Looking for spyware/keyloggers and am curious if anyone can see any indication of this on my Etrecheck report?
EtreCheck version: 4.3.6 (4D041)
Report generated: 2018-07-24 17:17:20
Download EtreCheck from https://etrecheck.com
Runtime: 2:57
Performance: Excellent
Problem: Other problem
Description:
I have concerns that Spyware or a keylooger has been installed on my MacBook Pro
Major Issues:
Anything that appears on this list needs immediate attention.
Time Machine backup out-of-date- The last Time Machine backup is over 10 days old.
More than one antivirus app- This machine has multiple antivirus apps installed.
Minor Issues:
These issues do not need immediate attention but they may indicate future problems.
Low disk space- This machine is running low on free hard drive space.
Unsigned files- There are unsigned software file installed. They appear to be legitimate but should be reviewed.
32-bit Apps- This machine has 32-bits apps that may have problems in the future.
Hardware Information:
MacBook Pro (15-inch, 2017)
MacBook Pro Model: MacBookPro14,3
1 2.8 GHz Intel Core i7 (i7-7700HQ) CPU: 4-core
16 GB RAM - Not upgradeable
BANK 0/DIMM0 - 8 GB LPDDR3 2133 ok
BANK 1/DIMM0 - 8 GB LPDDR3 2133 ok
Battery: Health = Normal - Cycle count = 80
Video Information:
Intel HD Graphics 630 - VRAM: 1536 MB
Color LCD
Radeon Pro 555 - VRAM: 2048 MB
Drives:
disk0 - APPLE SSD SM0256L 251.00 GB (Solid State - TRIM: Yes)
Internal PCI-Express 8.0 GT/s x4 NVM Express
disk0s1 - EFI [EFI] 315 MB
disk0s2 250.69 GB
disk1s1 - Macintosh HD (APFS) 250.69 GB (230.86 GB used)
disk1s2 - Preboot (APFS) [APFS Preboot] 250.69 GB (23 MB used)
disk1s3 - Recovery (APFS) [Recovery] 250.69 GB (519 MB used)
disk1s4 - VM (APFS) [APFS VM] 250.69 GB (3.22 GB used)
disk2 - Disk Image 35 MB (Disk Image)
External Disk Image
disk2s1 [Partition Map] 32 KB
disk2s2 - M*****n (HFS+) 34 MB
Mounted Volumes:
disk1s1 - Macintosh HD 250.69 GB (15.92 GB free)
APFS
Mount point: /
Encrypted
disk1s4 - VM [APFS VM] 250.69 GB (15.92 GB free)
APFS
Mount point: /private/var/vm
disk2s2 - M*****n 34 MB (13 MB free)
HFS+
Mount point: /Volumes/M*****n
Network:
Interface lpss-serial1: LPSS Serial Adapter (1)
Interface lpss-serial2: LPSS Serial Adapter (2)
Interface en7: USB 10/100/1000 LAN
Interface en9: iPhone
Interface en8: iPad
Interface en0: Wi-Fi
802.11 a/b/g/n/ac
One IPv4 address
Interface en5: Bluetooth PAN
Interface bridge0: Thunderbolt Bridge
iCloud Quota: 5.54 GB available
System Software:
macOS High Sierra 10.13.6 (17G65)
Time since boot: About 4 days
System Load: 1.98 (1 min ago) 1.59 (5 min ago) 1.47 (15 min ago)
Security:
| System | Status |
|---|---|
| Gatekeeper | Mac App Store and identified developers |
| System Integrity Protection | Enabled |
Unsigned Files:
Launchd: /Library/LaunchDaemons/com.f-secure.orspclient.plist
Executable: /usr/local/f-secure/bin/orspwrapper.sh --daas2-data ./orspclient/etc --http-port 0
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fsmac.fsupdated_guts2.plist
Executable: /usr/local/f-secure/bin/fsupdated_guts2
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fsmac.licensetool.plist
Executable: /usr/local/f-secure/fssp/bin/licensetool --update
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fsavd.plist
Executable: /usr/local/f-secure/bin/fsavdwrapper --nodaemon --logfile=on --oas=incoming --pidfile=/tmp/.com.f-secure.fsav/pidfile
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.urlexceptiond.plist
Executable: /usr/local/f-secure/bin/urlexceptiond.xpc/Contents/MacOS/urlexceptiond
Details: Exact match found in the whitelist - probably OK
Launchd: ~/Library/LaunchAgents/com.divx.agent.postinstall.plist
Executable: /Library/Internet Plug-Ins/DivXBrowserPlugin.plugin/Contents/Resources/extensions-installer install safari DivXHTML5 '/Library/Internet Plug-Ins/DivXBrowserPlugin.plugin/Contents/Resources/DivXHTML5.safariextz'
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fsmac.firewall.plist
Executable: /usr/local/f-secure/bin/fsfwfe /usr/local/f-secure/signal/firewall
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fsavd.dbhelper.plist
Executable: /usr/local/f-secure/fssp/sbin/dbhelper /usr/local/f-secure/fssp/var/reports.noindex /tmp/.com.f-secure.fsav/infections.db
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchAgents/com.hp.help.tocgenerator.plist
Executable: /Library/Documentation/Help/Hewlett-Packard/TOCGenerator.app/Contents/MacOS/TOC Generator
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fsmac.guts2downloader.plist
Executable: /usr/local/f-secure/bin/fsupdated_guts2 --download
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fscsafeadmind.plist
Executable: /usr/local/f-secure/bin/fscsafeadmind.xpc/Contents/MacOS/fscsafeadmind
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.f-secure.fsavd-suppressor.plist
Executable: /usr/local/f-secure/bin/fsavd-suppressor
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchAgents/com.f-secure.relauncher.plist
Executable: /usr/local/f-secure/bin/relaunch
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchAgents/com.f-secure.trasher.plist
Executable: /usr/local/f-secure/bin/trasher
Details: Exact match found in the whitelist - probably OK
32-bit Applications:
47 32-bit apps
Kernel Extensions:
/Library/Extensions
[Loaded] fsauth.kext (F-Secure Corporation, 0.5.0 - SDK 10.9)
[Loaded] MB_MBAM_Protection.kext (Malwarebytes Corporation, 3.3 - SDK 10.13)
/System/Library/Extensions
[Not Loaded] RT73USBWirelessDriver.kext (1.0.5.1)
System Launch Agents:
| [Not Loaded] | 7 Apple tasks |
| [Loaded] | 156 Apple tasks |
| [Running] | 129 Apple tasks |
| [Other] | 2 Apple tasks |
System Launch Daemons:
| [Not Loaded] | 39 Apple tasks |
| [Loaded] | 157 Apple tasks |
| [Running] | 139 Apple tasks |
Launch Agents:
| [Loaded] | com.f-secure.relauncher.plist (? 828eee6e - installed 2016-09-14) |
| [Loaded] | com.f-secure.trasher.plist (? db9f591e - installed 2016-09-14) |
| [Other] | com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a2 3d420d.plist (Adobe Systems, Inc. - installed 2018-02-14) |
| [Running] | com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2018-05-22) |
| [Loaded] | com.hp.help.tocgenerator.plist (? 11d191c4 - installed 2010-03-12) |
Launch Daemons:
| [Loaded] | com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2018-02-14) |
| [Other] | com.sonos.SonosLibraryServer.plist (Sonos, Inc. - installed 2017-11-02) |
| [Loaded] | com.f-secure.fscsafeadmind.plist (? b265db6a - installed 2016-09-14) |
| [Running] | com.f-secure.orspclient.plist (? 4d2e8df8 - installed 2016-09-14) |
| [Running] | com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2018-05-22) |
| [Other] | com.f-secure.fsmac.licensetool.plist (? 38629c09 - installed 2016-09-14) |
| [Loaded] | com.f-secure.fsavd.dbhelper.plist (? 4eb45576 - installed 2016-09-14) |
| [Loaded] | com.f-secure.fsmac.fsupdated_guts2.plist (? 9d885777 - installed 2016-09-14) |
| [Loaded] | com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2017-11-17) |
| [Running] | com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2018-05-22) |
| [Loaded] | com.securemac.MacScanDaemon.plist (? 2f2f5c03 - installed 2018-07-20) |
| [Loaded] | com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2018-06-25) |
| [Loaded] | com.f-secure.fsmac.guts2downloader.plist (? bb54cf35 - installed 2016-09-14) |
| [Loaded] | com.macpaw.CleanMyMac3.Agent.plist (? 7f4ba9a8 - installed 2016-10-21) |
| [Loaded] | com.f-secure.fsavd-suppressor.plist (? 8abefaf6 - installed 2016-09-14) |
| [Loaded] | com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2018-02-14) |
| [Other] | com.f-secure.fsavd.plist (? 1f81e8aa - installed 2016-09-14) |
| [Loaded] | com.f-secure.fsmac.firewall.plist (? 1bf81563 - installed 2016-09-14) |
| [Loaded] | com.f-secure.urlexceptiond.plist (? 3fab5fbb - installed 2016-09-14) |
User Launch Agents:
| [Running] | com.spotify.webhelper.plist (Spotify - installed 2018-06-05) |
| [Loaded] | com.google.keystone.agent.plist (Google, Inc. - installed 2018-07-18) |
| [Loaded] | com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2018-04-13) |
| [Running] | com.hp.devicemonitor.plist (HP Inc. - installed 2018-07-20) |
| [Running] | com.hp.productresearch.plist (HP Inc. - installed 2018-07-20) |
| [Loaded] | com.skype.skype.shareagent.plist (Skype Communications S.a.r.l - installed 2017-05-05) |
| [Loaded] | com.divx.agent.postinstall.plist (? 0 - installed 2012-05-27) |
User Login Items:
Dropbox Application (Dropbox, Inc. - installed 2018-07-13)
(/Applications/Dropbox.app)
HP Product Research SMLoginItem (HP Inc. - installed 2017-10-27)
(/Library/Printers/hp/Utilities/HPPU Plugins/ProductImprovementStudy.hptask/Contents/Helpers/HP Product Research Manager.app/Contents/Library/LoginItems/HP Product Research.app)
com.securemac.MacScanAgent SMLoginItem (? - installed 2017-09-29)
(/Applications/MacScan.app/Contents/Library/LoginItems/com.securemac.MacScanAgen t.app)
HP Device Monitor SMLoginItem (HP Inc. - installed 2017-10-27)
(/Library/Printers/hp/Frameworks/HPDeviceMonitoring.framework/Versions/1.0/Helpe rs/HP Device Monitor Manager.app/Contents/Library/LoginItems/HP Device Monitor.app)
WunderlistHelper SMLoginItem (Mac App Store - installed 2018-04-10)
(/Applications/Wunderlist.app/Contents/Library/LoginItems/WunderlistHelper.app)
Internet Plug-ins:
OVSHelper: (installed 2017-08-16)
Flip4Mac WMV Plugin: (installed 2017-08-16)
AdobePDFViewerNPAPI: (installed 2018-05-04)
DivXBrowserPlugin: (installed 2017-08-16)
FlashPlayer-10.6: (installed 2018-07-10)
Silverlight: (installed 2017-12-14)
QuickTime Plugin: (installed 2018-07-20)
Flash Player: (installed 2018-07-10)
iPhotoPhotocast: (installed 2017-08-16)
WebClient: (installed 2017-08-16)
AdobePDFViewer: (installed 2018-05-04)
GarminGpsControl: (installed 2017-08-16)
User Internet Plug-ins:
CitrixOnlineWebDeploymentPlugin: (installed 2013-04-26)
WebEx64: (installed 2018-01-24)
Picasa: (installed 2014-01-06)
Audio Plug-ins:
EcammAudioLoader: (installed 2017-08-16)
CallRecorder: (installed 2017-02-02)
Safari Extensions:
| Evernote Web Clipper.safariextz - Evernote Corp. - http://evernote.com(installed 2018-01-12) |
3rd Party Preference Panes:
DivX (installed 2012-01-17)
Flash Player (installed 2018-06-25)
Flip4Mac WMV (installed 2011-01-13)
Time Machine:
Skip System Files:
Mobile backups:
Auto backup: Yes
Volumes being backed up:
Macintosh HD: Disk size: 250.69 GB - Disk used: 234.76 GB
Destinations:
J************p [Local] (Last used)
Total size: 1.00 TB
Total number of backups: 2
Oldest backup: 2017-08-21 13:18:43
Last backup: 2017-08-21 14:12:05
Top Processes by CPU:
| Process (count) | Source | % of CPU | Location |
| sandboxd | Apple | 12 | |
| WindowServer | Apple | 9 | |
| launchd | Apple | 4 | |
| sysmond | Apple | 4 | |
| kernel_task | Apple | 3 |
Top Processes by Memory:
| Process (count) | Source | RAM usage | Location |
| kernel_task | Apple | 1.50 GB | |
| Safari | Apple | 411 MB | |
| MTLCompilerService (29) | Apple | 263 MB | |
| Activity Monitor | Apple | 196 MB | |
| Sonos | Sonos, Inc. | 195 MB |
Top Processes by Network Use:
| Process | Source | Input | Output | Location |
| Dropbox | Dropbox, Inc. | 53 MB | 3 MB | |
| mDNSResponder | Apple | 11 MB | 2 MB | |
| Sonos | Sonos, Inc. | 1 MB | 7 KB | |
| Apple | 716 KB | 148 KB | ||
| ath | Apple | 130 KB | 264 KB |
Top Processes by Energy Use:
| Process (count) | Source | Energy (0-100) | Location |
| HP Device Monitor | HP Inc. | 0 | |
| AppleSpell | Apple | 0 | |
| sysmond | Apple | 0 | |
| distnoted (3) | Apple | 0 | |
| launchservicesd | Apple | 0 |
Virtual Memory Information:
| Available RAM | 7.71 GB |
| Free RAM | 3.47 GB |
| Used RAM | 8.29 GB |
| Cached files | 4.24 GB |
| Swap Used | 678 MB |
Software Installs (past 30 days):
| Name | Version | Install Date |
| Adobe Flash Player | 30.0.0.134 | 2018-07-10 |
| iTunes | 12.8 | 2018-07-12 |
| Gatekeeper Configuration Data | 148 | 2018-07-17 |
Diagnostics Information (past 7 days):
2018-07-23 20:05:17 Siri.app Crash
/System/Library/CoreServices/Siri.app
End of report
MacBook Pro (15-inch, 2017), iOS 11.4.1
