.fpsaud.plist (2016-04-05) [Support]

[loaded] com.malwarebytes.MBAMHelperTool.plist (2016-04-11) [Support]

[loaded] com.oracle.java.Helper-Tool.plist (2014-09-20) [Support]

User Launch Agents: ⓘ

[failed] com.apple.CSConfigDotMacCert-[...]@me.com-SharedServices.Agent.plist

[failed] com.facebook.videochat.[redacted].plist (2014-08-13) [Support]

[loaded] com.google.keystone.agent.plist (2016-03-02) [Support]

[running] com.spotify.webhelper.plist (2016-04-24) [Support]

User Login Items: ⓘ

iTunesHelper Application (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

Android File Transfer Agent Application (~/Library/Application Support/Google/Android File Transfer/Android File Transfer Agent.app)

Spotify Application Hidden (/Applications/Spotify.app)

Other Apps: ⓘ

[running] com.google.Chrome.5996

[running] com.google.android.mtpagent.98864

[running] com.spotify.client.49448

[loaded] 357 Apple tasks

[running] 163 Apple tasks

Internet Plug-ins: ⓘ

FlashPlayer-10.6: 21.0.0.213 - SDK 10.6 (2016-04-08) [Support]

QuickTime Plugin: 7.7.3 (2014-11-06)

Flash Player: 21.0.0.213 - SDK 10.6 (2016-04-08) Outdated! Update

EPPEX Plugin: 4.1.0.0 (2011-07-26) [Support]

Default Browser: 600 - SDK 10.10 (2014-11-06)

SharePointBrowserPlugin: 14.3.4 - SDK 10.6 (2013-05-19) [Support]

Silverlight: 5.1.30317.0 - SDK 10.6 (2014-05-20) [Support]

JavaAppletPlugin: Java 8 Update 65 build 17 (2015-11-09) Check version

3rd Party Preference Panes: ⓘ

Flash Player (2016-04-05) [Support]

Java (2015-11-09) [Support]

Time Machine: ⓘ

Auto backup: YES

Volumes being backed up:

Macintosh HD: Disk size: 109.63 GB Disk used: 75.06 GB

Destinations:

Macintosh HD 3 [Local]

Total size: 114.22 GB

Total number of backups: 60

Oldest backup: 7/1/15, 4:44 PM

Last backup: 4/24/16, 6:40 PM

Size of backup disk: Too small

Backup size 114.22 GB < (Disk used 75.06 GB X 3)

Top Processes by CPU: ⓘ

5% mdworker(9)

3% kernel_task

3% Google Chrome

2% Google Chrome Helper(6)

2% fontd

Top Processes by Memory: ⓘ

766 MB Google Chrome Helper(6)

447 MB kernel_task

209 MB Google Chrome

147 MB mdworker(9)

119 MB imagent

Virtual Memory Information: ⓘ

320 MB Free RAM

3.69 GB Used RAM (1.02 GB Cached)

0 B Swap Used

Diagnostics Information: ⓘ

Apr 24, 2016, 11:19:51 PM Self test - passed

Apr 24, 2016, 07:05:27 PM /Library/Logs/DiagnosticReports/storedownloadd_2016-04-24-190527_[redacted].cpu _resource.diag [Details]

/System/Library/PrivateFrameworks/CommerceKit.framework/Versions/A/Resources/st oredownloadd

Apr 23, 2016, 11:14:57 PM ~/Library/Logs/DiagnosticReports/VTDecoderXPCService_2016-04-23-231457_[redacte d].crash

/System/Library/Frameworks/VideoToolbox.framework/Versions/A/XPCServices/VTDeco derXPCService.xpc/Contents/MacOS/VTDecoderXPCService

Nothing stands out to me as malware in that report, with the remote possibility of the com.facebook.videochat if you downloaded it from CNET as they try to bundle other garbage with their hosted files but if you used Malwarebytes for mac and it's up-to-date chances are something would have alerted you.

Please see the following links for more insight to the nature of what you are looking for.

Viruses, Trojans, Malware - and other aspects of Internet Security

Apple security updates - Apple Support

http://www.reedcorner.net/mmg/

http://www.thexlab.com/faqs/malspyware.html

This problem - sending spam - usually happens when your email address is hacked. Probably they nabbed your password. The easy fix is to change your password.

Passwords will become obsolete one day but until then, make them difficult to guess - and a computer will be doing the guessing, not a human!

Make up a formula that is easy to remember but impossible to guess.

Suppose you changed the letters of something into numbers. A=1 b=2 etc. Then look at the site than you are joining such as ledbright.com They want a user name and password. Fine. L=12 E=5 D=4 B=2 R=17 I=9 G=7 H=8 T=20

So make your password 125421797820. If that's too iffy, how about counting the letters in the name, 9 and make your password l9e9d9b9r9i9g9h9t9 Or you can use a keywork such a Rainbow, and as a password it is RaInBoW9

For Facebook it would be RaInBoW8 OR how about using a number code but press the caps key? Your January 14 1987 birthday becomes your password: )!!$!(*& Maybe somebody will think you are cussing! Haha Or use the letters right under your birthday numbers: pqqrqoiu

Or how about mixing letters with numbers that are similar l=1 o=0 z=2 E=3 or whatever. Your password Hello Kitty is h311041771 Whatever you do don't use as your password any of these!: password iloveyou 12345678 87654321 13243546 1223334444 qwerasdfzxcv qwertyu asdfghjk or zxcvbnm, as they are the first ones that are tried.

If you are EVER told in an email that you have to verify something by logging in, NEVER LOG IN on the email they sent to you! This is the most common way that they get all the info they need to gain access to your site. If you are being targeted, make you password complex. It can be a phrase like whentheraincomesiwillgetaboat no spaces or use the zero for o and 1 for i and # for H: w#ent#era1nc0mes1w1llgetab0at or in all caps W#ENT#ERA1NC0MES1W1LLGETAB0AT or just change the o to a zero Use uppercase ****0D0LLY

Have fun, just don't make one up that you forget!

PS. Don't write it down on a sticky note in your desk!