10 berichten aan het bekijken - 1 tot 10 (van in totaal 10)
  • Q:
    Bijdrager
    Jdee25

    malware probleem

    Hallo iedereen,

    Ik heb een vraag over adware/malware. Sinds een week krijg ik steeds popups in mijn browser (chrome en safari). Na wat onderzoek blijkt het te gaan om ssp.fwrdy.com malware.

    Ik heb wat research gedaan en wat anti malware programma’s gedownload en geprobeerd, maar geen enkele kan het probleem oplossen. Als ik de browsers reset naar hun standaardwaarden zijn de popups even weg. Maar naar een half uur ongeveer is het probleem er weer.

    Heeft iemand hier nog een andere oplossing voor toevallig?

    Mijn dank is groot!

    Jimmy

    Bijdrager
    fred44nl

    heb je ook Malwarebytes geprobeerd ??

    https://nl.malwarebytes.com

    misschien heb je hier ook nog iets aan:

    ssp.fwrdy.com Virus Removal for Mac

    Bijdrager
    Jdee25

    Hi Fred,

    Dankjewel voor je berichtje. Malwarebytes heb ik geprobeerd, die geeft aan niks te kunnen vinden.

    Groetjes,

    Jimmy

    Bijdrager
    TheBigZ

    Als je een EtreCheck report plaatst, kunnen we zien wat je verder nog geinstalleerd hebt aan mogelijke malware.

    https://etrecheck.com/

    Sleutelbeheerder
    Night
    Bijdrager
    Jdee25

    Thanks. Hieronder het rapport!

    EtreCheck version: 3.4.4 (448)
    Report generated 2017-09-17 14:13:26
    Download EtreCheck from https://etrecheck.com
    Runtime: 1:52
    Performance: Excellent

    Click the [Lookup] links for more information from Apple Support Communities.
    Click the [Details] links for more information about that line.
    Click the [Remove/Report] links to remove adware or update the whitelist of legitimate software.

    Problem: Other problem
    Description:
    adware

    Hardware Information: ⓘ
    iMac (21.5-inch, Mid 2011)
    [Technical Specifications] – [User Guide] – [Warranty & Service]
    iMac – model: iMac12,1
    1 2,7 GHz Intel Core i5 (i5-2500S) CPU: 4-core
    8 GB RAM Upgradeable – [Instructions]
    BANK 0/DIMM0
    2 GB DDR3 1333 MHz ok
    BANK 1/DIMM0
    2 GB DDR3 1333 MHz ok
    BANK 0/DIMM1
    2 GB DDR3 1333 MHz ok
    BANK 1/DIMM1
    2 GB DDR3 1333 MHz ok
    Handoff/Airdrop2: not supported
    Wireless: en1: 802.11 a/b/g/n
    iCloud Quota: 1.15 GB available

    Video Information: ⓘ
    AMD Radeon HD 6770M – VRAM: 512 MB
    iMac 1920 x 1080

    Disk Information: ⓘ
    WDC WD1001FALS-403AA0 disk0: (1 TB) (Rotational)
    [Show SMART report]
    EFI (disk0s1 – MS-DOS FAT32) <not mounted> [EFI]: 210 MB
    1 TB (disk0s2 – Journaled HFS+) /Volumes/1 TB : 999.35 GB (976.20 GB free)
    Recovery HD (disk0s3 – Journaled HFS+) <not mounted> [Recovery]: 650 MB

    Samsung SSD 840 EVO 120GB disk1: (120,03 GB) (Solid State – TRIM: No)
    [Show SMART report]
    EFI (disk1s1 – MS-DOS FAT32) <not mounted> [EFI]: 210 MB
    Macintosh HD (disk1s2 – Journaled HFS+) / [Startup]: 119.17 GB (49.79 GB free)
    Recovery HD (disk1s3 – Journaled HFS+) <not mounted> [Recovery]: 650 MB

    USB Information: ⓘ
    USB20Bus
    Apple Inc. FaceTime HD Camera (Built-in)
    hub_device
    JMicron USB to ATA/ATAPI bridge
    MK5065GSXF disk2: (500,11 GB)
    EFI (disk2s1 – MS-DOS FAT32) <not mounted> [EFI]: 210 MB
    TV HD (disk2s2 – ExFAT) /Volumes/TV HD : 499.76 GB (314.91 GB free)
    Apple Inc. BRCM2046 Hub
    Apple Inc. Bluetooth USB Host Controller
    USB20Bus
    hub_device
    Apple, Inc. Keyboard Hub
    Apple, Inc Apple Keyboard
    Apple Computer, Inc. IR Receiver
    Apple Card Reader

    Thunderbolt Information: ⓘ
    Apple Inc. thunderbolt_bus

    System Software: ⓘ
    macOS Sierra 10.12.6 (16G29) – Time since boot: about 9 days

    Gatekeeper: ⓘ
    Mac App Store and identified developers

    Possible adware: ⓘ
    Unknown file: ~/Library/LaunchAgents/com.iobit.MacBoosterMini5.plist
    /Applications/MacBooster 5.app/Contents/Resources/MacBoosterMini.app/Contents/MacOS/MacboosterMini
    One possible adware file found. [Remove/Report]

    Kernel Extensions: ⓘ
    /Library/Extensions
    [loaded] com.malwarebytes.mbam.rtprotection (3.0 – SDK 10.12) [Lookup]
    [loaded] de.rme-audio.driver.RMEFirefaceUSB (3.03 – SDK 10.11) [Lookup]

    System Launch Agents: ⓘ
    [not loaded] 8 Apple tasks
    [loaded] 166 Apple tasks
    [running] 99 Apple tasks
    [killed] 9 Apple tasks
    9 processes killed due to insufficient RAM

    System Launch Daemons: ⓘ
    [not loaded] 42 Apple tasks
    [loaded] 166 Apple tasks
    [running] 96 Apple tasks
    [killed] 12 Apple tasks
    12 processes killed due to insufficient RAM

    Launch Agents: ⓘ
    [running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation – installed 2017-09-17) [Lookup]
    [running] de.rme-audio.RMEfirefaceUSBAgent.plist (? 2aa8da5a 72c638ae – installed 2017-06-30) [Lookup]

    Launch Daemons: ⓘ
    [running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation – installed 2017-09-17) [Lookup]
    [running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation – installed 2017-09-17) [Lookup]

    User Launch Agents: ⓘ
    [loaded] com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. – installed 2017-09-04) [Lookup]
    [loaded] com.google.keystone.agent.plist (Google, Inc. – installed 2017-09-04) [Lookup]
    [not loaded] com.iobit.MacBoosterMini5.plist (? 243249e e94b514c – installed 2017-09-16) [Lookup]
    [running] com.spotify.webhelper.plist (Spotify – installed 2017-09-13) [Lookup]

    User Login Items: ⓘ
    Dropbox Programma
    (/Applications/Dropbox.app)
    Back-up en synchronisatie van Google Programma
    (/Applications/Backup and Sync.app)
    Spotify Programma – Hidden
    (/Applications/Spotify.app)

    Internet Plug-ins: ⓘ
    FlashPlayer-10.6: 27.0.0.130 (installed 2017-09-13) [Lookup]
    Flash Player: 27.0.0.130 (installed 2017-09-13) [Lookup]
    QuickTime Plugin: 7.7.3 (installed 2017-09-03)

    3rd Party Preference Panes: ⓘ
    Flash Player (installed 2017-08-29) [Lookup]

    Time Machine: ⓘ
    Time Machine not configured!

    Top Processes by CPU: ⓘ
    12% osascript
    11% launchservicesd
    10% WindowServer
    7% coreaudiod
    3% loginwindow

    Top Processes by Memory: ⓘ
    915 MB kernel_task
    434 MB com.apple.WebKit.WebContent
    382 MB com.apple.WebKit.WebContent
    382 MB Spotify Helper
    164 MB launchservicesd

    Top Processes by Network Use: ⓘ
    Input Output Process name
    4 MB 3 MB Dropbox
    4 MB 2 MB mDNSResponder
    151 KB 53 KB Spotify
    38 KB 37 KB apsd

    Top Processes by Energy Use: ⓘ
    26.90 coreaudiod
    25.22 SGDawNodeService
    12.68 Logic Pro X
    11.66 launchservicesd
    8.70 WindowServer

    Virtual Memory Information: ⓘ
    2.22 GB Available RAM
    82 MB Free RAM
    5.78 GB Used RAM
    2.14 GB Cached files
    502 MB Swap Used

    Software installs: ⓘ
    The Unarchiver: 3.11.1 (installed 2017-09-04)
    Fireface USB Driver: (installed 2017-09-04)
    MacKeeper: (installed 2017-09-04)
    MacKeeper: (installed 2017-09-04)
    Malwarebytes for Mac: (installed 2017-09-08)
    “Malwarebytes for Mac Uninstaller”: (installed 2017-09-08)
    Malwarebytes for Mac: (installed 2017-09-13)
    “Malwarebytes for Mac Uninstaller”: (installed 2017-09-13)
    Adobe Flash Player: (installed 2017-09-13)
    MacBooster 5: (installed 2017-09-16)
    Malwarebytes for Mac: (installed 2017-09-17)

    Install information may not be complete.

    Diagnostics Information: ⓘ
    2017-09-15 23:56:31 launchservicesd Crash [Open]
    Cause: BUG IN LIBPTHREAD: Invalid thread port
    2017-09-15 23:56:28 cloudphotosd.app Crash [Open]
    Cause: abort() called
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    rdar://problem/28724618 Couldn’t create connection object
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECT
    _RegisterApplication(), unable to get application ASN from launchservicesd, and this application requires an ASN, so aborting. error=#-1.
    2017-09-15 23:56:25 TMHelperAgent.app Crash [Open]
    Cause: abort() called
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECTION_INTERRUPTED).
    rdar://problem/28724618 Couldn’t create connection object
    <rdar://problem/28724618> Application unable to connect to launchservicesd for an unknown reason (received XPC_ERROR_CONNECT
    _RegisterApplication(), unable to get application ASN from launchservicesd, and this application requires an ASN, so aborting. error=#-1.
    2017-09-15 13:20:59 CCLibrary.app Crash [Open]
    2017-09-08 15:03:55 Last shutdown cause: 0 – Power loss

    Sleutelbeheerder
    Night

    Begin eens met het verplaatsen van:
    • /Library/LaunchDaemons/com.iobit.AMCDaemon.plist
    • ~/Library/LaunchAgents/com.iobit.MacBoosterMini.plist
    (of bestanden die hier verdacht veel op lijken) naar de prullenbak, zonder deze te legen. Herstart daarna je Mac.

    Daarnaast:

    ssp.fwrdy.com Virus Removal for Mac

    ennuh… Echt waar? MacKeeper? Veel succes!
    https://www.macworld.com/article/2861435/software-utilities/how-to-uninstall-mackeeper-from-your-mac.html

    Bijdrager
    Jdee25

    Ow! Ouch!
    Mackeeper heb ik niet bewust geïnstalleerd, die zie ik nu pas in het lijstje.
    Ik ga het even allemaal proberen, dankjewel.

    Mocht het niet lukken denk ik dat ik voor een clean install ga. Dan ben ik er sowieso wel vanaf:)

    Sleutelbeheerder
    Night

    (y) succes

    Bijdrager
    GoeieDag

    Het zal wel zijn meegekomen met die MacBooster.
    Wat is dat toch, dat vertrouwen hebben in troep gemaakt door onbekenden.

10 berichten aan het bekijken - 1 tot 10 (van in totaal 10)

Je moet ingelogd zijn om een reactie op dit onderwerp te kunnen geven.