Jump to content

neilbar

Members
  • Posts

    20
  • Joined

  • Last visited

Everything posted by neilbar

  1. Hi adas, Hi alvarnell, thanks so much adas: that connections list a was super useful I found a rule in Little Snitch (from 2018) which was disallowing connections to: RTProtectiondaemon strange that it had not previously prevented updates! my "reports" tab looks good - it now states: updates: protection updated to 4.0.424 lovely, such great support from you guys neilB
  2. Hi thanks there in "update" mine shows 3.9.27 thanks neil
  3. Hi Just replying to check "notify me of replies"
  4. Hi I am using the marvellous Malarebytes 3.9.27 on a mac (High Sierra 10.13.6) and am seeing "Updates are not current" on the Malarebytes dashboard the last 2 days. When I rollover then click on "check for updates" the button, it goes black then "feels the click' by flickering, but nothing happens, [screenshot] I'l mention that I do use little Snitch, but I have checked that to see if I accidentally blocked Malwarebytes from calling out and I see nothing under Malwarebytes in my list of rules. BTW: If I go to Malwarebytes in the menu at top of screen near the apple I can select check for updates and it sohws my version as curent.
  5. Alvarnell thanks I am frustrated I can't find the article that said update macs to OSX 10.14, but if there is no iMessage OSX vulnerability that's cool good to know again, much appreciated Neil
  6. Hi MAXBAR1 strange then if I go to "updates" on the Mac mini [ v 3.1.1.505] it shows "you are using the latest version. something amiss? thx N
  7. AHA, that makes sense thanks that was on my Mac (v 3.1.1.505), on my MacBook (v3.9.27) it doesn’t pop up item names as it scans. hence my concern, it seemed unusual looks like one of those app's needs an update perhaps? N
  8. Alvarnell thanks I swear I saw an article about updating Macs to the latest OSX to get around there iMessage bug, but hey, I can't find it now. again, I appreciate your kind attention N
  9. Hi guys when I run Malwarebytes I see 'Trojan.StreamStealer.GSGO' pop up for a few seconds, that doesn’t seem good? there are a few 'adware' listings too, it all shoots past real quick so I can't note them and I can't work out where I might see. list of these potentially suspicious items. Anyhoo nothing ends up in quarantine and Malwarebytes reports " - - - you are clean" no threats were listed at the end of the scan - I would expect "Trojan.StreamStealer.GSGO" is a threat?? thanks lot great to know you are out there neil
  10. Treed, thanks for the reassurance I thought it looked OK, I am amazed that Fedex could not loom at their own link and confirm they'd sent it. Anyhoo this whole thing has got me thinning more seriously about my online security so something good came out of it. thanks man
  11. Hi Alvarnell thanks for your help, I am very grateful I have searched again and the only BBC post I can find now is here: https://www.bbc.co.uk/news/technology-49165946 my Mac OSX is up to date within High Sierra 10.12x, of course Apple are beyond OSX 10.13 now - so I can't instal the latest version of OSX. I could get nothing from Fedex about this message, in the end I received another from the same number that did include a tracking number and later a parcel, so they seem like a bunch of idiots given their support could not recognise the ref number accessed via the original message. thanks lots
  12. HI I am learning why it is vital to have Malwarebytes on a mac - but I have a question please some background: The UK BBC has reported an iMessage hack and suggests user update macs to the latest OSX 10.13, I am not in a position to do that, using 10.13.6. I received this iMessage supposedly from Fedex, Your FedEx package is due for delivery by 02/09. To reschedule, go to [link removed] before 23:59. To opt out, reply STOP it took me to a very convincing looking 'Fedex' website website where I had to add my postcode to "log in", then that shows a package ID number, which Fedex do not recognise. Their interest in this issue seems rather minimal. Perhaps mistakenly I presumed that an address starting with "https://www.fedex.com" was guaranteed to be OK, but maybe not? Fedex don't seem interested in confirming one way or the other. Going to that shortened link for sure looks like Fedex (and almost the same as the one above just with some info pre filed in on the form) , but who knows. First Fedex replied: "Dear Mr. Barstow, Regrettably, your email did not provide the FedEx tracking number used for the shipment Despite our efforts to locate it we have been unsuccessful. We would like to review this further for you, but in order to do so, we would need the FedEx tracking number used, the date the package was tendered to FedEx, and the shipper's and recipient's name and full address. It would be helpful if you could also confirm if the package has been sent from an International location or shipped within the UK. Should you require any further assistance please do not hesitate to contact me or our Customer Relations Team. " I replied: " Hi this really is Catch 22, I seem to be in an inescapable corner! I didn't know someone was sending me something via Fedex, either UK or international? [however I do have a parcel coming from the USA on USPS, but they don't use FedEx for international - do they?] What started this all off was that I received an SMS text message, so there MUST be a shipment! the message: Your FedEx package is due for delivery by 02/09. To reschedule, go to [link removed] before 23:59. To opt out, reply STOP I don't know where the shipment is coming from, that’s what I was trying to find out by using the "unique shipment code" produced in your web interface [by clicking that link], surely that must link to the shipment in your system because i am offered the opportunity to Why your programmers didn't use the standard tracking number there escapes me can you help please?" then, later: " Thank you for your email and bringing this to my attention. I can assure you that this email has not been generated by FedEx or any of our subsidiaries.I would suggest you do not open any attachment, delete the email and run an anti-virus scan. Our security department is currently working with various agencies to combat any fraudulent activity that implicates FedEx and its logo. If you receive any further emails of this nature please forward them to abuse@fedex.com. Once again, thank you for taking the time to alert us to this matter." as it wasn’t an email and nothing about the web address being OK or not I am still concerned.] I ran malwarebytes, it came up with "clean", that's a relief - theres nothing in the Library/Application Support/Malwarebytes/MBAM/quarantine folder, so I guess nothing was found? so my question (at last) Am I safe? Would Malwarebytes relaibly find the mac 'iMessages' malware? How fast do you guys keep up with these threats? thanks so much, what a fab app you made
  13. Hi, I am using Malwarebytes v 3.1.1.505 (check for updates tells me that’s latest) on Mac OSX 10.12.6. I am seeing a request to buy/subscribe or be downgraded to "free" and lose "real time protection" I also see the "Updates are Not Current" warning - is not subscribing yet my problem? no more updates 'til I buy the application? when I click on "check for updates" the control panel flashes and then the warning re-appears. I've read these posts and a previous thread but nothing is shining a light on my issue - - The suggested "MB clean" appears to be an exe, so I guess that’s windows only process - I reset the Macs clock, well to be accurate I switched off "set date and time automatically", changed the time manually and then reactivated "set date and time automatically". The time seems to be correct. I'd really appreciate any tips please. thanks
  14. Hi I have been ruining Malwarebytes a while on my mac, thanks for l making it available. Definitely provides an air of security. Today I saw this error message from "Little Snitch" about the RTProtectionDaemon and an issue with the process code signature [screenshot attached]: I could not find any info about this here, but google did provide some info on other forums. Nothing definitive though. Do you need a system snapshot? this seems like an error outside my mac? I read this text on your site about system snapshots, but when I look at the malwarebytes item in the menubar there is no option to "Take System Snapshot" [see second screenshot] So, I opened malwarebytes - but there seems to be no option to take a system snapshot there either: Include a system snapshot taken with Malwarebytes Anti-Malware for Mac on the affected system Choose Take System Snapshot from the Scanner menu, in the menu bar at the top of the screen When the snapshot window opens, choose Select All from the Edit menu, copy the selected text Paste the copied snapshot into your post here I hope this is sufficient info. Now that Little Snitch has blocked the RTProtectionDaemon I guess malwarebytes cant work properly? Little Snitch tells me "On 15 Feb 2018, RTProtectionDaemon tried to establish a connection to sirius.mwbsys.com. The request was denied via connection alert." thanks for your help With my regards
  15. Hi treed, thanks for this, I ran a scan just before doing this report. I also attached a screenshot of the Avast warning I keep seeing my reading of that is something in Chrome is trying to install the Spigot ADW extension but, hey, I don't know much Malwarebytes Anti-Malware 1.2.6.730 system report - 15 March 2017 14:46:27 GMT Mac OS X version Version 10.10.5 (Build 14F2315) System uptime: 8d 01:21:46 Helper tool version: 1.2.6.730 Signatures version: 172 Safari extensions ----------------------- neil neil Name: 1Password Path: /Users/neil/Library/Safari/Extensions/1Password.safariextz Modified: 2017-02-15 10:02:10 +0000 Name: Clip to DEVONthink Path: /Users/neil/Library/Safari/Extensions/Clip to DEVONthink.safariextz Modified: 2015-07-29 16:28:22 +0000 Name: Save to Pocket Path: /Users/neil/Library/Safari/Extensions/Save to Pocket.safariextz Modified: 2015-11-09 15:52:47 +0000 Name: Avast Online Security Path: /Users/neil/Library/Safari/Extensions/wrc.safariextz Modified: 2015-04-05 18:27:39 +0000 Chrome extensions ----------------------- neil Default Name: Google Slides Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/aapocclcgogkmnckokdopfmhonfmgoek Modified: 2017-03-10 17:50:46 +0000 Name: BIODIGITAL HUMAN Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/agoenciogemlojlhccbcpcfflicgnaak Modified: 2017-03-10 17:52:55 +0000 Name: Google Docs Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/aohghmighlieiainnegkcijnfilokake Modified: 2017-03-10 17:51:08 +0000 Name: 1Password: Password Manager and Secure Wallet Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/aomjjhallfgjeglblehebfpbcfeobpgk Modified: 2017-03-10 17:52:54 +0000 Name: Google Drive Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/apdfllckaahabafndbhieahigkjlhalf Modified: 2017-03-10 17:51:08 +0000 Name: YouTube Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/blpcfgokakmgnkcojhhkbfbldkacnbeo Modified: 2017-03-10 17:51:08 +0000 Name: http://goo.gl/7Kjxu Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/cflbkoephoheejkaalghgahfjmjolhgh Modified: 2017-03-10 17:52:47 +0000 Name: Gmail Offline Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/ejidjjhkpiempkbhmpbfngldlkglhimk Modified: 2017-03-10 17:52:55 +0000 Name: Google Sheets Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/felcaaldnbdncclmgdcncolpebgiejap Modified: 2017-03-10 17:50:44 +0000 Name: Office Editing for Docs, Sheets & Slides Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/gbkeegbaiigmenfmjfclcdgdpimamgkj Modified: 2017-03-10 17:52:53 +0000 Name: Google Docs Offline Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/ghbmnnjooekpmoecnnnilnnbdlolhkhi Modified: 2017-03-10 17:50:44 +0000 Name: Avast Online Security Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/gomekmidlodglbbmalcneegieacbdmki Modified: 2017-03-10 17:50:48 +0000 Name: Ghostery Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/mlomiejdfkolichcflejclcbmpeaniij Modified: 2017-03-10 17:52:54 +0000 Name: Save to Pocket Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/niloccemoadcdkdjlinkgdfekeahmflj Modified: 2017-03-14 23:02:07 +0000 Name: RSS Subscription Extension (by Google) Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/nlbjncdgjeocebhnmkbbbdekmmmcbfjd Modified: 2017-03-10 17:52:57 +0000 Name: Chrome Web Store Payments Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda Modified: 2017-03-10 17:50:43 +0000 Name: Gmail Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pjkljhegncpnkpknbcohdijeoejaedia Modified: 2017-03-10 17:51:08 +0000 Name: Clip to DEVONthink Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pjoafdokmbmkpolhcnmnkgaicbajigcc Modified: 2017-03-10 17:52:53 +0000 Name: Chrome Media Router Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pkedcjkdefgpdelpbcmbmeomcjbeemfm Modified: 2017-03-10 17:50:45 +0000 Name: Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/Temp Modified: 2017-03-14 23:02:08 +0000 Chrome Name: [unknown Chrome extension format] Path: /Users/neil/Library/Application Support/Google/Chrome/External Extensions/external_extensions.json Modified: 2013-03-19 12:22:27 +0000 Name: [unknown Chrome extension format] Path: /Users/neil/Library/Application Support/Google/Chrome/External Extensions/gomekmidlodglbbmalcneegieacbdmki.json Modified: 2015-12-18 16:37:13 +0000 Firefox extensions ----------------------- neil 75n4zhh6.default Name: 1Password Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/onepassword4@agilebits.com.xpi Modified: 2017-02-10 20:03:24 +0000 Name: Avast Online Security Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/wrc@avast.com.xpi Modified: 2015-12-18 16:37:14 +0000 Name: EPUBReader Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/{5384767E-00D9-40E9-B72F-9CC39D655D6F} Modified: 2017-02-12 19:09:15 +0000 Name: Video DownloadHelper Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi Modified: 2017-02-10 20:03:26 +0000 User Login Items ----------------------- User: neil Name: Flux Path: /Applications/Flux.app Name: ChronoSync Scheduler Path: /Applications/ChronoSync.app/Contents/Library/LoginItems/ChronoSync Scheduler.app Name: Macs Fan Control Path: /Applications/Macs Fan Control.app Name: iTunesHelper Path: /Applications/iTunes.app/Contents/MacOS/iTunesHelper.app Name: AdobeResourceSynchronizer Path: /Applications/Adobe Acrobat 8 Professional/Adobe Acrobat Professional.app/Contents/Support/AdobeResourceSynchronizer.app Name: ChronoSync Path: /Applications/ChronoSync.app Name: SMARTReporter Path: /Applications/SMARTReporter/SMARTReporter.app Name: Typinator Path: /Applications/Typinator.app Name: KeyCue Path: /Applications/KeyCue.app Name: PopChar Path: /Applications/PopChar.app Name: Dropbox Path: /Applications/Dropbox.app Name: Default Folder X Path: /Applications/Default Folder X.app Name: i1ProfilerTray Path: /Applications/i1Profiler/i1ProfilerTray.app Name: StretchWare Controller Path: /Library/Application Support/Stretchware Controller.app Name: DEVONthink Sorter Path: /Applications/DEVONthink Pro298.app/Contents/PlugIns/SorterPlugin.bundle/Contents/MacOS/DEVONthink Sorter.app System startup items ----------------------- /Library/StartupItems/CSPServer /Library/StartupItems/CSPStartService /Library/StartupItems/ProTec6b User launch agents ----------------------- /Users/neil/Library/LaunchAgents/.DS_Store /Users/neil/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.2fb951a3e452587cd5063eae0b2acfc945704ab94bfa753dc717073c.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.340705c52d34eece5246c291634d82a64671f6760541ccdaa681f58f.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.65c5828f42d209bbea6e1a2b1653374a5579cd7545b886457d2d094f.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.9a2b6c451f02d418f088afa4a0d2da0bc52175383a2bc11189215ec6.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.ad895013aeb33ea6e968d9fdc06c0eb42c7c2a5229d98d64ad002716.plist /Users/neil/Library/LaunchAgents/com.amazon.music.plist /Users/neil/Library/LaunchAgents/com.apple.SafariBookmarksSyncer.plist /Users/neil/Library/LaunchAgents/com.avast.home.userinit.plist /Users/neil/Library/LaunchAgents/com.avast.secureline.home.userinit.plist /Users/neil/Library/LaunchAgents/com.backblaze.bzbmenu.plist /Users/neil/Library/LaunchAgents/com.barebones.weathercal-agent.plist /Users/neil/Library/LaunchAgents/com.c-command.SpamSieve.LaunchAgent.plist /Users/neil/Library/LaunchAgents/com.citrixonline.GoToMeeting.G2MUpdate.plist /Users/neil/Library/LaunchAgents/com.dropbox.DropboxMacUpdate.agent.plist /Users/neil/Library/LaunchAgents/com.google.Chrome.framework.plist /Users/neil/Library/LaunchAgents/ws.agile.1PasswordAgent.plist System launch agents ----------------------- /Library/LaunchAgents/at.obdev.LittleSnitchUIAgent.plist /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist /Library/LaunchAgents/com.adobe.AdobeCreativeCloud.plist /Library/LaunchAgents/com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist /Library/LaunchAgents/com.avast.secureline.update-agent.plist /Library/LaunchAgents/com.avast.secureline.userinit.plist /Library/LaunchAgents/com.avast.update-agent.plist /Library/LaunchAgents/com.avast.userinit.plist /Library/LaunchAgents/com.epson.epw.agent.plist /Library/LaunchAgents/com.google.keystone.agent.plist /Library/LaunchAgents/com.hp.StatusMonitor.plist /Library/LaunchAgents/com.oracle.java.Java-Updater.plist /Library/LaunchAgents/com.softraid.SoftRAIDMonitor.plist /Library/LaunchAgents/com.teamviewer.teamviewer.plist /Library/LaunchAgents/com.teamviewer.teamviewer_desktop.plist /Library/LaunchAgents/com.trusteer.rapport.rapportd.plist /Library/LaunchAgents/com.wacom.wacomtablet.plist /Library/LaunchAgents/com.xrite.device.softwareupdate.plist /Library/LaunchAgents/net.culater.SIMBL.Agent.plist System launch daemons ----------------------- /Library/LaunchDaemons/at.obdev.littlesnitchd.plist /Library/LaunchDaemons/com.adobe.adobeupdatedaemon.plist /Library/LaunchDaemons/com.adobe.agsservice.plist /Library/LaunchDaemons/com.adobe.ARMDC.Communicator.plist /Library/LaunchDaemons/com.adobe.ARMDC.SMJobBlessHelper.plist /Library/LaunchDaemons/com.adobe.fpsaud.plist /Library/LaunchDaemons/com.adobe.SwitchBoard.plist /Library/LaunchDaemons/com.adobe.versioncueCS3.plist /Library/LaunchDaemons/com.aladdin.aksusbd.plist /Library/LaunchDaemons/com.aladdin.hasplmd.plist /Library/LaunchDaemons/com.ambrosiasw.ambrosiaaudiosupporthelper.daemon.plist /Library/LaunchDaemons/com.avast.init.plist /Library/LaunchDaemons/com.avast.secureline.init.plist /Library/LaunchDaemons/com.avast.secureline.uninstall.plist /Library/LaunchDaemons/com.avast.secureline.update.plist /Library/LaunchDaemons/com.avast.uninstall.plist /Library/LaunchDaemons/com.avast.update.plist /Library/LaunchDaemons/com.backblaze.bzserv.plist /Library/LaunchDaemons/com.barebones.bbedit.plist /Library/LaunchDaemons/com.colorburstrip.ColorBurst-Overdrive.plist /Library/LaunchDaemons/com.colorburstrip.lpd.plist /Library/LaunchDaemons/com.dymo.pnpd.plist /Library/LaunchDaemons/com.econtechnologies.ChronoAgentRemote.plist /Library/LaunchDaemons/com.google.keystone.daemon.plist /Library/LaunchDaemons/com.malwarebytes.HelperTool.plist /Library/LaunchDaemons/com.microsoft.autoupdate.helper.plist /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist /Library/LaunchDaemons/com.rogueamoeba.instanton-agent.plist /Library/LaunchDaemons/com.softraid.softraidd.plist /Library/LaunchDaemons/com.stclairsoft.AppTamerAgent.plist /Library/LaunchDaemons/com.teamviewer.Helper.plist /Library/LaunchDaemons/com.teamviewer.teamviewer_service.plist /Library/LaunchDaemons/com.trusteer.rooks.rooksd.plist /Library/LaunchDaemons/com.xrite.device.xrdd.plist Kernel extensions ----------------------- /System/Library/Extensions/basICColorDISCUS.kext /System/Library/Extensions/DymoUsbPrinterClassDriver.kext /System/Library/Extensions/hp_designjet_series.kext /System/Library/Extensions/JMicronATA.kext /System/Library/Extensions/KeyspanUSAdriver.kext /System/Library/Extensions/SiLabsUSBDriver.kext /System/Library/Extensions/SiLabsUSBDriver64.kext /System/Library/Extensions/UsbEthernetGadget.kext /System/Library/Extensions/Wacom Tablet.kext /Library/Extensions/ACS6x.kext /Library/Extensions/AmbrosiaAudioSupport.kext /Library/Extensions/ArcMSR.kext /Library/Extensions/ATTOCelerityFC8.kext /Library/Extensions/ATTOExpressSASHBA2.kext /Library/Extensions/ATTOExpressSASRAID2.kext /Library/Extensions/basICColorDISCUS.kext /Library/Extensions/BJUSBLoad.kext /Library/Extensions/CalDigitHDProDrv.kext /Library/Extensions/CIJUSBLoad.kext /Library/Extensions/EPSONUSBPrintClass.kext /Library/Extensions/FTDIKext.kext /Library/Extensions/HighPointIOP.kext /Library/Extensions/HighPointRR.kext /Library/Extensions/hp_designjet_series.kext /Library/Extensions/hp_io_enabler_compound.kext /Library/Extensions/iCColor.kext /Library/Extensions/LittleSnitch.kext /Library/Extensions/PromiseSTEX.kext /Library/Extensions/SoftRAID.kext launchd.conf contents ----------------------- Hosts file ----------------------- ## # Host Database # # localhost is used to configure the loopback interface # when the system is booting. Do not change this entry. ## 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost Scan log ----------------------- 2017-03-07 12:54:22 : 2017-03-07 12:54:22 : ----- Scan Started ----- 2017-03-07 12:54:22 : Scanning with signatures version 171 (2017-2-23) 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/hbcennhacfaagdopikcegfcobcadeocj.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/hjalolmjgklbjgaomjjofphdjnajmnim.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/icdlfehblmklkikfigmjhbmmpmkmpooj.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/mhkaekfpcppmmioggniknbnbdbcigpkk.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/pfndaklgolladniicklehhancnlgocpp.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/saamazon@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/saebay@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/savingsslider@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/searchme@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot 2017-03-07 12:58:49 : *** Scan time: 0d 00:04:26 *** 2017-03-07 12:58:49 : ------ Scan Ended ------ 2017-03-07 13:02:29 : Removing detected threats... 2017-03-07 13:02:29 : Removing Extension Item: /Users/neil/Library/Application Support/Google/Chrome/External Extensions/hbcennhacfaagdopikcegfcobcadeocj.json 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing Item: /Users/neil/Library/Application Support/Spigot 2017-03-07 13:02:31 : ---- Threat Removal Complete ---- 2017-03-08 14:37:20 : 2017-03-08 14:37:20 : ----- Scan Started ----- 2017-03-08 14:37:21 : Scanning with signatures version 171 (2017-2-23) 2017-03-08 14:37:21 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pfndaklgolladniicklehhancnlgocpp 2017-03-08 14:41:19 : *** Scan time: 0d 00:03:58 *** 2017-03-08 14:41:19 : ------ Scan Ended ------ 2017-03-08 14:43:45 : Removing detected threats... 2017-03-08 14:43:45 : Removing Extension Item: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pfndaklgolladniicklehhancnlgocpp 2017-03-08 14:43:45 : ---- Threat Removal Complete ---- 2017-03-08 14:44:24 : 2017-03-08 14:44:26 : ----- Scan Started ----- 2017-03-08 14:44:26 : Scanning with signatures version 171 (2017-2-23) 2017-03-08 14:49:42 : *** Scan time: 0d 00:05:16 *** 2017-03-08 14:49:42 : ------ Scan Ended ------ 2017-03-10 11:16:16 : 2017-03-10 11:16:17 : ----- Scan Started ----- 2017-03-10 11:16:17 : Scanning with signatures version 172 (2017-3-9) 2017-03-10 11:20:21 : *** Scan time: 0d 00:04:04 *** 2017-03-10 11:20:21 : ------ Scan Ended ------ 2017-03-10 14:44:36 : 2017-03-10 14:44:37 : ----- Scan Started ----- 2017-03-10 14:44:37 : Scanning with signatures version 172 (2017-3-9) 2017-03-10 14:48:28 : *** Scan time: 0d 00:03:51 *** 2017-03-10 14:48:28 : ------ Scan Ended ------ 2017-03-10 15:40:32 : 2017-03-10 15:40:32 : ----- Scan Started ----- 2017-03-10 15:40:32 : Scanning with signatures version 172 (2017-3-9) 2017-03-10 15:44:25 : *** Scan time: 0d 00:03:53 *** 2017-03-10 15:44:25 : ------ Scan Ended ------ 2017-03-15 14:41:25 : 2017-03-15 14:41:25 : ----- Scan Started ----- 2017-03-15 14:41:25 : Scanning with signatures version 172 (2017-3-9) 2017-03-15 14:46:15 : *** Scan time: 0d 00:04:49 *** 2017-03-15 14:46:15 : ------ Scan Ended ------ Malwarebytes Anti-Malware 1.2.6.730 system report - 15 March 2017 14:46:27 GMT Mac OS X version Version 10.10.5 (Build 14F2315) System uptime: 8d 01:21:46 Helper tool version: 1.2.6.730 Signatures version: 172 Safari extensions ----------------------- neil neil Name: 1Password Path: /Users/neil/Library/Safari/Extensions/1Password.safariextz Modified: 2017-02-15 10:02:10 +0000 Name: Clip to DEVONthink Path: /Users/neil/Library/Safari/Extensions/Clip to DEVONthink.safariextz Modified: 2015-07-29 16:28:22 +0000 Name: Save to Pocket Path: /Users/neil/Library/Safari/Extensions/Save to Pocket.safariextz Modified: 2015-11-09 15:52:47 +0000 Name: Avast Online Security Path: /Users/neil/Library/Safari/Extensions/wrc.safariextz Modified: 2015-04-05 18:27:39 +0000 Chrome extensions ----------------------- neil Default Name: Google Slides Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/aapocclcgogkmnckokdopfmhonfmgoek Modified: 2017-03-10 17:50:46 +0000 Name: BIODIGITAL HUMAN Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/agoenciogemlojlhccbcpcfflicgnaak Modified: 2017-03-10 17:52:55 +0000 Name: Google Docs Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/aohghmighlieiainnegkcijnfilokake Modified: 2017-03-10 17:51:08 +0000 Name: 1Password: Password Manager and Secure Wallet Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/aomjjhallfgjeglblehebfpbcfeobpgk Modified: 2017-03-10 17:52:54 +0000 Name: Google Drive Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/apdfllckaahabafndbhieahigkjlhalf Modified: 2017-03-10 17:51:08 +0000 Name: YouTube Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/blpcfgokakmgnkcojhhkbfbldkacnbeo Modified: 2017-03-10 17:51:08 +0000 Name: http://goo.gl/7Kjxu Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/cflbkoephoheejkaalghgahfjmjolhgh Modified: 2017-03-10 17:52:47 +0000 Name: Gmail Offline Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/ejidjjhkpiempkbhmpbfngldlkglhimk Modified: 2017-03-10 17:52:55 +0000 Name: Google Sheets Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/felcaaldnbdncclmgdcncolpebgiejap Modified: 2017-03-10 17:50:44 +0000 Name: Office Editing for Docs, Sheets & Slides Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/gbkeegbaiigmenfmjfclcdgdpimamgkj Modified: 2017-03-10 17:52:53 +0000 Name: Google Docs Offline Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/ghbmnnjooekpmoecnnnilnnbdlolhkhi Modified: 2017-03-10 17:50:44 +0000 Name: Avast Online Security Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/gomekmidlodglbbmalcneegieacbdmki Modified: 2017-03-10 17:50:48 +0000 Name: Ghostery Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/mlomiejdfkolichcflejclcbmpeaniij Modified: 2017-03-10 17:52:54 +0000 Name: Save to Pocket Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/niloccemoadcdkdjlinkgdfekeahmflj Modified: 2017-03-14 23:02:07 +0000 Name: RSS Subscription Extension (by Google) Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/nlbjncdgjeocebhnmkbbbdekmmmcbfjd Modified: 2017-03-10 17:52:57 +0000 Name: Chrome Web Store Payments Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda Modified: 2017-03-10 17:50:43 +0000 Name: Gmail Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pjkljhegncpnkpknbcohdijeoejaedia Modified: 2017-03-10 17:51:08 +0000 Name: Clip to DEVONthink Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pjoafdokmbmkpolhcnmnkgaicbajigcc Modified: 2017-03-10 17:52:53 +0000 Name: Chrome Media Router Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pkedcjkdefgpdelpbcmbmeomcjbeemfm Modified: 2017-03-10 17:50:45 +0000 Name: Path: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/Temp Modified: 2017-03-14 23:02:08 +0000 Chrome Name: [unknown Chrome extension format] Path: /Users/neil/Library/Application Support/Google/Chrome/External Extensions/external_extensions.json Modified: 2013-03-19 12:22:27 +0000 Name: [unknown Chrome extension format] Path: /Users/neil/Library/Application Support/Google/Chrome/External Extensions/gomekmidlodglbbmalcneegieacbdmki.json Modified: 2015-12-18 16:37:13 +0000 Firefox extensions ----------------------- neil 75n4zhh6.default Name: 1Password Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/onepassword4@agilebits.com.xpi Modified: 2017-02-10 20:03:24 +0000 Name: Avast Online Security Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/wrc@avast.com.xpi Modified: 2015-12-18 16:37:14 +0000 Name: EPUBReader Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/{5384767E-00D9-40E9-B72F-9CC39D655D6F} Modified: 2017-02-12 19:09:15 +0000 Name: Video DownloadHelper Path: /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi Modified: 2017-02-10 20:03:26 +0000 User Login Items ----------------------- User: neil Name: Flux Path: /Applications/Flux.app Name: ChronoSync Scheduler Path: /Applications/ChronoSync.app/Contents/Library/LoginItems/ChronoSync Scheduler.app Name: Macs Fan Control Path: /Applications/Macs Fan Control.app Name: iTunesHelper Path: /Applications/iTunes.app/Contents/MacOS/iTunesHelper.app Name: AdobeResourceSynchronizer Path: /Applications/Adobe Acrobat 8 Professional/Adobe Acrobat Professional.app/Contents/Support/AdobeResourceSynchronizer.app Name: ChronoSync Path: /Applications/ChronoSync.app Name: SMARTReporter Path: /Applications/SMARTReporter/SMARTReporter.app Name: Typinator Path: /Applications/Typinator.app Name: KeyCue Path: /Applications/KeyCue.app Name: PopChar Path: /Applications/PopChar.app Name: Dropbox Path: /Applications/Dropbox.app Name: Default Folder X Path: /Applications/Default Folder X.app Name: i1ProfilerTray Path: /Applications/i1Profiler/i1ProfilerTray.app Name: StretchWare Controller Path: /Library/Application Support/Stretchware Controller.app Name: DEVONthink Sorter Path: /Applications/DEVONthink Pro298.app/Contents/PlugIns/SorterPlugin.bundle/Contents/MacOS/DEVONthink Sorter.app System startup items ----------------------- /Library/StartupItems/CSPServer /Library/StartupItems/CSPStartService /Library/StartupItems/ProTec6b User launch agents ----------------------- /Users/neil/Library/LaunchAgents/.DS_Store /Users/neil/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.2fb951a3e452587cd5063eae0b2acfc945704ab94bfa753dc717073c.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.340705c52d34eece5246c291634d82a64671f6760541ccdaa681f58f.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.65c5828f42d209bbea6e1a2b1653374a5579cd7545b886457d2d094f.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.9a2b6c451f02d418f088afa4a0d2da0bc52175383a2bc11189215ec6.plist /Users/neil/Library/LaunchAgents/com.adobe.ARM.ad895013aeb33ea6e968d9fdc06c0eb42c7c2a5229d98d64ad002716.plist /Users/neil/Library/LaunchAgents/com.amazon.music.plist /Users/neil/Library/LaunchAgents/com.apple.SafariBookmarksSyncer.plist /Users/neil/Library/LaunchAgents/com.avast.home.userinit.plist /Users/neil/Library/LaunchAgents/com.avast.secureline.home.userinit.plist /Users/neil/Library/LaunchAgents/com.backblaze.bzbmenu.plist /Users/neil/Library/LaunchAgents/com.barebones.weathercal-agent.plist /Users/neil/Library/LaunchAgents/com.c-command.SpamSieve.LaunchAgent.plist /Users/neil/Library/LaunchAgents/com.citrixonline.GoToMeeting.G2MUpdate.plist /Users/neil/Library/LaunchAgents/com.dropbox.DropboxMacUpdate.agent.plist /Users/neil/Library/LaunchAgents/com.google.Chrome.framework.plist /Users/neil/Library/LaunchAgents/ws.agile.1PasswordAgent.plist System launch agents ----------------------- /Library/LaunchAgents/at.obdev.LittleSnitchUIAgent.plist /Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist /Library/LaunchAgents/com.adobe.AdobeCreativeCloud.plist /Library/LaunchAgents/com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist /Library/LaunchAgents/com.avast.secureline.update-agent.plist /Library/LaunchAgents/com.avast.secureline.userinit.plist /Library/LaunchAgents/com.avast.update-agent.plist /Library/LaunchAgents/com.avast.userinit.plist /Library/LaunchAgents/com.epson.epw.agent.plist /Library/LaunchAgents/com.google.keystone.agent.plist /Library/LaunchAgents/com.hp.StatusMonitor.plist /Library/LaunchAgents/com.oracle.java.Java-Updater.plist /Library/LaunchAgents/com.softraid.SoftRAIDMonitor.plist /Library/LaunchAgents/com.teamviewer.teamviewer.plist /Library/LaunchAgents/com.teamviewer.teamviewer_desktop.plist /Library/LaunchAgents/com.trusteer.rapport.rapportd.plist /Library/LaunchAgents/com.wacom.wacomtablet.plist /Library/LaunchAgents/com.xrite.device.softwareupdate.plist /Library/LaunchAgents/net.culater.SIMBL.Agent.plist System launch daemons ----------------------- /Library/LaunchDaemons/at.obdev.littlesnitchd.plist /Library/LaunchDaemons/com.adobe.adobeupdatedaemon.plist /Library/LaunchDaemons/com.adobe.agsservice.plist /Library/LaunchDaemons/com.adobe.ARMDC.Communicator.plist /Library/LaunchDaemons/com.adobe.ARMDC.SMJobBlessHelper.plist /Library/LaunchDaemons/com.adobe.fpsaud.plist /Library/LaunchDaemons/com.adobe.SwitchBoard.plist /Library/LaunchDaemons/com.adobe.versioncueCS3.plist /Library/LaunchDaemons/com.aladdin.aksusbd.plist /Library/LaunchDaemons/com.aladdin.hasplmd.plist /Library/LaunchDaemons/com.ambrosiasw.ambrosiaaudiosupporthelper.daemon.plist /Library/LaunchDaemons/com.avast.init.plist /Library/LaunchDaemons/com.avast.secureline.init.plist /Library/LaunchDaemons/com.avast.secureline.uninstall.plist /Library/LaunchDaemons/com.avast.secureline.update.plist /Library/LaunchDaemons/com.avast.uninstall.plist /Library/LaunchDaemons/com.avast.update.plist /Library/LaunchDaemons/com.backblaze.bzserv.plist /Library/LaunchDaemons/com.barebones.bbedit.plist /Library/LaunchDaemons/com.colorburstrip.ColorBurst-Overdrive.plist /Library/LaunchDaemons/com.colorburstrip.lpd.plist /Library/LaunchDaemons/com.dymo.pnpd.plist /Library/LaunchDaemons/com.econtechnologies.ChronoAgentRemote.plist /Library/LaunchDaemons/com.google.keystone.daemon.plist /Library/LaunchDaemons/com.malwarebytes.HelperTool.plist /Library/LaunchDaemons/com.microsoft.autoupdate.helper.plist /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist /Library/LaunchDaemons/com.rogueamoeba.instanton-agent.plist /Library/LaunchDaemons/com.softraid.softraidd.plist /Library/LaunchDaemons/com.stclairsoft.AppTamerAgent.plist /Library/LaunchDaemons/com.teamviewer.Helper.plist /Library/LaunchDaemons/com.teamviewer.teamviewer_service.plist /Library/LaunchDaemons/com.trusteer.rooks.rooksd.plist /Library/LaunchDaemons/com.xrite.device.xrdd.plist Kernel extensions ----------------------- /System/Library/Extensions/basICColorDISCUS.kext /System/Library/Extensions/DymoUsbPrinterClassDriver.kext /System/Library/Extensions/hp_designjet_series.kext /System/Library/Extensions/JMicronATA.kext /System/Library/Extensions/KeyspanUSAdriver.kext /System/Library/Extensions/SiLabsUSBDriver.kext /System/Library/Extensions/SiLabsUSBDriver64.kext /System/Library/Extensions/UsbEthernetGadget.kext /System/Library/Extensions/Wacom Tablet.kext /Library/Extensions/ACS6x.kext /Library/Extensions/AmbrosiaAudioSupport.kext /Library/Extensions/ArcMSR.kext /Library/Extensions/ATTOCelerityFC8.kext /Library/Extensions/ATTOExpressSASHBA2.kext /Library/Extensions/ATTOExpressSASRAID2.kext /Library/Extensions/basICColorDISCUS.kext /Library/Extensions/BJUSBLoad.kext /Library/Extensions/CalDigitHDProDrv.kext /Library/Extensions/CIJUSBLoad.kext /Library/Extensions/EPSONUSBPrintClass.kext /Library/Extensions/FTDIKext.kext /Library/Extensions/HighPointIOP.kext /Library/Extensions/HighPointRR.kext /Library/Extensions/hp_designjet_series.kext /Library/Extensions/hp_io_enabler_compound.kext /Library/Extensions/iCColor.kext /Library/Extensions/LittleSnitch.kext /Library/Extensions/PromiseSTEX.kext /Library/Extensions/SoftRAID.kext launchd.conf contents ----------------------- Hosts file ----------------------- ## # Host Database # # localhost is used to configure the loopback interface # when the system is booting. Do not change this entry. ## 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost Scan log ----------------------- 2017-03-07 12:54:22 : 2017-03-07 12:54:22 : ----- Scan Started ----- 2017-03-07 12:54:22 : Scanning with signatures version 171 (2017-2-23) 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/hbcennhacfaagdopikcegfcobcadeocj.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/hjalolmjgklbjgaomjjofphdjnajmnim.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/icdlfehblmklkikfigmjhbmmpmkmpooj.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/mhkaekfpcppmmioggniknbnbdbcigpkk.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/External Extensions/pfndaklgolladniicklehhancnlgocpp.json 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/saamazon@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/saebay@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/savingsslider@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Firefox/Profiles/75n4zhh6.default/extensions/searchme@mybrowserbar.com.xpi 2017-03-07 12:54:23 : Adware.Spigot : /Users/neil/Library/Application Support/Spigot 2017-03-07 12:58:49 : *** Scan time: 0d 00:04:26 *** 2017-03-07 12:58:49 : ------ Scan Ended ------ 2017-03-07 13:02:29 : Removing detected threats... 2017-03-07 13:02:29 : Removing Extension Item: /Users/neil/Library/Application Support/Google/Chrome/External Extensions/hbcennhacfaagdopikcegfcobcadeocj.json 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:29 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:30 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saebay.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/Searchme.chromeextension.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/ErrorAssistant.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/coupons.crx 2017-03-07 13:02:31 : Removing extension external item: /Users/neil/Library/Application Support/Spigot/saamazon.crx 2017-03-07 13:02:31 : Removing Item: /Users/neil/Library/Application Support/Spigot 2017-03-07 13:02:31 : ---- Threat Removal Complete ---- 2017-03-08 14:37:20 : 2017-03-08 14:37:20 : ----- Scan Started ----- 2017-03-08 14:37:21 : Scanning with signatures version 171 (2017-2-23) 2017-03-08 14:37:21 : Adware.Spigot : /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pfndaklgolladniicklehhancnlgocpp 2017-03-08 14:41:19 : *** Scan time: 0d 00:03:58 *** 2017-03-08 14:41:19 : ------ Scan Ended ------ 2017-03-08 14:43:45 : Removing detected threats... 2017-03-08 14:43:45 : Removing Extension Item: /Users/neil/Library/Application Support/Google/Chrome/Default/Extensions/pfndaklgolladniicklehhancnlgocpp 2017-03-08 14:43:45 : ---- Threat Removal Complete ---- 2017-03-08 14:44:24 : 2017-03-08 14:44:26 : ----- Scan Started ----- 2017-03-08 14:44:26 : Scanning with signatures version 171 (2017-2-23) 2017-03-08 14:49:42 : *** Scan time: 0d 00:05:16 *** 2017-03-08 14:49:42 : ------ Scan Ended ------ 2017-03-10 11:16:16 : 2017-03-10 11:16:17 : ----- Scan Started ----- 2017-03-10 11:16:17 : Scanning with signatures version 172 (2017-3-9) 2017-03-10 11:20:21 : *** Scan time: 0d 00:04:04 *** 2017-03-10 11:20:21 : ------ Scan Ended ------ 2017-03-10 14:44:36 : 2017-03-10 14:44:37 : ----- Scan Started ----- 2017-03-10 14:44:37 : Scanning with signatures version 172 (2017-3-9) 2017-03-10 14:48:28 : *** Scan time: 0d 00:03:51 *** 2017-03-10 14:48:28 : ------ Scan Ended ------ 2017-03-10 15:40:32 : 2017-03-10 15:40:32 : ----- Scan Started ----- 2017-03-10 15:40:32 : Scanning with signatures version 172 (2017-3-9) 2017-03-10 15:44:25 : *** Scan time: 0d 00:03:53 *** 2017-03-10 15:44:25 : ------ Scan Ended ------ 2017-03-15 14:41:25 : 2017-03-15 14:41:25 : ----- Scan Started ----- 2017-03-15 14:41:25 : Scanning with signatures version 172 (2017-3-9) 2017-03-15 14:46:15 : *** Scan time: 0d 00:04:49 *** 2017-03-15 14:46:15 : ------ Scan Ended ------
  16. Hey Treed, thanks, I tired that earlier but it didn't help. good of you to suggest it tho neil
  17. Hi treed, thanks for helping, I followed all the steps you outlined, then quit chrome as soon as google chrome was reopened I got 6 malware notices from Avast, all the same:- Avast Web shield has blocked a threat Infection: Mac OS:Spigot-X [Adw] URL: htxp://update2.mybrowserbar.com/update/wt/gc/errorassistant/ErrorAssistant_1.7_0.crx File: background.js Process: /Applications/Google Chroms.app/Contents/MacOS/G next I looked in extensions and saw that an Amazon Spigot extension had been installed, so I deleted it I just have "save to pocket" and "1password" chrome extensions activated now. now i go to look at search engines and i see that some have been reinstalled (by restarting chrome i guess) yahoo, bing, ask jeeves, google is still the default in "other search engines" groupon has appeared also now I open malwarebytes and run a search - I get did not find any threats I would love to know why Avast is giving me those errors, also how the amazon spigot extension got reinstalled, maybe restering chrome does that! I imagine this is irrelevant but in the spirit of full disclosure - I've been having other issues with chrome too, it's asking me if I'd like to save passwords but not saving them or showing any in its list - even though synced. On other hardware and online at google there are lots of saved passwords - all are synced between devices, phone ipad etc I believe. Because of this and advice from the google forum i installed chrome canary. I've tried it occasionally but as it's not improved the passowrd situation, I've not been using it. However it was about that time that the damned Avast spigot warnings started. how frustrating
  18. Hi, thanks lots for Malwarebytes, it did find a Spigot component one time [great] but now is finding nothing, unfortunately, despite that, I see this dialog box appearing google chrome Version 56.0.2924.87 (64-bit) on Mac OSX, Avast is reporting (every few minutes): "Infection Blocked: Avast Web shield has blocked a threat Infection: Mac OS:Spigot-X [Adw] URL: htxp://update2.mybrowserbar.com/update/wt/gc/errorassistant/ErrorAssistant_1.7_0.crx File: background.js Process: /Applications/Google Chroms.app/Contents/MacOS/Google Chrome"" On advice from the Avast forum, I have deleted any adware / amazon / ebay extensions from Chrome also I removed all search engines other than google the google chrome cleanup tool is Win only unfortunately can anyone help please? thanks so much neilb
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.