User profile for user: lisap6905
lisap6905 Author
User level: Level 1
4 points

EtreCheck has detected infected adware, should I delete files?

EtreCheck has detected infected adware, should I delete files? How do I know they are right?

It is almost impossible to use either safari or Chrome as 'loadages' just keeps popping up.

I have a 13" mac book pro mid 2009 running Yesomite 10.10.5


Here is the report:


EtreCheck version: 3.4.2 (436)

Report generated 2017-08-03 15:53:15

Download EtreCheck from https://etrecheck.com

Runtime: 6:08

Performance: Below Average


Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.

Click the [Remove/Report] links to remove adware or update the whitelist of legitimate software.

Click the [Clean up] link to delete unused files.


Problem: Beachballing

Description:

adware virus keeps popping up disbabling proper use of web searching


Hardware Information:

MacBook Pro (13-inch, Mid 2009)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro5,5

1 2.26 GHz Intel Core 2 Duo (Duo) CPU: 2-core

8 GB RAM Upgradeable - [Instructions]

BANK 0/DIMM0

4 GB DDR3 1067 MHz ok

BANK 1/DIMM0

4 GB DDR3 1067 MHz ok

Bluetooth: Old - Handoff/Airdrop2 not supported

Wireless: en1: 802.11 a/b/g/n

Battery: Health = Normal - Cycle count = 356


Video Information:

NVIDIA GeForce 9400M - VRAM: 256 MB

Color LCD 1280 x 800


Disk Information:

HGST HTS545050A7E380 disk0: (500.11 GB) (Rotational)

[Show SMART report]

(disk0s1) <not mounted> [EFI]: 210 MB

Macintosh HD (disk0s2 - Journaled HFS+) / [Startup]: 499.25 GB (84.23 GB free)

(disk0s3) <not mounted> [Recovery]: 650 MB


HL-DT-ST DVDRW GS23N ()


USB Information:

EHCI Root Hub Simulation

Apple Inc. Built-in iSight

EHCI Root Hub Simulation

Apple Internal Memory Card Reader

OHCI Root Hub Simulation

Apple Inc. Apple Internal Keyboard / Trackpad

Apple Computer, Inc. IR Receiver

OHCI Root Hub Simulation

Apple Inc. BRCM2046 Hub

Apple Inc. Bluetooth USB Host Controller


System Software:

OS X Yosemite 10.10.5 (14F2315) - Time since boot: about 4 hours


Configuration files:

/etc/hosts - Count: 15


Gatekeeper:

Mac App Store and identified developers


Possible adware:

Adware: /Library/LaunchDaemons/com.Cartilaginei.service.plist

Adware: /Library/LaunchDaemons/com.Catha.service.plist

Adware: /Library/LaunchDaemons/com.Kohathite.service.plist

Adware: /Library/LaunchDaemons/com.Lak.service.plist

Adware: /Library/LaunchDaemons/com.Phytotomidae.service.plist

Adware: /Library/LaunchDaemons/com.antiphlogistian.service.plist

Unknown file: /Library/LaunchDaemons/com.apple.ertur.plist

Unknown file: /Library/LaunchDaemons/com.apple.kimathen.plist

Adware: /Library/LaunchDaemons/com.brachypinacoidal.service.plist

Adware: /Library/LaunchDaemons/com.bryogenin.service.plist

Adware: /Library/LaunchDaemons/com.burp.service.plist

Adware: /Library/LaunchDaemons/com.cantref.service.plist

Adware: /Library/LaunchDaemons/com.chaffiness.service.plist

Unknown file: /Library/LaunchDaemons/com.craw.plist

Adware: /Library/LaunchDaemons/com.disaccustom.service.plist

Adware: /Library/LaunchDaemons/com.excursionary.service.plist

Adware: /Library/LaunchDaemons/com.fastidiously.service.plist

Adware: /Library/LaunchDaemons/com.intrabronchial.service.plist

Adware: /Library/LaunchDaemons/com.kilterUpd.plist

Adware: /Library/LaunchDaemons/com.millistere.service.plist

Adware: /Library/LaunchDaemons/com.muff.service.plist

Adware: /Library/LaunchDaemons/com.pentine.service.plist

Adware: /Library/LaunchDaemons/com.posthippocampal.service.plist

Adware: /Library/LaunchDaemons/com.ritornello.service.plist

Adware: /Library/LaunchDaemons/com.sceuophorion.service.plist

Adware: /Library/LaunchDaemons/com.sectionize.service.plist

Adware: /Library/LaunchDaemons/com.semiatheist.service.plist

Adware: /Library/LaunchDaemons/com.stockkeeper.service.plist

Adware: /Library/LaunchDaemons/com.strigous.service.plist

Adware: /Library/LaunchDaemons/com.unmailed.service.plist

Adware: /Library/LaunchDaemons/com.unprofited.service.plist

Adware: /Library/LaunchDaemons/com.vitrifiable.service.plist

Unknown file: /Library/LaunchDaemons/com.vqfvknqlbtfh.plist

33 possible adware files found. [Remove/Report]


Clean up:

~/Library/LaunchAgents/com.mackeeper.MacKeeper.Helper.plist

/Applications/MacKeeper.app/Contents/Services/MacKeeper Helper.app/Contents/MacOS/MacKeeper Helper

Executable not found!

One orphan file found. [Clean up]


Kernel Extensions:

/Library/Application Support/Roxio

[not loaded] com.roxio.TDIXController (2.0) [Lookup]


/System/Library/Extensions

[not loaded] com.roxio.BluRaySupport (1.1.6) [Lookup]

[not loaded] com.seagate.driver.PowSecDriverCore (5.2.3 (26704) - SDK 10.4) [Lookup]


/System/Library/Extensions/Seagate Storage Driver.kext/Contents/PlugIns

[not loaded] com.seagate.driver.PowSecLeafDriver_10_4 (5.2.3 (26704) - SDK 10.4) [Lookup]

[not loaded] com.seagate.driver.PowSecLeafDriver_10_5 (5.2.3 (26704) - SDK 10.5) [Lookup]

[not loaded] com.seagate.driver.SeagateDriveIcons (5.2.3 (26704) - SDK 10.4) [Lookup]


Startup Items:

MobileBrServ: Path: /Library/StartupItems/MobileBrServ

Startup items no longer function in OS X Yosemite or later


System Launch Agents:

[not loaded] 6 Apple tasks

[loaded] 146 Apple tasks

[running] 60 Apple tasks


System Launch Daemons:

[not loaded] 42 Apple tasks

[loaded] 141 Apple tasks

[running] 80 Apple tasks


Launch Agents:

[not loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[loaded] com.adobe.CS5ServiceManager.plist (? 40cdc1ff dd391a6f - installed 2013-04-21) [Lookup]

[running] com.trusteer.rapport.rapportd.plist (Trusteer LTD - installed 2017-07-07) [Lookup]

[running] jp.co.canon.CUPSCAPT.BG.plist (? 33904f9c 9c018b65 - installed 2017-01-09) [Lookup]


Launch Daemons:

[loaded] com.Cartilaginei.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.Catha.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.Kohathite.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.Lak.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.Phytotomidae.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.adobe.SwitchBoard.plist (? 856489a3 0 - installed 2013-04-21) [Lookup]

[running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-05-29) [Lookup]

[loaded] com.adobe.fpsaud.plist (? 2afb3af7 18a4fa69 - installed 2017-06-23) [Lookup]

[loaded] com.antiphlogistian.service.plist (Shell Script 10a0ea5e - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[not loaded] com.apple.ertur.plist (? 0 ? - installed 2016-07-06)

[not loaded] com.apple.kimathen.plist (? 0 ? - installed 2016-11-24)

[loaded] com.brachypinacoidal.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.bryogenin.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.burp.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.cantref.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.chaffiness.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[not loaded] com.craw.plist (? 0 ? - installed 2016-12-07) [Lookup]

[loaded] com.disaccustom.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.excursionary.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.fastidiously.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[running] com.huawei.mbbservice.plist (? d59902d6 af1157fb - installed 2015-09-05) [Lookup]

[loaded] com.intrabronchial.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[not loaded] com.kilterUpd.plist (? 0 ? - installed 2016-07-06) Adware! [Remove/Report]

[loaded] com.millistere.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.muff.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.pentine.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.posthippocampal.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.ritornello.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.rockysandstudio.WUHelper.plist (Rocky Sand Studio Ltd. - installed 2017-05-30) [Lookup]

[loaded] com.sceuophorion.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.sectionize.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.semiatheist.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.stockkeeper.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.strigous.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[running] com.trusteer.rooks.rooksd.plist (Trusteer LTD - installed 2017-06-22) [Lookup]

[loaded] com.unmailed.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.unprofited.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[loaded] com.vitrifiable.service.plist (? 10a0ea5e 6e7829fd - installed 2016-11-23) Adware! [Remove/Report]

/etc/run_app.sh

[not loaded] com.vqfvknqlbtfh.plist (? 0 ? - installed 2016-11-24) [Lookup]


User Launch Agents:

[loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[loaded] com.adobe.ARM.[...].plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[running] com.akamai.single-user-client.plist (? 8f2c69f 6a3689c4 - installed 2017-01-23) [Lookup]

[loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-07-10) [Lookup]

[failed] com.mackeeper.MacKeeper.Helper.plist (? e65cf578 0 - installed 2016-07-06) [Lookup] - /Applications/MacKeeper.app/Contents/Services/MacKeeper Helper.app/Contents/MacOS/MacKeeper Helper: Executable not found!


User Login Items:

iTunesHelper Application (Apple, Inc. - installed 2017-05-25)

(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

AdobeResourceSynchronizer Application - Hidden

(/Applications/Adobe Acrobat XI Pro/Adobe Acrobat Pro.app/Contents/Support/AdobeResourceSynchronizer.app)


Internet Plug-ins:

AdobeAAMDetect: AdobeAAMDetect 1.0.0.0 (installed 2017-07-21) [Lookup]

FlashPlayer-10.6: 26.0.0.137 (installed 2017-07-14) [Lookup]

QuickTime Plugin: 7.7.3 (installed 2017-04-22)

AdobePDFViewerNPAPI: 11.0.09 (installed 2014-10-09) [Lookup]

AdobePDFViewer: 11.0.09 (installed 2014-10-09) [Lookup]

Flash Player: 26.0.0.137 (installed 2017-07-14) [Lookup]

Default Browser: 600 (installed 2015-12-06)

JavaAppletPlugin: 15.0.0 (installed 2014-08-29) Check version

NP_2020Player_IKEA: 5.0.94.1 (installed 2012-09-28) [Lookup]

Silverlight: 5.1.41212.0 (installed 2016-03-20) [Lookup]

iPhotoPhotocast: 7.0 (installed 2013-05-06)


User internet Plug-ins:

Aspera Web 3.5.2.95060: Unknown (installed 2014-10-28) [Lookup]

SigniantTransfer v5.4.3.70626: SigniantTransfer 5.4.3.70626 (installed 2015-07-30) [Lookup]


3rd Party Preference Panes:

Akamai NetSession Preferences (installed 2017-01-23) [Lookup]

Flash Player (installed 2017-06-23) [Lookup]

Growl (installed 2013-04-21) [Lookup]

Paragon NTFS for Mac ® OS X (installed 2013-04-21) [Lookup]

Trusteer Endpoint Protection (installed 2017-07-07) [Lookup]


Time Machine:

Auto backup: YES

Volumes being backed up:

Macintosh HD: Disk size: 499.25 GB Disk used: 415.02 GB

Destinations:

Seagate Backup Plus Drive [Local]

Total size: 0 B

Total number of backups: 0

Oldest backup: -

Last backup: -

Size of backup disk: Too small

Backup size 0 B < (Disk used 415.02 GB X 3)


Top Processes by CPU:

12% WindowServer

11% osascript

3% launchservicesd

2% kernel_task

2% taskgated


Top Processes by Memory:

685 MB kernel_task

330 MB Mail

293 MB com.apple.WebKit.WebContent

242 MB Safari

239 MB com.apple.WebKit.WebContent


Top Processes by Energy Use:

8.98 WindowServer

4.08 Safari

3.34 launchservicesd

1.72 taskgated


Virtual Memory Information:

4.16 GB Available RAM

37 MB Free RAM

3.84 GB Used RAM

4.12 GB Cached files

0 B Swap Used


Software installs:

IBM Security Trusteer Endpoint Protection: (installed 2017-07-07)

Adobe Flash Player: (installed 2017-07-14)

Adobe Acrobat XI Pro (11.0.20): (installed 2017-07-21)


Install information may not be complete.


Diagnostics Information:

2017-08-01 19:59:13 Safari.app Hang [Open]



Thanks for any advice to a firs timer on this site!

MacBook Pro (13-inch Mid 2009), OS X Yosemite (10.10.5)

Posted on Aug 3, 2017 8:12 AM

Reply
13 replies
User profile for user: lisap6905
lisap6905 Author
User level: Level 1
4 points

Aug 3, 2017 8:57 AM in response to lisap6905

Thank you all for your replies. I am happy to report that malwarebytes seemed to get rid of the problem so far! I am so excited I have had months of impossible surfing. I have run another check and the report is as below:


Basically my system is too slow. Next question: Can I upgrade this computer? I have both memory slots in use so I am guessing not... Is it time for a new mac?


EtreCheck version: 3.4.2 (436)

Report generated 2017-08-03 16:50:54

Download EtreCheck from https://etrecheck.com

Runtime: 6:33

Performance: Below Average


Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.


Problem: Computer is too slow


Hardware Information:

MacBook Pro (13-inch, Mid 2009)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro5,5

1 2.26 GHz Intel Core 2 Duo (Duo) CPU: 2-core

8 GB RAM Upgradeable - [Instructions]

BANK 0/DIMM0

4 GB DDR3 1067 MHz ok

BANK 1/DIMM0

4 GB DDR3 1067 MHz ok

Bluetooth: Old - Handoff/Airdrop2 not supported

Wireless: en1: 802.11 a/b/g/n

Battery: Health = Normal - Cycle count = 356


Video Information:

NVIDIA GeForce 9400M - VRAM: 256 MB

Color LCD 1280 x 800


Disk Information:

HGST HTS545050A7E380 disk0: (500.11 GB) (Rotational)

[Show SMART report]

(disk0s1) <not mounted> [EFI]: 210 MB

Macintosh HD (disk0s2 - Journaled HFS+) / [Startup]: 499.25 GB (84.05 GB free)

(disk0s3) <not mounted> [Recovery]: 650 MB


HL-DT-ST DVDRW GS23N ()


USB Information:

EHCI Root Hub Simulation

Apple Inc. Built-in iSight

EHCI Root Hub Simulation

Apple Internal Memory Card Reader

OHCI Root Hub Simulation

Apple Inc. Apple Internal Keyboard / Trackpad

Apple Computer, Inc. IR Receiver

OHCI Root Hub Simulation

Apple Inc. BRCM2046 Hub

Apple Inc. Bluetooth USB Host Controller


System Software:

OS X Yosemite 10.10.5 (14F2315) - Time since boot: less than an hour


Configuration files:

/etc/hosts - Count: 15


Gatekeeper:

Mac App Store and identified developers


Kernel Extensions:

/Applications/Toast 11 Titanium/Spin Doctor.app

[not loaded] com.hzsystems.terminus.driver (4) [Lookup]


/Applications/Toast 11 Titanium/Toast Titanium.app

[not loaded] com.roxio.BluRaySupport (1.1.6) [Lookup]


/Library/Extensions

[loaded] com.malwarebytes.mbam.rtprotection (3.0 - SDK 10.12) [Lookup]


/System/Library/Extensions

[not loaded] com.seagate.driver.PowSecDriverCore (5.2.3 (26704) - SDK 10.4) [Lookup]


/System/Library/Extensions/Seagate Storage Driver.kext/Contents/PlugIns

[not loaded] com.seagate.driver.PowSecLeafDriver_10_4 (5.2.3 (26704) - SDK 10.4) [Lookup]

[not loaded] com.seagate.driver.PowSecLeafDriver_10_5 (5.2.3 (26704) - SDK 10.5) [Lookup]

[not loaded] com.seagate.driver.SeagateDriveIcons (5.2.3 (26704) - SDK 10.4) [Lookup]


~/Library/Services/ToastIt.service/Contents/MacOS

[not loaded] com.roxio.TDIXController (2.0) [Lookup]


Startup Items:

MobileBrServ: Path: /Library/StartupItems/MobileBrServ

Startup items no longer function in OS X Yosemite or later


System Launch Agents:

[not loaded] 6 Apple tasks

[loaded] 148 Apple tasks

[running] 58 Apple tasks


System Launch Daemons:

[not loaded] 42 Apple tasks

[loaded] 143 Apple tasks

[running] 78 Apple tasks


Launch Agents:

[not loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[loaded] com.adobe.CS5ServiceManager.plist (? 40cdc1ff dd391a6f - installed 2013-04-21) [Lookup]

[running] com.malwarebytes.mbam.frontend.agent.plist (? 631295be 680057a5 - installed 2017-08-03) [Lookup]

[running] com.trusteer.rapport.rapportd.plist (Trusteer LTD - installed 2017-07-07) [Lookup]

[running] jp.co.canon.CUPSCAPT.BG.plist (? 33904f9c 9c018b65 - installed 2017-01-09) [Lookup]


Launch Daemons:

[loaded] com.adobe.SwitchBoard.plist (? 856489a3 0 - installed 2013-04-21) [Lookup]

[running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-05-29) [Lookup]

[loaded] com.adobe.fpsaud.plist (? 2afb3af7 18a4fa69 - installed 2017-06-23) [Lookup]

[running] com.huawei.mbbservice.plist (? d59902d6 af1157fb - installed 2015-09-05) [Lookup]

[running] com.malwarebytes.mbam.rtprotection.daemon.plist (? 31419c10 e3f423ee - installed 2017-08-03) [Lookup]

[running] com.malwarebytes.mbam.settings.daemon.plist (? a40d558f d0b9e521 - installed 2017-08-03) [Lookup]

[loaded] com.rockysandstudio.WUHelper.plist (Rocky Sand Studio Ltd. - installed 2017-05-30) [Lookup]

[running] com.trusteer.rooks.rooksd.plist (Trusteer LTD - installed 2017-06-22) [Lookup]


User Launch Agents:

[loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[loaded] com.adobe.ARM.[...].plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[running] com.akamai.single-user-client.plist (? 8f2c69f 6a3689c4 - installed 2017-01-23) [Lookup]

[loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-07-10) [Lookup]


User Login Items:

iTunesHelper Application (Apple, Inc. - installed 2017-05-25)

(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

AdobeResourceSynchronizer Application - Hidden

(/Applications/Adobe Acrobat XI Pro/Adobe Acrobat Pro.app/Contents/Support/AdobeResourceSynchronizer.app)


Internet Plug-ins:

AdobeAAMDetect: AdobeAAMDetect 1.0.0.0 (installed 2017-07-21) [Lookup]

FlashPlayer-10.6: 26.0.0.137 (installed 2017-07-14) [Lookup]

QuickTime Plugin: 7.7.3 (installed 2017-04-22)

AdobePDFViewerNPAPI: 11.0.09 (installed 2014-10-09) [Lookup]

AdobePDFViewer: 11.0.09 (installed 2014-10-09) [Lookup]

Flash Player: 26.0.0.137 (installed 2017-07-14) [Lookup]

Default Browser: 600 (installed 2015-12-06)

JavaAppletPlugin: 15.0.0 (installed 2014-08-29) Check version

NP_2020Player_IKEA: 5.0.94.1 (installed 2012-09-28) [Lookup]

Silverlight: 5.1.41212.0 (installed 2016-03-20) [Lookup]

iPhotoPhotocast: 7.0 (installed 2013-05-06)


User internet Plug-ins:

Aspera Web 3.5.2.95060: Unknown (installed 2014-10-28) [Lookup]

SigniantTransfer v5.4.3.70626: SigniantTransfer 5.4.3.70626 (installed 2015-07-30) [Lookup]


3rd Party Preference Panes:

Akamai NetSession Preferences (installed 2017-01-23) [Lookup]

Flash Player (installed 2017-06-23) [Lookup]

Growl (installed 2013-04-21) [Lookup]

Paragon NTFS for Mac ® OS X (installed 2013-04-21) [Lookup]

Trusteer Endpoint Protection (installed 2017-07-07) [Lookup]


Time Machine:

Auto backup: YES

Volumes being backed up:

Macintosh HD: Disk size: 499.25 GB Disk used: 415.20 GB

Destinations:

Seagate Backup Plus Drive [Local]

Total size: 0 B

Total number of backups: 0

Oldest backup: -

Last backup: -

Size of backup disk: Too small

Backup size 0 B < (Disk used 415.20 GB X 3)


Top Processes by CPU:

17% RTProtectionDaemon

5% WindowServer

2% mds

2% kernel_task

1% captmoncnabf


Top Processes by Memory:

651 MB kernel_task

393 MB com.apple.WebKit.WebContent

202 MB mds_stores

167 MB Safari

81 MB imagent


Top Processes by Energy Use:

7.32 WindowServer

2.62 mds

1.24 captmoncnabf

0.70 opendirectoryd


Virtual Memory Information:

5.32 GB Available RAM

3.13 GB Free RAM

2.68 GB Used RAM

2.19 GB Cached files

0 B Swap Used


Software installs:

IBM Security Trusteer Endpoint Protection: (installed 2017-07-07)

Adobe Flash Player: (installed 2017-07-14)

Adobe Acrobat XI Pro (11.0.20): (installed 2017-07-21)

Malwarebytes for Mac: (installed 2017-08-03)


Install information may not be complete.


Diagnostics Information:

2017-08-01 19:59:13 Safari.app Hang [Open]


Files deleted by EtreCheck:

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Cartilaginei.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Catha.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Kohathite.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Lak.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Phytotomidae.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.antiphlogistian.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.brachypinacoidal.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.bryogenin.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.burp.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.cantref.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.chaffiness.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.disaccustom.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.excursionary.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.fastidiously.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.intrabronchial.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.kilterUpd.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.millistere.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.muff.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.pentine.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.posthippocampal.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.ritornello.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.sceuophorion.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.sectionize.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.semiatheist.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.stockkeeper.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.strigous.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.unmailed.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.unprofited.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.vitrifiable.service.plist - Unknown

2017-08-03 16:23:48 - ~/Library/LaunchAgents/com.mackeeper.MacKeeper.Helper.plist - Unknown

Reply
User profile for user: lisap6905
lisap6905 Author
User level: Level 1
4 points

Aug 3, 2017 6:03 PM in response to Eric Root

Thanks Eric, I have tired to do this. My current report, I am hopeful!

This sleuthing is a new one on me, but it seems to work 🙂.


EtreCheck version: 3.4.2 (436)

Report generated 2017-08-04 01:59:05

Download EtreCheck from https://etrecheck.com

Runtime: 7:40

Performance: Below Average


Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.

Click the [Clean up] link to delete unused files.


Problem: Other problem


Hardware Information:

MacBook Pro (13-inch, Mid 2009)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro5,5

1 2.26 GHz Intel Core 2 Duo (Duo) CPU: 2-core

8 GB RAM Upgradeable - [Instructions]

BANK 0/DIMM0

4 GB DDR3 1067 MHz ok

BANK 1/DIMM0

4 GB DDR3 1067 MHz ok

Bluetooth: Old - Handoff/Airdrop2 not supported

Wireless:
en1: 802.11 a/b/g/n

Battery: Health = Normal - Cycle count = 356


Video Information:

NVIDIA GeForce 9400M - VRAM: 256 MB

Color LCD 1280 x 800


Disk Information:

HGST HTS545050A7E380 disk0: (500.11 GB) (Rotational)

[Show SMART report]

(disk0s1) <not mounted>
[EFI]: 210 MB

Macintosh HD (disk0s2 - Journaled HFS+) /
[Startup]: 499.25 GB (83.81 GB free)

(disk0s3) <not mounted>
[Recovery]: 650 MB


HL-DT-ST DVDRW
GS23N
()


USB Information:

EHCI Root Hub Simulation

Apple Inc. Built-in iSight

EHCI Root Hub Simulation

Apple Internal Memory Card Reader

OHCI Root Hub Simulation

Apple Inc. Apple Internal Keyboard / Trackpad

Apple Computer, Inc. IR Receiver

OHCI Root Hub Simulation

Apple Inc. BRCM2046 Hub

Apple Inc. Bluetooth USB Host Controller


System Software:

OS X Yosemite 10.10.5 (14F2315) - Time since boot: less than an hour


Configuration files:

/etc/hosts - Count: 15


Gatekeeper:

Mac App Store and identified developers


Clean up:

/Library/LaunchAgents/com.trusteer.rapport.rapportd.plist

/Library/Rapport/bin/rapportd.app/Contents/MacOS/rapportd

Executable not found!

/Library/LaunchDaemons/com.trusteer.rooks.rooksd.plist

/Library/Rapport/bin/rooksd

Executable not found!

2 orphan files found. [Clean up]


Kernel Extensions:

/Applications/Toast 11 Titanium/Spin Doctor.app

[not loaded] com.hzsystems.terminus.driver (4) [Lookup]


/Applications/Toast 11 Titanium/Toast Titanium.app

[not loaded] com.roxio.BluRaySupport (1.1.6) [Lookup]


/Library/Extensions

[loaded] com.malwarebytes.mbam.rtprotection (3.0 - SDK 10.12) [Lookup]


/System/Library/Extensions

[not loaded] com.seagate.driver.PowSecDriverCore (5.2.3 (26704) - SDK 10.4) [Lookup]


/System/Library/Extensions/Seagate Storage Driver.kext/Contents/PlugIns

[not loaded] com.seagate.driver.PowSecLeafDriver_10_4 (5.2.3 (26704) - SDK 10.4) [Lookup]

[not loaded] com.seagate.driver.PowSecLeafDriver_10_5 (5.2.3 (26704) - SDK 10.5) [Lookup]

[not loaded] com.seagate.driver.SeagateDriveIcons (5.2.3 (26704) - SDK 10.4) [Lookup]


~/Library/Services/ToastIt.service/Contents/MacOS

[not loaded] com.roxio.TDIXController (2.0) [Lookup]


Startup Items:

MobileBrServ: Path: /Library/StartupItems/MobileBrServ

Startup items no longer function in OS X Yosemite or later


System Launch Agents:

[not loaded] 6 Apple tasks

[loaded] 150 Apple tasks

[running] 56 Apple tasks


System Launch Daemons:

[not loaded] 42 Apple tasks

[loaded] 140 Apple tasks

[running] 81 Apple tasks


Launch Agents:

[not loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[loaded] com.adobe.CS5ServiceManager.plist (? 40cdc1ff dd391a6f - installed 2013-04-21) [Lookup]

[running] com.malwarebytes.mbam.frontend.agent.plist (? 631295be 680057a5 - installed 2017-08-03) [Lookup]

[failed] com.trusteer.rapport.rapportd.plist (? 3c23cb0a 0 - installed 2017-06-22) [Lookup] - /Library/Rapport/bin/rapportd.app/Contents/MacOS/rapportd: Executable not found!

[running] jp.co.canon.CUPSCAPT.BG.plist (? 33904f9c 9c018b65 - installed 2017-01-09) [Lookup]


Launch Daemons:

[loaded] com.adobe.SwitchBoard.plist (? 856489a3 0 - installed 2013-04-21) [Lookup]

[running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-05-29) [Lookup]

[loaded] com.adobe.fpsaud.plist (? 2afb3af7 18a4fa69 - installed 2017-06-23) [Lookup]

[running] com.huawei.mbbservice.plist (? d59902d6 af1157fb - installed 2015-09-05) [Lookup]

[running] com.malwarebytes.mbam.rtprotection.daemon.plist (? 31419c10 e3f423ee - installed 2017-08-03) [Lookup]

[running] com.malwarebytes.mbam.settings.daemon.plist (? a40d558f d0b9e521 - installed 2017-08-03) [Lookup]

[loaded] com.rockysandstudio.WUHelper.plist (Rocky Sand Studio Ltd. - installed 2017-05-30) [Lookup]

[failed] com.trusteer.rooks.rooksd.plist (? 861b4fc7 0 - installed 2017-06-22) [Lookup] - /Library/Rapport/bin/rooksd: Executable not found!


User Launch Agents:

[loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-07-21) [Lookup]

[loaded] com.adobe.ARM.[...].plist (? ? ? - installed 2017-07-21) [Lookup]

[running] com.akamai.single-user-client.plist (? 8f2c69f 6a3689c4 - installed 2017-01-23) [Lookup]

[loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-07-10) [Lookup]


User Login Items:

iTunesHelper Application (Apple, Inc. - installed 2017-05-25)

(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

AdobeResourceSynchronizer Application - Hidden

(/Applications/Adobe Acrobat XI Pro/Adobe Acrobat Pro.app/Contents/Support/AdobeResourceSynchronizer.app)


Internet Plug-ins:

AdobeAAMDetect: AdobeAAMDetect 1.0.0.0 (installed 2017-07-21) [Lookup]

FlashPlayer-10.6: 26.0.0.137 (installed 2017-07-14) [Lookup]

QuickTime Plugin: 7.7.3 (installed 2017-04-22)

AdobePDFViewerNPAPI: 11.0.09 (installed 2014-10-09) [Lookup]

AdobePDFViewer: 11.0.09 (installed 2014-10-09) [Lookup]

Flash Player: 26.0.0.137 (installed 2017-07-14) [Lookup]

Default Browser: 600 (installed 2015-12-06)

JavaAppletPlugin: 15.0.0 (installed 2014-08-29) Check version

NP_2020Player_IKEA: 5.0.94.1 (installed 2012-09-28) [Lookup]

Silverlight: 5.1.41212.0 (installed 2016-03-20) [Lookup]

iPhotoPhotocast: 7.0 (installed 2013-05-06)


User internet Plug-ins:

Aspera Web 3.5.2.95060: Unknown (installed 2014-10-28) [Lookup]

SigniantTransfer v5.4.3.70626: SigniantTransfer 5.4.3.70626 (installed 2015-07-30) [Lookup]


3rd Party Preference Panes:

Akamai NetSession Preferences (installed 2017-01-23) [Lookup]

Flash Player (installed 2017-06-23) [Lookup]

Growl (installed 2013-04-21) [Lookup]

Paragon NTFS for Mac ® OS X (installed 2013-04-21) [Lookup]

Trusteer Endpoint Protection (installed 2017-07-07) [Lookup]


Time Machine:

Auto backup: YES

Volumes being backed up:

Macintosh HD: Disk size: 499.25 GB Disk used: 415.43 GB

Destinations:

Seagate Backup Plus Drive [Local]

Total size: 0 B

Total number of backups: 0

Oldest backup: -

Last backup: -

Size of backup disk: Too small

Backup size 0 B < (Disk used 415.43 GB X 3)


Top Processes by CPU:

11%
RTProtectionDaemon

7%
WindowServer

5%
mdworker

3%
kernel_task

2%
opendirectoryd


Top Processes by Memory:

556 MB kernel_task

187 MB mds_stores

73 MB imagent

58 MB RTProtectionDaemon

51 MB softwareupdated


Top Processes by Energy Use:

8.00 WindowServer

6.58 mds

6.42 mds_stores

1.76 fseventsd


Virtual Memory Information:

6.02 GB
Available RAM

3.14 GB
Free RAM

1.98 GB
Used RAM

2.87 GB
Cached files

0 B Swap Used


Software installs:

IBM Security Trusteer Endpoint Protection:
(installed 2017-07-07)

Adobe Flash Player:
(installed 2017-07-14)

Adobe Acrobat XI Pro (11.0.20):
(installed 2017-07-21)

Malwarebytes for Mac:
(installed 2017-08-03)


Install information may not be complete.


Diagnostics Information:

2017-08-03 18:05:50 com.apple.WebKit.WebContent High CPU use [Open] [Details]

2017-08-01 19:59:13 Safari.app Hang [Open]


Files deleted by EtreCheck:

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Cartilaginei.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Catha.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Kohathite.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Lak.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.Phytotomidae.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.antiphlogistian.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.brachypinacoidal.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.bryogenin.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.burp.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.cantref.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.chaffiness.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.disaccustom.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.excursionary.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.fastidiously.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.intrabronchial.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.kilterUpd.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.millistere.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.muff.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.pentine.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.posthippocampal.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.ritornello.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.sceuophorion.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.sectionize.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.semiatheist.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.stockkeeper.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.strigous.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.unmailed.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.unprofited.service.plist - Unknown

2017-08-03 16:16:07 - /Library/LaunchDaemons/com.vitrifiable.service.plist - Unknown

2017-08-03 16:23:48 - ~/Library/LaunchAgents/com.mackeeper.MacKeeper.Helper.plist - Unknown


Reply
User profile for user: seventy one
seventy one
User level: Level 7
27,460 points

Aug 4, 2017 3:39 AM in response to lisap6905

There is quite a lot of improvement but you need to remove trusteer rapport (there are at least 4 entries) It is a known troublemaker whatever your bank may say.


There are also potential problems with roxio and its link with com.hzsystems and your outdated toast 11 titanium/ toast but the items themselves are outside my experience.

I Googled these items to learn of this. Updating it may help.


But we've made progress.

Reply
User profile for user: Eric Root
Eric Root
User level: Level 10
685,221 points

Aug 3, 2017 1:20 PM in response to lisap6905

You can upgrade your RAM, but before doing anything, try uninstalling Trusteer using the link I posted earlier. It is a known problem in Macs as seventy one posted.


The 2 places I’ve seen recommended most to buy reliable RAM are below. I have purchased RAM several times and a hard drive from Other World Computing and have always been very satisfied with the product and service. They have on-line instructions on how to replace the RAM. OWC has also tested RAM above what Apple states is the maximum. I had 6GB installed on an early 2008 iMac supposedly limited to 4 GB and noticed an improvement.


Crucial


Other World Computing

Reply
User profile for user: seventy one
seventy one
User level: Level 7
27,460 points

Aug 3, 2017 11:19 PM in response to lisap6905

Hello lisap


Is the above your latest report; if so it does not appear that 'trusteer' has gone.


I spotted entries at several places ... Clean up, Launch Agents, Launch Daemons, 3rd Party preference panes, Software installs. Once these are removed your machine will improve further.


I was hoping someone could comment on the Toast 11 titanium situation but it seems to have been missed so far.


It is usually best to try to read through the report to see if things that need removing are no longer showing before publishing again ... otherwise we end up with huge and complex posts with multiple reports.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

EtreCheck has detected infected adware, should I delete files?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up