AVG scan , malware, virus, safe ? files were quarantined. PLEASE HELP

Question

Level 1

8 points

AVG scan , malware, virus, safe ? files were quarantined. PLEASE HELP

I recently ran an AVG scan on my 2015 MacBook Pro and the results ended up putting the following 7 files in quarantine. Can anyone please tell me if they are safe, malware or a virus. Any help is much appreciated.

Thank you.

/private/var/db/uuidtext/27/5C90F7E4A93732B3C1B576AF6DA7D5
/private/var/db/uuidtext/CE/091E3F4BEB3FA1BB3B9B04E33EA54D
/private/var/db/uuidtext/8B/BB1EDDB3363F1BBA0C9C25D1A3DD42
/Users/mgj/Library/Application Support/com.QuickLookSearches/QuickLookSearches
/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/Resources/infs
/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rl istupdater
/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/MacOS/helperamc

MacBook Pro with Retina display, OS 10.13.1 High Sierra

Posted on Nov 14, 2017 11:54 AM

Reply

Answer 1

Nov 14, 2017 5:47 PM in response to MacGJ

Name one Mac virus that exists out in the wild that could affect your computer. Modern OSs like High Sierra have built in protections and third party anti virus apps interfere with the built in protection.

Effective defenses against malware and other threats

Search these communities for anti virus apps such as avg, Kaspersky, Norton, AVAST, etc. to see what others have to say about them. While you are at it do a search in these communities for third party apps that claim to clean, protect, manage, boost performance such as CleanMyMac, Advanced MacCleaner, etc.

Reply

Answer 2

MacGJ Author

Level 1

8 points

Nov 14, 2017 6:43 PM in response to Allan Eckert

Report as follows:

EtreCheck version: 3.4.6 (460)

Report generated 2017-11-14 20:36:20

Download EtreCheck from https://etrecheck.com

Runtime: 1:55

Performance: Excellent

Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.

Click the [Remove/Report] links to remove adware or update the whitelist of legitimate software.

Click the [Clean up] link to delete unused files.

Problem: Other problem

Description:

I had a malware scare.
Possible MacBook Keeper or Advanced MacBook cleaner.
I kept getting several pop ups even when visiting other pages.
Possibly just ads ??
I installed AVG and ran a scan(I have since uninstalled AVG).
upon completion it had quarantined 7 paths.
They are as follows:

1.
/private/var/db/uuidtext/27/5C90F7E4A93732B3C1B576AF6DA7D5

2.
/private/var/db/uuidtext/CE/091E3F4BEB3FA1BB3B9B04E33EA54D

3.
/private/var/db/uuidtext/8B/BB1EDDB3363F1BBA0C9C25D1A3DD42

4.
/Users/mgj/Library/Application Support/com.QuickLookSearches/QuickLookSearches

/5.
Users/mgj/Library/Application Support/amc/helperamc.app/Contents/Resources/infs

6.
/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rl istupdater

7.
/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/MacOS/helperamc

Hardware Information:ⓘ

MacBook Pro (Retina, 13-inch, Early 2015)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro12,1

1 2.7 GHz Intel Core i5 (i5-5257U) CPU: 2-core

8 GB RAM Not upgradeable

BANK 0/DIMM0

4 GB DDR3 1867 MHz ok

BANK 1/DIMM0

4 GB DDR3 1867 MHz ok

Handoff/Airdrop2: supported

Wireless:
en0: 802.11 a/b/g/n/ac

Battery: Health = Normal - Cycle count = 96

Video Information:ⓘ

Intel Iris Graphics 6100 - VRAM: 1536 MB

Color LCD 2560 x 1600

Disk Information:ⓘ

APPLE SSD SM0256G disk0: (251 GB) (Solid State - TRIM: Yes)

[Show SMART report]

EFI (disk0s1 - MS-DOS FAT32) <not mounted>
[EFI]: 210 MB

(disk0s2) <not mounted>
[APFS Container]: 250.79 GB

USB Information:ⓘ

USB30Bus

Apple Internal Memory Card Reader

SD Card Reader disk2: (196.87 GB)

EFI (disk2s1 - MS-DOS FAT32) <not mounted>
[EFI]: 210 MB

SD200GB (disk2s2 - Case-sensitive Journaled HFS+) /Volumes/SD200GB : 196.52 GB (128.95 GB free)

Broadcom Corp. Bluetooth USB Host Controller

Thunderbolt Information:ⓘ

Apple Inc. thunderbolt_bus

Virtual disks:ⓘ

Macintosh HD (disk1s1 - APFS) /
[Startup]: 250.79 GB (167.47 GB free)

Physical disk: disk0s2 250.79 GB (167.47 GB free)

(disk1s2) <not mounted>
[Preboot]: 250.79 GB

Physical disk: disk0s2 250.79 GB

(disk1s3) <not mounted>
[Recovery]: 250.79 GB

Physical disk: disk0s2 250.79 GB

(disk1s4) /private/var/vm
[VM]: 250.79 GB

Physical disk: disk0s2 250.79 GB

Flash Player (disk5s2 - HFS+) /Volumes/Flash Player : 20 MB (0 B free)

Physical disk: Disk Image 20 MB (0 B free)

AdvancedMacCleaner (disk6s1 - HFS+) /Volumes/AdvancedMacCleaner : 18 MB (4 MB free)

Physical disk: Disk Image 18 MB (4 MB free)

System Software:ⓘ

macOS High Sierra
10.13.1 (17B48) - Time since boot: about 3 days

Gatekeeper:ⓘ

Mac App Store and identified developers

Possible adware:ⓘ

Adware: ~/Library/LaunchAgents/com.pcv.hlpramcn.plist

Unknown file: ~/Library/Safari/Extensions/Any Search DS.safariextz

2 possible adware files found. [Remove/Report]

Clean up:ⓘ

~/Library/LaunchAgents/com.QuickLookSearches.plist

~/Library/Application Support/com.QuickLookSearches/QuickLookSearches r

Executable not found!

~/Library/LaunchAgents/com.pcv.hlpramcn.plist

~/Library/Application Support/amc/helperamc.app/Contents/MacOS/helperamc

Executable not found!

2 orphan files found. [Clean up]

Kernel Extensions:ⓘ

/Library/Extensions

[loaded] com.Cycling74.driver.Soundflower (2.0b2 - SDK 10.10) [Lookup]

/System/Library/Extensions

[not loaded] com.AmbrosiaSW.AudioSupport (4.1.2 - SDK 10.7) [Lookup]

System Launch Agents:ⓘ

[not loaded] 8 Apple tasks

[loaded] 160 Apple tasks

[running] 120 Apple tasks

System Launch Daemons:ⓘ

[not loaded] 37 Apple tasks

[loaded] 170 Apple tasks

[running] 123 Apple tasks

Launch Agents:ⓘ

[not loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-02-03) [Lookup]

[loaded] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-07-31) [Lookup]

[running] jp.co.canon.CUPSSFP.BG.plist (Canon Inc. - installed 2016-08-07) [Lookup]

Launch Daemons:ⓘ

[running] com.adobe.adobeupdatedaemon.plist (Adobe Systems, Inc. - installed 2017-07-31) [Lookup]

[running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-09-26) [Lookup]

[loaded] com.adobe.fpsaud.plist (? 2afb3af7 a56d5fc2 - installed 2017-10-25) [Lookup]

[loaded] com.ambrosiasw.ambrosiaaudiosupporthelper.daemon.plist (Ambrosia Software, Inc. - installed 2013-03-22) [Lookup]

[not loaded] com.apple.installer.cleanupinstaller.plist (? 1963bf56 0 - installed 2017-11-11)

[loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2017-09-22) [Lookup]

[loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2016-07-09) [Lookup]

User Launch Agents:ⓘ

[failed] com.QuickLookSearches.plist (? b02f147d 0 - installed 2017-11-13) [Lookup] - ~/Library/Application Support/com.QuickLookSearches/QuickLookSearches: Executable not found!

[loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-02-03) [Lookup]

[loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-09-27) [Lookup]

[running] com.pcv.hlpramcn.plist (? 1b7bfb7c 0 - installed 2017-11-13) Adware!
[Remove/Report]

User Login Items:ⓘ

iTunesHelper Application (Apple, Inc. - installed 2017-11-01)

(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

SpeechSynthesisServer Application

(/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesisServer.app)

Internet Plug-ins:ⓘ

FlashPlayer-10.6: 27.0.0.187 (installed 2017-11-14) [Lookup]

Flash Player: 27.0.0.187 (installed 2017-11-14) [Lookup]

QuickTime Plugin: 7.7.3 (installed 2017-10-25)

PepperFlashPlayer: 27.0.0.187 (installed 2017-11-14) [Lookup]

AdobeAAMDetect: 3.0.0.0 (installed 2017-07-31) [Lookup]

Safari Extensions:ⓘ

[enabled] Any Search DS (installed 2017-11-13)

3rd Party Preference Panes:ⓘ

Flash Player (installed 2017-10-25) [Lookup]

Time Machine:ⓘ

Skip System Files: NO

Mobile backups: OFF

Auto backup: NO - Auto backup turned off

Volumes being backed up:

Macintosh HD: Disk size: 250.79 GB Disk used: 83.32 GB

Destinations:

SD200GB [Local]

Total size: 196.52 GB

Total number of backups: 7

Oldest backup: 8/7/16, 23:00

Last backup: 10/13/16, 01:23

Size of backup disk: Too small

Backup size 196.52 GB < (Disk used 83.32 GB X 3)

Top Processes by CPU:ⓘ

7%
WindowServer

3%
kernel_task

0%
fontd

0%
Google Chrome

0%
launchd

Top Processes by Memory:ⓘ

894 MB kernel_task

461 MB softwareupdated

256 MB Mail

221 MB Google Chrome

211 MB com.apple.WebKit.WebContent

Top Processes by Network Use:ⓘ

Input Output Process name

4 MB 2 MB mDNSResponder

4 MB 95 KB Mail

108 KB 67 KB apsd

61 KB 5 KB netbiosd

4 KB 3 KB assistantd

Top Processes by Energy Use:ⓘ

9.04 WindowServer

0.48 Google Chrome

0.44 Google Chrome Helper

0.20 SystemUIServer

Virtual Memory Information:ⓘ

2.50 GB
Available RAM

146 MB Free RAM

5.50 GB
Used RAM

2.36 GB
Cached files

160 MB Swap Used

Software installs (last 30 days):ⓘ

Adobe Flash Player:
(installed 2017-10-16)

Adobe Pepper Flash Player:
(installed 2017-10-16)

Adobe Flash Player:
(installed 2017-10-25)

Adobe Pepper Flash Player:
(installed 2017-10-25)

MacKeeper:
(installed 2017-11-13)

AVG AntiVirus: 17.4 (installed 2017-11-13)

Adobe Flash Player:
(installed 2017-11-14)

AVG Cleaner: 4766 (installed 2017-11-14)

Adobe Pepper Flash Player:
(installed 2017-11-14)

WhatsApp: 0.2.6969 (installed 2017-11-14)

Install information may not be complete.

Diagnostics Events (last 3 days for minor events):ⓘ

2017-11-14 17:19:25 AVGAntiVirus.app Crash [Open]

Cause: *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'unhandled finish status 0'

terminating with uncaught exception of type NSException

abort() called

2017-11-13 02:17:30 com.avg.daemon High CPU use [Open] [Details]

2017-11-13 00:19:03 cloudd Crash [Open]

Cause: *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'Path /Users/USER/Library/Caches/*/MMCS deleted/renamed, crashing.'

terminating with uncaught exception of type NSException

abort() called

Reply

Answer 3

MacGJ Author

Level 1

8 points

Nov 14, 2017 7:31 PM in response to BobTheFisherman

Tis report looks much more thorough. I do see where it said I installed MacBook Keeper.. It must have been sneaky or piggy backed on something because I do not remember installing it. Looks like everything else is running ok... But I really don't know exactly everything I'm looking at.. maybe you can help.

new report:

EtreCheck version: 3.4.6 (460)

Report generated 2017-11-14 21:24:56

Download EtreCheck from https://etrecheck.com

Runtime: 1:58

Performance: Excellent

Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.

Problem: Other problem

Description:

recheck after deleting Advanced MacBook Cleaner files

Hardware Information:ⓘ

MacBook Pro (Retina, 13-inch, Early 2015)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro12,1

1 2.7 GHz Intel Core i5 (i5-5257U) CPU: 2-core

8 GB RAM Not upgradeable

BANK 0/DIMM0

4 GB DDR3 1867 MHz ok

BANK 1/DIMM0

4 GB DDR3 1867 MHz ok

Handoff/Airdrop2: supported

Wireless:
en0: 802.11 a/b/g/n/ac

Battery: Health = Normal - Cycle count = 96

Video Information:ⓘ

Intel Iris Graphics 6100 - VRAM: 1536 MB

Color LCD 2560 x 1600

Disk Information:ⓘ

APPLE SSD SM0256G disk0: (251 GB) (Solid State - TRIM: Yes)

[Show SMART report]

EFI (disk0s1 - MS-DOS FAT32) <not mounted>
[EFI]: 210 MB

(disk0s2) <not mounted>
[APFS Container]: 250.79 GB

USB Information:ⓘ

USB30Bus

Apple Internal Memory Card Reader

Broadcom Corp. Bluetooth USB Host Controller

Thunderbolt Information:ⓘ

Apple Inc. thunderbolt_bus

Virtual disks:ⓘ

Macintosh HD (disk1s1 - APFS) /
[Startup]: 250.79 GB (173.35 GB free)

Physical disk: disk0s2 250.79 GB (173.35 GB free)

(disk1s2) <not mounted>
[Preboot]: 250.79 GB

Physical disk: disk0s2 250.79 GB

(disk1s3) <not mounted>
[Recovery]: 250.79 GB

Physical disk: disk0s2 250.79 GB

(disk1s4) /private/var/vm
[VM]: 250.79 GB

Physical disk: disk0s2 250.79 GB

System Software:ⓘ

macOS High Sierra
10.13.1 (17B48) - Time since boot: less than an hour

Gatekeeper:ⓘ

Mac App Store and identified developers

Kernel Extensions:ⓘ

/Library/Extensions

[loaded] com.Cycling74.driver.Soundflower (2.0b2 - SDK 10.10) [Lookup]

/System/Library/Extensions

[not loaded] com.AmbrosiaSW.AudioSupport (4.1.2 - SDK 10.7) [Lookup]

System Launch Agents:ⓘ

[not loaded] 8 Apple tasks

[loaded] 180 Apple tasks

[running] 100 Apple tasks

System Launch Daemons:ⓘ

[not loaded] 36 Apple tasks

[loaded] 186 Apple tasks

[running] 108 Apple tasks

Launch Agents:ⓘ

[not loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-02-03) [Lookup]

[loaded] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-07-31) [Lookup]

[running] jp.co.canon.CUPSSFP.BG.plist (Canon Inc. - installed 2016-08-07) [Lookup]

Launch Daemons:ⓘ

[running] com.adobe.adobeupdatedaemon.plist (Adobe Systems, Inc. - installed 2017-07-31) [Lookup]

[running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-09-26) [Lookup]

[loaded] com.adobe.fpsaud.plist (? 2afb3af7 a56d5fc2 - installed 2017-10-25) [Lookup]

[loaded] com.ambrosiasw.ambrosiaaudiosupporthelper.daemon.plist (Ambrosia Software, Inc. - installed 2013-03-22) [Lookup]

[not loaded] com.apple.installer.cleanupinstaller.plist (? 1963bf56 0 - installed 2017-11-11)

[loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2017-09-22) [Lookup]

[loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2016-07-09) [Lookup]

User Launch Agents:ⓘ

[loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-02-03) [Lookup]

[loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-09-27) [Lookup]

Internet Plug-ins:ⓘ

FlashPlayer-10.6: 27.0.0.187 (installed 2017-11-14) [Lookup]

Flash Player: 27.0.0.187 (installed 2017-11-14) [Lookup]

QuickTime Plugin: 7.7.3 (installed 2017-10-25)

PepperFlashPlayer: 27.0.0.187 (installed 2017-11-14) [Lookup]

AdobeAAMDetect: 3.0.0.0 (installed 2017-07-31) [Lookup]

3rd Party Preference Panes:ⓘ

Flash Player (installed 2017-10-25) [Lookup]

Time Machine:ⓘ

Skip System Files: NO

Mobile backups: OFF

Auto backup: NO - Auto backup turned off

Volumes being backed up:

Macintosh HD: Disk size: 250.79 GB Disk used: 77.44 GB

Destinations:

SD200GB [Local]

Total size: 196.52 GB

Total number of backups: 7

Oldest backup: 8/7/16, 23:00

Last backup: 10/13/16, 01:23

Size of backup disk: Too small

Backup size 196.52 GB < (Disk used 77.44 GB X 3)

Top Processes by CPU:ⓘ

8%
mdworker

8%
mds

6%
WindowServer

6%
mdworker

2%
kernel_task

Top Processes by Memory:ⓘ

757 MB kernel_task

182 MB Google Chrome

136 MB Google Chrome Helper

110 MB Google Chrome Helper

106 MB Google Chrome Helper

Top Processes by Network Use:ⓘ

Input Output Process name

28 KB 23 KB mDNSResponder

29 KB 1 KB passd

23 KB 6 KB gamed

18 KB 6 KB cloudd

8 KB 9 KB apsd

Top Processes by Energy Use:ⓘ

9.36 WindowServer

1.10 Google Chrome Helper

0.92 Google Chrome

0.60 launchd

Virtual Memory Information:ⓘ

4.69 GB
Available RAM

2.99 GB
Free RAM

3.31 GB
Used RAM

1.70 GB
Cached files

0 B Swap Used

Software installs (last 30 days):ⓘ

Adobe Flash Player:
(installed 2017-10-16)

Adobe Pepper Flash Player:
(installed 2017-10-16)

Adobe Flash Player:
(installed 2017-10-25)

Adobe Pepper Flash Player:
(installed 2017-10-25)

MacKeeper:
(installed 2017-11-13)

AVG AntiVirus: 17.4 (installed 2017-11-13)

Adobe Flash Player:
(installed 2017-11-14)

AVG Cleaner: 4766 (installed 2017-11-14)

Adobe Pepper Flash Player:
(installed 2017-11-14)

WhatsApp: 0.2.6969 (installed 2017-11-14)

Install information may not be complete.

Diagnostics Events (last 3 days for minor events):ⓘ

2017-11-14 21:21:31 Core Sync.app Crash [Open]

Cause: abort() called

terminating with uncaught exception of type Poco::SystemException: System exception

2017-11-14 17:19:25 AVGAntiVirus.app Crash [Open]

Cause: *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'unhandled finish status 0'

terminating with uncaught exception of type NSException

abort() called

2017-11-13 02:17:30 com.avg.daemon High CPU use [Open] [Details]

2017-11-13 00:19:03 cloudd Crash [Open]

Cause: *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'Path /Users/USER/Library/Caches/*/MMCS deleted/renamed, crashing.'

terminating with uncaught exception of type NSException

abort() called

Files deleted by EtreCheck:ⓘ

2017-11-14 20:58:03 - ~/Library/LaunchAgents/com.pcv.hlpramcn.plist - Unknown

2017-11-14 20:58:04 - ~/Library/Safari/Extensions/Any Search DS.safariextz - Unknown

2017-11-14 20:58:29 - ~/Library/LaunchAgents/com.QuickLookSearches.plist - Unknown

2017-11-14 20:59:29 - ~/Library/Safari/Extensions/Any Search DS.safariextz - Unknown

Reply

Answer 4

MacGJ Author

Level 1

8 points

Nov 14, 2017 7:40 PM in response to Allan Eckert

newest one after clean up.

EtreCheck version: 3.4.6 (460)

Report generated 2017-11-14 21:24:56

Download EtreCheck from https://etrecheck.com

Runtime: 1:58

Performance: Excellent

Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.

Problem: Other problem

Description:

recheck after deleting Advanced MacBook Cleaner files

Hardware Information:ⓘ

MacBook Pro (Retina, 13-inch, Early 2015)

[Technical Specifications] - [User Guide] - [Warranty & Service]

MacBook Pro - model: MacBookPro12,1

1 2.7 GHz Intel Core i5 (i5-5257U) CPU: 2-core

8 GB RAM Not upgradeable

BANK 0/DIMM0

4 GB DDR3 1867 MHz ok

BANK 1/DIMM0

4 GB DDR3 1867 MHz ok

Handoff/Airdrop2: supported

Wireless:
en0: 802.11 a/b/g/n/ac

Battery: Health = Normal - Cycle count = 96

Video Information:ⓘ

Intel Iris Graphics 6100 - VRAM: 1536 MB

Color LCD 2560 x 1600

Disk Information:ⓘ

APPLE SSD SM0256G disk0: (251 GB) (Solid State - TRIM: Yes)

[Show SMART report]

EFI (disk0s1 - MS-DOS FAT32) <not mounted>
[EFI]: 210 MB

(disk0s2) <not mounted>
[APFS Container]: 250.79 GB

USB Information:ⓘ

USB30Bus

Apple Internal Memory Card Reader

Broadcom Corp. Bluetooth USB Host Controller

Thunderbolt Information:ⓘ

Apple Inc. thunderbolt_bus

Virtual disks:ⓘ

Macintosh HD (disk1s1 - APFS) /
[Startup]: 250.79 GB (173.35 GB free)

Physical disk: disk0s2 250.79 GB (173.35 GB free)

(disk1s2) <not mounted>
[Preboot]: 250.79 GB

Physical disk: disk0s2 250.79 GB

(disk1s3) <not mounted>
[Recovery]: 250.79 GB

Physical disk: disk0s2 250.79 GB

(disk1s4) /private/var/vm
[VM]: 250.79 GB

Physical disk: disk0s2 250.79 GB

System Software:ⓘ

macOS High Sierra
10.13.1 (17B48) - Time since boot: less than an hour

Gatekeeper:ⓘ

Mac App Store and identified developers

Kernel Extensions:ⓘ

/Library/Extensions

[loaded] com.Cycling74.driver.Soundflower (2.0b2 - SDK 10.10) [Lookup]

/System/Library/Extensions

[not loaded] com.AmbrosiaSW.AudioSupport (4.1.2 - SDK 10.7) [Lookup]

System Launch Agents:ⓘ

[not loaded] 8 Apple tasks

[loaded] 180 Apple tasks

[running] 100 Apple tasks

System Launch Daemons:ⓘ

[not loaded] 36 Apple tasks

[loaded] 186 Apple tasks

[running] 108 Apple tasks

Launch Agents:ⓘ

[not loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-02-03) [Lookup]

[loaded] com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2017-07-31) [Lookup]

[running] jp.co.canon.CUPSSFP.BG.plist (Canon Inc. - installed 2016-08-07) [Lookup]

Launch Daemons:ⓘ

[running] com.adobe.adobeupdatedaemon.plist (Adobe Systems, Inc. - installed 2017-07-31) [Lookup]

[running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-09-26) [Lookup]

[loaded] com.adobe.fpsaud.plist (? 2afb3af7 a56d5fc2 - installed 2017-10-25) [Lookup]

[loaded] com.ambrosiasw.ambrosiaaudiosupporthelper.daemon.plist (Ambrosia Software, Inc. - installed 2013-03-22) [Lookup]

[not loaded] com.apple.installer.cleanupinstaller.plist (? 1963bf56 0 - installed 2017-11-11)

[loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2017-09-22) [Lookup]

[loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2016-07-09) [Lookup]

User Launch Agents:ⓘ

[loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-02-03) [Lookup]

[loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-09-27) [Lookup]

Internet Plug-ins:ⓘ

FlashPlayer-10.6: 27.0.0.187 (installed 2017-11-14) [Lookup]

Flash Player: 27.0.0.187 (installed 2017-11-14) [Lookup]

QuickTime Plugin: 7.7.3 (installed 2017-10-25)

PepperFlashPlayer: 27.0.0.187 (installed 2017-11-14) [Lookup]

AdobeAAMDetect: 3.0.0.0 (installed 2017-07-31) [Lookup]

3rd Party Preference Panes:ⓘ

Flash Player (installed 2017-10-25) [Lookup]

Time Machine:ⓘ

Skip System Files: NO

Mobile backups: OFF

Auto backup: NO - Auto backup turned off

Volumes being backed up:

Macintosh HD: Disk size: 250.79 GB Disk used: 77.44 GB

Destinations:

SD200GB [Local]

Total size: 196.52 GB

Total number of backups: 7

Oldest backup: 8/7/16, 23:00

Last backup: 10/13/16, 01:23

Size of backup disk: Too small

Backup size 196.52 GB < (Disk used 77.44 GB X 3)

Top Processes by CPU:ⓘ

8%
mdworker

8%
mds

6%
WindowServer

6%
mdworker

2%
kernel_task

Top Processes by Memory:ⓘ

757 MB kernel_task

182 MB Google Chrome

136 MB Google Chrome Helper

110 MB Google Chrome Helper

106 MB Google Chrome Helper

Top Processes by Network Use:ⓘ

Input Output Process name

28 KB 23 KB mDNSResponder

29 KB 1 KB passd

23 KB 6 KB gamed

18 KB 6 KB cloudd

8 KB 9 KB apsd

Top Processes by Energy Use:ⓘ

9.36 WindowServer

1.10 Google Chrome Helper

0.92 Google Chrome

0.60 launchd

Virtual Memory Information:ⓘ

4.69 GB
Available RAM

2.99 GB
Free RAM

3.31 GB
Used RAM

1.70 GB
Cached files

0 B Swap Used

Software installs (last 30 days):ⓘ

Adobe Flash Player:
(installed 2017-10-16)

Adobe Pepper Flash Player:
(installed 2017-10-16)

Adobe Flash Player:
(installed 2017-10-25)

Adobe Pepper Flash Player:
(installed 2017-10-25)

MacKeeper:
(installed 2017-11-13)

AVG AntiVirus: 17.4 (installed 2017-11-13)

Adobe Flash Player:
(installed 2017-11-14)

AVG Cleaner: 4766 (installed 2017-11-14)

Adobe Pepper Flash Player:
(installed 2017-11-14)

WhatsApp: 0.2.6969 (installed 2017-11-14)

Install information may not be complete.

Diagnostics Events (last 3 days for minor events):ⓘ

2017-11-14 21:21:31 Core Sync.app Crash [Open]

Cause: abort() called

terminating with uncaught exception of type Poco::SystemException: System exception

2017-11-14 17:19:25 AVGAntiVirus.app Crash [Open]

Cause: *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'unhandled finish status 0'

terminating with uncaught exception of type NSException

abort() called

2017-11-13 02:17:30 com.avg.daemon High CPU use [Open] [Details]

2017-11-13 00:19:03 cloudd Crash [Open]

Cause: *** Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: 'Path /Users/USER/Library/Caches/*/MMCS deleted/renamed, crashing.'

terminating with uncaught exception of type NSException

abort() called

Files deleted by EtreCheck:ⓘ

2017-11-14 20:58:03 - ~/Library/LaunchAgents/com.pcv.hlpramcn.plist - Unknown

2017-11-14 20:58:04 - ~/Library/Safari/Extensions/Any Search DS.safariextz - Unknown

2017-11-14 20:58:29 - ~/Library/LaunchAgents/com.QuickLookSearches.plist - Unknown

2017-11-14 20:59:29 - ~/Library/Safari/Extensions/Any Search DS.safariextz - Unknown

Reply

Answer 5

Tesserax

Level 10

148,453 points

Nov 14, 2017 5:05 PM in response to MacGJ

/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/Resources/infs

/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rl istupdater

/Users/mgj/Library/Application Support/amc/helperamc.app/Contents/MacOS/helperamc

These would be related to Advanced Mac Cleaner. It is not a virus, but a form of adware or Potentially Unwanted Program (PUP).

/Users/mgj/Library/Application Support/com.QuickLookSearches/QuickLookSearches

This one may be related to Anysearchmac. A browser extension. It is also a PUP.

The others I'm not sure about. I suggest that you leave these all in Quarantine for the next day or two to see if there are any issues. If none come up, go ahead and delete them.

Reply

Answer 6

MacGJ Author

Level 1

8 points

Nov 14, 2017 5:41 PM in response to BobTheFisherman

so you do not need any protection ? I know they are not as rampant as in windows, but virus for mac still exist. Very controversial subject .. I'm a newbie , so would be very interested in the reasoning behind your answer.

Reply

Answer 7

Nov 14, 2017 5:48 PM in response to MacGJ

I am sorry but I must concur with Bob that any AV software does far more damage then good on the Mac. I suggest you uninstall AVG using the uninstall procedure written by the developer for it.

I suggest you use the program created by Etresoft, a frequent contributor. It will provide a snapshot of your system which we can analyze to possibly determine the cause of your problem. Please use copy and paste as screen shots can be hard to read. On the screen with Options, please open Options and check the bottom 2 boxes before running. Click “Share Report” button in the toolbar, select “Copy to Clipboard” and then paste into a reply. This will show what is running on your computer. No personal information is shown.

Etrecheck – System Information

Reply

Answer 8

MacGJ Author

Level 1

8 points

Nov 14, 2017 5:52 PM in response to BobTheFisherman

As stated, I'm a newbie in Mac. Can't name a virus. Just read an article, stated that there were about 200. Maybe I mis-read, I will take a look at it again. Thank you for you other suggestions and quick reply.

Reply

Answer 9

MacGJ Author

Level 1

8 points

Nov 14, 2017 6:00 PM in response to BobTheFisherman

prob. I've been running my 2015 macbpro without prob until yesterday... something called mac book keep?? poped up and then everywhere I visited had one of their pop up windows.. like they were following me.. lol so I installed the AVG and the 7 paths were quarantined. I was told they were harmful or at least adware/malware... I wonder why APPLE didn't catch it ?

Reply

Answer 10

Kurt Lang

Level 9

58,152 points

Nov 14, 2017 6:12 PM in response to MacGJ

Many, many people, including those who should know better (cough, cough! anti-virus makers and so-called security "experts") call many types of malware viruses that aren't a virus at all. These groups of folks all treat the word virus as a generic term. It's not. Malware is the generic term (short for MALiscious softWARE). A virus is just one type of malware that work in specific ways.

Virus - can infect other directly connected computers or drives by copying themselves to them without any user interaction necessary. These do not exist in the Mac OS. Unix does not allow apps to write files wherever they want. A virus is not a registered user, so has no permissions to write anything.

Trojan - software that requires the user to do something to get it installed. There's lots of these. Especially on illegal file sharing sites where you download cracked versions of expensive, commerial software. Virtually a guarantee that if you install such software, it will also install some of the nastiest malware with it. Such as a keylogger, or back door. Adware actually falls under this catagory since most of it installs with other software you download from legal sites such as softonic.com and downloads.com. It's as annoying as all get out when it gets on your system, but at least it isn't dangerous. Though some of the ads generated by adware are outright fraudulent. Such as the plethora of scare tactic ads used by the makers of MacKeeper.

Worm - smarter than a virus. They can search out other computers on a network all on their own and attempt to infect the ones it finds. Only the very old, and long since patched against Oompa-Loompa (Leap-A) had any success in this category at all, and it didn't infect very many systems

Reply

Answer 11

MacGJ Author

Level 1

8 points

Nov 14, 2017 6:22 PM in response to Kurt Lang

Thank you for the detailed explanation and thorough reply. Now that I see you write it.. It was MacKeeper that popped up and kept following me. So basically, as other members have said MacOS / High Sierra-10.13.1 will keep me safe. Only if I open/click on the wrong file will I be harmed... ??? will my mac help in this situation ?? such as a Trojan ?

Reply

Answer 12

Nov 14, 2017 6:52 PM in response to MacGJ

Use the remove buttons in the report to remove the adware you have installed. Use the cleanup button to cleanup the orphan files. The report indicates you installed MacKeeper. If so uninstall it according to the developer's instructions. Reboot then post another report.

Reply

Answer 13

Kurt Lang

Level 9

58,152 points

Nov 15, 2017 5:09 AM in response to MacGJ

The Mac OS in general will keep you safe on its own.

There is no OS or AV software that can protect the user from a Trojan. You, the user, have made the decision to run or install the software. There are a few macOS will recognize when you download them, or attempt to run. A message will pop up about removing the file that was downloaded, or to terminate the app. But those are few. For the most part, the OS will allow you to run whatever you want. You are the owner of the computer and should be able to do what you want.

AV software is useless. There are no viruses to look for. Trojans? You already launched and ran the app. The AV software is too late to do anything about it.

The only real protection against Trojans is being careful about what software you install, and from where. Pirate, P2P or other file sharing sites? Don't even consider them. You will end up installing something nasty. That's where organized criminals intentionally put most of there malware. As add-ons in the illegal software you download. Want to get a "free" copy of Mathematica, or other expensive commercial software? Sure, it'll install that, and whatever else is in the installer you didn't know about.

Reply

Answer 14

MacGJ Author

Level 1

8 points

Nov 14, 2017 5:06 PM in response to Tesserax

Thank you.

Reply

Answer 15

Nov 14, 2017 5:19 PM in response to MacGJ

Uninstall AVG. It is not needed. Uninstall Advanced MacCleaner for the same reason.

Reply