1
在运行macOS Sierra的计算机上发现旧病毒:现在该怎么办?
我的父亲感叹,即使使用adblock也可以弹出随机广告,同时浏览可信赖的网站,以及自从他安装iPhone之后,Firefox在他的OSX计算机上启动时的状态(所有软件更新都正确)。 我自然检查System Preferences > Users Accounts > Login items了Firefox底座图标Firefox > Open at login。什么都没有...... 所以~/Library/LaunchAgents我感到惊讶,我发现许多文件指向明显的病毒。例如,一个文件被命名com.apple.roinnris.plist并指向一个可执行文件,在终端窗口中,它的行为如下: Last login: Mon Jun 26 18:36:28 on ttys000 Pro-di-Gianni:~ gianni$ /Users/gianni/Library/roinnris ; exit; 1.3.4: Initializing... roinnris http://feed.snowbitt.com/?publisher=TingSyn&ts=sy&barcodeid=51222999&searchtype=hp&type=YHS_TGE_5a01fc&_=tt1 http://feed.snowbitt.com/?publisher=TingSyn&ts=sy&barcodeid=51222999&searchtype=nt&type=YHS_TGE_5a01fc&_=tt1 http://feed.snowbitt.com/?publisher=TingSyn&ts=sy&barcodeid=51222999&searchtype=ds&type=TGE_5a01fc snowbitt _Bt3mBZUrWFiQtw-o265327tVlFLedwV5m3RbDQqoTNF34tnUYs4T2-Z-0Vh_ot2iQz9QcQstVbDfh_GhqMjQkak68EeUespftvJPjZ5LY1FbyK8tuMM nth convertFile - /Users/gianni/Library/backup.zip to /Users/gianni/Library/backup.tmp Ping-"http://t.trkitok.com/track/surl?mid=C26849F2-0F50-5495-9FBB-9269DCE9EDA1&ht=???ڐ?????΄???????ބ??Dž?????????ؗ??????Č?ٗ?ӌ????????Η??????????????????ϗ?ڌ???ϗ?????????˚??Ɍ???ޛ????ڐ?????΄???????ބ??Dž?????????ؗ??????Č?ٗ?ӌ????????Η??????????????????ϗ?ތ???ϗ?????????˚??Ɍ???ޛ????ڐ?????΄???????ބ??Dž?????????ؗ??????Č?ٗ?ӌ????????Η??????????????????ϗ?ٌ???ϗ?????˚??ɠ???????ޠ??ޙ??????????݇Ř???????????????Ǚ????????왞????ٞ??????????ޘ??Г??????????????????????????????????????????????? ?&nt=&su=" 这是另一个: Last login: Mon Jun 26 18:28:48 …