Startseite Safari ist plötzlich geändert mit "anysearchmanager" "Akamaihd"

[AvaMathilda]

Hallo MacUser Gemeinde,

ich hoffe, ihr könnt mir helfen. Die Startseite von Safari war bei mir bisher immer Google Search (auch bei Firefox und Google Crome). Leider muss sich irgendetwas eingeschlichen haben, denn jetzt öffnet sich nur noch "anysearchmanager" als Startseite von Akamaihd.net.

Und das lässt sich in den Safari Einstellungen auch nicht mehr ändern, da der Homepage Button deaktiviert ist.
Ich habe schon sämtliche Foren durchforstet und komme nicht weiter.
Ich habe bei Firefox, Crome und Safari alle Passwörter, alle Verläufe etc. gelöscht und wieder auf Werkseinstellung gesetzt. Alle Erweiterungen gelöscht. Und alle runtergeladenen Programme Apps der letzten Monate gelöscht.

Bei Firefox und Crome kann ich nun auch wieder Google als Startseite eingeben. Bei Safari (den Browser benutze ich am liebsten) geht es leider nicht. Ich habe auch schon Malwarebytes drüberlaufen lassen und alles "kritisch" gefundene gelöscht. Weiterhin habe ich gelesen, dass man AVG AntiVirus installieren sollte. Aber obwohl es hieß, dass es kostenfrei ist, muss man nun doch zahlen. Hier bin ich mir unsicher, ob das der richtige und zielführende Weg ist.

Da ich überhaupt nicht technisch versiert bin, kann ich es auch nicht einschätzen. Was ist "anysearchmanager" von Akamaihd.net? Ist das gefährlich? Sollte ich Safari ganz vom Rechner entfernen? Hätte ich dann damit alles gelöst? Oder hat sich dieses "Akamaihd" noch irgendwo eingenistet, auch wenn ich Safari lösche?

Ich hoffe, ihr könnt helfen. Vielen Dank!

Ava Mathilda

 

[daryl]

https://www.macuser.de/threads/safa...ern-weiterleitung-auf-searchpulse-net.838007/

Den AVG Antivirus bitte nach Herstellerangaben (solltest Du auf der Webseite finden) deinstallieren.

 

[dg2rbf]

Hi,
das ist Malware, Malwarebytes downloaden und diesen Müll damit entfernen, in Zukunft nichtmehr bei Chip und Co, downloaden, bzw nur bei den Software Herstellern/Programierern, nicht auf alles Klicken was aufpoppt !!!, "anysearchmanager" von Akamaihd.net, hat mit AVG Antivirus nichts zu tun, AVG usw sind auf einem Mac unnötig, machen nur Probleme.

Franz

 

[AvaMathilda]

so sieht es aus

 

[electricdawn]

1. Willkommen auf MacUser.
2. Am besten mal https://etrecheck.com/ installieren, laufen lassen, und den erzeugten Bericht hier einstellen. Wir helfen dann weiter.
3. NIEMALS ein Antivirenprogramm installieren. Schlangenoelsoftware, die voellig unnoetig ist, und den Rechner nur verlangsamt und eher gefaehrdet.
4. Niemals irgendwelche ungefragten Anhaenge in Emails oeffnen!
5. Niemals irgendwelchen Meldungen im Internet glauben, dass der Rechner "bedroht" waere, und dass man innerhalb von 10 Sekunden den Knopf druecken muss um sich davor zu schuetzen... der dann aber erst die eigentliche Malware runterlaedt!
6. Und zu guter Letzt: Niemals irgendwelche "Helferlein" installieren, die irgendwas versprechen von "Caches saeubern" und "Rechner beschleunigen". Alles kompletter Humbug.
7. Einen hab' ich noch: Wenn der Browser irgendwas runterlaedt, und dich ploetzlich nach deinem Nutzerpasswort fragt, IMMER ablehnen. Das ist mit hoher Wahrscheinlichkeit Schadsoftware. In Safari kann man in den Einstellungen die Option abwaehlen, runtergeladene Dateien zu starten oder auszupacken. Sofort abwaehlen!

 

[daryl]

Hi,
das ist Malware, Malwarebytes downloaden und diesen Müll damit entfernen, in Zukunft nichtmehr bei Chip und Co, downloaden, bzw nur bei den Software Herstellern/Programierern, nicht auf alles Klicken was aufpoppt !!!, "anysearchmanager" von Akamaihd.net, hat mit AVG nichts zu tun.

Franz

Scheinbar scheint heute irgendwas in den Online Adventskalendern der genannten Seite als kostenlosen Download zu geben. Schon auffällig das so kurz nacheinander Threads zu dem Thema hier aufschlagen.

 

[AvaMathilda]

Vielen Dank. Ich habe gestern das Malewarebytes Programm runtergeladen und alles angezeigte gelöscht und Neustart gemacht. Malewarebytes sagt, es ist nichts mehr gefährliches auf dem Rechner. Akamaihd.net ist aber immer noch als Homepage drin und lässt sich auch nicht verändern. Siehe Screenshot.

 

[electricdawn]

Wie schon gesagt: Etrecheck laufen lassen und Bericht hier einstellen. Dann sehen wir weiter. Keine Angst, da wird NICHTS Privates drinstehen.

 

[oneOeight]

Akamaihd.net ist aber immer noch als Homepage drin und lässt sich auch nicht verändern. Siehe Screenshot.

https://support.apple.com/de-de/guide/safari/ibrw1020/mac
https://support.apple.com/de-de/guide/safari/ibrwe75c2a3c/mac

versuch mal den hinweisen zu folgen.

sonst drück mal die shift taste beim starten von safari, das ist dann der safe mode, da müsstest das wieder setzen können.

und guck mal in den systemeinstellungen, ob es da in der zeile mit benutzer&gruppen nicht auch ein eintrag profile ist.
dort halt alles unbekannte löschen, darüber kann auch die homepage gesetzt sein.

 

[dg2rbf]

Hi,
den Etrecheck Scan bitte in CodeTags posten, bei Bedarf splitten.

Franz

 

[lisley]

Hallöchen,
ja da war wohl was im Adobe Weihnachtskalender. Habe mir das ebenso eingefangen.. hier mal mein Etre... komme nicht weiter. Mist...
Danke für eure Tipps und sorry, dass auch ich drauf reingefallen bin....
kann ebenso nichts im Safari ändern... die startseite ist ausgegraut...

EtreCheck version: 5.4.8 (5091)

Report generated: 2019-12-25 20:58:12

Download EtreCheck from https://etrecheck.com

Runtime: 2:18

Performance: Excellent

Sandbox: Enabled

Full drive access: Disabled



Problem: Other problem



Major Issues: None



Minor Issues:

  These issues do not need immediate attention but they may indicate future problems or opportunities for improvement.

  Configuration profiles present - This machine has configuration profiles. These are sometimes used by adware and malware.

  Low disk space - This machine is running low on free hard drive space.

  Clean up - There are orphan files that could be removed.

  Unsigned files - There are unsigned software files installed. They appear to be legitimate but should be reviewed.

  System modifications - There are a large number of system modifications running in the background.

  32-bit Apps - This machine has 32-bits apps will not work on macOS 10.15 “Catalina”.

  Limited drive access - More information may be available with Full Drive Access.



Hardware Information:

  MacBook Pro (Retina, 15-inch, Late 2013)

  MacBook Pro Model: MacBookPro11,2

  1 2 GHz Quad-Core Intel Core i7 (i7-4750HQ) CPU: 4-core

  8 RAM - Not upgradeable

    BANK 0/DIMM0 - 4 GB DDR3 1600

    BANK 1/DIMM0 - 4 GB DDR3 1600

  Battery: Health = Normal - Cycle count = 629



Video Information:

  Intel Iris Pro - VRAM: 1536 MB

    Color LCD (built-in) 2880 x 1800



Drives:

  disk0 - APPLE SSD SM0256F 251.00 GB (Solid State - TRIM: Yes)

  Internal PCI 5.0 GT/s x2 Serial ATA

    disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB

    disk0s2 [APFS Container] 250.79 GB

      disk1 [APFS Virtual drive] 250.79 GB (Shared by 5 volumes)

        disk1s1 - M******************n (APFS) [APFS Virtual drive] (Shared - 210.37 GB used)

        disk1s2 - Preboot (APFS) [APFS Preboot] (Shared)

        disk1s3 - Recovery (APFS) [Recovery] (Shared - 529 MB used)

        disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07 GB used)

        disk1s5 - Macintosh HD (APFS) (Shared - 11.05 GB used)

 

[lisley]

Mounted Volumes:

  disk1s1 - M******************n [APFS Virtual drive]

    250.79 GB (Shared - 210.37 GB used, 28.13 GB available, 27.55 GB free)

    APFS

    Mount point: /System/Volumes/Data



  disk1s3 - Recovery [Recovery]

    250.79 GB (Shared - 529 MB used, 27.55 GB free)

    APFS

    Mount point: /Volumes/Recovery



  disk1s4 - VM [APFS VM]

    250.79 GB (Shared - 1.07 GB used, 27.55 GB free)

    APFS

    Mount point: /private/var/vm



  disk1s5 - Macintosh HD

    250.79 GB (Shared - 11.05 GB used, 28.13 GB available, 27.55 GB free)

    APFS

    Mount point: /

    Read-only: Yes



Network:

  Interface HUAWEIMobile-Modem: HUAWEIMobile-

  Interface en4: iPhone

  Interface en0: Wi-Fi

    802.11 a/b/g/n/ac

  Interface en3: Bluetooth PAN



System Software:

  macOS Catalina 10.15.2 (19C57)

  Time since boot: Less than an hour



Configuration Profiles:

  This computer has configuration profiles installed.



Notifications:

  Notifications not available without Full Drive Access.



Security:

  System Status

  Gatekeeper: Enabled

  System Integrity Protection: Enabled



  Antivirus software: Apple



Unsigned Files:

  Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist

    Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchDaemons/com.apple.aelwriter.plist

    Executable: /usr/sbin/AELWriter

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist

    Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchAgents/de.rme-audio.RMEfirefaceUSBAgent.plist

    Executable: /Library/Extensions/RMEFirefaceUSB.kext/Contents/Resources/firefaceUSBAgent.app/Contents/MacOS/firefaceUSBAgent

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchDaemons/com.digidesign.fwfamily.helper.plist

    Executable: /Library/Application Support/Digidesign/FireWire/DigidesignFireWireHelper

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist

    Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchAgents/com.avid.mbox.helper.plist

    Executable: /Library/Application Support/Avid/{DE88214A-90CB-4046-A916-CF93334682DC}/LaunchdDaemon start

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchAgents/com.paragon-software.facebook.agent.plist

    Executable: /Library/Application Support/Paragon Software/Paragon Software Facebook Agent.app/Contents/MacOS/Paragon Software Facebook Agent

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/LaunchAgents/com.imcapture.IMCapture.Agent.plist

    Executable: /Library/Application Support/IMCapture/IMCaptureAgent.app/Contents/MacOS/IMCaptureAgent

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Java-Updater.plist

    Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck

    Details: Exact match found in the whitelist - probably OK



  Launchd: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/com.oracle.java.Helper-Tool.plist

    Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool

    Details: Exact match found in the whitelist - probably O

 

[lisley]

32-bit Applications:

  26 32-bit apps



Kernel Extensions:

  /Library/Application Support/Citrix Receiver

    CitrixGUSB.kext (19.3.1 - SDK 10.9)



  /Library/Application Support/Roxio

    TDIXController.kext (1.7)



  /Library/Extensions

    FirefaceAudioDriver.kext (1.0)

    AvidMboxPro.kext (1.3.0 - SDK 10.7)

    AvidMbox.kext (Avid Mbox 1.0.18)

    CDSDAudioCaptureSupport.kext (1.2)

    DigidesignFireWireAudio.kext (7.3)

    DigiDal.kext (7.3)

    DigiIO.kext (7.3)

    DigidesignMbox2Boot.kext (10.3.5.211 - SDK 10.6)

    DigidesignMbox2.kext (10.3.5.211 - SDK 10.6)

    DigidesignElevenRack.kext (Digidesign Eleven Rack 1.0.1)

    EyeTVAfaTechHidBlock.kext (1.1)

    EyeTVCinergy450AudioBlock.kext (1.1)

    EyeTVCinergyXSAudioBlock.kext (1.1)

    EyeTVEmpiaAudioBlock.kext (1.1)

    EyeTVVoyagerAudioBlock.kext (1.1)

    MOTUFireWireAudio.kext (1.6 48575 - SDK 10.4)

    MOTUMicroBookAudio.kext (1.6 48575 - SDK 10.4)

    MOTUPCIAudio.kext (1.6 48575 - SDK 10.4)

    Motu MIDI Driver.kext (1.6 48575 - SDK 10.4)

    PACESupportFamily.kext (5.8)

    RMEFirefaceUSB.kext (2.21 - SDK 10.9)

    Saffire.kext (3.5.3)



  /Library/Extensions/HuaweiDataCardDriver_10_9.kext/Contents/PlugIns

    MBBACMData.kext (6.00.06.00 - SDK 10.10)

    MBBActivateDriver.kext (6.00.05 - SDK 10.10)

    MBBEthernetData.kext (6.00.05.00 - SDK 10.10)



  /Library/Extensions/PACESupportFamily.kext/Contents/PlugIns

    PACESupportLeopard.kext (5.8 - SDK 10.4)

    PACESupportPanther.kext (5.8 - SDK 10.-1)

    PACESupportSnowLeopard.kext (5.8 - SDK 10.6)

    PACESupportTiger.kext (5.8 - SDK 10.4)



  /Library/StartupItems/ArcanaStartupSound/Resources

    ArcanaPRAM.kext (1.1b3)



  /Library/StartupItems/BRESINKx86Monitoring

    BRESINKx86Monitoring.kext (2.0)



Startup Items:

  TuxeraNTFSUnmountHelper Path: /Library/StartupItems/TuxeraNTFSUnmountHelper

  PACESupport Path: /Library/StartupItems/PACESupport

  Digidesign Mbox 2 Path: /Library/StartupItems/Digidesign Mbox 2

  ArcanaStartupSound Path: /Library/StartupItems/ArcanaStartupSound

  DigidesignLoader Path: /Library/StartupItems/DigidesignLoader

  MidiSportLoader Path: /Library/StartupItems/MidiSportLoader

  Saffire Path: /Library/StartupItems/Saffire



System Launch Agents:

  [Not Loaded]  17 Apple tasks

  [Loaded]  170 Apple tasks

  [Running]  124 Apple tasks



System Launch Daemons:

  [Not Loaded]  33 Apple tasks

  [Loaded]  186 Apple tasks

  [Running]  117 Apple tasks

 

[lisley]

Launch Agents:

  [Other] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2019-08-15)

  [Running] com.avid.ApplicationManager.plist (Avid Technology Inc - installed 2017-08-10)

  [Other] com.avid.mbox.helper.plist (? 6355d557  - installed 2010-08-06)

  [Other] com.avid.mboxpro.helper.plist (Avid Technology Inc - installed 2013-10-22)

  [Loaded] com.citrix.AuthManager_Mac.plist (Citrix Systems, Inc. - installed 2019-04-03)

  [Running] com.citrix.ReceiverHelper.plist (Citrix Systems, Inc. - installed 2019-04-03)

  [Running] com.citrix.ServiceRecords.plist (Citrix Systems, Inc. - installed 2019-04-03)

  [Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2019-12-04)

  [Loaded] com.google.keystone.xpcservice.plist (Google, Inc. - installed 2019-12-04)

  [Running] com.imcapture.IMCapture.Agent.plist (? 8335d888  - installed 2011-09-16)

  [Other] com.motu.MOTULauncher.plist (? 39f93d85  - installed 2008-01-23)

  [Not Loaded] com.oracle.java.Java-Updater.plist (? b2281a06  - installed 2016-12-13)

  [Loaded] com.paragon-software.facebook.agent.plist (? 95fb0bd4  - installed 2016-11-29)

  [Other] com.paragon-software.ntfs.automount.plist (? 23af1e7e  - installed 2016-11-29)

  [Other] com.paragon.updater.plist (Paragon Software GmbH - installed 2016-11-29)

  [Not Loaded] com.teamviewer.teamviewer.plist (? aa311aa9  - installed 2016-02-15)

  [Not Loaded] com.teamviewer.teamviewer_desktop.plist (? d4765397  - installed 2016-02-15)

  [Other] de.rme-audio.RMEfirefaceUSBAgent.plist (? 2aa8da5a  - installed 2017-06-30)

  [Other] de.rme-audio.firefaceAgent.plist (? 70555f84  - installed 2009-09-16)



Launch Daemons:

  [Other] PACESupport.plist (? ab6b5614  - installed 2011-07-07)

  [Loaded] com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2019-08-15)

  [Loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2019-08-15)

  [Loaded] com.apple.aelwriter.plist (? 761c7cf9  - installed 2011-03-22)

  [Loaded] com.apple.installer.osmessagetracing.plist (Apple - installed 2019-05-01)

  [Loaded] com.avid.bsd.shoetoolv120.plist (Avid Technology Inc - installed 2017-12-07)

  [Running] com.avid.hub.service.plist (Avid Technology Inc - installed 2017-09-01)

  [Running] com.avid.transport.client.plist (Avid Technology Inc - installed 2017-09-01)

  [Loaded] com.citrix.ctxusbd.plist (Citrix Systems, Inc. - installed 2019-04-03)

  [Other] com.digidesign.elevenrack.helper.plist (? 3a415902  - installed 2009-10-16)

  [Other] com.digidesign.fwfamily.helper.plist (? 3ed06546  - installed 2006-11-15)

  [Loaded] com.google.keystone.daemon.plist (Google, Inc. - installed 2019-12-04)

  [Loaded] com.microsoft.office.licensing.helper.plist (? 6d8cb30e  - installed 2012-04-02)

  [Not Loaded] com.oracle.java.Helper-Tool.plist (? e3fefdd2  - installed 2016-12-13)

  [Running] com.paceap.eden.licensed.plist (? c6a7bebe  - installed 2017-03-16)

  [Loaded] com.paragon-software.installer.plist (Paragon Software GmbH - installed 2016-12-16)

  [Loaded] com.teamviewer.Helper.plist (? 7ca2e004  - installed 2016-02-15)

  [Not Loaded] com.teamviewer.teamviewer_service.plist (? b485a599  - installed 2016-02-15)



User Launch Agents:

  [Other] com.adobe.ARM.***.plist (? 0  - installed 2013-01-07)

  [Other] com.amazon.music.plist (? 0  - installed 2015-10-06)

  [Loaded] com.skype.skype.shareagent.plist (Skype Communications S.a.r.l - installed 2018-09-05)

  [Loaded] mega.mac.megaupdater.plist (Mega Limited - installed 2019-12-25)



User Login Items:

  [Not Loaded] DSLoginItemHelper (App Store - installed 2019-12-25)

    Modern Login Item

    /Applications/Antivirus One.app/Contents/Library/LoginItems/DSLoginItemHelper.app



  [Not Loaded] Launcher Disabler (App Store - installed 2019-12-11)

    Modern Login Item

    /Applications/OneDrive.app/Contents/Library/LoginItems/Launcher Disabler.app



  [Not Loaded] OneDrive Launcher (App Store - installed 2019-12-11)

    Modern Login Item

    /Applications/OneDrive.app/Contents/Library/LoginItems/OneDrive Launcher.app



  [Not Loaded] HDXCastHelper (Citrix Systems, Inc. - installed 2019-06-02)

    Modern Login Item

    /Library/Application Support/Citrix Receiver/Citrix Casting.app/Contents/Library/LoginItems/HDXCastHelper.app



Internet Plug-ins:

  OVSHelper: 1.0 (? - installed 2011-02-08)

  Flip4Mac WMV Plugin: 2.3.8.1 (? - installed 2011-01-14)

  AdobePDFViewerNPAPI: 17.012.20098 (Adobe Systems, Inc. - installed 2019-12-23)

  DivXBrowserPlugin: 2.1 (? - installed 2011-02-08)

  Silverlight: 5.1.50901.0 (? - installed 2018-11-06)

  AmazonMP3DownloaderPlugin101749:  (?)

  iPhotoPhotocast: 7.0 (Apple - installed 2010-11-27)

  CitrixICAClientPlugIn: 19.3.1 (Citrix Systems, Inc. - installed 2019-06-02)

  SharePointBrowserPlugin: 14.2.0 (? - installed 2013-11-18)

  AdobePDFViewer: 19.021.20061 (Adobe Systems, Inc. - installed 2019-12-23)

  CANONiMAGEGATEWAYDL: 3.1.0.2 (? - installed 2009-09-09)

  CANONiMAGEGATEWAYLI: 2.1.0.1 (? - installed 2006-04-21)

  JavaAppletPlugin: Java 8 Update 121 build 13 (? - installed 2017-02-20)



Audio Plug-ins:

  DVCPROHDAudio: 1.3.2 (Apple - installed 2011-03-22)

  Digidesign CoreAudio: 7.3 (? - installed 2006-11-15)



Safari Extensions:

  ToolbarSafariExtension - App Store (installed 2019-12-25)



3rd Party Preference Panes:

  DivX (installed 2011-02-08)

  Flip4Mac WMV (installed 2011-01-13)

  FUSE for OS X (OSXFUSE) (installed 2015-06-14)

  Java (installed 2017-02-20)

  NTFS-3G (installed 2010-10-11)

  Tuxera NTFS (installed 2015-09-20)

  YAMAHA-USBMIDIPatch (installed 2009-07-22)



Time Machine:

  Time Machine information not available without Full Drive Access.



Performance:

  System Load: 1.87 (1 min ago) 1.89 (5 min ago) 1.52 (15 min ago)

  Nominal I/O speed: 6.36 MB/s

  File system: 28.35 seconds

  Write speed: 520 MB/s

  Read speed: 675 MB/s



CPU Usage Snapshot:

  Type Overall

  System 2 %

  User 2 %

  Idle 96 %



Top Processes Snapshot by CPU:

  Process (count) CPU (Source - Location)

  Other processes 22.69 % (?)

  EtreCheck 7.77 % (App Store)

  MEGAsync 0.51 % (Mega Limited)

  com.apple.WebKit.WebContent.xpc (7) 0.13 % (Apple)

  AXVisualSupportAgent 0.13 % (Apple)



Top Processes Snapshot by Memory:

  Process (count) RAM usage (Source - Location)

  EtreCheck 543 MB (App Store)

  AvidAppManHelper 259 MB (Avid Technology Inc)

  App Store 212 MB (Apple)

  Google Chrome 145 MB (Google, Inc.)

  Finder 137 MB (Apple)



Top Processes Snapshot by Network Use:

  Process (count) Input / Output (Source - Location)

  Mail 1 MB / 4 KB (Apple)

  Other processes 158 KB / 99 KB (?)

  MEGAsync 35 KB / 17 KB (Mega Limited)

  com.apple.WebKit.Networking.xpc 18 KB / 8 KB (Apple)

  SystemUIServer 0 B / 64 B (Apple)



Virtual Memory Information:

  Physical RAM: 8 GB



  Free RAM: 25 MB

  Used RAM: 5.85 GB

  Cached files: 2.13 GB



  Available RAM: 2.15 GB

  Swap Used: 0 B



Software Installs (past 30 days):

  Install Date Name (Version)

  2019-12-11 OneDrive (19.192.0926)

  2019-12-11 Numbers (6.0)

  2019-12-11 Pages (8.0)

  2019-12-11 Keynote (9.0)

  2019-12-11 Adobe Acrobat Reader DC (19.021.20058)

  2019-12-13 XProtectPlistConfigData (2110)

  2019-12-14 Adobe Flash Player

  2019-12-18 Citrix SSO (1.2.4)

  2019-12-23 MRTConfigData (1.51)

  2019-12-23 AdBlock (1.22.0)

  2019-12-23 Adobe Acrobat Reader DC (19.021.20061)

  2019-12-25 Antivirus One (3.3.1)

  2019-12-25 EtreCheck (5.4.8)



Clean up:

  /Library/LaunchAgents/com.motu.MOTULauncher.plist

    /System/Library/Extensions/MOTUFireWireAudio.kext/Contents/MacOS/MOTUFireWireConsoleLauncher.app/Contents/MacOS/MOTUFireWireConsoleLauncher

    Executable not found

  /Library/LaunchDaemons/com.digidesign.elevenrack.helper.plist

    /Library/PreferencePanes/Digidesign Eleven Rack.prefPane/Contents/Resources/LaunchdDaemon

    Executable not found

  ~/Library/LaunchAgents/com.amazon.music.plist

    /Applications/Amazon Music.app/Contents/MacOS/Amazon Music Helper

    Executable not found

  /Library/LaunchDaemons/PACESupport.plist

    /System/Library/Extensions/PACESupportFamily.kext/Contents/Resources/paceload

    Executable not found

  /Library/LaunchAgents/de.rme-audio.firefaceAgent.plist

    /System/Library/Extensions/FirefaceAudioDriver.kext/Contents/MacOS/firefaceAgent.app/Contents/MacOS/firefaceAgent

    Executable not found

  /Library/LaunchAgents/com.paragon-software.ntfs.automount.plist

    /Library/PreferencePanes/ParagonNTFS.prefPane/Contents/Resources/NTFSAutomountAgent

    Executable not found

  ~/Library/LaunchAgents/com.adobe.ARM.***.plist

    /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper

    Executable not found





Diagnostics Information (past 7-30 days):

  Directory /Library/Logs/DiagnosticReports is not accessible.

  Enable Full Drive Access to see more information.



End of report

 

[bernie313]

Mit Malwarebytes kannst du das löschen und schaue auch mal in den Systemeinstellungen, ob dort ein Profil zusätzlich eingetragen ist, sollte in der Reihe zu finden sein in der auch Benutzer & Gruppen sind.

 

[TMacMini]

Da wurde ein Profil installiert, steht auch im EtreCheck.

„Configuration profiles present - This machine has configuration profiles. These are sometimes used by adware and malware.“

 

[lisley]

JUHUU!
Ihr seid der Hammer! Hab das Profil immer unter Benutzer/Gruppen gesucht. Aber es war ein neues Icon in der Systemsteuerung. Krass.
Jetzt geht alles wieder,
Ihr seid super, danke euch

 

[dg2rbf]

Hi,
und in Zukunft Software nur noch von den Programmierer-/Herstellerseiten runterladen, und nicht von Chip usw.

Franz

 

[sabaiva]

Hallo,
ich habe auch das Problem, dass Safari mit anysearch startet.
Habe hier schon ein wenig gelesen und EtreCheck durchgeführt.
Ich würde mich sehr über eure Hilfe freuen.
Liebe Grüße

EtreCheck version: 5.4.8 (5091)

Report generated: 2020-02-03 10:44:12

Download EtreCheck from https://etrecheck.com

Runtime: 2:26

Performance: Good

Sandbox: Enabled

Full drive access: Disabled


Problem: Other problem

Description: 

Safari starts with any search.manager. Cant remove it.


Major Issues:

    Anything that appears on this list needs immediate attention.


    Adware - Adware detected.


Minor Issues:

    These issues do not need immediate attention but they may indicate future problems or opportunities for improvement.


    Configuration profiles present - This machine has configuration profiles. These are sometimes used by adware and malware.

    Clean up - There are orphan files that could be removed.

    Unsigned files - There are unsigned software files installed. They appear to be legitimate but should be reviewed.

    Limited drive access - More information may be available with Full Drive Access.


Hardware Information:

    MacBook (Retina, 12-inch, Early 2015)

    MacBook Model: MacBook8,1

    1 1,2 GHz Intel Core M (M-5Y51) CPU: 2-core

    8 GB RAM - Not upgradeable

        BANK 0/DIMM0 - 4 GB DDR3 1600

        BANK 1/DIMM0 - 4 GB DDR3 1600

    Battery: Health = Normal - Cycle count = 420


Video Information:

    Intel HD Graphics 5300 - VRAM: 1536 MB

        Color LCD (built-in) 2560 x 1600


Drives:

    disk0 - APPLE SSD AP0512H 500.28 GB (Solid State - TRIM: Yes)

    Internal PCI-Express 5.0 GT/s x4 NVM Express

        disk0s1 - EFI [EFI] 315 MB

        disk0s2 [Core Storage Container] 499.31 GB

            disk1 - Macintosh HD (Journaled HFS+) 498.95 GB (428.20 GB used)

        disk0s3 - Recovery HD [Recovery] 650 MB


Mounted Volumes:

    disk1 - Macintosh HD

        498.95 GB (428.20 GB used, 70.49 GB free)

        Journaled HFS+

        Mount point: /


Network:

    Interface en1: MBBEthernet

    Interface en2: iPhone

    Interface en0: Wi-Fi

        802.11 a/b/g/n/ac


System Software:

    OS X El Capitan 10.11.6 (15G22010)

    Time since boot: About 6 days


Configuration Profiles:

    This computer has configuration profiles installed.


Notifications:

    Notifications not available without Full Drive Access.


Security:

    Gatekeeper: Enabled

    System Integrity Protection: Enabled


    Antivirus software: Apple and Malwarebytes


Adware:

    Launchd: ~/Library/LaunchAgents/com.ExpertModuleSearch.plist

        Reason: Adware pattern match

        Executable: ~/Library/Application Support/com.ExpertModuleSearch/ExpertModuleSearch r

    Launchd: /Library/LaunchDaemons/com.ExpertModuleSearchDaemon.plist

        Reason: Adware pattern match

        Executable: /Library/Application Support/com.ExpertModuleSearchDaemon/ExpertModuleSearch r


Unsigned Files:

    Launchd: /Library/LaunchDaemons/com.sierrawireless.SwitchTool.plist

        Executable: /Library/Sierra/SierraDevSupport

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchDaemons/com.sharpcast.xfsmond.plist

        Executable: /Library/Application Support/SugarSync/scxfsmond -log error -launchd

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchAgents/com.motu.MOTULauncher.plist

        Executable: /Library/Application Support/MOTU/MOTUFireWireConsoleLauncher.app/Contents/MacOs/MOTUFireWireConsoleLauncher

        Details: Exact match found in the whitelist - probably OK


    Launchd: /Library/LaunchAgents/com.brother.LOGINserver.plist

        Executable: /Library/Printers/Brother/Utilities/Server/LOGINserver.app/Contents/MacOS/LOGINserver

        Details: Exact match found in the whitelist - probably OK


System Launch Agents:

    [Not Loaded] 6 Apple tasks

    [Loaded] 142 Apple tasks

    [Running] 92 Apple tasks


System Launch Daemons:

    [Not Loaded] 46 Apple tasks

    [Loaded] 148 Apple tasks

    [Running] 97 Apple tasks

    [Other] One Apple task


Launch Agents:

    [Running] com.brother.LOGINserver.plist (? a1772de2 - installed 2015-03-12)

    [Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2019-12-04)

    [Loaded] com.google.keystone.xpcservice.plist (Google, Inc. - installed 2019-12-04)

    [Running] com.motu.MOTULauncher.plist (? 701b50d7 - installed 2013-06-22)


Launch Daemons:

    [Loaded] com.ExpertModuleSearchDaemon.plist (Adware - installed 2020-01-27)

    [Loaded] com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2020-01-13)

    [Loaded] com.google.keystone.daemon.plist (Google, Inc. - installed 2019-12-04)

    [Loaded] com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2017-02-13)

    [Loaded] com.sharpcast.xfsmond.plist (? 13417b50 - installed 2012-01-18)

    [Running] com.sierrawireless.SwitchTool.plist (? f4fe8c02 - installed 2010-10-22)


User Launch Agents:

    [Loaded] com.ExpertModuleSearch.plist (Adware - installed 2020-01-27)

    [Other] com.adobe.ARM.***.plist (? 0 - installed 2014-10-13)

    [Loaded] com.skype.skype.shareagent.plist (Skype Communications S.a.r.l - installed 2017-12-04)


Internet Plug-ins:

    o1dbrowserplugin: 5.41.3.0 (? - installed 2017-10-19)

    Google Earth Web Plug-in: 7.1 (? - installed 2013-10-07)

    Default Browser: 601 (Apple - installed 2016-07-31)

    AdobePDFViewerNPAPI: 11.0.11 (? - installed 2015-05-14)

    FlashPlayer-10.6: 32.0.0.321 (Adobe Systems, Inc. - installed 2020-01-27)

    DivXBrowserPlugin: 2.0 (? - installed 2010-03-10)

    Silverlight: 5.1.41212.0 (? - installed 2016-02-18)

    Flash Player: 32.0.0.321 (Adobe Systems, Inc. - installed 2020-01-27)

    iPhotoPhotocast: 7.0 (Apple - installed 2010-04-08)

    googletalkbrowserplugin: 5.41.3.0 (? - installed 2015-12-11)

    AdobePDFViewer: 11.0.11 (? - installed 2015-05-14)

    JavaAppletPlugin: 15.0.1 (Apple - installed 2012-10-18)


Audio Plug-ins:

    BluetoothAudioPlugIn: 4.4.6 (Apple - installed 2018-12-25)

    AirPlay: 2.0 (Apple - installed 2018-12-25)

    AppleAVBAudio: 406.1 (Apple - installed 2018-12-25)

    iSightAudio: 7.7.3 (Apple - installed 2018-12-25)


3rd Party Preference Panes:

    RCDefaultApp (installed 2009-09-20)

    Flash Player (installed 2020-01-13)


Time Machine:

    Time Machine information not available without Full Drive Access.


Performance:

    System Load: 1.76 (1 min ago) 2.06 (5 min ago) 1.99 (15 min ago)

    Nominal I/O speed: 0.22 MB/s

    File system: 36.11 seconds

    Write speed:  118 MB/s

    Read speed:  868 MB/s


CPU Usage Snapshot:

    Type Overall

    System 5 %

    User 19 %

    Idle 76 %


Top Processes Snapshot by CPU:

    Process (count) CPU (Source - Location)

    Other processes 45.90 % (?)

    EtreCheck 28.29 % (App Store)

    WhatsApp 14.66 % (WhatsApp Inc.)

    WhatsApp Helper 6.20 % (WhatsApp Inc.)

    Safari 1.23 % (Apple)


Top Processes Snapshot by Memory:

    Process (count) RAM usage (Source - Location)

    com.apple.WebKit.WebContent (4) 537 MB (Apple)

    EtreCheck 373 MB (App Store)

    Safari 320 MB (Apple)

    Google Chrome 100 MB (Google, Inc.)

    App Store 58 MB (Apple)


Virtual Memory Information:

    Physical RAM: 8 GB


    Free RAM: 23 MB

    Used RAM: 7.03 GB

    Cached files: 973 MB


    Available RAM: 996 MB

    Swap Used: 1.17 GB


Software Installs (past 30 days):

    Install Date Name (Version)

    2020-01-22 XProtectPlistConfigData (2112)

    2020-01-22 MRTConfigData (1.53)

    2020-01-27 Adobe Flash Player

    2020-02-03 EtreCheck (5.4.8)


Clean up:

    ~/Library/LaunchAgents/com.adobe.ARM.***.plist

        /Applications/Adobe Reader.app/Contents/MacOS/Updater/Adobe Reader Updater Helper.app/Contents/MacOS/Adobe Reader Updater Helper

        Executable not found


Diagnostics Information (past 7-30 days):

    Directory /Library/Logs/DiagnosticReports is not accessible.

    Enable Full Drive Access to see more information.


End of report

 

[oneOeight]

Hallo,
ich habe auch das Problem, dass Safari mit anysearch startet.

Configuration profiles present - This machine has configuration profiles. These are sometimes used by adware and malware.

Adware:
Launchd: ~/Library/LaunchAgents/com.ExpertModuleSearch.plist
Reason: Adware pattern match
Executable: ~/Library/Application Support/com.ExpertModuleSearch/ExpertModuleSearch r

Launchd: /Library/LaunchDaemons/com.ExpertModuleSearchDaemon.plist
Reason: Adware pattern match
Executable: /Library/Application Support/com.ExpertModuleSearchDaemon/ExpertModuleSearch r


Launch Daemons:
[Loaded] com.ExpertModuleSearchDaemon.plist (Adware - installed 2020-01-27)

User Launch Agents:
[Loaded] com.ExpertModuleSearch.plist (Adware - installed 2020-01-27)

also die adware hat sich über die profile in safari fest gesetz, geh mal in die systemeinstellungen, dort sollte ein eintrag profile befinden.
das mit der adware drin halt löschen.

und nicht vergessen den rest von der adware zu löschen.

laut dem report hattest du doch mal malwarebytes installiert?
ist das nicht mehr der fall?