Etrecheck Version: 3.3 (383) Report Generated 2017-05-16 12:22:16 Download Etrecheck From Runtime: 2:09 Performance: Excellent

EtreCheck version: 3.
3 (383)
Report generated 2017-05-16 12:22:16
Download EtreCheck from https://etrecheck.com
Runtime: 2:09
Performance: Excellent
Click the [Lookup] links for more information from Apple Support Communities.
Click the [Details] links for more information about that line.
Click the [Remove/Report] links to remove adware or update the whitelist of legitimate software.
Problem: Other problem

Description:
Hi
Turned on the Mac tonight and when I try and open a website, a new tab also opens with random d
sites. Here's just 3 of the sites so far:
http://homeburu.xyz/?cid=13712&pub=100562&sid1=IYD&sid2=1494367758073_1494367756
593_142_194878_40608818_1&lp=3009
http://securefastmac.space/landings/197/?affid=mzb_476.8794241.1494367909.30.mzb
&utm_source=affxe&utm_medium=cpi&utm_campaign=mk_affxe_cpi_t1_197&utm_term=&utm_
content=&userDefiner=mzb_2974&alert=44&trt=29_3139511156&tid_ext=102295;1025e7fb
febbfd30b4142dc9b735ba&redirect=loadblue
http://gen.mactechright.com/jo/bl?m=329F257E-F578-5C5E-A4A9-A6BC23CA891F&ua=Mozi lla/
5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_10_5)%20AppleWebKit/602.4.8%20 (K
%20like%20Gecko)%20Version/10.0.3%20Safari/602.4.8&err=Different%20end-us
er%20between%20bidding%20and%20impression#s0d4
Seems every time I open anything. I'm assuming its Malware - how do I stop this / get rid of it. My
is up to date. I'm using Safari, but it happens in Google Chrome too.
Thanks
Hardware Information:
MacBook Pro (Retina, 13-inch, Late 2013)
[Technical Specifications] - [User Guide] - [Warranty & Service]
MacBook Pro - model: MacBookPro11,1
1 2.6 GHz Intel Core i5 (i5-4288U) CPU: 2-core
8 GB RAM Not upgradeable
BANK 0/DIMM0
4 GB DDR3 1600 MHz ok
BANK 1/DIMM0
4 GB DDR3 1600 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: en0: 802.11 a/b/g/n/ac
Battery: Health = Normal - Cycle count = 1386
Video Information:
Intel Iris - VRAM: 1536 MB
Color LCD 2560 x 1600
System Software:
macOS Sierra 10.12.4 (16E195) - Time since boot: about one hour
Disk Information:
APPLE SSD SM0512F disk0 : (500.28 GB) (Solid State - TRIM: Yes)
[Show SMART report]
EFI (disk0s1 - MS-DOS FAT32) <not mounted> : 210 MB
Recovery HD (disk0s3 - Journaled HFS+) <not mounted> [Recovery]: 650 MB
Macintosh HD (disk1 - Journaled HFS+) / [Startup]: 499.05 GB (115.03 GB free)
Core Storage: disk0s2 499.42 GB Online
USB Information:
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
Thunderbolt Information:
Apple Inc. thunderbolt_bus
Configuration files:
/etc/hosts - Count: 1
Gatekeeper:
Mac App Store and identified developers
Possible adware:
Unknown file: /Library/LaunchAgents/com.September.plist
Adware: /Library/LaunchDaemons/com.apple.cheechran.plist
Adware: /Library/LaunchDaemons/com.apple.therkkin.plist
Unknown file: /Library/LaunchDaemons/com.egprxseprbol.plist
Unknown file: /Library/LaunchDaemons/com.iuaextiwciys.plist
Unknown file: /Library/LaunchDaemons/com.xMFQZAFu.plist
Adware: ~/Library/LaunchAgents/com.bittorrent.BitTorrent.plist
Adware: ~/Library/LaunchAgents/com.bittorrent.uTorrent.plist
Unknown file: ~/Library/LaunchAgents/com.reshipper.plist
/Library/reshipper/reshipper
Adware: ~/Library/LaunchAgents/com.spigot.ApplicationManager.plist
10 possible adware files found. [Remove/Report]
Kernel Extensions:
/Applications/MATLAB_R2016b.app
[not loaded] com.mathworks.sldrtkrn (5.3.0 - OS X 10.8) [Lookup]
/Applications/Parallels Desktop.app
[not loaded] com.parallels.kext.hypervisor (12.0.2 41353 - SDK 10.9) [Lookup]
[not loaded] com.parallels.kext.netbridge (12.0.2 41353 - SDK 10.9) [Lookup]
[not loaded] com.parallels.kext.usbconnect (12.0.2 41353 - SDK 10.9) [Lookup]
[not loaded] com.parallels.kext.vnic (12.0.2 41353 - SDK 10.9) [Lookup]
/Applications/VMware Fusion.app
[not loaded] com.vmware.kext.vmci (7.0.1) [Lookup]
[not loaded] com.vmware.kext.vmioplug.14.1.3 (7.0.1) [Lookup]
[not loaded] com.vmware.kext.vmnet (7.0.1) [Lookup]
[not loaded] com.vmware.kext.vmx86 (7.0.1) [Lookup]
[not loaded] com.vmware.kext.vsockets (7.0.1) [Lookup]
/Library/Application Support/VirtualBox
[loaded] org.virtualbox.kext.VBoxDrv (5.1.14) [Lookup]
[loaded] org.virtualbox.kext.VBoxNetAdp (5.1.14) [Lookup]
[loaded] org.virtualbox.kext.VBoxNetFlt (5.1.14) [Lookup]
[loaded] org.virtualbox.kext.VBoxUSB (5.1.14) [Lookup]
/Library/Extensions
[loaded] com.intel.kext.intelhaxm (6.0.3 - SDK 10.9) [Lookup]
Startup Items:
TuxeraNTFSUnmountHelper: Path: /Library/StartupItems/TuxeraNTFSUnmountHelper
Startup items no longer function in OS X Yosemite or later
System Launch Agents:

[not loaded] 6 Apple tasks
[loaded] 176 Apple tasks
[running] 100 Apple tasks
System Launch Daemons:

[not loaded] 38 Apple tasks
[loaded] 173 Apple tasks
[running] 108 Apple tasks
Launch Agents:
[running] SwapperUFi.plist (Unknown - installed 2017-02-11) [Lookup]
[not loaded] com.September.plist (Unknown - installed 2017-04-26) [Lookup]
[not loaded] com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-03-07)
[loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-03-29) [Lookup]
[loaded] com.oracle.java.Java-Updater.plist (Unknown - installed 2017-03-17) [Lookup]
[loaded] org.chromium.chromoting.plist (Shell script - installed 2017-03-20) [Lookup]
[loaded] org.gpgtools.Libmacgpg.xpc.plist (Lukas Pitschl - installed 2016-10-14) [Lookup]
[loaded] org.gpgtools.macgpg2.fix.plist (Shell script - installed 2016-10-14) [Lookup]
[running] org.gpgtools.macgpg2.shutdown-gpg-agent.plist (Shell script - installed 2016-10-14
[loaded] org.gpgtools.updater.plist (Lukas Pitschl - installed 2017-03-21) [Lookup]
[loaded] org.macosforge.xquartz.startx.plist (Apple Inc. - XQuartz - installed 2016-10-26) [Loo
Launch Daemons:
[running] PPPMonitord.plist (Unknown - installed 2017-02-11) [Lookup]
[loaded] com.BlueStacks.AppPlayer.bstservice_helper.plist (BlueStack Systems, Inc. - installe
2015-08-19) [Lookup]
[loaded] com.adobe.SwitchBoard.plist (Unknown - installed 2017-03-07) [Lookup]
[loaded] com.adobe.fpsaud.plist (Unknown - installed 2017-04-27) [Lookup]
[running] com.apple.cheechran.plist (Unknown - installed 2017-04-23) Adware! [Remove/R
/Library/cheechran
[running] com.apple.therkkin.plist (Unknown - installed 2017-04-24) Adware! [Remove/Rep
/Library/therkkin
[not loaded] com.egprxseprbol.plist (Unknown - installed 2017-04-24) [Lookup]
[loaded] com.google.keystone.daemon.plist (Google, Inc. - installed 2017-04-19) [Lookup]
[not loaded] com.intel.haxm.plist (Unknown - installed 2016-06-12) [Lookup]
[not loaded] com.iuaextiwciys.plist (Unknown - installed 2017-04-23) [Lookup]
[loaded] com.microsoft.office.licensing.helper.plist (Unknown - installed 2010-08-25) [Lookup
[loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2017-0
[Lookup]
[running] com.ni.ServiceLocator.plist (National Instruments - installed 2017-02-14) [Lookup]
[loaded] com.oracle.java.Helper-Tool.plist (Shell script - installed 2016-12-13) [Lookup]
[failed] com.oracle.oss.mysql.mysqld.plist (Oracle America, Inc. - installed 2016-09-29) [Look
[not loaded] com.xMFQZAFu.plist (Unknown - installed 2017-04-23) [Lookup]
[loaded] org.macosforge.xquartz.privileged_startx.plist (Apple Inc. - XQuartz - installed 2016-
[Lookup]
[not loaded] org.macports.postgresql84-server.plist (Unknown - installed 2017-03-01) [Looku
[not loaded] org.virtualbox.startup.plist (Shell script - installed 2017-02-05) [Lookup]
User Launch Agents:

[loaded] com.bittorrent.BitTorrent.plist ((null) - installed 2017-03-23) Adware! [Remove/Rep
/usr/bin/open
[loaded] com.bittorrent.uTorrent.plist ((null) - installed 2017-03-23) Adware! [Remove/Repo
/usr/bin/open
[loaded] com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2017-05-03) [
[running] com.reshipper.plist (Unknown - installed 2017-05-16) [Lookup]
[running] com.spigot.ApplicationManager.plist (Unknown - installed 2016-12-29) Adware! [R
Report]
~/Library/Application Support/Spigot/ApplicationManager
[not loaded] org.virtualbox.vboxwebsrv.plist (Oracle America, Inc. - installed 2017-02-05) [Lo
User Login Items:

iTunesHelper Application (installed 2017-03-30)
(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)
VMware Fusion Start Menu Application
(/Applications/VMware Fusion.app/Contents/Library/VMware Fusion Start Menu.app)
Dropbox Application
(/Applications/Dropbox.app)
Google Drive Application
(/Applications/Google Drive.app)
Android File Transfer Agent Application
(~/Library/Application Support/Google/Android File Transfer/Android File Transfer Agent.app)
Google Chrome Application - Hidden
(/Applications/Google Chrome.app)
ConceptDraw STORE Application (installed 2017-05-16)
(/Applications/ConceptDraw STORE.app/Contents/MacOS/CDSBAutostart.app)
com.adobe.SwitchBoard.monitor.plist MachInit - Hidden
(/etc/mach_init_per_user.d/com.adobe.SwitchBoard.monitor.plist)
Mach Init items are deprecated
Internet Plug-ins:
FlashPlayer-10.6: 25.0.0.171 (installed 2017-05-15) [Lookup]
QuickTime Plugin: 7.7.3 (installed 2017-04-23)
Flash Player: 25.0.0.171 (installed 2017-05-15) [Lookup]
LV150HelperLauncher: 15.0.1 (installed 2017-02-22) [Lookup]
SharePointBrowserPlugin: 14.0.0 (installed 2010-08-25) [Lookup]
PepperFlashPlayer: 25.0.0.171 (installed 2017-05-15) [Lookup]
LV160HelperLauncher: 16.0.0 (installed 2017-02-14) [Lookup]
JavaAppletPlugin: Java 8 Update 121 build 13 (installed 2017-03-17) Check version
User internet Plug-ins:

Picasa: 1.0 (installed 2015-10-13) [Lookup]
Safari Extensions:
[enabled] Open in Internet Explorer - Parallels - http://www.parallels.com (installed 2016-11
3rd Party Preference Panes:

remoting_host_prefpane (installed 2017-04-06) [Lookup]
Flash Player (installed 2017-04-27) [Lookup]
FUSE for OS X (OSXFUSE) (installed 2015-02-07) [Lookup]
GPGPreferences (installed 2016-10-14) [Lookup]
Java (installed 2017-03-17) [Lookup]
MacFUSE (installed 2008-12-20) [Lookup]
MySQL (installed 2016-09-29) [Lookup]
NTFS-3G (installed 2010-10-11) [Lookup]
Tuxera NTFS (installed 2016-01-29) [Lookup]
Time Machine:
Skip System Files: NO
Mobile backups: ON
Auto backup: YES
Volumes being backed up:
Macintosh HD: Disk size: 499.05 GB Disk used: 384.01 GB
Destinations:
BACKUP [Local]
Total size: 639.79 GB
Total number of backups: 2
Oldest backup: 16/2/15, 4:38 AM
Last backup: 16/2/15, 7:05 AM
Size of backup disk: Too small
Backup size 639.79 GB < (Disk used 384.01 GB X 3)
Top Processes by CPU:

23% (osascript)
13% com.apple.WebKit.WebContent(4)
13% mdworker(9)
8% WindowServer
6% launchservicesd
Top Processes by Memory:

1.30 GB Google Chrome Helper(12)
753 MB kernel_task
418 MB com.apple.WebKit.WebContent(4)
295 MB Google Chrome
254 MB firefox
Top Processes by Network Use:

Input Output Process name
3 MB 76 KB firefox
125 KB 271 KB Dropbox
99 KB 26 KB mDNSResponder
18 KB 31 KB apsd
29 KB 18 KB Telegram
Top Processes by Energy Use:
5.68 WindowServer
5.58 launchservicesd
3.08 Safari
2.94 com.apple.WebKit
2.82 loginwindow
Virtual Memory Information:

2.47 GB Available RAM
146 MB Free RAM
5.53 GB Used RAM
2.33 GB Cached files
10 MB Swap Used
Diagnostics Information:
2017-05-16 11:16:38 Self test - passed

Etrecheck Version: 3.3 (383) Report Generated 2017-05-16 12:22:16 Download Etrecheck From Runtime: 2:09 Performance: Excellent

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Etrecheck Version: 3.3 (383) Report Generated 2017-05-16 12:22:16 Download Etrecheck From Runtime: 2:09 Performance: Excellent

Uploaded by

Copyright:

Available Formats

EtreCheck version: 3.

Problem: Other problem

System Launch Agents:

System Launch Daemons:

User Launch Agents:

User Login Items:

User internet Plug-ins:

3rd Party Preference Panes:

Top Processes by CPU:

Top Processes by Memory:

Top Processes by Network Use:

Virtual Memory Information:

You might also like