Jump to content

Recommended Posts

After years of satisfactory use of Malwarebytes (even on Win and on my phone), I've recently switched to Premium subscription. It's a top tier app and all that. But a few weeks ago my Macbook started acting strange: after 1-2 hours of normal use the CPU reach the stars, and the kernel_task process even top 500%, making the device unusable.

I looked for a malware (my fist thought) but MB says system was clean and other scanners as well. So I ran EtreCheckPro that gave me interesting results. 

1) Antivirus software problems - Antivirus software is causing performance problem. (The other "av" is Adguard, but stay off most of the time. Malwarebytes Real-time protection is always active.)

2) An app that continously crashing: 

2019-07-24 01:12:28 SIMBL Agent.app - Crash (14 times)

        Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app

        Details:

            dyld: launch, running initializers

            /usr/lib/libSystem.B.dylib

 

Any help? I have no idea what app excites SIMBL Agent.app..

 

EtreCheck version: 6.0.2 (6A004)

Report generated: 2019-07-24 13:18:01

Download EtreCheck from https://etrecheck.com

Runtime: 14:57

Performance: Poor



Problem: Computer is too slow



Major Issues:

    Anything that appears on this list needs immediate attention.



    Battery failure - Your battery is reporting that it needs to be serviced.

    Poor performance - EtreCheck report shows poor performance. This is unusual.

    Antivirus software problems - Antivirus software is causing performance problems.

    More than one antivirus app - This machine has multiple antivirus apps installed.



Minor Issues:

    These issues do not need immediate attention but they may indicate future problems or opportunities for improvement.



    High battery cycle count - Your battery may be losing capacity.

    Apps crashing - There have been numerous app crashes.

    Unsigned files - There are unsigned software files installed. They appear to be legitimate but should be reviewed.

    System modifications - There are a large number of system modifications running in the background.



Hardware Information:

    MacBook Pro (Retina, 15-inch, Late 2013)

    MacBook Pro Model: MacBookPro11,3

    1 2,3 GHz Intel Core i7 (i7-4850HQ) CPU: 4-core

    16 GB RAM - Not upgradeable

        BANK 0/DIMM0 - 8 GB DDR3 1600  ok

        BANK 1/DIMM0 - 8 GB DDR3 1600  ok

    Battery: Health = Service Battery - Cycle count = 908



Video Information:

    Intel Iris Pro - VRAM: 1536 MB

        Color LCD 2880 x 1800

    NVIDIA GeForce GT 750M - VRAM: 2 GB



Drives:

    disk0 - APPLE SSD SM0512F 500.28 GB (Solid State - TRIM: Yes)

    Internal PCI 5.0 GT/s x2 Serial ATA

        disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

        disk0s2 [APFS Container] 452.00 GB

            disk1 [APFS Virtual drive] 452.00 GB (Shared by 4 volumes)

                disk1s1 - Macintosh HD (APFS) (Shared - 379.55 GB used)

                disk1s2 - Preboot (APFS) [APFS Preboot] (Shared - 46 MB used)

                disk1s3 - Recovery (APFS) [Recovery] (Shared - 510 MB used)

                disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07 GB used)

        disk0s3 - B******P (MS-DOS FAT12) 48.07 GB (29.29 GB used)



Mounted Volumes:

    disk0s3 - B******P

        48.07 GB (29.29 GB used - 18.78 GB free)

        MS-DOS FAT12

        Mount point: /Volumes/B******P


    disk1s1 - Macintosh HD

        452.00 GB (Shared - 379.55 GB used - 70.66 GB free)

        APFS

        Mount point: /

        Encrypted


    disk1s4 - VM [APFS VM]

        452.00 GB (Shared - 1.07 GB used - 70.66 GB free)

        APFS

        Mount point: /private/var/vm



Network:

    Interface en0: Wi-Fi

        802.11 a/b/g/n/ac

    Interface en4: Bluetooth PAN

    Interface bridge0: Thunderbolt Bridge

    Interface bridge0: Ethernet

    Interface en3: Thunderbolt Ethernet

    iCloud Quota: 4.79 GB available



System Software:

    macOS Mojave 10.14.5 (18F132)

    Time since boot: About 11 hours



Configuration Files:

    /etc/hosts - Count: 1



Notifications:


    (Deleted)

        one notification

    /Applications/Telegram.app

        9 notifications

    /Applications/Flume.app

        2 notifications

    /Applications/Slack.app

        13 notifications

    /Applications/Windscribe.app

        16 notifications

    /Applications/Adguard.app

        one notification

    /Applications/EtreCheckPro.app

        2 notifications

    /Applications/Amphetamine.app

        one notification

    /Applications/Airmail 2.app

        one notification



Security:

    Gatekeeper: App Store and identified developers

    System Integrity Protection: Enabled


    Antivirus apps: AdGuard and MalwareBytes



Unsigned Files:

    Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck

        Details: Exact match found in the whitelist - probably OK


    Launchd: ~/Library/LaunchAgents/com.skype.skype.shareagent.plist

        Executable: /Applications/Skype.app/Contents/Library/LaunchServices/com.skype.skype.shareagent.bundle/Contents/MacOS/com.skype.skype.shareagent

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchDaemons/com.disconnect.networklistener.plist

        Executable: /Library/Application Support/disconnect/changednetwork.sh

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchAgents/net.culater.SIMBL.Agent.plist

        Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app/Contents/MacOS/SIMBL Agent

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist

        Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool

        Details: Exact match found in the whitelist - probably OK



Kernel Extensions:

    /Library/Application Support/Malwarebytes/MBAM/Kext

        [Loaded] MB_MBAM_Protection.kext (Malwarebytes Corporation, 3.8 - SDK 10.14)


    /Library/Application Support/com.adguard.mac.adguard/kext

        [Not Loaded] com.adguard.nfext.kext (Adguard Software Limited, 1.0.25 - SDK 10.14)


    /Library/Extensions

        [Not Loaded] NIUSBGuitarRigMobile.kext (Native Instruments GmbH, 2.6.0 (R82) - SDK 10.8)

        [Not Loaded] NIUSBAudioDriver.kext (Native Instruments GmbH, 2.6.0 (R82) - SDK 10.8)

        [Not Loaded] Dropbox.kext (Dropbox, Inc., 1.8.1 - SDK 10.11)



System Launch Agents:

    [Not Loaded] 16 Apple tasks

    [Loaded] 168 Apple tasks

    [Running] 117 Apple tasks



System Launch Daemons:

    [Not Loaded] 36 Apple tasks

    [Loaded] 185 Apple tasks

    [Running] 116 Apple tasks



Launch Agents:

    [Running] com.bjango.istatmenus.agent.plist (Bjango Pty Ltd - installed 2018-11-24)

    [Running] com.bjango.istatmenus.status.plist (Bjango Pty Ltd - installed 2018-11-24)

    [Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2019-05-08)

    [Loaded] com.google.keystone.xpcservice.plist (Google, Inc. - installed 2019-05-08)

    [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2019-05-10)

    [Loaded] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2019-07-19)

    [Not Loaded] com.oracle.java.Java-Updater.plist (? 52024455 - installed 2019-07-04)

    [Loaded] com.radiosilenceapp.agent.plist (Juuso Salonen - installed 2017-09-24)

    [Not Loaded] com.teamviewer.teamviewer.plist (TeamViewer GmbH - installed 2019-06-05)

    [Not Loaded] com.teamviewer.teamviewer_desktop.plist (TeamViewer GmbH - installed 2019-06-05)

    [Not Loaded] net.culater.SIMBL.Agent.plist (? 850e6250 - installed 2014-11-14)



Launch Daemons:

    [Loaded] com.BlueStacks.AppPlayer.bstservice_helper.plist (BlueStack Systems, Inc. - installed 2015-07-05)

    [Running] com.aaa.windscribe.OVPNHelper.plist (Windscribe Limited - installed 2018-12-08)

    [Loaded] com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2019-06-22)

    [Loaded] com.audirvana.SysOptimizerTool.plist (Audirvana - installed 2019-04-28)

    [Loaded] com.audirvana.audirvana-plus.SysOptimizerTool.plist (Audirvana - installed 2018-07-30)

    [Running] com.bjango.istatmenus.daemon.plist (Bjango Pty Ltd - installed 2018-11-24)

    [Running] com.bjango.istatmenus.fans.plist (? 9a713d46 - installed 2018-11-24)

    [Loaded] com.bjango.istatmenus.installerhelper.plist (Bjango Pty Ltd - installed 2017-09-27)

    [Loaded] com.disconnect.networklistener.plist (? 5d49b512 - installed 2015-06-02)

    [Loaded] com.google.keystone.daemon.plist (Google, Inc. - installed 2019-05-08)

    [Loaded] com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2018-01-09)

    [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2019-05-18)

    [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2019-05-10)

    [Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2019-07-19)

    [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2017-10-10)

    [Not Loaded] com.oracle.java.Helper-Tool.plist (? e3fefdd2 - installed 2019-07-04)

    [Loaded] com.radiosilenceapp.nke.plist (Apple - installed 2019-05-04)

    [Loaded] com.teamviewer.Helper.plist (TeamViewer GmbH - installed 2019-06-05)

    [Not Loaded] com.teamviewer.teamviewer_service.plist (TeamViewer GmbH - installed 2019-06-05)



User Launch Agents:

    [Loaded] com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2019-02-14)

    [Loaded] com.skype.skype.shareagent.plist (? 0 - installed 2018-09-17)

    [Loaded] com.valvesoftware.steamclean.plist (Valve Corporation - installed 2019-07-20)



User Login Items:

    1Password Extension Helper (AgileBits Inc. - installed 2019-06-27)

        (Modern Login Item - /Applications/1Password 7.app/Contents/Library/LoginItems/1Password Extension Helper.app)


    1Password Launcher (AgileBits Inc. - installed 2019-06-27)

        (Modern Login Item - /Applications/1Password 7.app/Contents/Library/LoginItems/1Password Launcher.app)


    Airmail 2.app (App Store - installed 2019-07-06)

        (Application - /Applications/Airmail 2.app)


    AmphetamineLoginHelper (App Store - installed 2019-06-11)

        (Modern Login Item - /Applications/Amphetamine.app/Contents/Library/LoginItems/AmphetamineLoginHelper.app)


    AppCleaner SmartDelete (Julien Ramseier - installed 2018-11-23)

        (Modern Login Item - /Applications/AppCleaner.app/Contents/Library/LoginItems/AppCleaner SmartDelete.app)


    Backup and Sync.app (Google, Inc. - installed 2019-06-27)

        (Application - /Applications/Backup and Sync.app)


    Dropbox.app (Dropbox, Inc. - installed 2019-07-18)

        (Application - /Applications/Dropbox.app)


    Magnet.app (App Store - installed 2019-06-16)

        (Application - /Applications/Magnet.app)


    NepTunesHelperApp (App Store - installed 2018-10-28)

        (Modern Login Item - /Applications/NepTunes.app/Contents/Library/LoginItems/NepTunesHelperApp.app)


    Slack.app (App Store - installed 2019-07-15)

        (Application - /Applications/Slack.app)


    Telegram.app (TELEGRAM MESSENGER LLP - installed 2019-07-10)

        (Application - /Applications/Telegram.app)


    TickTick.app (App Store - installed 2019-06-20)

        (Application - /Applications/TickTick.app)


    Track-o-Bot.app (Steven Schmid - installed 2017-12-27)

        (Application - /Applications/Track-o-Bot.app)



Internet Plug-ins:

    Silverlight: 5.1.50901.0 (? - installed 2016-10-27)

    FlashPlayer-10.6: 32.0.0.223 (Adobe Systems, Inc. - installed 2019-07-10)

    Flash Player: 32.0.0.223 (Adobe Systems, Inc. - installed 2019-07-10)

    JavaAppletPlugin: Java 8 Update 221 build 11 (? - installed 2019-07-23)

    SharePointBrowserPlugin: 14.4.8 (? - installed 2015-02-12)



Audio Plug-ins:

    AppleTimeSyncAudioClock: 1.0 (Apple - installed 2019-05-25)

    BluetoothAudioPlugIn: 6.0.12 (Apple - installed 2019-05-25)

    AirPlay: 2.0 (Apple - installed 2019-05-25)

    AppleAVBAudio: 740.1 (Apple - installed 2019-05-25)

    BridgeAudioSP: 5.46 (Apple - installed 2019-05-25)

    iSightAudio: 7.7.3 (Apple - installed 2019-05-25)



Safari Extensions:

    1Password - App Store (installed 2019-06-25)

    Open in IINA - App Store (installed 2019-05-27)



3rd Party Preference Panes:

    Flash Player (installed 2019-06-22)

    Java (installed 2019-07-23)

    Native Instruments USB Audio (installed 2015-04-11)



Time Machine:

    Skip System Files: No

    Auto backup: Yes

    Volumes being backed up:

        Macintosh HD: Disk size: 452.00 GB - Disk used: 381.34 GB

    Destinations:

        T**********e [Local] (Last used)

            Total size: 799.55 GB

            Total number of backups: 19

            Oldest backup: 2019-05-28 03:40:12

            Last backup: 2019-07-24 12:26:55

    6 local snapshots

    Oldest local snapshot: 2019-07-15 16:00:00

    Last local snapshot: 2019-07-24 10:59:34



Performance:

    System Load: 13.84 (1 min ago) 16.50 (5 min ago) 16.55 (15 min ago)

    Nominal I/O speed: 1.34 MB/s

    File system: 120.54 seconds (timed out)

    Write speed:  257 MB/s

    Read speed:  266 MB/s



CPU Usage Snapshot:

    Type Overall

    System 63 %

    User 6 %

    Idle 30 %



Top Processes Snapshot by CPU:

    Process (count) CPU (Source - Location)

    WindowServer 16.46 % (Apple)

    EtreCheckPro 12.16 % (Etresoft, Inc.)

    kernel_task 9.72 % (Apple)

    sandboxd 5.48 % (Apple)

    Track-o-Bot 5.14 % (Steven Schmid)



Top Processes Snapshot by Memory:

    Process (count) RAM usage (Source - Location)

    EtreCheckPro 689 MB (Etresoft, Inc.)

    kernel_task 542 MB (Apple)

    Airmail 3 368 MB (App Store)

    Dropbox (3) 311 MB (Dropbox, Inc.)

    Dropbox Web Helper (3) 311 MB (Dropbox, Inc.)



Top Processes Snapshot by Network Use:

    Process Input / Output (Source - Location)

    Dropbox 81 KB / 785 KB (Dropbox, Inc.)

    mDNSResponder 37 KB / 24 KB (Apple)

    Slack 21 KB / 13 KB (App Store)

    Telegram 8 KB / 3 KB (TELEGRAM MESSENGER LLP)

    apsd 4 KB / 5 KB (Apple)



Top Processes Snapshot by Energy Use:

    Process (count) Energy (0-100) (Source - Location)

    WindowServer 7 (Apple)

    sandboxd 3 (Apple)

    iStat Menus Status 1 (Bjango Pty Ltd)

    airportd 1 (Apple)

    RTProtectionDaemon 0 (Malwarebytes Corporation)



Virtual Memory Information:

    Physical RAM: 16 GB



    Free RAM: 4.71 GB

    Used RAM: 6.91 GB

    Cached files: 4.38 GB



    Available RAM: 9.09 GB

    Swap Used: 0 B



Software Installs (past 30 days):

    Install Date Name (Version)

    2019-06-26 Evernote (7.11)

    2019-07-06 Kiwi for Gmail (2.0.22)

    2019-07-06 Airmail (3.6.71)

    2019-07-10 Adobe Flash Player (32.0.0.223)

    2019-07-15 Slack (4.0.0)

    2019-07-16 VirusBarrier Scanner (1.1.1)

    2019-07-17 Microsoft PowerPoint (16.27.19071500)

    2019-07-17 Microsoft Outlook (16.27.19071500)

    2019-07-17 Microsoft Excel (16.27.19071500)

    2019-07-17 Microsoft Word (16.27.19071500)

    2019-07-19 Microsoft AutoUpdate (4.13.19071800)

    2019-07-19 MRTConfigData (1.47)

    2019-07-20 ClamXAV v3.0.12

    2019-07-20 ClamXav Uninstaller (1)

    2019-07-23 Java 8 Update 221 (1.0)

    2019-07-23 Gatekeeper Configuration Data (173)

    2019-07-23 Radio Silence (2.3.0)



Diagnostics Information (past 7 days):

    2019-07-24 01:12:28 SIMBL Agent.app - Crash (14 times)

        Executable: /Library/ScriptingAdditions/SIMBL.osax/Contents/Resources/SIMBL Agent.app

        Details:

            dyld: launch, running initializers

            /usr/lib/libSystem.B.dylib


    2019-07-22 09:01:23 1Password 7.app - Crash (3 times)

        Executable: /Applications/1Password 7.app


    2019-07-20 15:31:45 signpost_reporter - High CPU Use

        Executable: /usr/libexec/signpost_reporter


    2019-07-20 08:19:06 Slack.app - Crash

        Executable: /Applications/Slack.app


    2019-07-20 08:14:39 Uninstall.app - Crash

        Executable: /usr/local/ClamXAV3/bin/Uninstall.app

        Details:

            *** Terminating app due to uncaught exception 'NSGenericException', re

            ason: 'NSRunAlertPanel may only be invoked from the main thread. Behav

            ior on other threads is undefined.'

            terminating with uncaught exception of type NSException

            abort() called


    2019-07-19 15:50:54 Discord.app - Crash

        Executable: /Applications/Discord.app


    2019-07-17 21:20:06 Scrivener.app - High CPU Use

        Executable: /Applications/Scrivener.app



End of report

Thank you.

Link to post
Share on other sites

I'm not sure what's going on there. I saw where EtreCheck said that anti-virus was causing problems, but then the more granular data didn't really show anything to support that, other than putting the Malwarebytes RTProtectionDaemon at the bottom of the top 6 energy-consuming processes, with an energy consumption value of 0. 🤔

However, the first thing I'd recommend is removing SIMBL, which is extremely old and not really compatible with modern macOS. It injects code into other processes, which is something that can be dangerous and can cause problems. I believe that an uninstaller is part of the download for SIMBL 0.9.9, available from here:

http://www.culater.net/software/SIMBL/SIMBL.php

However, it's been a long time since I've referred anyone to that, and I have no idea whether it will work on macOS Mojave.

If uninstalling SIMBL doesn't make any difference, let us know.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.