Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

error 895


  • Please log in to reply
11 replies to this topic

#1 coaltrain

coaltrain

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Montana
  • Local time:10:31 PM

Posted 24 May 2015 - 06:36 PM

Anyone out there get a "debug malware error 895 system 32.exe"  failure virus?  It appears ,to me ,to be a fraud ,scam, what you will.  Force quit Safari, may take more than once. i would appreciate any insight you may have.  

Than you,

Coal train



BC AdBot (Login to Remove)

 


#2 dante12

dante12

  • Members
  • 197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 25 May 2015 - 08:34 AM

Hello,

 

STEP 1

 

1. Please download AdwareMedic, open the DMG and install it.

2. Start the Application and choose Scan for Adware. The Application will move any Adware to the trash.

3. If any Adware found, please open AdwareMedic again and go to the Menü Scanner. Choose from there Open Log File and Post the results here.

4. Still in AdwareMedic go to the menu Scanner and choose Take a System Snapshot. Copy the results to Clipboard and post it here.

5. Make any personally information illegible (names, email addresses etc.) before you post. Please don't delete complete the lines remove only your personal data from there.

 

STEP 2

 

1. Hit CMD + Space (Spotlight) and type console.app

2. Choose from the left side All Messages and type in the seach box on the top right 895

2. If any results there, select all lines with CMD + A, Copy it with CMD + C and post the results here

 

 

Question: It is very helpful if you can remember what you have doing before you got this error (installed Software, choose any links from websites and so on). 



#3 coaltrain

coaltrain
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Montana
  • Local time:10:31 PM

Posted 26 May 2015 - 11:17 PM

Oh mighty warrior of the wild. . . my FILE LOG from adware medic:2015-05-24 17:22:15: ----- Scan Started -----
2015-05-24 17:22:15: Scanning with signatures version 67
2015-05-24 17:22:21: No adware found
2015-05-24 17:22:21: ----- Scan Ended -----
2015-05-24 22:04:48: ----- Scan Started -----
2015-05-24 22:04:48: Scanning with signatures version 67
2015-05-24 22:05:04: No adware found
2015-05-24 22:05:04: ----- Scan Ended -----
2015-05-26 11:58:22: ----- Scan Started -----
2015-05-26 11:58:23: Scanning with signatures version 70
2015-05-26 11:58:36: No adware found
2015-05-26 11:58:36: ----- Scan Ended -----
2015-05-26 21:20:09: ----- Scan Started -----
2015-05-26 21:20:09: Scanning with signatures version 70
2015-05-26 21:20:20: No adware found
2015-05-26 21:20:20: ----- Scan Ended -----
2015-05-26 21:24:18: ----- Scan Started -----
2015-05-26 21:24:18: Scanning with signatures version 70
2015-05-26 21:24:27: No adware found
2015-05-26 21:24:27: ----- Scan Ended -----

SYSTEM SNAPSHOT:AdwareMedic 2.2.3 system report - Tuesday, May 26, 2015 @ 9:37:16 PM
Mac OS X version 10.10.3
21:37 up 1 day, 23:33, 1 user, load averages: 1.68 1.49 1.43

Safari extensions
---------------
/Users//Library/Safari/Extensions/AdBlock-2.safariextz
Name: AdBlock
Modified: Saturday, May 23, 2015 @ 10:40:01 AM
/Users//Library/Safari/Extensions/Coupons at Checkout.safariextz
Name: Coupons at Checkout
Modified: Saturday, February 15, 2014 @ 3:40:36 PM
/Users//Library/Safari/Extensions/Disconnect Private Search.safariextz
Name: Disconnect Private Search
Modified: Wednesday, March 26, 2014 @ 5:28:46 PM
/Users//Library/Safari/Extensions/Disconnect.safariextz
Name: Disconnect
Modified: Sunday, March 9, 2014 @ 6:23:44 PM
/Users//Library/Safari/Extensions/InvisibleHand.safariextz
Name: InvisibleHand
Modified: Thursday, April 10, 2014 @ 3:37:01 PM
/Users//Library/Safari/Extensions/WOT.safariextz
Name: WOT
Modified: Monday, April 20, 2015 @ 1:25:29 PM

Chrome extensions
---------------
/Library/Application Support/Google/Chrome/External Extensions/gomekmidlodglbbmalcneegieacbdmki.json
Name: [Unknown error extracting extension in CChromeExtension.GetNameFromCRX]
Modified: Tuesday, May 26, 2015 @ 4:11:54 PM

Firefox extensions
---------------
/User//Library/Application Support/Mozilla/Extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/wrc@avast.com
Name: Avast Online Security
Modified: Tuesday, May 26, 2015 @ 4:12:01 PM

Login items
---------------
iTunesHelper, Google Drive, Safari

Startup items
---------------
None

System startup items
---------------
None

User launch agents
---------------
total 16
-rw-r--r-- 1 staff 490 May 26 16:12 com.avast.home.userinit.plist
-rw-r--r-- 1 staff 528 May 26 16:11 com.avast.secureline.home.userinit.plist

System launch agents
---------------
total 48
-rw-r--r-- 1 root wheel 670 May 26 16:11 com.avast.secureline.update-agent.plist
-rw-r--r-- 1 root wheel 457 May 26 16:11 com.avast.secureline.userinit.plist
-rw-r--r-- 1 root wheel 638 May 26 16:11 com.avast.update-agent.plist
-rw-r--r-- 1 root wheel 436 May 26 16:11 com.avast.userinit.plist
-rw-r--r--@ 1 root wheel 792 Oct 8 2014 com.google.keystone.agent.plist
lrwxr-xr-x 1 root wheel 104 Dec 16 2012 com.oracle.java.Java-Updater.plist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist

System launch daemons
---------------
total 80
-rw-r--r-- 1 root wheel 462 Apr 25 08:46 com.adobe.fpsaud.plist
-rw-r--r-- 1 root wheel 571 May 26 16:11 com.avast.init.plist
-rw-r--r-- 1 root wheel 592 May 26 16:11 com.avast.secureline.init.plist
-rw-r--r-- 1 root wheel 716 May 26 16:11 com.avast.secureline.uninstall.plist
-rw-r--r-- 1 root wheel 662 May 26 16:11 com.avast.secureline.update.plist
-rw-r--r-- 1 root wheel 685 May 26 16:11 com.avast.uninstall.plist
-rw-r--r-- 1 root wheel 694 May 26 16:11 com.avast.update.plist
-rw-r--r--@ 1 root wheel 818 Oct 8 2014 com.google.keystone.daemon.plist
lrwxr-xr-x 1 root wheel 103 Dec 16 2012 com.oracle.java.Helper-Tool.plist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist
-rw-r--r-- 1 root wheel 588 Feb 12 22:56 com.oracle.java.JavaUpdateHelper.plist

Third-party kernel extensions
---------------
com.avast.PacketForwarder (2.0) <4 1>
com.avast.AvastFileShield (2.1.0) <5 4 1>

User cron tasks
---------------
None

Root cron tasks
---------------
None

launchd.conf contents
---------------
None

DNS settings
---------------
Server: 10.0.1.1

Hosts file
---------------
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost

Scan log
---------------
2015-05-24 17:22:15: ----- Scan Started -----
2015-05-24 17:22:15: Scanning with signatures version 67
2015-05-24 17:22:21: No adware found
2015-05-24 17:22:21: ----- Scan Ended -----
2015-05-24 22:04:48: ----- Scan Started -----
2015-05-24 22:04:48: Scanning with signatures version 67
2015-05-24 22:05:04: No adware found
2015-05-24 22:05:04: ----- Scan Ended -----
2015-05-26 11:58:22: ----- Scan Started -----
2015-05-26 11:58:23: Scanning with signatures version 70
2015-05-26 11:58:36: No adware found
2015-05-26 11:58:36: ----- Scan Ended -----
2015-05-26 21:20:09: ----- Scan Started -----
2015-05-26 21:20:09: Scanning with signatures version 70
2015-05-26 21:20:20: No adware found
2015-05-26 21:20:20: ----- Scan Ended -----
2015-05-26 21:24:18: ----- Scan Started -----
2015-05-26 21:24:18: Scanning with signatures version 70
2015-05-26 21:24:27: No adware found
2015-05-26 21:24:27: ----- Scan Ended -----



User launch agents
---------------
total 16
-rw-r--r-- 1 staff 490 May 26 16:12 com.avast.home.userinit.plist
-rw-r--r-- 1 staff 528 May 26 16:11 com.avast.secureline.home.userinit.plist

System launch agents
---------------
total 48
-rw-r--r-- 1 root wheel 670 May 26 16:11 com.avast.secureline.update-agent.plist
-rw-r--r-- 1 root wheel 457 May 26 16:11 com.avast.secureline.userinit.plist
-rw-r--r-- 1 root wheel 638 May 26 16:11 com.avast.update-agent.plist
-rw-r--r-- 1 root wheel 436 May 26 16:11 com.avast.userinit.plist
-rw-r--r--@ 1 root wheel 792 Oct 8 2014 com.google.keystone.agent.plist
lrwxr-xr-x 1 root wheel 104 Dec 16 2012 com.oracle.java.Java-Updater.plist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist

System launch daemons
---------------
total 80
-rw-r--r-- 1 root wheel 462 Apr 25 08:46 com.adobe.fpsaud.plist
-rw-r--r-- 1 root wheel 571 May 26 16:11 com.avast.init.plist
-rw-r--r-- 1 root wheel 592 May 26 16:11 com.avast.secureline.init.plist
-rw-r--r-- 1 root wheel 716 May 26 16:11 com.avast.secureline.uninstall.plist
-rw-r--r-- 1 root wheel 662 May 26 16:11 com.avast.secureline.update.plist
-rw-r--r-- 1 root wheel 685 May 26 16:11 com.avast.uninstall.plist
-rw-r--r-- 1 root wheel 694 May 26 16:11 com.avast.update.plist
-rw-r--r--@ 1 root wheel 818 Oct 8 2014 com.google.keystone.daemon.plist
lrwxr-xr-x 1 root wheel 103 Dec 16 2012 com.oracle.java.Helper-Tool.plist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist
-rw-r--r-- 1 root wheel 588 Feb 12 22:56 com.oracle.java.JavaUpdateHelper.plist

Third-party kernel extensions
---------------
com.avast.PacketForwarder (2.0) <4 1>
com.avast.AvastFileShield (2.1.0) <5 4 1>

User cron tasks
---------------
None

Root cron tasks
---------------
None

launchd.conf contents
---------------
None

DNS settings
---------------
Server: 10.0.1.1

Hosts file
---------------
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost

Scan log
---------------
2015-05-24 17:22:15: ----- Scan Started -----
2015-05-24 17:22:15: Scanning with signatures version 67
2015-05-24 17:22:21: No adware found
2015-05-24 17:22:21: ----- Scan Ended -----
2015-05-24 22:04:48: ----- Scan Started -----
2015-05-24 22:04:48: Scanning with signatures version 67
2015-05-24 22:05:04: No adware found
2015-05-24 22:05:04: ----- Scan Ended -----
2015-05-26 11:58:22: ----- Scan Started -----
2015-05-26 11:58:23: Scanning with signatures version 70
2015-05-26 11:58:36: No adware found
2015-05-26 11:58:36: ----- Scan Ended -----
2015-05-26 21:20:09: ----- Scan Started -----
2015-05-26 21:20:09: Scanning with signatures version 70
2015-05-26 21:20:20: No adware found
2015-05-26 21:20:20: ----- Scan Ended -----
2015-05-26 21:24:18: ----- Scan Started -----
2015-05-26 21:24:18: Scanning with signatures version 70
2015-05-26 21:24:27: No adware found
2015-05-26 21:24:27: ----- Scan Ended -----AdwareMedic 2.2.3 system report - Tuesday, May 26, 2015 @ 9:37:16 PM
Mac OS X version 10.10.3
21:37 up 1 day, 23:33, 1 user, load averages: 1.68 1.49 1.43

Safari extensions
---------------
/Users//Library/Safari/Extensions/AdBlock-2.safariextz
Name: AdBlock
Modified: Saturday, May 23, 2015 @ 10:40:01 AM
/Users//Library/Safari/Extensions/Coupons at Checkout.safariextz
Name: Coupons at Checkout
Modified: Saturday, February 15, 2014 @ 3:40:36 PM
/Users//Library/Safari/Extensions/Disconnect Private Search.safariextz
Name: Disconnect Private Search
Modified: Wednesday, March 26, 2014 @ 5:28:46 PM
/Users//Library/Safari/Extensions/Disconnect.safariextz
Name: Disconnect
Modified: Sunday, March 9, 2014 @ 6:23:44 PM
/Users//Library/Safari/Extensions/InvisibleHand.safariextz
Name: InvisibleHand
Modified: Thursday, April 10, 2014 @ 3:37:01 PM
/Users//Library/Safari/Extensions/WOT.safariextz
Name: WOT
Modified: Monday, April 20, 2015 @ 1:25:29 PM

Chrome extensions
---------------
/Library/Application Support/Google/Chrome/External Extensions/gomekmidlodglbbmalcneegieacbdmki.json
Name: [Unknown error extracting extension in CChromeExtension.GetNameFromCRX]
Modified: Tuesday, May 26, 2015 @ 4:11:54 PM

Firefox extensions
---------------
/Users//Library/Application Support/Mozilla/Extensions/{ec8030f7-c20a-464f-9b0e-13a3a9e97384}/wrc@avast.com
Name: Avast Online Security
Modified: Tuesday, May 26, 2015 @ 4:12:01 PM

Login items
---------------
iTunesHelper, Google Drive, Safari

Startup items
---------------
None

System startup items
---------------
None

User launch agents
---------------
total 16
-rw-r--r-- 1 staff 490 May 26 16:12 com.avast.home.userinit.plist
-rw-r--r-- 1 staff 528 May 26 16:11 com.avast.secureline.home.userinit.plist

System launch agents
---------------
total 48
-rw-r--r-- 1 root wheel 670 May 26 16:11 com.avast.secureline.update-agent.plist
-rw-r--r-- 1 root wheel 457 May 26 16:11 com.avast.secureline.userinit.plist
-rw-r--r-- 1 root wheel 638 May 26 16:11 com.avast.update-agent.plist
-rw-r--r-- 1 root wheel 436 May 26 16:11 com.avast.userinit.plist
-rw-r--r--@ 1 root wheel 792 Oct 8 2014 com.google.keystone.agent.plist
lrwxr-xr-x 1 root wheel 104 Dec 16 2012 com.oracle.java.Java-Updater.plist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist

System launch daemons
---------------
total 80
-rw-r--r-- 1 root wheel 462 Apr 25 08:46 com.adobe.fpsaud.plist
-rw-r--r-- 1 root wheel 571 May 26 16:11 com.avast.init.plist
-rw-r--r-- 1 root wheel 592 May 26 16:11 com.avast.secureline.init.plist
-rw-r--r-- 1 root wheel 716 May 26 16:11 com.avast.secureline.uninstall.plist
-rw-r--r-- 1 root wheel 662 May 26 16:11 com.avast.secureline.update.plist
-rw-r--r-- 1 root wheel 685 May 26 16:11 com.avast.uninstall.plist
-rw-r--r-- 1 root wheel 694 May 26 16:11 com.avast.update.plist
-rw-r--r--@ 1 root wheel 818 Oct 8 2014 com.google.keystone.daemon.plist
lrwxr-xr-x 1 root wheel 103 Dec 16 2012 com.oracle.java.Helper-Tool.plist -> /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist
-rw-r--r-- 1 root wheel 588 Feb 12 22:56 com.oracle.java.JavaUpdateHelper.plist

Third-party kernel extensions
---------------
com.avast.PacketForwarder (2.0) <4 1>
com.avast.AvastFileShield (2.1.0) <5 4 1>

User cron tasks
---------------
None

Root cron tasks
---------------
None

launchd.conf contents
---------------
None

DNS settings
---------------
Server: 10.0.1.1

Hosts file
---------------
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost

Scan log
---------------
2015-05-24 17:22:15: ----- Scan Started -----
2015-05-24 17:22:15: Scanning with signatures version 67
2015-05-24 17:22:21: No adware found
2015-05-24 17:22:21: ----- Scan Ended -----
2015-05-24 22:04:48: ----- Scan Started -----
2015-05-24 22:04:48: Scanning with signatures version 67
2015-05-24 22:05:04: No adware found
2015-05-24 22:05:04: ----- Scan Ended -----
2015-05-26 11:58:22: ----- Scan Started -----
2015-05-26 11:58:23: Scanning with signatures version 70
2015-05-26 11:58:36: No adware found
2015-05-26 11:58:36: ----- Scan Ended -----
2015-05-26 21:20:09: ----- Scan Started -----
2015-05-26 21:20:09: Scanning with signatures version 70
2015-05-26 21:20:20: No adware foundt A
2015-05-26 21:20:20: ----- Scan Ended -----
2015-05-26 21:24:18: ----- Scan Started -----
2015-05-26 21:24:18: Scanning with signatures version 70
2015-05-26 21:24:27: No adware found
2015-05-26 21:24:27: ----- Scan Ended ----
*
*
I log on to Bob Dylan's websiteto listen to his new album and I watched a video of "The Night We Called It A Day"
As soon as I left that website I had ye olde BSOD and blackmail note.

#4 dante12

dante12

  • Members
  • 197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 27 May 2015 - 03:56 AM

I don't see anything, usually this is  scam that pop up on websites , this has no effect on macs unless you click on any buttons and install such software.

 

STEP 3

 

DNS Settings

 

 

DNS settings

---------------
Server: 10.0.1.1

 

Have you changed  DNS Server by yourself? If not read the following link to reset your DNS.

 

http://www.macinstruct.com/node/434

 

STEP 4

 

Hosts File

 

 

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost

 

There is no problem with the hosts fiel config. The Original looks like this:

 

 

 

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1       localhost
255.255.255.255 broadcasthost
::1             localhost 
fe80::1%lo0     localhost

 

You can change it to the Original with the following steps:

 

1. Open Terminal.app. Go to Finder Menu Go and scroll down to Utilities. Open the Utilities Folder and double-click on the Terminal.app. Alternate: Open Spotlight (hit Command+Space) type Terminal and hit Enter.

2. Type the following command in the Terminal: cd /etc

3. Type sudo nano hosts . Enter your password.

4. Scroll down to the end of the text and insert fe80::1%lo0     localhost as shown above. To make no mistake select and copy the line, and paste it in the Terminal.

5. if the hosts file shown as above the you can save it with hit the key combination control + O.

6. Exit the editor with Control + X.

 

STEP 5

 

Reset Safari

 

If you have problems with redirects or other issues try to reset Safari please read here: http://www.tomsguide.com/us/reset-apple-safari-how-to,news-18820.html

 

STEP 6

 

Uninstall Avast

 

If a System running unstable or running very slow the common issues for this problem is to use cleaners or even Security products that not made by Unix for Unix. The only AV that works conform with Unix is ClamXAV. If you decide to uninstall Avast read below:

 

https://www.avast.com/faq.php?article=AVKB67 and here https://forum.avast.com/index.php?topic=99948.0

 

 

STEP 7

 

To see if any leftovers please make a log with EtreCheck

 

1. Please Download EtreCheck, unpack it and start the application.

2. Click on Start EtreCheck button.

3. If the Scan done click on the button Copy Report to Clipboard

4. Paste the Log here.

 



#5 coaltrain

coaltrain
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Montana
  • Local time:10:31 PM

Posted 27 May 2015 - 10:54 PM

OH mighty defender of the operating systems, this is the result of my etrecheck run.  Hope I did this right, 'cause Great One I'm a novice.
EtreCheck version: 2.2 (132)
Report generated 5/27/15, 9:36 PM
Download EtreCheck from http://etresoft.com/etrecheck

Click the [Click for support] links for help with non-Apple products.
Click the [Click for details] links for more information about that line.

Hardware Information: ℹ️
MacBook Air (13-inch, Mid 2012) (Technical Specifications)
MacBook Air - model: MacBookAir5,2
1 1.8 GHz Intel Core i5 CPU: 2-core
8 GB RAM Not upgradeable
BANK 0/DIMM0
4 GB DDR3 1600 MHz ok
BANK 1/DIMM0
4 GB DDR3 1600 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: en0: 802.11 a/b/g/n
Battery: Health = Normal - Cycle count = 665 - SN = D86224204S2DKRNA6

Video Information: ℹ️
Intel HD Graphics 4000
Color LCD 1440 x 900

System Software: ℹ️
OS X 10.10.3 (14D136) - Time since boot: 2:52:19

Disk Information: ℹ️
APPLE SSD TS128E disk0 : (121.33 GB)
EFI (disk0s1) <not mounted> : 210 MB
Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB
Macintosh HD (disk1) / : 120.10 GB (94.70 GB free)
Core Storage: disk0s2 120.47 GB Online

USB Information: ℹ️
Apple Inc. FaceTime HD Camera (Built-in)
Apple Internal Memory Card Reader
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller

Thunderbolt Information: ℹ️
Apple Inc. thunderbolt_bus

Gatekeeper: ℹ️
Mac App Store and identified developers

Kernel Extensions: ℹ️
/System/Library/Extensions
[not loaded] com.Belcarra.iokit.USBLAN_netpart (3.1.1 - SDK 10.6) [Click for support]
[not loaded] com.Belcarra.iokit.USBLAN_usbpart (3.1.1 - SDK 10.6) [Click for support]
[not loaded] com.RemoteControl.USBLAN.usbpart (3.1.1 - SDK 10.7) [Click for support]

/System/Library/Extensions/2.2.0/Belcarra.USBLAN_netpart.kext/Contents/Plug-Ins
[not loaded] com.belcarra.iokit.netpart.panther (1.6.3) [Click for support]

/System/Library/Extensions/2.2.0/Belcarra.USBLAN_usbpart.kext/Contents/Plug-Ins
[not loaded] com.belcarra.iokit.usbpart.panther (1.6.3) [Click for support]

/System/Library/Extensions/2.2.0/RemoteControl.USBLAN_usbpart.kext/Contents/Plug-Ins
[not loaded] com.RemoteControl.USBLAN.panther (1.6.2) [Click for support]

Launch Agents: ℹ️
[failed] com.avast.secureline.update-agent.plist [Click for support] [Click for details]
[loaded] com.google.keystone.agent.plist [Click for support]
[loaded] com.oracle.java.Java-Updater.plist [Click for support]

Launch Daemons: ℹ️
[loaded] com.adobe.fpsaud.plist [Click for support]
[loaded] com.google.keystone.daemon.plist [Click for support]
[loaded] com.oracle.java.Helper-Tool.plist [Click for support]
[loaded] com.oracle.java.JavaUpdateHelper.plist [Click for support]

User Login Items: ℹ️
iTunesHelper Application (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)
Google Drive UNKNOWN (missing value)
Safari Application (/Applications/Safari.app)

Internet Plug-ins: ℹ️
FlashPlayer-10.6: Version: 17.0.0.188 - SDK 10.6 [Click for support]
Default Browser: Version: 600 - SDK 10.10
Flash Player: Version: 17.0.0.188 - SDK 10.6 [Click for support]
LogitechHarmony: Version: 2.0 - SDK 10.7 [Click for support]
o1dbrowserplugin: Version: 5.41.0.0 - SDK 10.8 [Click for support]
QuickTime Plugin: Version: 7.7.3
googletalkbrowserplugin: Version: 5.41.0.0 - SDK 10.8 [Click for support]
Silverlight: Version: 5.1.20513.0 - SDK 10.6 [Click for support]
JavaAppletPlugin: Version: Java 8 Update 31 Check version

User internet Plug-ins: ℹ️
Google Earth Web Plug-in: Version: 7.1 [Click for support]

Safari Extensions: ℹ️
AdBlock
Disconnect
Coupons at Checkout
Disconnect Private Search
InvisibleHand
WOT

3rd Party Preference Panes: ℹ️
Flash Player [Click for support]
Java [Click for support]

Time Machine: ℹ️
Skip System Files: NO
Mobile backups: ON
Auto backup: YES
Volumes being backed up:
Macintosh HD: Disk size: 120.10 GB Disk used: 25.40 GB
Destinations:
Data [Network]
Total size: 3.00 TB
Total number of backups: 54
Oldest backup: 2015-01-05 19:02:06 +0000
Last backup: 2015-05-28 03:30:41 +0000
Size of backup disk: Excellent
Backup size 3.00 TB > (Disk size 120.10 GB X 3)

Top Processes by CPU: ℹ️
6% WindowServer
2% fontd
0% taskgated
0% cloudpaird

Top Processes by Memory: ℹ️
688 MB kernel_task
295 MB Safari
229 MB com.apple.WebKit.WebContent
90 MB mds_stores
90 MB Finder

Virtual Memory Information: ℹ️
4.19 GB Free RAM
3.81 GB Used RAM
0 B Swap Used

Diagnostics Information: ℹ️
May 27, 2015, 06:43:35 PM Self test - passed
May 26, 2015, 03:46:28 PM /Library/Logs/DiagnosticReports/DesktopServicesHelper_2015-05-26-154628_[redacted].cpu_resource.diag [Click for details]
May 24, 2015, 10:03:54 PM /Library/Logs/DiagnosticReports/com.apple.AmbientDisplayAgent_2015-05-24-220354_[redacted].crash
May 26, 2015, 04:14:50 PM /Library/Logs/DiagnosticReports/com.avast.daemon_2015-05-26-161450_[redacted].cpu_resource.diag [Click for details]



#6 dante12

dante12

  • Members
  • 197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 28 May 2015 - 04:36 AM

STEP 8
 
Please remove the following entry - you need to confirm with your password.
1. Open Spotlight copy and paste the following directory to open it.


/Library/LaunchAgents/

2. delete the entry com.avast.secureline.update-agent.plist 

 

 

STEP 9

 

Delete Login items

 

1. Open your System Preferences and Click on the Accounts Settings

2. Choose your Login User

3. On the right side there is a button called Login items, click on it.

4. Remove following entry

Google Drive

Safari also starts automatically if you logged in it is running in the background. It's your decision to remove it. :)

 

STEP 10

 

Safari Extension

 

If you don't need the following Safari Extension remove it.

o1dbrowserplugin: Version: 5.41.0.0

1. Copy and Paste the following entry in Spotlight

/Library/Internet Plug-Ins/

2. Move the entry above to the trash

 

 

STEP 11

 

Check your hosts entries

 

1. Open the Terminal please and copy and paste the following command

cat /etc/hosts /private/etc/hosts

2. Copy the output and paste it here.

 

 

STEP 12

 

Update Java

 

Your need to update Java

1. Open System Preferences and click on the Java Prefs.

2. Click on the button Update. Usually you get an information to update Java. If not do the next steps...

3. Download the Update from THIS SITE

4. Install it to update your Version.

 

You don't need the Java Plug-In in the Browser. There are very few sites using it. Because Security holes it is recommended deactivate it.  Do these steps:

 

5. After you install the update open the System Preferences and double-click on the Java Prefs.

6. Go to the tab Security and uncheck (deactivate) on the top Enable Java Content in the browser

 

In some Countries Oracle bundle his Java with sponsored ads. You can deactivate it as follows:

 

7. In the Java Preferences click on the tab Advanced and scroll to the end of the list to Miscellaneous . Deactivate this entry: Suppress sponsor offers when installing or updating Java

 

 

Please Post a fresh EtreCheck log and the output from the Terminal from the instructions above. It is time now to ask you if you have any Questions?

 



#7 coaltrain

coaltrain
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Montana
  • Local time:10:31 PM

Posted 28 May 2015 - 12:08 PM

Great  and Powerful Wizard of iOS, If only you could bundle all yo know about computers and download it into my brain! I'm learning tho.  Following is results of  terminal command and EtreCheck.  

boy Howdee, I appreciate you time and effort

 




 

 

 

 

 

 

Last login: Thu May 28 10:56:04 on ttys002

kathys-MacBook-Air-2:~ kathyphillips$ cat /etc/hosts /private/etc/hosts

##

# Host Database

#

# localhost is used to configure the loopback interface

# when the system is booting.  Do not change this entry.

##

127.0.0.1 localhost

255.255.255.255 broadcasthost

::1             localhost 

##

# Host Database

#

# localhost is used to configure the loopback interface

# when the system is booting.  Do not change this entry.

##

127.0.0.1 localhost

255.255.255.255 broadcasthost

::1             localhost 

kathys-MacBook-Air-2:~ kathyphillips$ 

* * *

EtreCheck version: 2.2 (132)

Report generated 5/28/15, 11:06 AM

Download EtreCheck from http://etresoft.com/etrecheck

 

Click the [Click for support] links for help with non-Apple products.

Click the [Click for details] links for more information about that line.

 

Hardware Information: ℹ️

    MacBook Air (13-inch, Mid 2012) (Technical Specifications)

    MacBook Air - model: MacBookAir5,2

    1 1.8 GHz Intel Core i5 CPU: 2-core

    8 GB RAM Not upgradeable

        BANK 0/DIMM0

            4 GB DDR3 1600 MHz ok

        BANK 1/DIMM0

            4 GB DDR3 1600 MHz ok

    Bluetooth: Good - Handoff/Airdrop2 supported

    Wireless:  en0: 802.11 a/b/g/n

    Battery: Health = Normal - Cycle count = 665 - SN = D86224204S2DKRNA6

 

Video Information: ℹ️

    Intel HD Graphics 4000

        Color LCD 1440 x 900

 

System Software: ℹ️

    OS X 10.10.3 (14D136) - Time since boot: 16:22:52

 

Disk Information: ℹ️

    APPLE SSD TS128E disk0 : (121.33 GB)

        EFI (disk0s1) <not mounted> : 210 MB 

        Recovery HD (disk0s3) <not mounted>  [Recovery]: 650 MB 

        Macintosh HD (disk1) / : 120.10 GB (94.00 GB free)

            Core Storage: disk0s2 120.47 GB Online

 

USB Information: ℹ️

    Apple Inc. FaceTime HD Camera (Built-in) 

    Apple Internal Memory Card Reader 

    Apple Inc. Apple Internal Keyboard / Trackpad 

    Apple Inc. BRCM20702 Hub 

        Apple Inc. Bluetooth USB Host Controller 

 

Thunderbolt Information: ℹ️

    Apple Inc. thunderbolt_bus

 

Gatekeeper: ℹ️

    Mac App Store and identified developers

 

Kernel Extensions: ℹ️

        /System/Library/Extensions

    [not loaded]    com.Belcarra.iokit.USBLAN_netpart (3.1.1 - SDK 10.6) [Click for support]

    [not loaded]    com.Belcarra.iokit.USBLAN_usbpart (3.1.1 - SDK 10.6) [Click for support]

    [not loaded]    com.RemoteControl.USBLAN.usbpart (3.1.1 - SDK 10.7) [Click for support]

 

        /System/Library/Extensions/2.2.0/Belcarra.USBLAN_netpart.kext/Contents/Plug-Ins

    [not loaded]    com.belcarra.iokit.netpart.panther (1.6.3) [Click for support]

 

        /System/Library/Extensions/2.2.0/Belcarra.USBLAN_usbpart.kext/Contents/Plug-Ins

    [not loaded]    com.belcarra.iokit.usbpart.panther (1.6.3) [Click for support]

 

        /System/Library/Extensions/2.2.0/RemoteControl.USBLAN_usbpart.kext/Contents/Plug-Ins

    [not loaded]    com.RemoteControl.USBLAN.panther (1.6.2) [Click for support]

 

Launch Agents: ℹ️

    [failed]    com.avast.secureline.update-agent.plist [Click for support]

    [loaded]    com.google.keystone.agent.plist [Click for support]

    [loaded]    com.oracle.java.Java-Updater.plist [Click for support]

 

Launch Daemons: ℹ️

    [loaded]    com.adobe.fpsaud.plist [Click for support]

    [loaded]    com.google.keystone.daemon.plist [Click for support]

    [loaded]    com.oracle.java.Helper-Tool.plist [Click for support]

    [loaded]    com.oracle.java.JavaUpdateHelper.plist [Click for support]

 

User Login Items: ℹ️

    iTunesHelper    Application  (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

    Safari    Application  (/Applications/Safari.app)

 

Internet Plug-ins: ℹ️

    FlashPlayer-10.6: Version: 17.0.0.188 - SDK 10.6 [Click for support]

    Default Browser: Version: 600 - SDK 10.10

    Flash Player: Version: 17.0.0.188 - SDK 10.6 [Click for support]

    LogitechHarmony: Version: 2.0 - SDK 10.7 [Click for support]

    o1dbrowserplugin: Version: 5.41.0.0 - SDK 10.8 [Click for support]

    QuickTime Plugin: Version: 7.7.3

    googletalkbrowserplugin: Version: 5.41.0.0 - SDK 10.8 [Click for support]

    Silverlight: Version: 5.1.20513.0 - SDK 10.6 [Click for support]

    JavaAppletPlugin: Version: Java 8 Update 31 Check version

 

User internet Plug-ins: ℹ️

    Google Earth Web Plug-in: Version: 7.1 [Click for support]

 

Safari Extensions: ℹ️

    AdBlock

    Disconnect

    Coupons at Checkout

    Disconnect Private Search

    InvisibleHand

    WOT

 

3rd Party Preference Panes: ℹ️

    Flash Player  [Click for support]

    Java  [Click for support]

 

Time Machine: ℹ️

    Skip System Files: NO

    Mobile backups: ON

    Auto backup: YES

    Volumes being backed up:

        Macintosh HD: Disk size: 120.10 GB Disk used: 26.10 GB

    Destinations:

        Data [Network] 

        Total size: 3.00 TB 

        Total number of backups: 55 

        Oldest backup: 2015-01-05 19:02:06 +0000 

        Last backup: 2015-05-28 16:08:14 +0000 

        Size of backup disk: Excellent

            Backup size 3.00 TB > (Disk size 120.10 GB X 3)

 

Top Processes by CPU: ℹ️

         7%    WindowServer

         3%    fontd

         3%    coreaudiod

         1%    iTunes

         0%    taskgated

 

Top Processes by Memory: ℹ️

    700 MB    kernel_task

    500 MB    iTunes

    369 MB    Safari

    336 MB    com.apple.WebKit.WebContent(2)

    254 MB    firefox

 

Virtual Memory Information: ℹ️

    1.92 GB    Free RAM 

    6.08 GB    Used RAM 

    0 B    Swap Used 

 

Diagnostics Information: ℹ️

    May 27, 2015, 06:43:38 PM    Self test - passed

    May 26, 2015, 04:14:50 PM    /Library/Logs/DiagnosticReports/com.avast.daemon_2015-05-26-161450_[redacted].cpu_resource.diag [Click for details]

    May 26, 2015, 03:46:28 PM    /Library/Logs/DiagnosticReports/DesktopServicesHelper_2015-05-26-154628_[redacted].cpu_resource.diag [Click for details]

* * *

Agin, thank you for the time and knowledge



#8 dante12

dante12

  • Members
  • 197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 28 May 2015 - 12:30 PM

Avast is not gone please follow the instructions in STEP 8 to remove it. If you have problem with it tell me what.

 

 

 

Unless the Avast entry as I see is your System ok do after remove the last entry of Avast, repair the permissions of your hard drive. This are the last steps and we're done.

 

STEP 13

 

Repair Permissions

 

1. Move to the Finder menu GO and scroll down to the Utilities folder and open it.

2. Double-Click on the disk utility tool 

3. Select on the left side your System Drive and click on the bottom to the button Verify disk permissions and last if done Repair disk permissions.

 

 

STEP 14

 

Boot in Safe Mode

 

Please read this ARTICLE for more information

 

Obsolete drivers or System Caches will automatically clean if you start into safe mode. You don't need to login, it's very simple.

1. Restart your Mac

2. Hold down the Shift-Key during startup before you can hear the start sound.

3. This start up procedure ist usually slower as normal start up. Not a problem, it is normal if the screen flashed.

4. If you see the Login Screen just click on Restart to restart your mac in normal boot mode. That's all.

 

 

New EtreCheck log to see if Avast gone and if you have any Question write down please. 

Again: How is running your system now? If you still have problems with safari?


Edited by dante12, 28 May 2015 - 12:32 PM.


#9 coaltrain

coaltrain
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Montana
  • Local time:10:31 PM

Posted 28 May 2015 - 01:45 PM

Hello, again, Mrvelous Mentor,  I have deleted the avast and disabled the Java, after update.  I'm not sure how to reset Safari x yosemite.  It doesn't have the reset option anymore.  So I cleared the history and the caches.  Hope that is good.  Here is the latest 

EtreCheck:

EtreCheck version: 2.2 (132)

Report generated 5/28/15, 12:36 PM

Download EtreCheck from http://etresoft.com/etrecheck

 

Click the [Click for support] links for help with non-Apple products.

Click the [Click for details] links for more information about that line.

 

Hardware Information: ℹ️

    MacBook Air (13-inch, Mid 2012) (Technical Specifications)

    MacBook Air - model: MacBookAir5,2

    1 1.8 GHz Intel Core i5 CPU: 2-core

    8 GB RAM Not upgradeable

        BANK 0/DIMM0

            4 GB DDR3 1600 MHz ok

        BANK 1/DIMM0

            4 GB DDR3 1600 MHz ok

    Bluetooth: Good - Handoff/Airdrop2 supported

    Wireless:  en0: 802.11 a/b/g/n

    Battery: Health = Normal - Cycle count = 665 - SN = D86224204S2DKRNA6

 

Video Information: ℹ️

    Intel HD Graphics 4000

        Color LCD 1440 x 900

 

System Software: ℹ️

    OS X 10.10.3 (14D136) - Time since boot: 0:29:46

 

Disk Information: ℹ️

    APPLE SSD TS128E disk0 : (121.33 GB)

        EFI (disk0s1) <not mounted> : 210 MB 

        Recovery HD (disk0s3) <not mounted>  [Recovery]: 650 MB 

        Macintosh HD (disk1) / : 120.10 GB (94.51 GB free)

            Core Storage: disk0s2 120.47 GB Online

 

USB Information: ℹ️

    Apple Inc. FaceTime HD Camera (Built-in) 

    Apple Internal Memory Card Reader 

    Apple Inc. Apple Internal Keyboard / Trackpad 

    Apple Inc. BRCM20702 Hub 

        Apple Inc. Bluetooth USB Host Controller 

 

Thunderbolt Information: ℹ️

    Apple Inc. thunderbolt_bus

 

Gatekeeper: ℹ️

    Mac App Store and identified developers

 

Kernel Extensions: ℹ️

        /System/Library/Extensions

    [not loaded]    com.Belcarra.iokit.USBLAN_netpart (3.1.1 - SDK 10.6) [Click for support]

    [not loaded]    com.Belcarra.iokit.USBLAN_usbpart (3.1.1 - SDK 10.6) [Click for support]

    [not loaded]    com.RemoteControl.USBLAN.usbpart (3.1.1 - SDK 10.7) [Click for support]

 

        /System/Library/Extensions/2.2.0/Belcarra.USBLAN_netpart.kext/Contents/Plug-Ins

    [not loaded]    com.belcarra.iokit.netpart.panther (1.6.3) [Click for support]

 

        /System/Library/Extensions/2.2.0/Belcarra.USBLAN_usbpart.kext/Contents/Plug-Ins

    [not loaded]    com.belcarra.iokit.usbpart.panther (1.6.3) [Click for support]

 

        /System/Library/Extensions/2.2.0/RemoteControl.USBLAN_usbpart.kext/Contents/Plug-Ins

    [not loaded]    com.RemoteControl.USBLAN.panther (1.6.2) [Click for support]

 

Launch Agents: ℹ️

    [loaded]    com.google.keystone.agent.plist [Click for support]

    [loaded]    com.oracle.java.Java-Updater.plist [Click for support]

 

Launch Daemons: ℹ️

    [loaded]    com.adobe.fpsaud.plist [Click for support]

    [loaded]    com.google.keystone.daemon.plist [Click for support]

    [loaded]    com.oracle.java.Helper-Tool.plist [Click for support]

    [loaded]    com.oracle.java.JavaUpdateHelper.plist [Click for support]

 

User Login Items: ℹ️

    iTunesHelper    Application  (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

    Safari    Application  (/Applications/Safari.app)

 

Internet Plug-ins: ℹ️

    FlashPlayer-10.6: Version: 17.0.0.188 - SDK 10.6 [Click for support]

    QuickTime Plugin: Version: 7.7.3

    Flash Player: Version: 17.0.0.188 - SDK 10.6 [Click for support]

    LogitechHarmony: Version: 2.0 - SDK 10.7 [Click for support]

    Default Browser: Version: 600 - SDK 10.10

    googletalkbrowserplugin: Version: 5.41.0.0 - SDK 10.8 [Click for support]

    Silverlight: Version: 5.1.20513.0 - SDK 10.6 [Click for support]

    JavaAppletPlugin: Version: Java 8 Update 31 Check version

 

User internet Plug-ins: ℹ️

    Google Earth Web Plug-in: Version: 7.1 [Click for support]

 

Safari Extensions: ℹ️

    AdBlock

    Disconnect

    Coupons at Checkout

    Disconnect Private Search

    InvisibleHand

    WOT

 

3rd Party Preference Panes: ℹ️

    Flash Player  [Click for support]

    Java  [Click for support]

 

Time Machine: ℹ️

    Skip System Files: NO

    Mobile backups: ON

    Auto backup: YES

    Volumes being backed up:

        Macintosh HD: Disk size: 120.10 GB Disk used: 25.59 GB

    Destinations:

        Data [Network] 

        Total size: 3.00 TB 

        Total number of backups: 55 

        Oldest backup: 2015-01-05 19:02:06 +0000 

        Last backup: 2015-05-28 18:36:07 +0000 

        Size of backup disk: Excellent

            Backup size 3.00 TB > (Disk size 120.10 GB X 3)

 

Top Processes by CPU: ℹ️

         7%    WindowServer

         3%    fontd

         0%    MemoryKeeper

         0%    taskgated

         0%    SpotlightNetHelper

 

Top Processes by Memory: ℹ️

    565 MB    kernel_task

    229 MB    Safari

    180 MB    com.apple.WebKit.WebContent

    98 MB    Finder

    49 MB    WindowServer

 

Virtual Memory Information: ℹ️

    5.20 GB    Free RAM 

    2.80 GB    Used RAM 

    0 B    Swap Used 

 

Diagnostics Information: ℹ️

    May 28, 2015, 12:06:44 PM    Self test - passed

    May 26, 2015, 04:14:50 PM    /Library/Logs/DiagnosticReports/com.avast.daemon_2015-05-26-161450_[redacted].cpu_resource.diag [Click for details]

    May 26, 2015, 03:46:28 PM    /Library/Logs/DiagnosticReports/DesktopServicesHelper_2015-05-26-154628_[redacted].cpu_resource.diag [Click for details]

* * * 

 

Safari is running as it should, thank you very much.  I am going to have to think for a while and then I will ask some questions, please

Your humble student, coltrin



#10 dante12

dante12

  • Members
  • 197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 28 May 2015 - 04:11 PM

If you don't have any problems with safari more, we are here done. 

 

Your Log is good now  :thumbup2:

 

Any Question?

 

 

TIPPS:

 

1. Keep your System and Applications Up-To-Date

2. Turn away from Download portals like CNet or Softonic. Such portal bundle legitimate Software with sponsored ads (Toolbars, Search Engines etc.)

3. If you find any third party software download it direct from the vendor / developer.  For more Information read HERE and HERE

4. Unknown Software can you upload to Virustotal to check it.

5. You don't need an Antivirus Solution for Mac. If you need one I have made good experiences with ClamXAV and Sophos Antivirus for Mac and Eset Cybersecurity

6. Remember that Software free of Charge are often comes with ads. Read THIS and THIS  for more information.

7. Turn away from Cleaning Tools this applied not only for the Mac. Cleaning tools are sometimes a good option to cleaning specific folders but most there are cleaning more that you want. This can damage your system.



#11 coaltrain

coaltrain
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Montana
  • Local time:10:31 PM

Posted 28 May 2015 - 11:51 PM

Thank you again.  "May you live well and prosper."



#12 dante12

dante12

  • Members
  • 197 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:31 AM

Posted 29 May 2015 - 01:25 AM

No Problem  :thumbup2:

 

If you want to remove the used applications for analyzes do the follwing:

 

Remove AdwareMedic

 

1. Move the Applictaion from the program folder in the trash

2. Remove the following leftovers - Copy the folder path in Spotlight and hit enter

Folder:

~/Library/Preferences/

Remove: com.thesafemac.adwaremedic.plist

 

Folder:

~/Library/Caches/

Remove: com.thesafemac.adwaremedic

 

Folder:

~/Library/Application Support/

Remove the Folder: com.thesafemac.adwaremedic

 

 

Remove EtreCheck

 

1. Move the Application from your program folder in the trash

2. Remove the following leftovers - copy and paste the folder path in spotlight and hit enter

Folder:

~/Library/Caches/

Remove: com.etresoft.EtreCheck

 

Folder:

~/Library/Preferences/

Remove: com.etresoft.EtreCheck.plist

 

Folder:

/private/var/db/BootCaches/0DEBB16E-83D0-4927-BD92-45AC7C4F3B7A/

Remove (You need your Password): app.com.etresoft.EtreCheck.playlist

 

If you not find some leftovers, no problem the System does it for you during move  the application to the trash. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users