Adware

Mac OS X e le sue Applicazioni

Moderatore: ModiMaccanici

Rispondi
corsaronero
Apprendista Maccanico
Apprendista Maccanico
Avatar utente
Iscritto il: mar, 03 feb 2015 01:34
Messaggi: 50
Oggetto del messaggio: Adware

Messaggio Inviato: ven, 14 set 2018 16:13

Salve. Anche io, dopo decenni di utilizzo privo di ogni problema anche lontanamente assimilabile a quello in oggetto, mi sono beccato un adware. Non saprei come, poiché il computer è stato utilizzato anche da altri persone in casa negli ultimi giorni, ma che non conoscono la password di amministratore. Il problema si riscontra con Safari, non ho avuto tempo di verificare se anche con altri browser. In maniera del tutto random, dirotta la mia navigazione su pagine e siti pubblicitari, pop up di concorsi vinti, e altri diversivi affini. Non è frequentissimo, ma avviene. Qualcosa c'è e non l'ho individuata.

Posto lo scan di Etrecheck qui di seguito, avvisandovi che il file host è modificato con quello di Faxus da un altro topic simile.

Codice: Seleziona tutto

EtreCheck version: 3.4.7 (461)
Report generated 2018-09-14 09:51:17
Download EtreCheck from https://etrecheck.com
Runtime: 2:20
Performance: Excellent

Click the [Lookup] links for more information from Apple Support Communities.
Click the [Details] links for more information about that line.

Problem: Other problem
Description:
adware search

Hardware Information: ⓘ
    MacBook Pro (17-inch, Mid 2009) 
    [Technical Specifications] - [User Guide] - [Warranty & Service]
    MacBook Pro - model: MacBookPro5,2
    1 2,8 GHz Intel Core 2 Duo (Duo) CPU: 2-core
    8 GB RAM Upgradeable - [Instructions]
        BANK 0/DIMM0
            4 GB DDR3 1067 MHz ok
        BANK 1/DIMM0
            4 GB DDR3 1067 MHz ok
    Handoff/Airdrop2: not supported
    Wireless:  en1: 802.11 a/b/g/n
    Battery: Health = Normal - Cycle count = 309

Video Information: ⓘ
    NVIDIA GeForce 9600M GT - VRAM: 512 MB
    NVIDIA GeForce 9400M - VRAM: 256 MB
        Color LCD 1920 x 1200

Disk Information: ⓘ
    OCZ-VERTEX2 disk0: (480,1 GB) (Solid State - TRIM: Yes)
    [Show SMART report]
        (disk0s1) <not mounted>  [EFI]: 210 MB
        Macintosh SSD (disk0s2 - Journaled HFS+) /  [Startup]: 444.25 GB (108.72 GB free)
        (disk0s3) <not mounted>  [Recovery]: 650 MB
        BOOTCAMP (disk0s4 - NTFS) /Volumes/BOOTCAMP : 35.00 GB (1.08 GB free)

    HL-DT-ST DVDRW  GS21N  ()

USB Information: ⓘ
     USB20Bus 
        Apple Inc. Built-in iSight 
     USB20Bus 
        Sony UMH-U09 
     USB20Bus 
         hub_device 
     USBBus 
        Apple Inc. BRCM2046 Hub 
            Apple Inc. Bluetooth USB Host Controller 
     USBBus 
        Apple, Inc. Apple Internal Keyboard / Trackpad 
        Apple Computer, Inc. IR Receiver 

System Software: ⓘ
    OS X El Capitan 10.11.6 (15G22010) - Time since boot: about 7 hours

Configuration files: ⓘ
    /etc/hosts - Count: 28

Gatekeeper: ⓘ
    Mac App Store and identified developers

Kernel Extensions: ⓘ
        /Applications/Toast 15 Titanium/Toast Audio Assistant.app
    [loaded]    com.Cycling74.driver.Soundflower (1.6.7 - SDK 10.7) [Lookup]

        /Applications/VMware Fusion.app
    [not loaded]    com.vmware.kext.vmci (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vmioplug.14.1.3 (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vmnet (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vmx86 (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vsockets (7.1.1) [Lookup]

        /Library/Extensions
    [loaded]    at.obdev.nke.LittleSnitch (3.7.2 - SDK 10.11) [Lookup]
    [not loaded]    com.mbbecm.driver.MBBDataCardEcmDriver (5.00.00.00 - SDK 10.8) [Lookup]
    [not loaded]    com.zte.driver.cdc_ecm_qmi (1.4.1 - SDK 10.9) [Lookup]
    [not loaded]    com.zte.driver.cdc_usb_bus (1.4.1 - SDK 10.9) [Lookup]
    [loaded]    tl.uds.netusb.controller (2.07 - SDK 10.9) [Lookup]

        /Library/Extensions/HuaweiDataCardDriver_10_9.kext/Contents/PlugIns
    [not loaded]    com.MBB.driver.MBBACMData (5.01.01.00 - SDK 10.8) [Lookup]
    [not loaded]    com.MBB.driver.MBBActivateDriver (5.01.00 - SDK 10.8) [Lookup]
    [not loaded]    com.MBB.driver.MBBEthernetData (5.01.01.00 - SDK 10.8) [Lookup]

        /Library/Extensions/MBBDataCardECMDriver_10_9.kext/Contents/PlugIns
    [not loaded]    com.mbbApp.driver.MBBAppUSBCDCECMControl (4.2.1 - SDK 10.8) [Lookup]
    [not loaded]    com.mbbApp.driver.MBBAppUSBCDCECMData (4.2.1 - SDK 10.8) [Lookup]

        /System/Library/Extensions
    [not loaded]    com.joshuawise.kexts.HoRNDIS (6 - SDK 10.6) [Lookup]
    [not loaded]    com.novamedia.driver.IceraUSB_MSD_Bypass (NM Icera bypass V1.0) [Lookup]
    [not loaded]    com.option.driver.Option72 (2.15.0) [Lookup]
    [not loaded]    com.option.driver.OptionHS (3.26.0) [Lookup]
    [not loaded]    com.option.driver.OptionMSD (1.21.0) [Lookup]
    [not loaded]    com.option.driver.OptionQC (1.11.0) [Lookup]
    [not loaded]    com.vodafone.driver (v3.0.9 (017)) [Lookup]

        /System/Library/Extensions/Vodafone.kext/Contents/Plugins
    [not loaded]    com.vodafone.driver.Data (v3.0.9 (017)) [Lookup]

        ~/Library/Services/ToastIt.service/Contents/MacOS
    [not loaded]    com.roxio.TDIXController (2.0) [Lookup]

System Launch Agents: ⓘ
    [not loaded]    8 Apple tasks
    [loaded]    163 Apple tasks
    [running]    70 Apple tasks

System Launch Daemons: ⓘ
    [running]    de.novamedia.nmnetmgrd.plist (? bae95d1d 63659af0 - installed 2015-01-29) [Lookup]
    [not loaded]    47 Apple tasks
    [loaded]    163 Apple tasks
    [running]    82 Apple tasks

Launch Agents: ⓘ
    [running]    at.obdev.LittleSnitchUIAgent.plist (Objective Development Software GmbH - installed 2017-03-14) [Lookup]
    [not loaded]    com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [failed]    com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [running]    com.bjango.istatmenusagent.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [running]    com.bjango.istatmenusnotifications.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [running]    com.bjango.istatmenusstatus.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [loaded]    com.oracle.java.Java-Updater.plist (? 6ffd2063 cfab4de1 - installed 2018-07-21) [Lookup]

Launch Daemons: ⓘ
    [running]    at.obdev.littlesnitchd.plist (? 4ffc17c9 9d6cf7ed - installed 2017-03-14) [Lookup]
    [loaded]    com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [loaded]    com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [loaded]    com.adobe.SwitchBoard.plist (? 856489a3 0 - installed 2015-01-29) [Lookup]
    [running]    com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-08-16) [Lookup]
    [loaded]    com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2018-08-27) [Lookup]
    [running]    com.bjango.istatmenusdaemon.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [loaded]    com.bombich.ccchelper.plist (? 759e1812 4617ba95 - installed 2016-10-25) [Lookup]
    [loaded]    com.cocoatech.pathfinder.SMFHelper7.plist (Dragan Milic - installed 2017-04-10) [Lookup]
    [not loaded]    com.microsoft.OneDriveUpdaterDaemon.plist (? 0 ? - installed 2018-07-23) [Lookup]
    [loaded]    com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2018-07-23) [Lookup]
    [loaded]    com.microsoft.office.licensing.helper.plist (? 6d8cb30e afb3bef0 - installed 2010-09-23) [Lookup]
    [loaded]    com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2018-07-10) [Lookup]
    [loaded]    com.nordvpn.osx.helper.plist (? ? ? - installed 2018-06-11) [Lookup]
    [loaded]    com.oracle.java.Helper-Tool.plist (Shell Script e3fefdd2 - installed 2018-07-07) [Lookup]

User Launch Agents: ⓘ
    [loaded]    com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2018-08-21) [Lookup]
    [loaded]    com.google.keystone.agent.plist (Google, Inc. - installed 2018-07-10) [Lookup]
    [running]    com.spotify.webhelper.plist (Spotify - installed 2018-08-22) [Lookup]

User Login Items: ⓘ
    gfxCardStatus    Applicazione - Hidden 
        (/Applications/Utilities/gfxCardStatus.app)
    Path Finder    Applicazione - Hidden 
        (/Applications/Path Finder.app)
    SpeechSynthesisServer    Applicazione - Hidden 
        (/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesisServer.app)
    Dropbox    Applicazione - Hidden 
        (/Applications/Dropbox.app)

Internet Plug-ins: ⓘ
    Default Browser: 601 (installed 2016-07-26)
    AdobeExManDetect: AdobeExManDetect 1.1.0.0 (installed 2015-01-29) [Lookup]
    AdobeAAMDetect: AdobeAAMDetect 1.0.0.0 (installed 2017-08-16) [Lookup]
    AdobePDFViewerNPAPI: 17.012.20098 (installed 2017-08-29) [Lookup]
    FlashPlayer-10.6: 31.0.0.108 (installed 2018-09-14) [Lookup]
    Silverlight: 5.1.50709.0 (installed 2016-09-16) [Lookup]
    QuickTime Plugin: 7.7.3 (installed 2018-07-10)
    Flash Player: 31.0.0.108 (installed 2018-09-14) [Lookup]
    PepperFlashPlayer: 31.0.0.108 (installed 2018-09-11) [Lookup]
    SharePointBrowserPlugin: 14.5.7 (installed 2015-10-29) [Lookup]
    AdobePDFViewer: 17.012.20098 (installed 2017-08-29) [Lookup]
    JavaAppletPlugin: Java 8 Update 181 build 13 (installed 2018-07-21) Check version

User internet Plug-ins: ⓘ
    WebEx64: 1.0 (installed 2015-03-27) [Lookup]

Safari Extensions: ⓘ
    [not loaded]    Grammarly for Safari - Grammarly - https://www.grammarly.com (installed 2017-05-22)

3rd Party Preference Panes: ⓘ
    Flash Player (installed 2018-08-27) [Lookup]
    Java (installed 2018-07-21) [Lookup]
    TeXDistPrefPane (installed 2015-01-29) [Lookup]
    Tuxera NTFS (installed 2015-03-20) [Lookup]

Time Machine: ⓘ
    Time Machine not configured!

Top Processes by CPU: ⓘ
        11%   	kernel_task
         3%   	WindowServer
         1%   	iStat Menus Status
         1%   	Little Snitch Agent
         0%   	authd

Top Processes by Memory: ⓘ
    804 MB    	kernel_task
    185 MB    	mds_stores
    177 MB    	Dropbox
    120 MB    	Path Finder
    89 MB     	WindowServer

Top Processes by Energy Use: ⓘ
     24.40	iStat Menus Status
      3.42	WindowServer
      0.40	Little Snitch Agent
      0.08	Little Snitch Network Monitor

Virtual Memory Information: ⓘ
    5.16 GB   	Available RAM
    3.35 GB   	Free RAM
    2.84 GB   	Used RAM
    1.81 GB   	Cached files
    0 B       	Swap Used

Software installs (last 30 days): ⓘ
    Adobe Pepper Flash Player:  (installed 2018-08-20)
    Adobe Flash Player:  (installed 2018-08-20)
    Adobe Pepper Flash Player:  (installed 2018-09-11)
    Adobe Flash Player:  (installed 2018-09-14)
    Adobe Flash Player:  (installed 2018-09-14)

    Install information may not be complete.
faxus
Pro-Expert 
Pro-Expert 
Avatar utente
Iscritto il: lun, 02 giu 2014 15:12
Messaggi: 24950
Località: Due Sicilie
Contatta:

Top

Oggetto del messaggio: Re: Adware

Messaggio Inviato: ven, 14 set 2018 16:28

Non vedo adware...

Forse è una cosa di Safari.
Una modifica di impostazioni o qualcosa di simile.

Prova così:
1) Preferenze di Sistema, pannello iCloud, sincronizza Safari
2) Chiudi Safari
3) Apri Terminale, esegui, copiando ed incollando sulla sua finestra aperta e dando poi accapo

Codice: Seleziona tutto

rm -rf ~/Library/Safari/;rm -rf ~/Library/Saved\ Application\ State/com.apple.Safari*;rm -rf ~/Library/Caches/com.apple.Safari*;rm -rf ~/Library/Cookies/com.apple.Safari*;rm -rf ~/Library/Preferences/com.apple.Safari*
Scrivi exit, accapo, cmd+Q per uscire correttamente da Terminale
4) Apri Safari.
5) Preferenze di Sistema, pannello iCloud, desincronizza Safari poi sincronizza Safari
Ultima modifica di faxus il ven, 14 set 2018 16:53, modificato 1 volta in totale.
corsaronero
Apprendista Maccanico
Apprendista Maccanico
Avatar utente
Iscritto il: mar, 03 feb 2015 01:34
Messaggi: 50
Oggetto del messaggio: Re: Adware

Messaggio Inviato: ven, 14 set 2018 16:40

Scusa Faxus, mi sfugge un passaggio:
4) Installa Safari dal dmg.
faxus
Pro-Expert 
Pro-Expert 
Avatar utente
Iscritto il: lun, 02 giu 2014 15:12
Messaggi: 24950
Località: Due Sicilie
Contatta:

Top

Oggetto del messaggio: Re: Adware

Messaggio Inviato: ven, 14 set 2018 16:56

corsaronero ha scritto:
ven, 14 set 2018 16:40
Scusa Faxus, mi sfugge un passaggio...
Oops... Sfugge anche a me...

Una copiatura sbagliata, ho risistemato.
Non c'è nessun punto come indicato.

Vedi adesso, devi solo riaprire Safari
corsaronero
Apprendista Maccanico
Apprendista Maccanico
Avatar utente
Iscritto il: mar, 03 feb 2015 01:34
Messaggi: 50
Oggetto del messaggio: Re: Adware

Messaggio Inviato: ven, 14 set 2018 17:31

OK, grazie. Riprendo ad usarlo normalmente; se continuano a capitare cose strane... vi faccio sapere
Rispondi