Author Topic: MacOS:Adload-S [Trj]  (Read 8250 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
MacOS:Adload-S [Trj]
« on: February 15, 2018, 12:01:14 PM »
I have a problem with an "infection blocked" pop-up. The infection is called MacOS:Adload-S [Tri]. The pop-up window pops up almost every 10 seconds although I have run a full scan on my computer... Can anybody please help me?

The details in the pop-up window are as follows:
Infection:
User: _analyticsd
Process: /usr/libexec/xpcproxy
File: /System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd

Many thanks in advance.

L.
« Last Edit: February 15, 2018, 02:49:58 PM by leni2018 »

Offline Faguo1502

  • Newbie
  • *
  • Posts: 8
Re: MacOS:Adload-S [Tri]
« Reply #1 on: February 15, 2018, 12:57:14 PM »
Same problem for me.

Offline Frags

  • Newbie
  • *
  • Posts: 6
Re: MacOS:Adload-S [Tri]
« Reply #2 on: February 15, 2018, 01:38:21 PM »
I just made an account here to say the exact same thing is happening to me. How strange.

The first 'infection blocked!' came in at 10:48 and they've been happening ever since. I'm currently doing a full scan which is taking ages.

Never had any trouble with with Avast / threats / viruses before so this is a bit concerning.

(I borrowed my brothers USB stick to move a file over from one laptop to mine a few days ago, so that was my first panic, but if the same thing is happening to several people i'm inclined to think it's probably not that?)

Any help please!!!!!

REDACTED

  • Guest
Re: MacOS:Adload-S [Tri]
« Reply #3 on: February 15, 2018, 02:14:32 PM »
Same here, with the variation that infection is named « MacOS:Adload-S [Trj] » (please note the « j »). I don’t know how to proceed... As I don’t even know how to take the fille and submit it to virustotal for example... Any idea?

Offline Faguo1502

  • Newbie
  • *
  • Posts: 8
Re: MacOS:Adload-S [Tri]
« Reply #4 on: February 15, 2018, 02:20:29 PM »
The infection name in the messages is also with "Trj" at the end.
Never had any problem with Avast Security for Mac before. I checked the version number : 13.4, which is the latest I believe.
I ran ClamXAV on the System/Library directory and it found no infection.

REDACTED

  • Guest
Re: MacOS:Adload-S [Tri]
« Reply #5 on: February 15, 2018, 02:46:46 PM »
This is occurring on several machines in our office, mostly MacBook Air's but some are also Pro's.

Some OS's are have updated today to the latest version of High Sierra, but others have not. So it may look like a problem with Avast itself?

REDACTED

  • Guest
Re: MacOS:Adload-S [Tri]
« Reply #6 on: February 15, 2018, 02:47:29 PM »
Sorry, the infection is indeed called MacOS:Adload-S [Trj], so with a "j" and not an "i".

My scan has been running since 3 hours and still hasn't finished yet ( I ran a full scan after the quick scan didn't bring any results...)

Offline Frags

  • Newbie
  • *
  • Posts: 6
Re: MacOS:Adload-S [Trj]
« Reply #7 on: February 15, 2018, 03:07:01 PM »
I have never found a single infected file when doing full scans for as long as i've had Avast. But the report is telling me i now have a few. They're all located in /System/Library. One is /Speech/Synthesisers, four are in /PrivateFrameworks (one being in SiriTTS).

I don't really know what all this means.

I only got round to upgrading to High Sierra at the weekend... don't know if that has anything to do with it. Hmmm.


REDACTED

  • Guest
Re: MacOS:Adload-S [Trj]
« Reply #8 on: February 15, 2018, 03:16:41 PM »
I made an account here just for the same thing! My avast found 4 of those, MacOS:Adload-S [Trj], all located in the /System/Library/PrivateFrameworks... My malwarebytes can't find anything at all, and if I try to remove these that avast find they are there again if I scan again.

Are these infections at all or is it just avast being silly?

Offline Faguo1502

  • Newbie
  • *
  • Posts: 8
Re: MacOS:Adload-S [Trj]
« Reply #9 on: February 15, 2018, 03:19:44 PM »
Precision : I have upgraded to High Sierra a few weeks ago. No problem until today.

Is someone from the support team looking at these messages or should we contact them directly ?

Offline lukas.hasik

  • Avast team
  • Advanced Poster
  • *
  • Posts: 929
  • Product manager of Avast Security for Windows
Re: MacOS:Adload-S [Trj]
« Reply #10 on: February 15, 2018, 03:53:55 PM »
it's a False positive - we are working on a fix that should be available in next virus definitions update. Sorry for troubles... :slow_parrot:
Quality is also a feature.

REDACTED

  • Guest
Re: MacOS:Adload-S [Trj]
« Reply #11 on: February 15, 2018, 04:13:41 PM »
This false positive thing is quite stressing...

REDACTED

  • Guest
Re: MacOS:Adload-S [Trj]
« Reply #12 on: February 15, 2018, 04:20:51 PM »
Same thing here, started happening today too.

Directories are:
/System/Library/Speech/Synthesizers/Polyglot.SpeechSynthesizer/Contents/MacOS/Polyglot
and
/System/Library/PrivateFrameworks/CoreAnalytics.framework/Support/analyticsd

For everyone bothered with the constant notifications, just disable it until the fix has been released.
Thanks for the update, Lukas Hasik!

Offline Faguo1502

  • Newbie
  • *
  • Posts: 8
Re: MacOS:Adload-S [Trj]
« Reply #13 on: February 15, 2018, 04:26:07 PM »
Thanks Lukas.Hasik !

Offline lukas.hasik

  • Avast team
  • Advanced Poster
  • *
  • Posts: 929
  • Product manager of Avast Security for Windows
[FIXED] Re: MacOS:Adload-S [Trj]
« Reply #14 on: February 15, 2018, 04:47:00 PM »
fix has been released via "Streaming Updates" - check your Preferences > Updates

Quality is also a feature.