Want to highlight a helpful answer? Upvote!

Did someone help you, or did an answer or User Tip resolve your issue? Upvote by selecting the upvote arrow. Your feedback helps others! Learn more about when to upvote >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: bobemry
bobemry Author
User level: Level 1
10 points

Is this dialog spam?

Why am I getting this dialog box every now and again?


User uploaded file

iMac, macOS High Sierra (10.13.6)

Posted on Aug 17, 2018 8:22 PM

Reply
Question marked as Best reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
57,774 points

Posted on Aug 20, 2018 2:14 PM

Sorimbrsec is in your user account folder, as noted by the EtreCheck report. I misspelled it earlier. It's correct here.


By default, the user account Library folder is hidden. Click anywhere on the desktop and press Command+Shift+H to open your user account home folder. Don't click off the folder that opened. Press Command+J. Turn on the check box to Show Library Folder. Close the box that check box is on. This change will remain permanent.


You'll notice as soon as you checked that box, the Library folder appeared in your user account folder. The ~ tilde means the active user account. So all of these are in the Library folder that just appeared.


~/Library/LaunchAgents/com.Sorimbrsec.plist

~/Library/LaunchAgents/com.logmein.GoToMeeting.G2MUpdate.plist

~/Library/LaunchAgents/com.Tituricsec.plist

~/Library/Application Support/com.Sorimbrsec/Sorimbrsec r

~/Library/Application Support/com.Tituricsec/Tituricsec r


These are just some of them. Look through the EtreCheck report carefully to find all instances of these apps.


Be aware that newer malware like this behaves as Windows malware does. Once running and resident in RAM, if you delete a component on the drive, it will automatically download the missing pieces again. Don't be surprised to see them reappear. If that happens, you have to open Activity Monitor and try to figure out what process is causing this and halt it so you can delete the files and have them stay gone.


You've dug quite a hole for yourself. This may not be easy to clean up.

View in context

Similar questions

12 replies
Question marked as Best reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
57,774 points

Aug 20, 2018 2:14 PM in response to bobemry

Sorimbrsec is in your user account folder, as noted by the EtreCheck report. I misspelled it earlier. It's correct here.


By default, the user account Library folder is hidden. Click anywhere on the desktop and press Command+Shift+H to open your user account home folder. Don't click off the folder that opened. Press Command+J. Turn on the check box to Show Library Folder. Close the box that check box is on. This change will remain permanent.


You'll notice as soon as you checked that box, the Library folder appeared in your user account folder. The ~ tilde means the active user account. So all of these are in the Library folder that just appeared.


~/Library/LaunchAgents/com.Sorimbrsec.plist

~/Library/LaunchAgents/com.logmein.GoToMeeting.G2MUpdate.plist

~/Library/LaunchAgents/com.Tituricsec.plist

~/Library/Application Support/com.Sorimbrsec/Sorimbrsec r

~/Library/Application Support/com.Tituricsec/Tituricsec r


These are just some of them. Look through the EtreCheck report carefully to find all instances of these apps.


Be aware that newer malware like this behaves as Windows malware does. Once running and resident in RAM, if you delete a component on the drive, it will automatically download the missing pieces again. Don't be surprised to see them reappear. If that happens, you have to open Activity Monitor and try to figure out what process is causing this and halt it so you can delete the files and have them stay gone.


You've dug quite a hole for yourself. This may not be easy to clean up.

Reply
User profile for user: Allan Eckert
Allan Eckert
User level: Level 9
79,512 points

Aug 18, 2018 11:23 AM in response to bobemry

I suggest you use the program created by Etresoft, a frequent contributor. It will provide a snapshot of your system which we can analyze to possibly determine the cause of your problem. Please use copy and paste as screen shots can be hard to read. On the screen with Options, please open Options and check the bottom 2 boxes before running. Click “Share Report” button in the toolbar, select “Copy to Clipboard” and then paste into a reply. This will show what is running on your computer. No personal information is shown.


Etrecheck – System Information

Reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
57,774 points

Aug 18, 2018 11:23 AM in response to bobemry

Concur with Allan. You have something on your Mac that shouldn't be there, and is trying to get you to allow it to install itself in places it otherwise isn't allowed.


Such admin boxes normally tell you what app is asking for more permissions. A generic note that Apple is asking to make changes is a steaming pile of bull patties. The OS would not need your permission to make any changes. As the OS, it already has root permission to make any changes it wants without even notifying the user.

Reply
User profile for user: bobemry
bobemry Author
User level: Level 1
10 points

Aug 18, 2018 11:20 AM in response to Allan Eckert

I didn't fine the "Options" and check boxes but I think this is the summary report:

EtreCheck version: 4.3.6 (4D041)

Report generated: 2018-08-18 11:01:44

Download EtreCheck from https://etrecheck.com

Runtime: 2:30

Performance: Excellent


Problem: Other problem

Description:

Getting a dialog box that says “Apple wants to make changes to your computer”asking for computer password == I think it is spam or worse.


Major Issues:

Anything that appears on this list needs immediate attention.


Unsigned files - There are unsigned software installed that could be adware and should be reviewed.


Minor Issues:

These issues do not need immediate attention but they may indicate future problems.


Apps crashing - There have been numerous app crashes.

System modifications - There are a large number of system modifications running in the background.

32-bit Apps - This machine has 32-bits apps that may have problems in the future.

Abnormal shutdown - Your machine shut down abnormally.


Hardware Information:

iMac (Retina 5K, 27-inch, Late 2015)

iMac Model: iMac17,1

1 4 GHz Intel Core i7 (i7-6700K) CPU: 4-core

8 GB RAM - Upgradeable

BANK 0/DIMM0 - 4 GB DDR3 1867 ok

BANK 0/DIMM1 - Empty

BANK 1/DIMM0 - 4 GB DDR3 1867 ok

BANK 1/DIMM1 - Empty


Video Information:

AMD Radeon R9 M395X - VRAM: 4096 MB

iMac

Cinema 1680 x 1050


Drives:

disk0 - APPLE SSD SM0128G 121.33 GB (Solid State - TRIM: Yes)

Internal PCI 8.0 GT/s x4 Serial ATA

disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

disk0s2 [Core Storage Container] 120.99 GB

disk2 - O*******6 (Journaled HFS+) [Fusion Drive] 2.11 TB

disk0s3 - B*******X [Recovery] 134 MB


disk1 - APPLE HDD ST2000DM001 2.00 TB (Mechanical)

Internal SATA 6 Gigabit Serial ATA

disk1s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

disk1s2 [Core Storage Container] 2.00 TB

disk2 - O*******6 (Journaled HFS+) [Fusion Drive] 2.11 TB

disk1s3 - Recovery HD (HFS+) [Recovery] 650 MB


disk3 - HGST HDN724040ALE640 4.00 TB (Mechanical)

External Thunderbolt 6 Gigabit Serial ATA

disk3s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

disk3s2 - G****a (Journaled HFS+) 4.00 TB


disk4 - WDC WD4003FZEX-00Z4SA0 4.00 TB (Mechanical)

External Thunderbolt 6 Gigabit Serial ATA

disk4s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

disk4s2 - F*********************s (Journaled HFS+) 4.00 TB


disk5 - WDC WD4003FZEX-00Z4SA0 4.00 TB (Mechanical)

External Thunderbolt 6 Gigabit Serial ATA

disk5s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

disk5s2 - D**************s (Journaled HFS+) 4.00 TB


disk6 - WDC WD6002FZWX-00GBGB0 6.00 TB (Mechanical)

External Thunderbolt 6 Gigabit Serial ATA

disk6s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

disk6s2 - T**********e (Journaled HFS+) 6.00 TB


disk7 - Disk Image 24 MB (Disk Image)

External Disk Image

disk7s1 [Partition Map] 32 KB

disk7s2 - Flash Player (HFS+) 24 MB


Mounted Volumes:

disk2 - O*******6 [Fusion Drive] 2.11 TB (1.13 TB free)

Journaled HFS+

Mount point: /


disk6s2 - T**********e 6.00 TB (4.36 TB free)

Journaled HFS+

Mount point: /Volumes/T**********e


Network:

Interface usbserial: USB-Serial Controller

Interface en0: Ethernet

One IPv4 address

Interface en5: Thunderbolt Ethernet Slot 4

Interface en7: iPad

Interface en6: iPhone

Interface fw0: Thunderbolt FireWire

Interface en1: Wi-Fi

802.11 a/b/g/n/ac

One IPv4 address

Interface en4: Bluetooth PAN

Interface bridge0: Thunderbolt Bridge


System Software:

macOS High Sierra 10.13.6 (17G65)

Time since boot: About 4 days

System Load: 1.58 (1 min ago) 1.74 (5 min ago) 1.77 (15 min ago)


Security:

SystemStatus
GatekeeperMac App Store and identified developers
System Integrity ProtectionEnabled


Unsigned Files:

Launchd: /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist

Executable: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility -mode=logon

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.citrix.ReceiverHelper.plist

Executable: /usr/local/libexec/ReceiverHelper.app/Contents/MacOS/ReceiverHelper

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.Sleep.plist

Executable: /usr/bin/osascript -e 'delay 3' -e try -e 'do shell script "killall Cocktail"' -e 'end try' -e 'ignoring application responses' -e try -e 'tell application "System Events" to sleep' -e 'end try' -e 'end ignoring'

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.adobe.CS5ServiceManager.plist

Executable: /Library/Application Support/Adobe/CS5ServiceManager/CS5ServiceManager.app/Contents/MacOS/CS5Service Manager -launchedbylogin

Details: Exact match found in the whitelist - probably OK

Launchd: ~/Library/LaunchAgents/com.Tituricsec.plist

Executable: ~/Library/Application Support/com.Tituricsec/Tituricsec r

Launchd: /Library/LaunchDaemons/com.livescribe.PenCommService.plist

Executable: /Library/Application Support/Livescribe/PenComm/PenCommService --daemon

Details: Exact match found in the whitelist - probably OK

Launchd: ~/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist

Executable: /Library/Application Support/Adobe/OOBE/PDApp/UWA/UpdaterStartupUtility -mode=scheduled

Details: Exact match found in the whitelist - probably OK

Launchd: ~/Library/LaunchAgents/com.Sorimbrsec.plist

Executable: ~/Library/Application Support/com.Sorimbrsec/Sorimbrsec r

Launchd: /Library/LaunchDaemons/com.bombich.ccc.plist

Executable: /Library/PrivilegedHelperTools/com.bombich.ccc

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.citrix.AuthManager_Mac.plist

Executable: /usr/local/libexec/AuthManager_Mac.app/Contents/MacOS/AuthManager_Mac

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist

Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.citrix.ctxusbd.plist

Executable: /Library/Application Support/Citrix Receiver/ctxusbd

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.ShutDown.plist

Executable: /usr/bin/osascript -e 'delay 3' -e try -e 'do shell script "killall Cocktail"' -e 'end try' -e 'ignoring application responses' -e try -e 'tell application "System Events" to shut down' -e 'end try' -e 'end ignoring'

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.Restart.plist

Executable: /usr/bin/osascript -e 'delay 3' -e try -e 'do shell script "killall Cocktail"' -e 'end try' -e 'ignoring application responses' -e try -e 'tell application "System Events" to restart' -e 'end try' -e 'end ignoring'

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.maintain.LogOut.plist

Executable: /usr/bin/osascript -e 'delay 3' -e try -e 'do shell script "killall Cocktail"' -e 'end try' -e 'ignoring application responses' -e try -e 'tell application "System Events" to log out' -e 'end try' -e 'end ignoring'

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.adobe.SwitchBoard.plist

Executable: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchAgents/com.citrix.ServiceRecords.plist

Executable: /usr/local/libexec/ServiceRecords.app/Contents/MacOS/ServiceRecords

Details: Exact match found in the whitelist - probably OK

Launchd: ~/Library/LaunchAgents/com.adobe.ARM.***.plist

Executable: /Applications/Adobe Acrobat X Pro/Adobe Acrobat Pro.app/Contents/MacOS/Updater/Adobe Acrobat Updater Helper.app/Contents/MacOS/Adobe Acrobat Updater Helper

Launchd: /Library/LaunchAgents/com.fujitsu.pfu.ScanSnap.AOUMonitor.plist

Executable: /Applications/ScanSnap Online Update.localized/AutoOnlineUpdater.app/Contents/MacOS/AOUMonitor.app/Contents/M acOS/AOUMonitor

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.prosofteng.DriveGenius.locum.plist

Executable: /Library/PrivilegedHelperTools/com.prosofteng.DriveGenius.locum

Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.DesignScience.DSMTTool.plist

Executable: /Library/PrivilegedHelperTools/com.DesignScience.DSMTTool

Details: Exact match found in the whitelist - probably OK


32-bit Applications:

160 32-bit apps


Kernel Extensions:

/Library/Application Support/Roxio

[Not Loaded] TDIXController.kext (2.0)


/Library/Extensions

[Not Loaded] OWCThunderbolt2DockChargingSupport.kext (SoftRAID LLC, 1.0 - SDK 10.10)

[Loaded] MovaviSoundGrabber.kext (GOLDEN SOFTWARE INC., 1.6.5 - SDK 10.6)

[Not Loaded] ProlificUsbSerial.kext (Prolific Technology Inc., 1.6.0 - SDK 10.9)


Startup Items:

AdobeVersionCue Path: /Library/StartupItems/AdobeVersionCue

SiCoreService Path: /Library/StartupItems/SiCoreService

TiVoDesktop Path: /Library/StartupItems/TiVoDesktop


System Launch Agents:

[Not Loaded] 7 Apple tasks
[Loaded] 161 Apple tasks
[Running] 124 Apple tasks
[Other] One Apple task


System Launch Daemons:

[Not Loaded] 36 Apple tasks
[Loaded] 173 Apple tasks
[Running] 118 Apple tasks
[Killed] 8 Apple tasks


Launch Agents:

[Not Loaded] com.maintain.ShutDown.plist (? 9b7e817c - installed 2018-07-04)
[Running] com.maintain.SystemEvents.plist (Apple - installed 2018-07-04)
[Loaded] com.adobe.CS5ServiceManager.plist (? 40cdc1ff - installed 2016-12-12)
[Not Loaded] com.maintain.Restart.plist (? 5421a7fd - installed 2018-07-04)
[Not Loaded] com.adobe.AAM.Updater-1.0.plist (? ffb65062 - installed 2016-12-12)
[Running] com.micromat.TechToolProAgent.plist (Micromat, Inc. - installed 2017-12-08)
[Not Loaded] com.maintain.LogOut.plist (? 1d95663e - installed 2018-07-04)
[Running] com.fujitsu.pfu.ScanSnap.AOUMonitor.plist (? 1d61e789 - installed 2016-08-22)
[Not Loaded] com.maintain.PurgeInactiveMemory.plist (Apple - installed 2018-07-04)
[Running] com.citrix.ServiceRecords.plist (? 8e6543d - installed 2016-11-09)
[Loaded] com.citrix.AuthManager_Mac.plist (? 1ce99fae - installed 2016-11-09)
[Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2018-07-17)
[Running] com.citrix.ReceiverHelper.plist (? bbfad3f1 - installed 2016-11-09)
[Not Loaded] com.oracle.java.Java-Updater.plist (? 0 - installed )
[Not Loaded] com.maintain.Sleep.plist (? 94f768ba - installed 2018-07-04)


Launch Daemons:

[Loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (? 1574c81e - installed 2016-10-12)
[Running] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2017-04-23)
[Loaded] com.bombich.ccchelper.plist (Bombich Software, Inc. - installed 2018-07-02)
[Loaded] com.bombich.ccc.plist (? 41245744 - installed 2014-01-31)
[Loaded] com.prosofteng.DriveGenius.locum.plist (? d39b1525 - installed 2012-12-02)
[Loaded] com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2016-08-23)
[Loaded] com.adobe.SwitchBoard.plist (? 68cad67 - installed 2016-12-12)
[Running] com.micromat.TechToolProDaemon.plist (Micromat, Inc. - installed 2017-12-08)
[Loaded] com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2018-07-27)
[Loaded] com.microsoft.office.licensing.helper.plist (? 6d8cb30e - installed 2010-08-25)
[Not Loaded] com.oracle.java.Helper-Tool.plist (? 0 - installed )
[Loaded] com.macpaw.CleanMyMac3.Agent.plist (? 7f4ba9a8 - installed 2016-10-07)
[Loaded] com.bresink.system.privilegedhelper-syck.plist (Marcel Bresink - installed 2017-01-29)
[Loaded] com.adobe.ARMDC.Communicator.plist (? d94017c4 - installed 2016-10-12)
[Other] com.livescribe.PenCommService.plist (? ce8953a9 - installed 2012-04-25)
[Not Loaded] com.maintain.HideSpotlightMenuBarIcon.plist (Apple - installed 2018-07-04)
[Loaded] com.google.keystone.daemon.plist (Google, Inc. - installed 2018-07-17)
[Loaded] com.citrix.ctxusbd.plist (? 44dc9c9f - installed 2016-11-09)
[Not Loaded] com.DesignScience.DSMTTool.plist (? ef87439c - installed 2012-09-12)


User Launch Agents:

[Loaded] com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2018-04-14)
[Loaded] com.Sorimbrsec.plist (? 0 - installed 2018-08-16)
[Loaded] com.logmein.GoToMeeting.G2MUpdate.plist (Citrix Online LLC - installed 2017-08-30)
[Loaded] com.adobe.ARM.***.plist (? 0 - installed 2017-08-09)
[Loaded] com.citrixonline.GoToMeeting.G2MUpdate.plist (Citrix Online LLC - installed 2017-08-30)
[Loaded] com.Tituricsec.plist (? 0 - installed 2018-05-03)
[Loaded] com.adobe.AAM.Updater-1.0.plist (? 0 - installed 2017-08-05)


User Login Items:

WirelessCameraService Application (? - installed 2014-12-05)

(/Applications/Canon Utilities/CameraWindow/Wireless/WirelessCameraService.app)

iTunesHelper Application (Apple - installed 2018-07-15)

(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

ImageTransferUtility Application (Canon Inc. - installed 2017-08-30)

(/Applications/Canon Utilities/ImageTransferUtility/ImageTransferUtility.app)

Dropbox Application (Dropbox, Inc. - installed 2017-08-04)

(/Applications/Dropbox.app)

Garmin Express Service Application (Garmin International - installed 2018-08-11)

(/Applications/Garmin Express.app/Contents/Library/LoginItems/Garmin Express Service.app)

ScanSnap Manager Application (PFU LIMITED - installed 2017-12-07)

(/Applications/ScanSnap/ScanSnap Manager.app)

com.adobe.SwitchBoard.monitor.plist MachInit (?)

(/etc/mach_init_per_user.d/com.adobe.SwitchBoard.monitor.plist)


Internet Plug-ins:

OfficeLiveBrowserPlugin: (installed 2016-11-26)

Flip4Mac WMV Plugin: (installed 2016-11-26)

AdobePDFViewerNPAPI: (installed 2016-11-26)

FlashPlayer-10.6: (installed 2018-08-15)

OMNLauncher: (installed 2016-11-26)

Silverlight: (installed 2016-11-26)

QuickTime Plugin: (installed 2018-07-04)

Flash Player: (installed 2018-08-15)

CitrixICAClientPlugIn: (installed 2017-03-24)

iPhotoPhotocast: (installed 2016-11-26)

AdobePDFViewer: (installed 2016-11-26)

KClientPlugin: (installed 2016-11-26)

OMNPublisher: (installed 2016-11-26)

Photo Center Plugin: (installed 2016-11-26)

SharePointBrowserPlugin: (installed 2017-03-14)

JavaAppletPlugin: (installed 2016-11-23)


Audio Plug-ins:

DVCPROHDAudio: (installed 2016-11-26)


Safari Extensions:

Player for YouTube™ (Flash version).safariextz - James Fray - http://add0n.com/youtube-tools.html?from=flash (installed 2017-11-25)


3rd Party Preference Panes:

BDSPrefPane (installed 2005-12-25)

Application Enhancer (installed 2016-10-07)

Déjà Vu (installed 2016-10-07)

Flash Player (installed 2018-07-27)

Flip4Mac WMV (installed 2011-01-13)

FruitMenu (installed 2016-10-07)

TechTool Protection (installed 2017-12-08)

TiVo Desktop (installed 2009-11-23)


Time Machine:

Skip System Files: No

Mobile backups: No

Auto backup: Yes

Volumes being backed up:

O*******6: Disk size: 2.11 TB - Disk used: 984.48 GB

Destinations:

T**********e [Local] (Last used)

Total size: 6.00 TB

Total number of backups: 49

Oldest backup: 2018-01-04 11:54:52

Last backup: 2018-08-18 10:52:06


Top Processes by CPU:

Process (count)Source% of CPULocation
spindumpApple6
WindowServerApple5
kernel_taskApple2
sandboxdApple0
launchdApple0


Top Processes by Memory:

Process (count)SourceRAM usageLocation
kernel_taskApple1.10 GB
MailApple163 MB
WindowServerApple156 MB
SafariApple137 MB
com.apple.WebKit.WebContent (2)Apple129 MB


Top Processes by Network Use:

ProcessSourceInputOutputLocation
mDNSResponderApple8 MB1 MB
MailApple7 MB36 KB
DropboxDropbox, Inc.3 MB671 KB
netbiosdApple427 KB66 KB
apsdApple5 KB5 KB


Top Processes by Energy Use:

Process (count)SourceEnergy (0-100)Location
WindowServerApple3
airportdApple0
locationdApple0
AppleSpellApple0
ReceiverHelper?0/usr/local/libexec/ReceiverHelper.app


Virtual Memory Information:

Available RAM2.60 GB
Free RAM19 MB
Used RAM5.40 GB
Cached files2.58 GB
Swap Used384 MB


Software Installs (past 30 days):

NameVersionInstall Date
Apowersoft Screen Recorder1.2.02018-07-28
Google Earth1.2.10.1052018-08-02
SendToX1.0.812018-08-06
Garmin Express02018-08-11
Adobe Flash Player30.0.0.1542018-08-15


Diagnostics Information (past 7 days):

2018-08-14 10:32:40 Dropbox.app Crash

/Users/***/Library/Application Support/Dropbox/Dropbox.app


2018-08-14 10:32:37 Preview.app Hang

/Applications/Preview.app


2018-08-13 21:18:40 SSCheckScanMessage.app Crash

/Applications/ScanSnap/ScanSnap Manager.app/Contents/Resources/SSCheckScanMessage.app


2018-08-13 21:17:29 Last Shutdown Cause: 3 - Hard shutdown


2018-08-13 18:30:27 Adobe InDesign CS5.app Crash (25 times)

/Applications/Adobe InDesign CS5/Adobe InDesign CS5.app


2018-08-12 17:21:19 Adobe Photoshop CS5.app Crash (22 times)

/Applications/Adobe Photoshop CS5/Adobe Photoshop CS5.app



End of report

Reply
User profile for user: Kurt Lang
Kurt Lang
User level: Level 9
57,774 points

Aug 18, 2018 12:05 PM in response to bobemry

There's so much junk on your Mac, it's difficult to even know where to start.


Software that is not malware on your system you don't need listed first. Get rid of it:


TechTool Pro - Does nothing useful, but excels at eating up system resources and using tons of disk space for worthless snapshot files.

CleanMyMac - Garbage of the first degree. Never install any app that claims to clean or speed up your Mac. They are all known to remove system files, and third party files required by legitimate software you've installed.

Drive Genius - Does nothing useful.

LogMeIn - Never have remote access software installed without a very good reason for it to be there.

CockTail - You sure like spending money on utilities that all do the same basic things. Again, useless. Especially the sleep and memory purging functions. You can easily control whether your Mac sleeps or not in the System Preferences. Never install apps that purge RAM. The OS is designed to use as much RAM as possible to speed things up. When you use an app to purge RAM, the OS immediately fills it again. In other words, you're creating a pointless loop or purge/fill that only succeeds in slowing things down. If the OS needs room in RAM for an active app, it will do that itself. It does not need help from any other app.


Malware you've installed:


Tituricsec - Known component of the malware/adware SafeFinder.

Sombrisec - Bad one, and the most likely source of the constant admin requests. A backdoor, and possibly also a keylogger. This type of malware you practically have to go out of your way to get it on your Mac. Such as illegal software downloads.


This is just what I've taken the time to look up. Honestly, you'd be better off first making a full backup and then erasing the drive. Reinstall the OS. Then install only your legally acquired third party software (not CleanMyMac, TechTool Pro, Drive Genius, CockTail or LogMeIn). Manually restore your email and other documents.

Reply
User profile for user: Allan Eckert
Allan Eckert
User level: Level 9
79,512 points

Aug 18, 2018 12:14 PM in response to bobemry

I was off researching what I found in your report. By the time I found the answers I needed, Kurt beat me with his answer. I concur fully with Kurt.


Normally, I am opposed to doing an erase and reinstall but in this case with your Mac I think this is one time that I would be forced to do it just to clean up all of the junk that has been installed.

Reply
User profile for user: bobemry
bobemry Author
User level: Level 1
10 points

Aug 18, 2018 3:36 PM in response to Kurt Lang

I am in the middle of two big projects so Now is not a good time for erase and install. My plan is to wait for the dialog to reappear and use Eterchech to do a check and see what if any is different in the two reports. Meanwhile thanks for all your suggestions and advice. Thanks for recommending Etercheck - great little tool!

Reply

Is this dialog spam?

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up