[Darek Czyż]

Witam. Jest to możliwe by np. zainfekować system maca w  taki sposób aby wirus nie był wykrywalny ? Otóż mam problem ponieważ używam do pracy remote deskopt by łączyć się z serwerem windows. I za kazdym razem psuję mi się serwer. Support twierdzi że musi przechodzić ode mnie jakiś wirus. Jest to możliwe że żaden antywirus nic nie wykrywa a taki wirus sobie spokojnie spoczywa w systemie ? 

[DanielF]

Może najpierw:

http://myapple.pl/po...z-jak-go-usunac

 

przeskanuj polecanym malwarebytes i dodatkowo zrób etrecheck i raport wklej tutaj.

Może masz wirusa na routerze, swego czasu często padały tplinki.

[Darek Czyż]

Może najpierw:

http://myapple.pl/posts/10916-zlapales-adware-a-sprawdz-jak-go-usunac

 

przeskanuj polecanym malwarebytes i dodatkowo zrób etrecheck i raport wklej tutaj.

Może masz wirusa na routerze, swego czasu często padały tplinki.

 

Malwarebytes teraz nic nie wykrył, ale jaki czas temu usunął jakies pliki. Mimo to problem był dalej. 

 

EtreCheck version: 3.3 (383)

Report generated 2017-05-15 22:53:31

Download EtreCheck from https://etrecheck.com

Runtime: 2:07

Performance: Excellent

 

Click the [Lookup] links for more information from Apple Support Communities.

Click the [Details] links for more information about that line.

Click the [Clean up] link to delete unused files.

 

Problem: Other problem

 

Hardware Information: ⓘ

    MacBook Pro (Retina, 15-inch, Mid 2015) 

    [Technical Specifications] - [User Guide] - [Warranty & Service]

    MacBook Pro - model: MacBookPro11,4

    1 2,2 GHz Intel Core i7 (i7-4770HQ) CPU: 4-core

    16 GB RAM Not upgradeable

        BANK 0/DIMM0

            8 GB DDR3 1600 MHz ok

        BANK 1/DIMM0

            8 GB DDR3 1600 MHz ok

    Bluetooth: Good - Handoff/Airdrop2 supported

    Wireless:  en0: 802.11 a/b/g/n/ac

    Battery: Health = Normal - Cycle count = 454

 

Video Information: ⓘ

    Intel Iris Pro - VRAM: 1536 MB

        Color LCD 2880 x 1800

 

System Software: ⓘ

    macOS Sierra  10.12.4 (16E195) - Time since boot: about one day 

 

Disk Information: ⓘ

    APPLE SSD SM0256G disk0 : (251 GB) (Solid State - TRIM: Yes)

    [Show SMART report]

        EFI (disk0s1 - MS-DOS FAT32) <not mounted> : 210 MB 

        Recovery HD (disk0s3 - Journaled HFS+) <not mounted>  [Recovery]: 650 MB 

        Macintosh HD (disk1 - Journaled HFS+) /  [Startup]: 249.78 GB (95.27 GB free)

            Core Storage: disk0s2 250.14 GB Online

 

USB Information: ⓘ

    Apple Inc. Apple Internal Keyboard / Trackpad 

    Broadcom Corp. Bluetooth USB Host Controller 

 

Thunderbolt Information: ⓘ

    Apple Inc. thunderbolt_bus

 

Gatekeeper: ⓘ

    Mac App Store and identified developers

 

Clean up: ⓘ

    /Library/LaunchAgents/6H4HRTU5E3.com.avast.passwords.Agent.plist

        /Library/Application Support/Avast Passwords/components/AppLifecycleAgent.bundle/Contents/MacOS/AppLifecycleAgent

        Executable not found!

    /Library/LaunchAgents/com.avast.secureline.update-agent.plist

        /Library/Application Support/AvastSecureLine/components/update/com.avast.secureline.update-agent

        Executable not found!

    /Library/LaunchAgents/com.avast.secureline.userinit.plist

        /Library/Application Support/AvastSecureLine/hub/userinit.sh

        Executable not found!

    /Library/LaunchAgents/com.avast.update-agent.plist

        /Library/Application Support/Avast/components/update/com.avast.update-agent

        Executable not found!

    /Library/LaunchAgents/com.avast.userinit.plist

        /Library/Application Support/Avast/hub/userinit.sh

        Executable not found!

    /Library/LaunchDaemons/com.avast.init.plist

        /Library/Application Support/Avast/hub/init.sh

        Executable not found!

    /Library/LaunchDaemons/com.avast.secureline.init.plist

        /Library/Application Support/AvastSecureLine/hub/init.sh

        Executable not found!

    /Library/LaunchDaemons/com.avast.secureline.uninstall.plist

        /Library/Application Support/AvastSecureLine/hub/autouninstall.sh

        Executable not found!

    /Library/LaunchDaemons/com.avast.secureline.update.plist

        /Library/Application Support/AvastSecureLine/components/update/update.sh

        Executable not found!

    /Library/LaunchDaemons/com.avast.uninstall.plist

        /Library/Application Support/Avast/hub/autouninstall.sh

        Executable not found!

    /Library/LaunchDaemons/com.avast.update.plist

        /Library/Application Support/Avast/components/update/update.sh

        Executable not found!

    ~/Library/LaunchAgents/com.lastpass.LastPassHelper.plist

        ~/Library/Application Support/LastPass/LastPassHelper.app/Contents/MacOS/LastPassHelper

        Executable not found!

    ~/Library/LaunchAgents/com.mindofwinner.plist

        /Applications/SubliminalMessages.app/Contents/MacOS/SubliminalMessages

        Executable not found!

    ~/Library/LaunchAgents/jp.co.canon.Inkjet_Extended_Survey_Agent.plist

        /Applications/Canon Utilities/Inkjet Extended Survey Program/Inkjet Extended Survey Program.app/Contents/Resources/Canon_Inkjet_Extended_Survey_Agent

        Executable not found!

    14 orphan files found. [Clean up]

 

Kernel Extensions: ⓘ

        /Library/Application Support/VirtualBox

    [loaded]    org.virtualbox.kext.VBoxDrv (5.0.10) [Lookup]

    [loaded]    org.virtualbox.kext.VBoxNetAdp (5.0.10) [Lookup]

    [loaded]    org.virtualbox.kext.VBoxNetFlt (5.0.10) [Lookup]

    [loaded]    org.virtualbox.kext.VBoxUSB (5.0.10) [Lookup]

 

        /Library/Extensions

    [loaded]    com.cyberic.SmoothMouse (1.0.10 - SDK 10.8) [Lookup]

    [not loaded]    jp.plentycom.driver.SteerMouse (4.2.6 - SDK 10.6) [Lookup]

 

System Launch Agents: ⓘ

    [not loaded]    6 Apple tasks

    [loaded]    169 Apple tasks

    [running]    107 Apple tasks

 

System Launch Daemons: ⓘ

    [not loaded]    41 Apple tasks

    [loaded]    167 Apple tasks

    [running]    110 Apple tasks

 

Launch Agents: ⓘ

    [failed]    6H4HRTU5E3.com.avast.passwords.Agent.plist (Unknown - installed 2017-05-11) [Lookup] - /Library/Application Support/Avast Passwords/components/AppLifecycleAgent.bundle/Contents/MacOS/AppLifecycleAgent: Executable not found!

    [failed]    com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2017-01-12) [Lookup]

    [running]    com.avast.secureline.update-agent.plist (Unknown - installed 2017-03-20) [Lookup] - /Library/Application Support/AvastSecureLine/components/update/com.avast.secureline.update-agent: Executable not found!

    [loaded]    com.avast.secureline.userinit.plist (Unknown - installed 2017-03-20) [Lookup] - /Library/Application Support/AvastSecureLine/hub/userinit.sh: Executable not found!

    [running]    com.avast.update-agent.plist (Unknown - installed 2017-04-22) [Lookup] - /Library/Application Support/Avast/components/update/com.avast.update-agent: Executable not found!

    [loaded]    com.avast.userinit.plist (Unknown - installed 2017-04-22) [Lookup] - /Library/Application Support/Avast/hub/userinit.sh: Executable not found!

 

Launch Daemons: ⓘ

    [loaded]    com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2017-01-12) [Lookup]

    [loaded]    com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2017-01-12) [Lookup]

    [loaded]    com.adobe.fpsaud.plist (Unknown - installed 2017-04-27) [Lookup]

    [loaded]    com.avast.init.plist (Unknown - installed 2017-04-22) [Lookup] - /Library/Application Support/Avast/hub/init.sh: Executable not found!

    [loaded]    com.avast.secureline.init.plist (Unknown - installed 2017-03-20) [Lookup] - /Library/Application Support/AvastSecureLine/hub/init.sh: Executable not found!

    [failed]    com.avast.secureline.uninstall.plist (Unknown - installed 2017-03-20) [Lookup] - /Library/Application Support/AvastSecureLine/hub/autouninstall.sh: Executable not found!

    [failed]    com.avast.secureline.update.plist (Unknown - installed 2017-03-20) [Lookup] - /Library/Application Support/AvastSecureLine/components/update/update.sh: Executable not found!

    [failed]    com.avast.uninstall.plist (Unknown - installed 2017-04-22) [Lookup] - /Library/Application Support/Avast/hub/autouninstall.sh: Executable not found!

    [failed]    com.avast.update.plist (Unknown - installed 2017-04-22) [Lookup] - /Library/Application Support/Avast/components/update/update.sh: Executable not found!

    [running]    com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2017-05-02) [Lookup]

    [loaded]    com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2015-08-15) [Lookup]

    [loaded]    jp.co.canon.MasterInstaller.plist (Canon Inc. - installed 2016-09-01) [Lookup]

    [not loaded]    org.virtualbox.startup.plist (Shell script - installed 2015-12-17) [Lookup]

 

User Launch Agents: ⓘ

    [loaded]    com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2017-05-15) [Lookup]

    [loaded]    com.google.keystone.agent.plist (Google, Inc. - installed 2017-03-29) [Lookup]

    [failed]    com.lastpass.LastPassHelper.plist (Unknown - installed 2017-04-24) [Lookup] - ~/Library/Application Support/LastPass/LastPassHelper.app/Contents/MacOS/LastPassHelper: Executable not found!

    [failed]    com.mindofwinner.plist (Unknown - installed 2017-04-26) [Lookup] - /Applications/SubliminalMessages.app/Contents/MacOS/SubliminalMessages: Executable not found!

    [loaded]    com.pia.pia_manager.plist ((null) - installed 2017-03-23)

    [running]    com.spotify.webhelper.plist (Spotify - installed 2017-04-14) [Lookup]

    [loaded]    com.valvesoftware.steamclean.plist (Unknown - installed 2016-01-28) [Lookup]

    [not loaded]    jp.co.canon.Inkjet_Extended_Survey_Agent.plist (Unknown - installed 2015-03-02) [Lookup] - /Applications/Canon Utilities/Inkjet Extended Survey Program/Inkjet Extended Survey Program.app/Contents/Resources/Canon_Inkjet_Extended_Survey_Agent: Executable not found!

 

User Login Items: ⓘ

    Magnet    program 

        (/Applications/Magnet.app)

    iTunesHelper    program  (installed 2017-03-24)

        (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)

    Caffeine    program - Hidden 

        (/Applications/Caffeine.app)

    Clipboard Guru - History and Snippet manager    program - Hidden 

        (/Applications/Clipboard Guru - History and Snippet manager.app)

    CloudApp    program - Hidden 

        (/Applications/CloudApp.app)

    Dropbox    program - Hidden 

        (/Applications/Dropbox.app)

    Evernote    program - Hidden 

        (/Applications/Evernote.app)

    Radio FM    program - Hidden 

        (/Applications/Radio FM.app)

    Lightshot Screenshot    program 

        (/Applications/Lightshot Screenshot.app)

    messenger    program 

        (/Applications/messenger.app)

    Evernote    program 

        (/Applications/Evernote.app)

    TextWrangler    program 

        (/Applications/TextWrangler.app)

    Google Chrome    program 

        (/Applications/Google Chrome.app)

 

Internet Plug-ins: ⓘ

    AdobePDFViewerNPAPI: 17.009.20044 (installed 2017-04-11) [Lookup]

    FlashPlayer-10.6: 25.0.0.171 (installed 2017-05-09) [Lookup]

    QuickTime Plugin: 7.7.3 (installed 2017-04-19)

    AdobePDFViewer: 17.009.20044 (installed 2017-04-11) [Lookup]

    Flash Player: 25.0.0.171 (installed 2017-05-09) [Lookup]

    nplastpass: 4.1.2 (installed 2017-04-24) [Lookup]

 

3rd Party Preference Panes: ⓘ

    Flash Player (installed 2017-04-27) [Lookup]

 

Time Machine: ⓘ

    Auto backup: YES

    Volumes being backed up:

        Macintosh HD: Disk size: 249.78 GB Disk used: 154.51 GB

    Destinations:

        Bez nazwy [Local] 

        Total size: 500.07 GB 

        Total number of backups: 5 

        Oldest backup: 15.04.2017, 12:56 

        Last backup: 15.04.2017, 15:45 

        Size of backup disk: Adequate

            Backup size 500.07 GB > (Disk used 154.51 GB X 3)

 

Top Processes by CPU: ⓘ

        13%   Google Chrome Helper(49)

        12%   WindowServer

        10%   mdworker(8)

         5%   Google Chrome

         5%   kernel_task

 

Top Processes by Memory: ⓘ

    4.71 GB   Google Chrome Helper(49)

    1.40 GB   kernel_task

    1.30 GB   FluidApp(2)

    344 MB    Google Chrome

    311 MB    mdworker(8)

 

Top Processes by Network Use: ⓘ

    Input     Output    Process name

    7 MB      2 MB      FluidApp

    435 KB    114 KB    mDNSResponder

    149 KB    200 KB    Dropbox

    75 KB     5 KB      com.avast.daemo

    53 KB     7 KB      netbiosd

 

Top Processes by Energy Use: ⓘ

     13.88 WindowServer

      8.20 coreaudiod

      3.40 FluidApp

      2.76 VTDecoderXPCServ

      0.78 sysmond

 

Virtual Memory Information: ⓘ

    2.92 GB   Available RAM

    50 MB     Free RAM

    13.08 GB  Used RAM

    2.87 GB   Cached files

    340 MB    Swap Used

 

Diagnostics Information: ⓘ

    2017-05-15 21:27:34    /Library/Logs/DiagnosticReports/com.securemac.MacScanDaemon_2017-05-15-212734_[redacted].cpu_resource.diag [Details]

        /Library/PrivilegedHelperTools/com.securemac.MacScanDaemon

    2017-05-14 17:00:25    ~/Library/Logs/DiagnosticReports/Easy New File Sync_2017-05-14-170025_[redacted].crash

        com.liupeng.mac.FinderMenu.FinderSync - /Applications/Easy New File.app/Contents/PlugIns/Easy New File Sync.appex/Contents/MacOS/Easy New File Sync

        Application Specific Information:

        objc_msgSend() selector name: respondsToSelector:

    2017-05-14 16:58:54    Self test - passed

 

[imrik]

Jeśli wirus wgrywa się na Windows to chyba na tej stacji coś byłoby do wykrycia. Myślę, że to raczej mydlenie oczu aczkolwiek kilka rzeczy w etrecheck wzbudza u mnie niepokój.

 

Masz sporo "śmieci" po odinstalowanym (jak mniemam) oprogramowaniu z którymi warto byłoby zrobić porządek. Avast, lastpassy, sublimemessage, coś canona.

Masz jakieś rozszerzenia które chyba mają za zadanie wpływać na działanie myszki. Jedno załadowane, drugie nie. Tak ma być?

Nie wiem co to jest pia.

Z CloudApp korzystasz? Nic mi nigdy ten program złego nie wyrządził ale kojarzy mi się z czymś co jest dorzucane w prezencie do różnych innych instalatorów, niekoniecznie w dobrych intencjach.

[Darek Czyż]

No właśnie to dziwna sprawa, że niby  ode mnie coś przechodzi na maszynę, skoro u mnie nic nie wykrywa.  Tak to stare instalki, ale raczej one nie wpływają na to. Zaraz z nimi porządek robie. Od myszki było wcześniej ale to problemu nie powodowało.  Sam nie wiem co to Pia, jak to sprawdzić i usunąć ? 

Przyznam się ze raz zdarzyło mi się zainstalowac apke z piratebay bo potrzebowałem na chwilę ale od razu ją usunąłem, więc problemu nie powinno być. Nie z CloudApp nie korzystałem. 

[cronopioverde]

 […] Sam nie wiem co to Pia, jak to sprawdzić i usunąć? […]

 

https://pol.privateinternetaccess.com
https://discussions....art=15&tstart=0

 

[…] Przyznam się ze raz zdarzyło mi się zainstalowac apke z piratebay bo potrzebowałem na chwilę ale od razu ją usunąłem, więc problemu nie powinno być. […]

 

Na tym forum „piractwo” nie jest mile widziane – zaznaczam tylko.

[Darek Czyż]

https://pol.privateinternetaccess.com
https://discussions.apple.com/thread/6489003?start=15&tstart=0

 

 

Na tym forum „piractwo” nie jest mile widziane – zaznaczam tylko.

Na testy tylko patrzałem. Zostaję przy legalu na mac. Ogólnie zrobiłem reinstal. Czekam na serwer i zobaczymy czy problem zniknął. Jeśli to to znaczy że był wirus.