Author Topic: What "EtreCheck" says about my machine...  (Read 1139 times)

Offline Dreambird

  • TS Addict
  • *****
  • Posts: 5191
  • Meet The New Boss
    • View Profile
What "EtreCheck" says about my machine...
« on: July 18, 2018, 07:30:06 PM »
I ran an app called EtreCheck which essentially checks your whole machine including hardware, software, every thing... and I was little blown away by what it called "Major Problems" on my system. The app is actually recommended in the Apple Community as being better and maybe easier to understand than a Console log if you have Kernel Panics etc. The one thing I didn't see mentioned at all was my External HD at all as to it's health, bad or good. So it does appear to be a "shill" for Apple. This part I'm posting is re: the "multiple antivirus apps I have installed "apparently" ... in fact I have no real AV app as I understand it installed at all. I have the ability to remove 2 of these things, but the others... once you have them installed they are there for good because the entrench themselves into the system, places you dare not go. The only way I can see to roll back on them somewhat is to risk that Time Machine restore I ran after all the Kernel Panics and hope it still installs as well as it did before. I WOULD lose all the work I've done cleaning up here and need to start at square one.  :wallbash:

This is what EtreCheck calls Major Problems:

Quote
More than one antivirus app
This machine has multiple antivirus apps installed.

Launch Agents
File name:
com.adobe.AdobeCreativeCloud.plist
Label:
com.adobe.AdobeCreativeCloud
Status:
Running
Author:
Adobe Systems, Inc.
Install Date:
2018-07-18 01:02:24
Reveal config fileReveal executableLookup
File name:
com.adobe.AAM.Updater-1.0.plist
Label:
com.adobe.AAM.Startup-1.0
Status:
Not loaded
Author:
?
Install Date:
2018-07-18 01:19:44
Reveal config fileReveal executableLookup
File name:
com.trusteer.rapport.rapportd.plist
Label:
com.trusteer.rapport.rapportd
Status:
Running
Author:
Trusteer LTD
Install Date:
2015-12-04 11:17:32
Reveal config fileReveal executableLookup
File name:
com.adobe.GC.Invoker-1.0.plist
Label:
com.adobe.GC.Scheduler-1.0
Status:
Not loaded
Author:
Adobe Systems, Inc.
Install Date:
2018-07-15 21:09:34
Reveal config fileReveal executableLookup
File name:
com.malwarebytes.mbam.frontend.agent.plist
Label:
com.malwarebytes.mbam.frontend.agent
Status:
Running
Author:
Malwarebytes Corporation
Install Date:
2018-05-22 10:17:09
Reveal config fileReveal executableLookup
These are 3rd party launch agents on your Mac. Launch agents are apps that run in the background when any user is logged in. Some of these apps can be in an active Running state. They can also be in a Loaded state where they are not currently running, but could be started if needed. They may be in Not Loaded state, or disabled. Rarely, they may be in other states as well. This list usually does not include Apple items.

Click the Reveal Config File button to show the launchd config file in the Finder. Click the Reveal Executable button to show the associated executable app. To remove a launchd file, use vendor-provided uninstallers or uninstallation instructions, if possible. Use the Lookup button to research the software on Apple Support Communities.

That's just a section of the report... EtreCheck recommends copying the WHOLE report to a text file so you can paste it into a post in the Apple Community forums w/o the chance of revealing anything personal... email addy, name etc. However it does NOT break down the report like the above. All it would say is:
"More than one antivirus app
This machine has multiple antivirus apps installed."
That's it... not very helpful. BTW that app is not  freeware, you can do 5 free scans and then you need to buy it so the: Reveal config file & Reveal executable options are not available... you can use the 3rd: Lookup to see what you can find online. Also not helpful.
However I have found out how to uninstall Rapport Trusteer and MalwareBytes properly... Rapport my bank INSISTED I download after my debit card was compromised and my credit card several times also. I like MalwareBytes but??? It has caught adware for me a couple of times. The Adobe stuff YOU CANNOT uninstall... once you have them they are throughout your entire system and Adobe strongly recommends (insists) you do NOT uninstall them. They will give you instruction on how to repair them which may allow a temporary uninstall of the parts not in your System folder... so you have to re-download and install to repair Adobe Application Manager and Adobe Creative Cloud has an option in the app to repair. The App Manager lists everything you have that's part of the Creative Suite, in my case... Photoshop CS6... so I risk hosing that app if I remove some things. The AAM has been there since I got CS6 and it's never bothered me... it's just notified me if there were CS6 updates... which I had some and was dumb enough to install them all. The newest AAM INSISTS you need ACC app. All I really needed was the Camera Raw update!
In any case... ALL the items in that EtreCheck report are NOT AV apps as I understand AV apps. They check for and remove Adware... yes, which does happen often enough on Mac... but they haven't ever caught any virus... NONE of them in fact. I will uninstall Rapport... if the bank crabs... I'll switch banks! I won't uninstall MalWareBytes but I will disable real time scanning and just run it myself now an then or upon weird browser problems which has generally but the indication I've had adware.

I really don't know if I want to rollback via a TM restore and lose the hours of work I've done weeding out old stuff, checking for updates to apps I want to keep etc.  :upset:
******
On permanent walk-about... ;)
MacBook Pro Retina, mid-2012, SSD 500GB, 16GB RAM, High Sierra 10.13.6, iPad Air 2, iOS 11.4.1

Offline Xairbusdriver

  • Administrator
  • TS Addict
  • *****
  • Posts: 26347
  • 27" iMac (mid-17), Big Sur, Mac mini, Catalina
    • View Profile
    • Mid-South Weather
Re: What "EtreCheck" says about my machine...
« Reply #1 on: July 18, 2018, 09:45:57 PM »
Quote
"More than one antivirus app
This machine has multiple antivirus apps installed."
Gotta run, but if you have no AV apps installed, and this app gives this report, what do you think of it's veracity? I'd say it has none and may, in fact have harvested some info from you. Why did you install it? Did you do any research on it? Did you even run it by the folks at TS? :rolleyes:
THERE ARE TWO TYPES OF COUNTRIES
Those that use metric = #1 Measurement system
And the United States = The Banana system
CAUTION! Childhood vaccinations cause adults! :yes:

Offline Dreambird

  • TS Addict
  • *****
  • Posts: 5191
  • Meet The New Boss
    • View Profile
Re: What "EtreCheck" says about my machine...
« Reply #2 on: July 18, 2018, 10:43:36 PM »
Actually, I did. In several links I found re: the app and it gets fairly good reviews with some bad... about like any other app. It's highly recommended in the Apple Community (Apple Discussions) which I always thought was a good place to check out.

In fact I found that Adobe Application Manager has a few scathing reviews online, it's accused off being adware, a marketing tool etc. You DO have to have AAM installed if you run PSCS6... it won't run without it as it also verifies your license when you start it up. The mistake I made with AAM was allowing it to update itself to the newest version at which point it's become a nasty piece of work! It insists upon installing Adobe Creative Cloud period. And that IS a marketing tool IMO... it just encourages one to install more of the apps in the Creative Suite... I only want PSCS6.

EtreCheck IMO goes a little far in calling these things antivirus apps. They aren't. In fact the Adobe crap is the worst of what it finds... it does perform like adware... it's really only there to get you to buy more stuff from Adobe. The Rapport and MalWareBytes are app that hunt out adware you may have... maybe they could be seen as AV apps but that's a stretch IMO. But yes, I'm glad I ran EtreCheck because now I know that however much it sets me behind I really need to restore a backup that does not have the newest version and don't update it again. The older versions are easy to ignore. EtreCheck uninstalled very easily and didn't put any crap in my system folder I easily found and trashed everything with EasyFind. I never had any intention of buying it.


What I would really like is an alternative to Photoshop... there isn't one for Mac that comes close enough. I found one that would probably be worth a good shot and the price is low. Photo Pos Pro... but Windoze only.

What makes me the angriest is that I can't get rid of Adobe stuff everywhere that I have to roll back to a backup. Whether it's someone's opinion that it's antivirus software is wrong IMHO. It's insidious and shameless adware totally in the interest of Adobe... not the public, EtreCheck prompted me to check it out better and I'm convinced it's a trashy marketing tool.
« Last Edit: July 18, 2018, 10:50:49 PM by Dreambird »
******
On permanent walk-about... ;)
MacBook Pro Retina, mid-2012, SSD 500GB, 16GB RAM, High Sierra 10.13.6, iPad Air 2, iOS 11.4.1

Offline Dreambird

  • TS Addict
  • *****
  • Posts: 5191
  • Meet The New Boss
    • View Profile
Re: What "EtreCheck" says about my machine...
« Reply #3 on: July 19, 2018, 01:18:25 PM »
A way to stop AAM from starting up when you start your machine. I used the Terminal command in it to create a .plist file in the home library.

http://osxdaily.com/2010/06/21/stop-adobe-update-manager-launching/

Also I found another Terminal command elsewhere that you can run to make sure it's not running:

Quote
if ps aux | grep "Adobe Application Manager" | grep -v grep > /dev/null
then
echo "Running"
else
echo "Not running"
fi

Sorry I don't remember where I found that but if I find it again I let you know... that command is exactly what was in the highlighted gray box there. I've run it when I restart the MBP now... also if I log out and back in several times and it always says "Not running."
******
On permanent walk-about... ;)
MacBook Pro Retina, mid-2012, SSD 500GB, 16GB RAM, High Sierra 10.13.6, iPad Air 2, iOS 11.4.1

Offline Dreambird

  • TS Addict
  • *****
  • Posts: 5191
  • Meet The New Boss
    • View Profile
Re: What "EtreCheck" says about my machine...
« Reply #4 on: July 19, 2018, 08:55:55 PM »
At this link:

https://www.hastac.org/blogs/joe-cutajar/2015/04/21/how-make-simple-bash-script-mac

it will explain how to change the text file:
Quote
if ps aux | grep "Adobe Application Manager" | grep -v grep > /dev/null
then
echo "Running"
else
echo "Not running"
fi

... into a Unix Executable so you can run it easily whenever you wish... on startup or any other time.

If you follow the instructions on:
http://osxdaily.com/2010/06/21/stop-adobe-update-manager-launching/
... to write a .plist file with Terminal it will put it in your home>Library>Preferences folder.
What prompted me to also create a Unix Executable to check now and then if it's running is because he said the .plist should stop the thing from running on startup "theoretically"... I don't know if that was a bit tongue in cheek or not... but whenever I've checked it is NOT RUNNING. If you select Help in PSCS6 it starts AAM however after you quit it there... and check it is still not running so it respects your .plist file.
« Last Edit: July 19, 2018, 09:06:04 PM by Dreambird »
******
On permanent walk-about... ;)
MacBook Pro Retina, mid-2012, SSD 500GB, 16GB RAM, High Sierra 10.13.6, iPad Air 2, iOS 11.4.1