EtreCheckPro version: 6.4.4 (6E015) Report generated: 2021-06-24 21:11:55 Download EtreCheckPro from https://etrecheck.com Runtime: 4:12 Performance: Good Problem: No problem - just checking Major Issues: Anything that appears on this list needs immediate attention. Unsigned files - There are unsigned software files installed that could be adware and should be reviewed. Automatic updates disabled - Automatic updates are disabled. This computer is at risk of malware infection. Security updates disabled - Security updates are disabled. This computer is at risk of malware infection. Heavy CPU usage - Some processes are using an unusually high amount of CPU. Apple security disabled - Apple security software is disabled. This computer is at risk of malware infection. Minor Issues: These issues do not need immediate attention but they may indicate future problems or opportunities for improvement. No Time Machine backup - Time Machine backup not found. Configuration profiles found - This computer may have configuration profiles installed. These are sometimes used by adware and malware. Apps with heavy CPU usage - There have been numerous cases of apps with heavy CPU usage. Clean up - There are orphan files that could be removed. Unsigned files - There are unsigned software files installed. Apple has said that unsigned software will not run by default in a future version of the operating system. System modifications - There are a large number of system modifications running in the background. Runaway user process - A user process is using a large percentage of your CPU. Limited drive access - More information may be available with Full Drive Access. Kernel extensions present - This computer has kernel extensions that may not work in the future. Sharing enabled - This computer has sharing services enabled that could be a security risk. Hardware Information: MacBook Pro (16-inch, 2019) MacBook Pro Model: MacBookPro16,1 2.6 GHz 6-Core Intel Core i7 (i7-9750H) CPU: 6-core 16 GB RAM - Not upgradeable BANK 0/ChannelA-DIMM0 - 8 GB DDR4 2667 BANK 2/ChannelB-DIMM0 - 8 GB DDR4 2667 Battery: Health = Normal - Cycle count = 95 Video Information: Intel UHD Graphics 630 - VRAM: 1536 MB AMD Radeon Pro 5300M - VRAM: 4 GB Color LCD (built-in) 3584 x 2240 Drives: disk0 - APPLE SSD AP1024N 1.00 TB (Solid State - TRIM: Yes) Internal PCI-Express 8.0 GT/s x4 NVM Express disk0s1 - EFI [EFI] 315 MB disk0s2 [APFS Container] 1.00 TB disk1 [APFS Virtual drive] 1.00 TB (Shared by 6 volumes) disk1s1 (APFS) [APFS Container] (Shared - 15.31 GB used) disk1s1s1 - Macintosh HD (APFS) [APFS Snapshot] (Shared - 15.31 GB used) disk1s2 - Macintosh HD - Data (APFS) [APFS Virtual drive] (Shared - 766.91 GB used) disk1s3 - Preboot (APFS) [APFS Preboot] (Shared - 286 MB used) disk1s4 - Recovery (APFS) [Recovery] (Shared - 623 MB used) disk1s5 - VM (APFS) [APFS VM] (Shared - 1.07 GB used) disk1s6 - Update (APFS) (Shared - 520 KB used) Mounted Volumes: disk1s1s1 - Macintosh HD [APFS Snapshot] 1.00 TB (Shared - 15.31 GB used, 310.61 GB available, 215.83 GB free) APFS Mount point: / Read-only: Yes disk1s2 - Macintosh HD - Data [APFS Virtual drive] 1.00 TB (Shared - 766.91 GB used, 310.61 GB available, 215.83 GB free) APFS Mount point: /System/Volumes/Data Encrypted disk1s3 - Preboot [APFS Preboot] 1.00 TB (Shared - 286 MB used, 215.83 GB free) APFS Mount point: /System/Volumes/Preboot disk1s5 - VM [APFS VM] 1.00 TB (Shared - 1.07 GB used, 215.83 GB free) APFS Mount point: /System/Volumes/VM disk1s6 - Update 1.00 TB (Shared - 520 KB used, 215.83 GB free) APFS Mount point: /System/Volumes/Update disk3s2 - I********D 7.89 GB (7.77 GB used, 121 MB free) Mac OS Extended Disk Image Mount point: /Volumes/I********D Owners enabled: No Read-only: Yes disk5s2 - I********************a 16.13 GB (37 MB used, 16.09 GB free) Mac OS Extended Disk Image Mount point: /private/var/folders/bq/p5dsl5ps2g954q8_dr6hdkcdfyrnq6/T/FljnyW Owners enabled: No Read-only: Yes Network: Interface en5: USB 10/100/1000 LAN Interface en10: iPhone Interface bridge0: Thunderbolt Bridge Interface en0: Wi-Fi 802.11 a/b/g/n/ac Interface en7: Bluetooth PAN Interface fw0: Thunderbolt FireWire Interface en8: Thunderbolt Ethernet Slot 1 Interface en9: Thunderbolt Ethernet Slot 2 iCloud Quota: 1.48 GB available Remote Management: Enabled Screen sharing: Enabled Remote login: Enabled System Software: macOS Big Sur 11.4 (20F71) Time since boot: About 2 hours Configuration Profiles: com.apple.QuickTime - Pro Key com.citrix.receiver.nomas - AutoUpdateState com.citrix.receiver.nomas - AutoUpdateRollOutBucketIndex com.microsoft.autoupdate2 - StartDaemonOnAppLaunch com.microsoft.autoupdate2 - HowToCheck com.microsoft.autoupdate2 - EnableCheckForUpdatesButton com.microsoft.autoupdate2 - SendAllTelemetryEnabled com.microsoft.autoupdate2 - ChannelName com.microsoft.autoupdate2 - AcknowledgedDataCollectionPolicy Notifications: Name Mangler 3.app one notification Microsoft Outlook.app 5 notifications Little Snitch Agent.app 10 notifications switchdrive.app 2 notifications Security: Gatekeeper: App Store and identified developers System Integrity Protection: Enabled Automatic Updates: Disabled Security Updates: Disabled Antivirus software: Sophos Remote Management: Enabled Screen sharing: Enabled Remote login: Enabled Unsigned Files: Launchd: /Library/LaunchDaemons/com.jamfsoftware.startupItem.plist Executable: /Library/Application Support/JAMF/ManagementFrameworkScripts/StartupScript.sh Details: Exact match found in the legitimate list - probably OK Launchd: /Library/LaunchAgents/Fontexplorer_customize_once.plist Executable: /Users/Shared/pkg_ressources/fontexplorer/fontexplorer_user_setup.sh Details: Domain name invalid - possibly adware Running app: ~/Parallels/macOS Catalina.pvm/macOS Catalina.app/Contents/MacOS/WinAppHelper --ivmid 1 Running app: /Applications/Parallels Desktop.app/Contents/MacOS/prl_client_app Running app: ~/Parallels/macOS Catalina.pvm/macOS Catalina.app/Contents/MacOS/WinAppHelper --fakestub --ivmid 1 Safari Extension: "Open In" button for Internet Explorer Apps: 12 System Extensions: [Running] networkextension - version 10.0.4 (Sophos - 2021-03-04) Application: /Applications/Sophos/Sophos Network Extension.app - version 10.0.4 (Sophos - 2021-03-04) [Running] com.sophos.endpoint.scanextension - version 10.0.4 (Sophos - 2021-06-11) Application: /Applications/Sophos/Sophos Scan.app - version 10.0.4 (Sophos - 2021-06-11) Description: Scanning Services [Running] Little Snitch Network Extension - version 5.2.1 (Objective Development Software GmbH - 2021-06-15) Application: /Applications/Little Snitch.app - version 5.2.1 (Objective Development Software GmbH - 2021-06-15) Description: This system extension enables Little Snitch to filter network traffic. [Not Loaded] Little Snitch Endpoint Security - version 5.2.1 (Objective Development Software GmbH - 2021-06-15) Application: /Applications/Little Snitch.app - version 5.2.1 (Objective Development Software GmbH - 2021-06-15) Description: Little Snitch Endpoint Security [Running] Cisco AnyConnect Socket Filter Extension - version 4.10.00093 (Cisco - 2021-03-31) Application: /Applications/Cisco/Cisco AnyConnect Socket Filter.app - version 4.10.00093 (Cisco - 2021-04-12) Description: This system extension provides socket filter capabilities. Kernel Extensions: /Applications/Parallels Desktop.app [Not Loaded] prl_hypervisor.kext - com.parallels.kext.hypervisor (16.1.2 49151 - SDK 10.11) [Not Loaded] prl_netbridge.kext - com.parallels.kext.netbridge (16.1.2 49151 - SDK 10.9) [Not Loaded] prl_usb_connect.kext - com.parallels.kext.usbconnect (16.1.2 49151 - SDK 10.9) [Not Loaded] prl_vnic.kext - com.parallels.kext.vnic (16.1.2 49151 - SDK 10.9) /Library/Application Support/Cisco/AnyConnect Secure Mobility Client [Not Loaded] acsock.kext - com.cisco.kext.acsock (4.10.01 - SDK 10.14) /Library/Application Support/Logitech.localized/Logitech Options.localized [Not Loaded] LogiMgrDriver.kext - com.logitech.manager.kernel.driver (8.34.1 - SDK 10.13) ~/Programme/Capture One 10.app [Not Loaded] LeafFwXDriverMatcher.kext - com.Leaf.driver.LeafFwXDriverMatcher (1.2.0d1) ~/Programme/Transmit.app [Not Loaded] transmitdiskfs.kext - com.panic.TransmitDisk.transmitdiskfs (4.0.0 - SDK 10.6) System Launch Agents: [Not Loaded] 16 Apple tasks [Loaded] 172 Apple tasks [Running] 145 Apple tasks [Other] One Apple task System Launch Daemons: [Not Loaded] 33 Apple tasks [Loaded] 175 Apple tasks [Running] 153 Apple tasks [Other] One Apple task Launch Agents: [Not Loaded] Fontexplorer_customize_once.plist (? efb3d0bb - installed 2017-05-11) [Running] at.obdev.littlesnitch.agent.plist (Objective Development Software GmbH - installed 2021-06-15) [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2021-02-11) [Running] com.adobe.AdobeCreativeCloud.plist (Adobe Inc. - installed 2021-05-15) [Running] com.adobe.GC.AGM.plist (Adobe Systems, Inc. - installed 2021-05-14) [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-05-14) [Loaded] com.adobe.ccxprocess.plist (Adobe Systems, Inc. - installed 2021-06-10) [Loaded] com.cisco.anyconnect.gui.plist (Cisco - installed 2021-04-12) [Loaded] com.cisco.anyconnect.notification.plist (Cisco - installed 2021-04-12) [Running] com.citrix.AuthManager_Mac.plist (Citrix Systems, Inc. - installed 2021-04-06) [Running] com.citrix.ReceiverHelper.plist (Citrix Systems, Inc. - installed 2021-04-06) [Running] com.citrix.ServiceRecords.plist (Citrix Systems, Inc. - installed 2021-04-06) [Running] com.citrix.WebLauncher.plist (Citrix Systems, Inc. - installed 2021-04-06) [Running] com.jamfsoftware.jamf.agent.plist (JAMF Software - installed 2021-06-16) [Running] com.logitech.manager.daemon.plist (Logitech Inc. - installed 2020-10-21) [Running] com.microsoft.update.agent.plist (Microsoft Corporation - installed 2021-04-29) [Running] com.sophos.agent.plist (Sophos - installed 2021-03-04) [Running] com.sophos.uiserver.plist (Sophos - installed 2021-03-04) Launch Daemons: [Running] at.obdev.littlesnitch.daemon.plist (Objective Development Software GmbH - installed 2021-06-15) [Loaded] com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2021-01-09) [Loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2021-01-09) [Loaded] com.adobe.acc.installer.v2.plist (Adobe Inc. - installed 2021-05-15) [Loaded] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2021-05-14) [Running] com.bjango.istatmenus.daemon.plist (Bjango Pty Ltd - installed 2020-11-18) [Running] com.bjango.istatmenus.fans.plist (Bjango Pty Ltd - installed 2020-11-18) [Loaded] com.bjango.istatmenus.installerhelper.plist (Bjango Pty Ltd - installed 2020-10-29) [Running] com.cisco.anyconnect.vpnagentd.plist (Cisco - installed 2021-03-31) [Loaded] com.citrix.ctxusbd.plist (Citrix Systems, Inc. - installed 2021-04-06) [Running] com.code42.service.plist (Code 42 Software - installed 2020-10-28) [Loaded] com.fxfactory.FxFactory.helper.plist (Noise Industries, LLC - installed 2021-06-18) [Running] com.jamf.management.daemon.plist (JAMF Software - installed 2021-03-10) [Running] com.jamfsoftware.jamf.daemon.plist (JAMF Software - installed 2021-06-16) [Not Loaded] com.jamfsoftware.startupItem.plist (? 44b5eabd - installed 2021-06-16) [Loaded] com.jamfsoftware.task.1.plist (JAMF Software - installed 2021-06-16) [Loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2021-04-29) [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2018-08-04) [Running] com.sophos.common.servicemanager.plist (Sophos - installed 2021-04-27) [Not Loaded] com.sophos.sophoscbr.plist (Sophos - installed 2021-03-04) [Not Loaded] org.virtualbox.startup.plist (? 0 - installed ) User Launch Agents: [Not Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2021-05-14) [Not Loaded] com.adobe.ccxprocess.plist (Adobe Systems, Inc. - installed 2021-06-10) [Running] com.bjango.istatmenus.agent.plist (Bjango Pty Ltd - installed 2020-11-18) [Running] com.bjango.istatmenus.status.plist (Bjango Pty Ltd - installed 2020-11-18) [Running] com.code42.menubar.plist (Code 42 Software - installed 2021-06-24) [Not Loaded] com.linotype.FontFolderProtector.plist (Linotype GmbH - installed 2021-06-18) [Not Loaded] org.virtualbox.vboxwebsrv.plist (? 0 - installed 2021-06-24) [Other] us.zoom.pluginagent.plist (? 0 - installed 2020-01-28) User Login Items: [Running] 1Password Extension Helper (AgileBits Inc. - installed 2021-06-21) Modern Login Item /Applications/1Password 7.app/Contents/Library/LoginItems/1Password Extension Helper.app [Loaded] 1Password Launcher (AgileBits Inc. - installed 2021-06-21) Modern Login Item /Applications/1Password 7.app/Contents/Library/LoginItems/1Password Launcher.app [Not Loaded] Display Menu Helper (App Store - installed 2021-03-18) Modern Login Item /Applications/Display Menu.app/Contents/Library/LoginItems/Display Menu Helper.app [Loaded] switchdrive (ownCloud GmbH - installed 2020-10-28) Application /Applications/switchdrive.app [Not Loaded] HDXCastHelper (Citrix Systems, Inc. - installed 2021-04-12) Modern Login Item /Library/Application Support/Citrix Receiver/Citrix Casting.app/Contents/Library/LoginItems/HDXCastHelper.app [Not Loaded] AmphetamineLoginHelper (App Store - installed 2021-05-31) Modern Login Item ~/Programme/Amphetamine.app [Not Loaded] CompressorHelper (App Store - installed 2021-02-25) Modern Login Item ~/Programme/Compressor.app/Contents/Library/LoginItems/CompressorHelper.app [Running] Magnet (App Store - installed 2021-04-21) Application ~/Programme/Magnet.app [Running] 4449XA862Y.com.giorgiocalderolla.Wipr-Mac.Wipr-Refresher (App Store - installed 2021-06-04) Modern Login Item ~/Programme/Wipr.app/Contents/Library/LoginItems/4449XA862Y.com.giorgiocalderolla.Wipr-Mac.Wipr-Refresher.app Internet Plug-ins: AdobePDFViewerNPAPI: 17.012.20098 (Adobe Systems, Inc. - installed 2021-06-15) AdobeAAMDetect: 3.0.0.0 (Adobe Inc. - installed 2021-05-15) AdobePDFViewer: 21.005.20048 (Adobe Systems, Inc. - installed 2021-06-15) Audio Plug-ins: ZoomAudioDevice: 1.0 (Zoom Video Communications, Inc. - installed 2021-06-22) Safari Extensions: "Open In" button for Internet Explorer (? - installed 2020-12-30) 1Password (AgileBits Inc. - installed 2021-06-21) Wipr Part 1 (App Store - installed 2021-06-04) Wipr Part 2 (App Store - installed 2021-06-04) Wipr Part 3 (App Store - installed 2021-06-04) Backup: Time Machine information not available without Full Drive Access. 6 local snapshots Oldest local snapshot: 2021-06-23 08:08:26 Last local snapshot: 2021-06-24 20:50:27 Performance: System Load: 2.87 (1 min ago) 2.42 (5 min ago) 2.27 (15 min ago) Nominal I/O speed: 0.16 MB/s File system: 18.89 seconds Write speed: 2901 MB/s Read speed: 1933 MB/s CPU Usage Snapshot: Type Overall System: 13 % User: 5 % Idle: 82 % Top Processes Snapshot by CPU: Process (count) CPU (Source - Location) prl_vm_app 126.40 % (? - /Applications/Parallels Desktop.app) WindowServer 15.60 % (Apple) EtreCheckPro 10.72 % (Etresoft, Inc.) prl_client_app 6.62 % (? - /Applications/Parallels Desktop.app) kernel_task 2.58 % (Apple) Top Processes Snapshot by Memory: Process (count) RAM usage (Source - Location) prl_vm_app 1.16 GB (? - /Applications/Parallels Desktop.app) com.apple.WebKit.WebContent (15) 1.08 GB (Apple) EtreCheckPro 675 MB (Etresoft, Inc.) SophosScanD 311 MB (?) Code42Service 291 MB (Code 42 Software) Top Processes Snapshot by Network Use: Process (count) Input / Output (Source - Location) corespeechd 2 KB / 5 MB (Apple) mDNSResponder 3 MB / 851 KB (Apple) biometrickitd 417 KB / 134 KB (Apple) remoted 87 KB / 116 KB (Apple) apsd 94 KB / 94 KB (Apple) Top Processes Snapshot by Energy Use: Process (count) Energy (0-100) (Source - Location) prl_client_app 8 (? - /Applications/Parallels Desktop.app) WindowServer 7 (Apple) prl_vm_app 6 (? - /Applications/Parallels Desktop.app) Electron Helper (GPU) 1 (Code 42 Software) Creative Cloud 1 (Adobe Inc.) Virtual Memory Information: Physical RAM: 16 GB Free RAM: 49 MB Used RAM: 9.91 GB Cached files: 6.04 GB Available RAM: 6.09 GB Swap Used: 25 MB Software Installs (past 60 days): Install Date Name (Version) 2021-04-27 Adobe Acrobat DC (21.001.20149) (21.001.20149) 2021-04-28 Name Mangler (3.7.1) 2021-04-29 Microsoft Office (16.48.21041102) 2021-04-29 Microsoft Office 2019 Volume License Serializer (16.17.18080304) 2021-04-29 Microsoft_Office_2019_16.48.0_ML (16.48.0) 2021-04-30 macOS Catalina Sicherheitsupdate 2021-002 (10.15.7) 2021-05-04 Zoom-5.6.4.765 (5.7.0.446) 2021-05-10 Firefox_ESR_78.10.1 (78.11.0) 2021-05-12 ViewNX-i (1.4.5) 2021-05-13 Pixelmator (3.9.7) 2021-05-14 Adobe Acrobat DC (21.001.20155) (21.001.20155) 2021-05-18 Keka-1.2.14 (1.2.14) 2021-05-18 TeamViewerQS-15.17.6 (15.17.6) 2021-05-19 alerter_V0.02 (1) 2021-05-25 install_jamf-icon (1) 2021-05-27 Crypto Pro (6.8.7) 2021-05-31 Amphetamine (5.2.2) 2021-06-02 Keynote (11.1) 2021-06-02 Numbers (11.1) 2021-06-02 Pages (11.1) 2021-06-04 Wipr (1.24) 2021-06-04 Firefox_ESR_78.11.0 (78.11.0) 2021-06-10 macOS Catalina Sicherheitsupdate 2021-003 (10.15.7) 2021-06-10 Safari (14.1.1) 2021-06-11 macOS Big Sur (11.4) 2021-06-11 macOS 11.4 (11.4) 2021-06-15 Adobe Acrobat DC (21.005.20048) (21.005.20048) 2021-06-18 authorization_v3 (1.0) 2021-06-18 FxFactory (7.0) 2021-06-21 Cisco Jabber (14.0.2.305994) 2021-06-21 Zoom-5.6.6.950 (5.7.0.446) 2021-06-21 Zoom-5.6.7.1020 (5.7.0.446) 2021-06-21 dockutil-2.0.5 (2.0.5) 2021-06-21 Things (3.13.13) 2021-06-22 iMovie (10.2.4) 2021-06-22 Zoom-5.7.0.446 (5.7.0.446) 2021-06-24 Sinar CaptureFlow Studio 1.5.1 (1.0) 2021-06-24 macOS Catalina (10.15.7) 2021-06-24 Oracle VM VirtualBox (6.1.22) 2021-06-24 Sinar CaptureFlow Studio 1.6.0 (1.0) Clean up: ~/Library/LaunchAgents/us.zoom.pluginagent.plist /Users/Shared/ZoomOutlookPlugin/zOutlookPluginAgent.app/Contents/MacOS/zOutlookPluginAgent Executable not found ~/Library/LaunchAgents/org.virtualbox.vboxwebsrv.plist /Applications/VirtualBox.app/Contents/MacOS/vboxwebsrv Executable not found Diagnostics Information (past 7-30 days): 2021-06-24 18:54:13 Parallels Desktop.app High CPU Use Executable: /Applications/Parallels Desktop.app 2021-06-24 18:25:47 VirtualBox.app Crash (4 times) Executable: /Applications/VirtualBox.app 2021-06-24 17:50:45 Sophos Network Extension.app High CPU Use (2 times) Executable: /Applications/Sophos/Sophos Network Extension.app Details: Kernel bug: The kernel cannot allocate memory needed for the pseudo-re ceive. 2021-06-24 17:41:19 switchdrive.app High CPU Use (3 times) Executable: /Applications/switchdrive.app 2021-06-24 17:39:38 nesessionmanager High CPU Use (2 times) Executable: /usr/libexec/nesessionmanager 2021-06-23 21:42:29 sandboxd High CPU Use Executable: /usr/libexec/sandboxd 2021-06-23 17:18:29 Numbers.app Hang Executable: /Applications/Numbers.app 2021-06-23 10:46:45 com.apple.Safari.History High CPU Use Executable: /System/Library/PrivateFrameworks/SafariShared.framework/Versions/A/XPCServices/com.apple.Safari.History.xpc/Contents/MacOS/com.apple.Safari.History 2021-06-22 10:05:31 mdworker High CPU Use Executable: /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Support/mdworker 2021-06-22 09:16:06 WindowServer High CPU Use Executable: /System/Library/PrivateFrameworks/SkyLight.framework/Versions/A/Resources/WindowServer 2021-06-20 17:51:45 Code42.app High CPU Use Executable: /Applications/Code42.app 2021-06-19 08:13:31 com.apple.WebKit.WebContent High CPU Use Executable: /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent 2021-06-18 15:51:04 Adobe Bridge 2021.app High CPU Use Executable: /Applications/Adobe Bridge 2021/Adobe Bridge 2021.app 2021-06-18 14:53:26 Final Cut Pro.app High CPU Use Executable: ~/Programme/Final Cut Pro.app 2021-06-18 09:35:06 Citrix Viewer.app Crash Executable: /Library/Application Support/Citrix Receiver/Citrix Viewer.app End of report