Adware

Mac OS X e le sue Applicazioni

Moderatore: ModiMaccanici

Avatar utente
corsaronero
Stato: Non connesso
Apprendista Maccanico
Apprendista Maccanico
Avatar utente
Iscritto il: mar, 03 feb 2015 01:34
Messaggi: 54

Top

Salve. Anche io, dopo decenni di utilizzo privo di ogni problema anche lontanamente assimilabile a quello in oggetto, mi sono beccato un adware. Non saprei come, poiché il computer è stato utilizzato anche da altri persone in casa negli ultimi giorni, ma che non conoscono la password di amministratore. Il problema si riscontra con Safari, non ho avuto tempo di verificare se anche con altri browser. In maniera del tutto random, dirotta la mia navigazione su pagine e siti pubblicitari, pop up di concorsi vinti, e altri diversivi affini. Non è frequentissimo, ma avviene. Qualcosa c'è e non l'ho individuata.

Posto lo scan di Etrecheck qui di seguito, avvisandovi che il file host è modificato con quello di Faxus da un altro topic simile.

Codice: Seleziona tutto

EtreCheck version: 3.4.7 (461)
Report generated 2018-09-14 09:51:17
Download EtreCheck from https://etrecheck.com
Runtime: 2:20
Performance: Excellent

Click the [Lookup] links for more information from Apple Support Communities.
Click the [Details] links for more information about that line.

Problem: Other problem
Description:
adware search

Hardware Information: ⓘ
    MacBook Pro (17-inch, Mid 2009) 
    [Technical Specifications] - [User Guide] - [Warranty & Service]
    MacBook Pro - model: MacBookPro5,2
    1 2,8 GHz Intel Core 2 Duo (Duo) CPU: 2-core
    8 GB RAM Upgradeable - [Instructions]
        BANK 0/DIMM0
            4 GB DDR3 1067 MHz ok
        BANK 1/DIMM0
            4 GB DDR3 1067 MHz ok
    Handoff/Airdrop2: not supported
    Wireless:  en1: 802.11 a/b/g/n
    Battery: Health = Normal - Cycle count = 309

Video Information: ⓘ
    NVIDIA GeForce 9600M GT - VRAM: 512 MB
    NVIDIA GeForce 9400M - VRAM: 256 MB
        Color LCD 1920 x 1200

Disk Information: ⓘ
    OCZ-VERTEX2 disk0: (480,1 GB) (Solid State - TRIM: Yes)
    [Show SMART report]
        (disk0s1) <not mounted>  [EFI]: 210 MB
        Macintosh SSD (disk0s2 - Journaled HFS+) /  [Startup]: 444.25 GB (108.72 GB free)
        (disk0s3) <not mounted>  [Recovery]: 650 MB
        BOOTCAMP (disk0s4 - NTFS) /Volumes/BOOTCAMP : 35.00 GB (1.08 GB free)

    HL-DT-ST DVDRW  GS21N  ()

USB Information: ⓘ
     USB20Bus 
        Apple Inc. Built-in iSight 
     USB20Bus 
        Sony UMH-U09 
     USB20Bus 
         hub_device 
     USBBus 
        Apple Inc. BRCM2046 Hub 
            Apple Inc. Bluetooth USB Host Controller 
     USBBus 
        Apple, Inc. Apple Internal Keyboard / Trackpad 
        Apple Computer, Inc. IR Receiver 

System Software: ⓘ
    OS X El Capitan 10.11.6 (15G22010) - Time since boot: about 7 hours

Configuration files: ⓘ
    /etc/hosts - Count: 28

Gatekeeper: ⓘ
    Mac App Store and identified developers

Kernel Extensions: ⓘ
        /Applications/Toast 15 Titanium/Toast Audio Assistant.app
    [loaded]    com.Cycling74.driver.Soundflower (1.6.7 - SDK 10.7) [Lookup]

        /Applications/VMware Fusion.app
    [not loaded]    com.vmware.kext.vmci (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vmioplug.14.1.3 (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vmnet (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vmx86 (7.1.1) [Lookup]
    [not loaded]    com.vmware.kext.vsockets (7.1.1) [Lookup]

        /Library/Extensions
    [loaded]    at.obdev.nke.LittleSnitch (3.7.2 - SDK 10.11) [Lookup]
    [not loaded]    com.mbbecm.driver.MBBDataCardEcmDriver (5.00.00.00 - SDK 10.8) [Lookup]
    [not loaded]    com.zte.driver.cdc_ecm_qmi (1.4.1 - SDK 10.9) [Lookup]
    [not loaded]    com.zte.driver.cdc_usb_bus (1.4.1 - SDK 10.9) [Lookup]
    [loaded]    tl.uds.netusb.controller (2.07 - SDK 10.9) [Lookup]

        /Library/Extensions/HuaweiDataCardDriver_10_9.kext/Contents/PlugIns
    [not loaded]    com.MBB.driver.MBBACMData (5.01.01.00 - SDK 10.8) [Lookup]
    [not loaded]    com.MBB.driver.MBBActivateDriver (5.01.00 - SDK 10.8) [Lookup]
    [not loaded]    com.MBB.driver.MBBEthernetData (5.01.01.00 - SDK 10.8) [Lookup]

        /Library/Extensions/MBBDataCardECMDriver_10_9.kext/Contents/PlugIns
    [not loaded]    com.mbbApp.driver.MBBAppUSBCDCECMControl (4.2.1 - SDK 10.8) [Lookup]
    [not loaded]    com.mbbApp.driver.MBBAppUSBCDCECMData (4.2.1 - SDK 10.8) [Lookup]

        /System/Library/Extensions
    [not loaded]    com.joshuawise.kexts.HoRNDIS (6 - SDK 10.6) [Lookup]
    [not loaded]    com.novamedia.driver.IceraUSB_MSD_Bypass (NM Icera bypass V1.0) [Lookup]
    [not loaded]    com.option.driver.Option72 (2.15.0) [Lookup]
    [not loaded]    com.option.driver.OptionHS (3.26.0) [Lookup]
    [not loaded]    com.option.driver.OptionMSD (1.21.0) [Lookup]
    [not loaded]    com.option.driver.OptionQC (1.11.0) [Lookup]
    [not loaded]    com.vodafone.driver (v3.0.9 (017)) [Lookup]

        /System/Library/Extensions/Vodafone.kext/Contents/Plugins
    [not loaded]    com.vodafone.driver.Data (v3.0.9 (017)) [Lookup]

        ~/Library/Services/ToastIt.service/Contents/MacOS
    [not loaded]    com.roxio.TDIXController (2.0) [Lookup]

System Launch Agents: ⓘ
    [not loaded]    8 Apple tasks
    [loaded]    163 Apple tasks
    [running]    70 Apple tasks

System Launch Daemons: ⓘ
    [running]    de.novamedia.nmnetmgrd.plist (? bae95d1d 63659af0 - installed 2015-01-29) [Lookup]
    [not loaded]    47 Apple tasks
    [loaded]    163 Apple tasks
    [running]    82 Apple tasks

Launch Agents: ⓘ
    [running]    at.obdev.LittleSnitchUIAgent.plist (Objective Development Software GmbH - installed 2017-03-14) [Lookup]
    [not loaded]    com.adobe.AAM.Updater-1.0.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [failed]    com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [running]    com.bjango.istatmenusagent.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [running]    com.bjango.istatmenusnotifications.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [running]    com.bjango.istatmenusstatus.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [loaded]    com.oracle.java.Java-Updater.plist (? 6ffd2063 cfab4de1 - installed 2018-07-21) [Lookup]

Launch Daemons: ⓘ
    [running]    at.obdev.littlesnitchd.plist (? 4ffc17c9 9d6cf7ed - installed 2017-03-14) [Lookup]
    [loaded]    com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [loaded]    com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2017-08-29) [Lookup]
    [loaded]    com.adobe.SwitchBoard.plist (? 856489a3 0 - installed 2015-01-29) [Lookup]
    [running]    com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2017-08-16) [Lookup]
    [loaded]    com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2018-08-27) [Lookup]
    [running]    com.bjango.istatmenusdaemon.plist (Bjango Pty Ltd - installed 2018-07-24) [Lookup]
    [loaded]    com.bombich.ccchelper.plist (? 759e1812 4617ba95 - installed 2016-10-25) [Lookup]
    [loaded]    com.cocoatech.pathfinder.SMFHelper7.plist (Dragan Milic - installed 2017-04-10) [Lookup]
    [not loaded]    com.microsoft.OneDriveUpdaterDaemon.plist (? 0 ? - installed 2018-07-23) [Lookup]
    [loaded]    com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2018-07-23) [Lookup]
    [loaded]    com.microsoft.office.licensing.helper.plist (? 6d8cb30e afb3bef0 - installed 2010-09-23) [Lookup]
    [loaded]    com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2018-07-10) [Lookup]
    [loaded]    com.nordvpn.osx.helper.plist (? ? ? - installed 2018-06-11) [Lookup]
    [loaded]    com.oracle.java.Helper-Tool.plist (Shell Script e3fefdd2 - installed 2018-07-07) [Lookup]

User Launch Agents: ⓘ
    [loaded]    com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2018-08-21) [Lookup]
    [loaded]    com.google.keystone.agent.plist (Google, Inc. - installed 2018-07-10) [Lookup]
    [running]    com.spotify.webhelper.plist (Spotify - installed 2018-08-22) [Lookup]

User Login Items: ⓘ
    gfxCardStatus    Applicazione - Hidden 
        (/Applications/Utilities/gfxCardStatus.app)
    Path Finder    Applicazione - Hidden 
        (/Applications/Path Finder.app)
    SpeechSynthesisServer    Applicazione - Hidden 
        (/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesisServer.app)
    Dropbox    Applicazione - Hidden 
        (/Applications/Dropbox.app)

Internet Plug-ins: ⓘ
    Default Browser: 601 (installed 2016-07-26)
    AdobeExManDetect: AdobeExManDetect 1.1.0.0 (installed 2015-01-29) [Lookup]
    AdobeAAMDetect: AdobeAAMDetect 1.0.0.0 (installed 2017-08-16) [Lookup]
    AdobePDFViewerNPAPI: 17.012.20098 (installed 2017-08-29) [Lookup]
    FlashPlayer-10.6: 31.0.0.108 (installed 2018-09-14) [Lookup]
    Silverlight: 5.1.50709.0 (installed 2016-09-16) [Lookup]
    QuickTime Plugin: 7.7.3 (installed 2018-07-10)
    Flash Player: 31.0.0.108 (installed 2018-09-14) [Lookup]
    PepperFlashPlayer: 31.0.0.108 (installed 2018-09-11) [Lookup]
    SharePointBrowserPlugin: 14.5.7 (installed 2015-10-29) [Lookup]
    AdobePDFViewer: 17.012.20098 (installed 2017-08-29) [Lookup]
    JavaAppletPlugin: Java 8 Update 181 build 13 (installed 2018-07-21) Check version

User internet Plug-ins: ⓘ
    WebEx64: 1.0 (installed 2015-03-27) [Lookup]

Safari Extensions: ⓘ
    [not loaded]    Grammarly for Safari - Grammarly - https://www.grammarly.com (installed 2017-05-22)

3rd Party Preference Panes: ⓘ
    Flash Player (installed 2018-08-27) [Lookup]
    Java (installed 2018-07-21) [Lookup]
    TeXDistPrefPane (installed 2015-01-29) [Lookup]
    Tuxera NTFS (installed 2015-03-20) [Lookup]

Time Machine: ⓘ
    Time Machine not configured!

Top Processes by CPU: ⓘ
        11%   	kernel_task
         3%   	WindowServer
         1%   	iStat Menus Status
         1%   	Little Snitch Agent
         0%   	authd

Top Processes by Memory: ⓘ
    804 MB    	kernel_task
    185 MB    	mds_stores
    177 MB    	Dropbox
    120 MB    	Path Finder
    89 MB     	WindowServer

Top Processes by Energy Use: ⓘ
     24.40	iStat Menus Status
      3.42	WindowServer
      0.40	Little Snitch Agent
      0.08	Little Snitch Network Monitor

Virtual Memory Information: ⓘ
    5.16 GB   	Available RAM
    3.35 GB   	Free RAM
    2.84 GB   	Used RAM
    1.81 GB   	Cached files
    0 B       	Swap Used

Software installs (last 30 days): ⓘ
    Adobe Pepper Flash Player:  (installed 2018-08-20)
    Adobe Flash Player:  (installed 2018-08-20)
    Adobe Pepper Flash Player:  (installed 2018-09-11)
    Adobe Flash Player:  (installed 2018-09-14)
    Adobe Flash Player:  (installed 2018-09-14)

    Install information may not be complete.

Avatar utente
faxus
Stato: Non connesso
Pro-Expert 
Pro-Expert 
Avatar utente
Iscritto il: lun, 02 giu 2014 15:12
Messaggi: 30459
Località: Circondato dalle bufale

Top

Contatta:
Non vedo adware...

Forse è una cosa di Safari.
Una modifica di impostazioni o qualcosa di simile.

Prova così:
1) Preferenze di Sistema, pannello iCloud, sincronizza Safari
2) Chiudi Safari
3) Apri Terminale, esegui, copiando ed incollando sulla sua finestra aperta e dando poi accapo

Codice: Seleziona tutto

rm -rf ~/Library/Safari/;rm -rf ~/Library/Saved\ Application\ State/com.apple.Safari*;rm -rf ~/Library/Caches/com.apple.Safari*;rm -rf ~/Library/Cookies/com.apple.Safari*;rm -rf ~/Library/Preferences/com.apple.Safari*
Scrivi exit, accapo, cmd+Q per uscire correttamente da Terminale
4) Apri Safari.
5) Preferenze di Sistema, pannello iCloud, desincronizza Safari poi sincronizza Safari
Ultima modifica di faxus il ven, 14 set 2018 16:53, modificato 1 volta in totale.

Avatar utente
corsaronero
Stato: Non connesso
Apprendista Maccanico
Apprendista Maccanico
Avatar utente
Iscritto il: mar, 03 feb 2015 01:34
Messaggi: 54

Top

Scusa Faxus, mi sfugge un passaggio:
4) Installa Safari dal dmg.

Avatar utente
faxus
Stato: Non connesso
Pro-Expert 
Pro-Expert 
Avatar utente
Iscritto il: lun, 02 giu 2014 15:12
Messaggi: 30459
Località: Circondato dalle bufale

Top

Contatta:
corsaronero ha scritto:
ven, 14 set 2018 16:40
Scusa Faxus, mi sfugge un passaggio...
Oops... Sfugge anche a me...

Una copiatura sbagliata, ho risistemato.
Non c'è nessun punto come indicato.

Vedi adesso, devi solo riaprire Safari

Avatar utente
corsaronero
Stato: Non connesso
Apprendista Maccanico
Apprendista Maccanico
Avatar utente
Iscritto il: mar, 03 feb 2015 01:34
Messaggi: 54

Top

OK, grazie. Riprendo ad usarlo normalmente; se continuano a capitare cose strane... vi faccio sapere

Rispondi

Torna a “Software”

Chi c’è in linea

Visitano il forum: Ahrefs [Bot], giammyboy e 3 ospiti