Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

EtreCheck 2.9.3: Suspected Adware or Malware

Pndrgnsvc

Pndrgnsvc

macrumors 6502
Original poster
Jun 13, 2008
452
26
Georgetown, Texas
EtreCheck 2.9.3 just noted these 2 unknown files that may be Adware or Malware:
1. ~/Library/LaunchAgents/com.macupdate.desktop5.scanner.plist
2. ~/Library/LaunchAgents/.dat.nosync022a.rOuyuR (hidden)

But before deleting these 2 files, I would like the advice of the experts here ‘bouts.

FWIW: Malwarebytes does not note this issue.

Waddya think, should I consign these two files to the trash or should they be retained?
 
Last edited:
briloronmacrumo

briloronmacrumo

macrumors 6502a
Jan 25, 2008
537
346
USA
Pndrgnsvc said:
EtreCheck 2.9.3 just noted these 2 unknown files that may be Adware or Malware:
1. ~/Library/LaunchAgents/com.macupdate.desktop5.scanner.plist
2. ~/Library/LaunchAgents/.dat.nosync022a.rOuyuR (hidden)
Click to expand...

Well, #1 is used by Macupdate's MacUpdate Desktop app. If you're not using ( or don't have it installed ), it can clearly be deleted. #2 doesn't look familiar at all. However, 'user' launchagents, can typically be deleted unless there is a known app that needs them ( i.e. this isn't a OS X system launch agent, so its removal won't break anything except possibly the app using it ). Most apps needing these agents can repopulate from their own /Contents/Resources bundle if they aren't found.

Bottom line: I would delete both files.
 
  • Like
Reactions: satcomer and Pndrgnsvc
Pndrgnsvc

Pndrgnsvc

macrumors 6502
Original poster
Jun 13, 2008
452
26
Georgetown, Texas
briloronmacrumo said:
Well, #1 is used by Macupdate's MacUpdate Desktop app. If you're not using ( or don't have it installed ), it can clearly be deleted. #2 doesn't look familiar at all. However, 'user' launchagents, can typically be deleted unless there is a known app that needs them ( i.e. this isn't a OS X system launch agent, so its removal won't break anything except possibly the app using it ). Most apps needing these agents can repopulate from their own /Contents/Resources bundle if they aren't found.

Bottom line: I would delete both files.
Click to expand...

I deleted the two "suspect" files with the following result:

1. Upon relaunching MacUpdate Desktop, I had to (re)install my SN & PW. Also, I had to reset a few options/selections. AFAIK, all is (again) normal in that regard.

Since MU checks for outdated apps upon launch, maybe that's related...

2. As yet, I see no consequence from deleting the ".dat.nosync022a.rOuyuR (hidden)" file. Perhaps I just haven't done anything to prompt it.

As a side note, EtreCheck did not highlight that file on my other machine that has identical applications. Perhaps I installed something on one machine and then deleted it prior to installing it on the other. Curious and curiouser...

And many thanks for your time and sharing your insight/expertise.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom