No i never installed anything willingly. Also, Macscan is reputable. Here's the etrecheck scan:
EtreCheck version: 5.0.5 (5A016)
Report generated: 2018-10-12 13:10:04
Download EtreCheck from https://etrecheck.com
Runtime: 2:08
Performance: Excellent
Problem: Other problem
Description:
An excessive amount of apps/files open by themselves at random times. Its like a windows equivalent malware attack that destroys your computer. I restart it and it works fine for now, but it keeps happening randomly
Major Issues:
Anything that appears on this list needs immediate attention.
No Time Machine backup- Time Machine backup not found.
Unsigned files- There are unsigned software files installed that could be adware and should be reviewed.
More than one antivirus app- This machine has multiple antivirus apps installed.
Minor Issues:
These issues do not need immediate attention but they may indicate future problems.
Apps with heavy CPU usage- There have been numerous cases of apps with heavy CPU usage.
Heavy I/O usage- Your system is under heavy I/O use. This will reduce your performance.
32-bit Apps- This machine has 32-bits apps that may have problems in the future.
Abnormal shutdown- Your machine shut down abnormally.
Hardware Information:
MacBook Pro (Retina, 15-inch, Mid 2015)
MacBook Pro Model: MacBookPro11,5
1 2.5 GHz Intel Core i7 (i7-4870HQ) CPU: 4-core
16 GB RAM - Not upgradeable
BANK 0/DIMM0 - 8 GB DDR3 1600 ok
BANK 1/DIMM0 - 8 GB DDR3 1600 ok
Battery: Health = Normal - Cycle count = 407
Video Information:
AMD Radeon R9 M370X - VRAM: 2048 MB
Intel Iris Pro - VRAM: 1536 MB
Color LCD 2880 x 1800
Drives:
disk0 - APPLE SSD SM0512G 500.28 GB (Solid State - TRIM: Yes)
Internal PCI 8.0 GT/s x4 Serial ATA
disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB (24 MB used)
disk0s2 [Core Storage Container] 499.42 GB
disk1 - Macintosh HD (Journaled HFS+) 499.06 GB (145.21 GB used)
disk0s3 - Recovery HD (Journaled HFS+) [Recovery] 650 MB
Mounted Volumes:
disk0s1 - EFI [EFI] 210 MB (182 MB free)
MS-DOS FAT32
Mount point: /private/var/tmp/MPCCEOXO
disk1 - Macintosh HD 499.06 GB (353.58 GB free)
Journaled HFS+
Mount point: /
Encrypted
disk2s2 - M*****n 34 MB (13 MB free)
Mac OS Extended
Disk Image
Mount point: /Volumes/M*****n
disk3s1 - A************y 18 MB (3 MB free)
Mac OS Extended
Disk Image
Mount point: /Volumes/A************y
disk4s1 - C******r 20 MB (10 MB free)
Mac OS Extended
Disk Image
Mount point: /Volumes/C******r
Network:
Interface en4: iPhone
Interface en0: Wi-Fi
802.11 a/b/g/n/ac
Interface en3: Bluetooth PAN
Interface bridge0: Thunderbolt Bridge
iCloud Quota: 1.58 GB available
iCloud Status: 2 pending files
System Software:
macOS Sierra 10.12.6 (16G1510)
Time since boot: About an hour
Security:
| System | Status |
|---|
| Gatekeeper | Enabled |
| System Integrity Protection | Enabled |
Unsigned Files:
Launchd: /Library/LaunchDaemons/com.cisco.anyconnect.vpnagentd.plist
Executable: /opt/cisco/anyconnect/bin/vpnagentd -execv_instance
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Update r.plist
Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchAgents/com.cisco.anyconnect.gui.plist
Executable: '/Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app'
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.cisco.anyconnect.ciscod.plist
Executable: /opt/cisco/hostscan/bin/ciscod -d
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist
Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist
Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
Details: Exact match found in the whitelist - probably OK
Launchd: ~/Library/LaunchAgents/com.bittorrent.uTorrent.plist
Executable: /Applications/uTorrent.app
Launchd: /Library/LaunchDaemons/com.cisco.anyconnect.aciseagentd.plist
Executable: /opt/cisco/anyconnect/bin/aciseagentd -d
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool .plist
Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool
Details: Exact match found in the whitelist - probably OK
Launchd: /Library/LaunchAgents/com.cisco.anyconnect.notification.plist
Executable: '/opt/cisco/anyconnect/bin/Cisco AnyConnect Secure Mobility Client Notification.app'
Details: Exact match found in the whitelist - probably OK
Launchd: ~/Library/LaunchAgents/com.epicgames.launcher.plist
Executable: ~/Desktop/Epic Games Launcher.app/Contents/MacOS/EpicGamesLauncher-Mac-Shipping -silent
32-bit Applications:
14 32-bit apps
Kernel Extensions:
/Library/Application Support/Malwarebytes/MBAM/Kext
[Loaded] MB_MBAM_Protection.kext (Malwarebytes Corporation, 3.4 - SDK 10.13)
/Library/Extensions
[Loaded] acsock.kext (Cisco, 4.5.0 - SDK 10.9)
System Launch Agents:
| [Not Loaded] | 7 Apple tasks |
| [Loaded] | 169 Apple tasks |
| [Running] | 109 Apple tasks |
| [Other] | One Apple task |
System Launch Daemons:
| [Not Loaded] | 42 Apple tasks |
| [Loaded] | 167 Apple tasks |
| [Running] | 110 Apple tasks |
| [Other] | 2 Apple tasks |
Launch Agents:
| [Loaded] | com.oracle.java.Java-Updater.plist (? c167cdc3 - installed 2017-08-21) |
| [Running] | com.adobe.AdobeCreativeCloud.plist (Adobe Systems, Inc. - installed 2018-07-09) |
| [Loaded] | com.microsoft.update.agent.plist (Microsoft Corporation - installed 2018-09-24) |
| [Running] | com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2018-10-12) |
| [Loaded] | com.cisco.anyconnect.notification.plist (? 8b01cb06 - installed 2017-11-27) |
| [Running] | com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2018-09-14) |
| [Loaded] | org.macosforge.xquartz.startx.plist (Apple Inc. - XQuartz - installed 2016-10-26) |
| [Loaded] | com.cisco.anyconnect.gui.plist (? 40bd3462 - installed 2017-11-27) |
| [Not Loaded] | com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-10-12) |
Launch Daemons:
| [Running] | com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2018-09-14) |
| [Loaded] | com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2018-09-21) |
| [Running] | com.cisco.anyconnect.ciscod.plist (? d78c2ec9 - installed 2017-11-27) |
| [Loaded] | org.macosforge.xquartz.privileged_startx.plist (Apple Inc. - XQuartz - installed 2016-10-26) |
| [Running] | com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2018-09-14) |
| [Loaded] | com.adobe.acc.installer.v2.plist (Adobe Systems, Inc. - installed 2018-07-09) |
| [Running] | com.cisco.anyconnect.vpnagentd.plist (? f363637f - installed 2017-11-27) |
| [Running] | com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2018-10-12) |
| [Loaded] | com.securemac.MacScanDaemon.plist (? 2f2f5c03 - installed 2018-10-12) |
| [Loaded] | com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2018-09-24) |
| [Loaded] | com.cisco.anyconnect.aciseagentd.plist (? edfa2e07 - installed 2017-11-27) |
| [Loaded] | com.oracle.java.Helper-Tool.plist (? e3fefdd2 - installed 2017-08-21) |
| [Loaded] | com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2017-09-02) |
User Launch Agents:
| [Loaded] | com.adobe.AAM.Updater-1.0.plist (? 0 - installed 2018-05-06) |
| [Not Loaded] | com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-10-12) |
| [Other] | com.google.keystone.agent.plist (Google, Inc. - installed 2018-07-17) |
| [Loaded] | com.bittorrent.uTorrent.plist (? 0 - installed 2016-12-27) |
| [Loaded] | com.epicgames.launcher.plist (? 0 - installed 2018-08-16) |
User Login Items:
iTunesHelper (Apple - installed 2018-07-15)
(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app/Contents/MacOS/iTunesH elper)
Cisco AnyConnect Secure Mobility Client (? - installed 2018-08-29)
(/Applications/Cisco/Cisco AnyConnect Secure Mobility Client.app/Contents/MacOS/Cisco AnyConnect Secure Mobility Client)
Internet Plug-ins:
FlashPlayer-10.6: 31.0.0.122 (installed 2018-10-09)
Flash Player: 31.0.0.122 (installed 2018-10-09)
QuickTime Plugin: 7.7.3 (installed 2018-07-17)
JavaAppletPlugin: Java 8 Update 144 build 01 (installed 2017-08-23)
AdobeAAMDetect: 3.0.0.0 (installed 2018-07-09)
3rd Party Preference Panes:
Flash Player (installed 2018-09-21)
Java (installed 2017-08-23)
Time Machine:
Time Machine Not Configured!
Performance:
System Load: 5.11 (1 min ago) 6.06 (5 min ago) 5.89 (15 min ago)
Nominal I/O speed: 17.05 MB/s
File system: 29.55 seconds
Write speed: 1280 MB/s
Read speed: 1919 MB/s
CPU Usage:
| Type | Overall | Individual cores |
| System | 3 % | 7 % | 1 % | 4 % | 1 % | 4 % | 1 % | 4 % | 1 % |
| User | 4 % | 14 % | 1 % | 7 % | 0 % | 6 % | 0 % | 7 % | 0 % |
| Idle | 93 % | 79 % | 99 % | 89 % | 99 % | 90 % | 99 % | 89 % | 99 % |
Top Processes by CPU:
| Process (count) | Source | CPU | Location |
| EtreCheckPro | Etresoft, Inc. | 18.04 % |
| kernel_task | Apple | 5.50 % |
| Dr. Antivirus | ? | 5.34 % | /Applications/Dr. Antivirus.app |
| hidd | Apple | 2.84 % |
| WindowServer | Apple | 0.98 % |
Top Processes by Memory:
| Process (count) | Source | RAM usage | Location |
| kernel_task | Apple | 1.35 GB |
| com.apple.WebKit.WebContent (3) | Apple | 676 MB |
| EtreCheckPro | Etresoft, Inc. | 516 MB |
| mdworker (15) | Apple | 396 MB |
| WindowServer | Apple | 369 MB |
Top Processes by Network Use:
| Process | Source | Input | Output | Location |
| apsd | Apple | 34 KB | 42 KB |
| mDNSResponder | Apple | 40 KB | 24 KB |
| com.apple.WebKit.Networking | Apple | 13 KB | 8 KB |
| ? | 7 KB | 2 KB |
| netbiosd | Apple | 2 KB | 782 B |
Virtual Memory Information:
| Available RAM | 8.99 GB |
| Free RAM | 369 MB |
| Used RAM | 7.01 GB |
| Cached files | 8.63 GB |
| Swap Used | 4 MB |
Software Installs (past 30 days):
| Name | Version | Install Date |
| Microsoft Outlook for Mac | 16.17.18090901 | 2018-09-12 |
| Microsoft OneNote for Mac | 16.17.18090901 | 2018-09-12 |
| Microsoft PowerPoint for Mac | 16.17.18090901 | 2018-09-12 |
| Microsoft Excel for Mac | 16.17.18090901 | 2018-09-12 |
| Safari | 12.0 | 2018-09-18 |
| Microsoft AutoUpdate | 4.3.18090901 | 2018-09-24 |
| Gatekeeper Configuration Data | 155 | 2018-09-25 |
| XProtectPlistConfigData | 2100 | 2018-09-28 |
| Adobe Flash Player | 31.0.0.122 | 2018-10-09 |
| Microsoft Word for Mac | 16.17.18090901 | 2018-10-12 |
| Malwarebytes for Mac | 1.0 | 2018-10-12 |
Diagnostics Information (past 7 days):
2018-10-12 12:18:18 bird CPU
/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/b ird
2018-10-12 12:09:30 com.securemac.MacScanDaemon CPU
/Library/PrivilegedHelperTools/com.securemac.MacScanDaemon
2018-10-12 11:40:19 Dr. Antivirus.app CPU
/Applications/Dr. Antivirus.app
2018-10-12 11:38:02 BitdefenderVirusScanner.app CPU
/Applications/BitdefenderVirusScanner.app
2018-10-12 11:21:21 Xcode.app Hang
/Users/***/Desktop/Xcode.app
2018-10-12 11:19:41 Last Shutdown Cause: 3 - Hard shutdown
2018-10-08 21:04:33 com.apple.WebKit.WebContent CPU (10 times)
/System/Library/StagedFrameworks/Safari/WebKit.framework/Versions/A/XPCServices/ com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
End of report
