| |
21.12.2016, 23:15
| #16 |
 |  Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Shit. Dann waren die legitim und es hat wirklich jemand versucht über POP3 oder IMAP Emails von meinem Account abzuholen. Dass kann ja dann nur heißen, dass jemand an meinen Schlüsselbund rangekommen ist. Aber warum kann ich über die GMX App Emails abholen, ohne dass dieser Alarm ausgelöst wird? |
|
21.12.2016, 23:32
| #17 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran?Zitat:
__________________ |
|
21.12.2016, 23:55
| #18 |
| | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Mmh, ich habe das gleiche PW aber nirgendwo sonst eingesetzt. Und die Erinnerungsfunktion müsste mich über eine andere Email-Adresse oder Telefonnummer erreichen. Außerdem wurde das Passwort nicht geändert. Üblicherweise bekommt man lediglich die Gelegenheit ein neues Passwort zu vergeben und das hätte ich ja gemerkt.
__________________Außerdem ist mir bei einem anderen Email-Account vor zwei Wochen auch eine Auffälligkeit begegnet, wie mir soeben einfällt. Ich habe zweimal in Folge bemerkt, wie neu angekommene Emails schon als "gelesen" markiert waren, ohne, dass ich sie selbst geöffnet hätte. Die geöffneten waren jedoch nur Spammails. Damals dachte ich, dass es vielleicht ein Bug ist, der mit irgendwelchen Sonderzeichen dem Titel der Mail zusammenhängt. Aber mir ist gerade noch eine andere Erklärung eingefallen. Eventuell hat der Angreifer auch diesen Account mit einem Email-Programm abgeholt, welches jedoch die Spammails, im Gegensatz zu meinem direkt in den Spamordner verschoben und als gelesen markiert hat. Der Angreifer hat dann meine Mails gelesen, sie hinterher wieder als ungelesen markiert, dabei jedoch die automatisch verschobenen übersehen. Deshalb waren diese bei mir noch als gelesen markiert. Ich hab mal einen Screenshot von LittleSnitch hier hochgeladen: http://www.trojaner-board.de/183597-...-gefunden.html Könntest Du mal reinschauen, ob da ein verdächtiger Prozess dabei ist? Wenn ich einen Trojaner habe, dann müsste der ja immer am Start sein und lauschen oder? Wie sieht es aus, wenn es ein Keylogger ist. Gehen die nur periodisch online um txt-files abzuschicken? Geändert von LauraCroft (22.12.2016 um 00:06 Uhr) |
|
22.12.2016, 00:12
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Wir hatten schon zig Male Ärger mit GMX/1&1 und keiner konte sich genau erklären was los war. => http://www.trojaner-board.de/172428-...nden-spam.html Mac OS X untersuchen kann hier nur dante12. Ich kenn OS X nicht. Dafür aber Linux (Debian/Ubuntu) und Windows.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
22.12.2016, 00:17
| #20 |
| | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Mmh ok. Danke. Spam wird allerdings ja keiner versendet. Alles ist sehr unauffällig. Nur diese eine Email, mit dem Hinweis, ich hätte über IMAP Emails abgeholt war auffällig. Ich frag auch mal Dante12. Was hältst Du von meiner Beobachtung in meinem anderen Email-Account? (Nicht GMX) |
|
22.12.2016, 01:03
| #21 |
| /// Mac Expert   | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? @LauraCroft Es kann natürlich etwas mit dem Sender Privacy Framework (SPF) was gmx, web.de usf. in diesem Jahr einführten zu tun haben. Dieses Protokoll ist sehr fehleranfällig und es gibt zahlreiche Probleme mit anderen Providern beim Weiterleitungen oder Abholen. Auf keinen Fall haben solche Meldungen über Mails Zugriff auf deinen Schlüsselbund. Für diese Art von Zugriff musst du aktiv ein Programm installieren und sogar das Admin-Passwort eingeben. Wenn du so etwas nicht getan hast besteht überhaupt keine Gefahr. Nachfolgend eine Anleitung um zu prüfen ob an deinem Rechner etwas sein könnte: EtreCheck installieren
 Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? |
|
23.12.2016, 12:35
| #22 |
| | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran?Code:
ATTFilter EtreCheck version: 3.1.5 (343)
Report generated 2016-12-23 12:29:55
Download EtreCheck from https://etrecheck.com
Runtime 2:29
Performance: Excellent
Click the [Support] links for help with non-Apple products.
Click the [Details] links for more information about that line.
Problem: No problem - just checking
Hardware Information: ⓘ
iMac (Retina 4K, 21.5-inch, Late 2015)
[Technical Specifications] - [User Guide] - [Warranty & Service]
iMac - model: iMac16,2
1 3,3 GHz Intel Core i7 (i7-5775R) CPU: 4-core
16 GB RAM Not upgradeable
BANK 0/DIMM0
8 GB DDR3 1867 MHz ok
BANK 1/DIMM0
8 GB DDR3 1867 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: Unknown
Video Information: ⓘ
Intel Iris Pro Graphics 6200
SAMSUNG 2048 x 1152 @ 60 Hz
iMac 4096 x 2304
System Software: ⓘ
macOS Sierra 10.12.1 (16B2555) - Time since boot: about 5 days
Disk Information: ⓘ
APPLE SSD SM0256G disk0 : (251 GB) (Solid State - TRIM: Yes)
[Show SMART report]
EFI (disk0s1) <not mounted> : 210 MB
iMac HD 1 (disk0s2) / [Startup]: 250.14 GB (122.61 GB free)
Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB
USB Information: ⓘ
Broadcom Corp. Bluetooth USB Host Controller
Apple Inc. FaceTime HD Camera (Built-in)
Thunderbolt Information: ⓘ
Apple Inc. thunderbolt_bus
Configuration files: ⓘ
/etc/sysctl.conf - File exists but not expected
Gatekeeper: ⓘ
Mac App Store and identified developers
Unknown Files: ⓘ
/Library/LaunchDaemons/com.sibersystems.gs-helper.plist
/Library/PrivilegedHelperTools/com.sibersystems.gs-helper
/Library/LaunchDaemons/com.sibersystems.gsync-[redacted].plist
/Library/Application Support/GoodSync/gsync /runner-service
2 unknown files found. [Check files]
Kernel Extensions: ⓘ
/Applications/AVG AntiVirus.app
[loaded] com.avg.Antivirus.OnAccess.kext (4822 - SDK 10.8 - 2016-12-21) [Support]
/Applications/Parallels Desktop.app
[not loaded] com.parallels.kext.hypervisor (11.2.1 32626 - SDK 10.9 - 2016-07-24) [Support]
[not loaded] com.parallels.kext.netbridge (11.2.1 32626 - SDK 10.9 - 2016-07-24) [Support]
[not loaded] com.parallels.kext.usbconnect (11.2.1 32626 - SDK 10.9 - 2016-07-24) [Support]
[not loaded] com.parallels.kext.vnic (11.2.1 32626 - SDK 10.9 - 2016-07-24) [Support]
/Applications/Tunnelblick.app
[not loaded] net.tunnelblick.tap (20141104 (Tunnelblick build 4685) - 2016-11-18) [Support]
[not loaded] net.tunnelblick.tun (20141104 (Tunnelblick build 4685) - 2016-11-18) [Support]
/Library/Extensions
[loaded] at.obdev.nke.LittleSnitch (3.7.1 - SDK 10.11 - 2016-12-14) [Support]
[not loaded] com.kaspersky.kext.klif (3.3.0a1 - 2016-12-14) [Support]
[not loaded] com.kaspersky.nke (2.1.0 - 2016-12-14) [Support]
~/Library/Application Support/Boxcryptor/Boxcryptor 768/Boxcryptor.app
[loaded] com.boxcryptor.BCFS.filesystems.bcfs (3.5.2 - SDK 10.9 - 2016-10-03) [Support]
~/Library/Application Support/Plex/Plex Media Server.app
[not loaded] com.Cycling74.driver.Soundflower (1.5.1 - 2011-08-01) [Support]
System Launch Agents: ⓘ
[not loaded] 7 Apple tasks
[loaded] 153 Apple tasks
[running] 111 Apple tasks
System Launch Daemons: ⓘ
[not loaded] 41 Apple tasks
[loaded] 153 Apple tasks
[running] 109 Apple tasks
Launch Agents: ⓘ
[running] at.obdev.LittleSnitchUIAgent.plist (2016-12-12) [Support]
[failed] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (2016-10-12) [Support]
[running] com.avg.Antivirus.gui.plist (2016-12-21) [Support]
[running] com.fujitsu.pfu.ScanSnap.AOUMonitor.plist (2016-11-05) [Support]
[not loaded] net.culater.SIMBL.Agent.plist (2015-01-16) [Support]
[loaded] org.macosforge.xquartz.startx.plist (2015-10-16) [Support]
Launch Daemons: ⓘ
[running] at.obdev.littlesnitchd.plist (2016-12-12) [Support]
[loaded] com.adobe.ARMDC.Communicator.plist (2016-10-12) [Support]
[loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (2016-10-12) [Support]
[loaded] com.adobe.fpsaud.plist (2016-12-11) [Support]
[loaded] com.avg.Antivirus.crashpad.plist (2016-12-06) [Support]
[running] com.avg.Antivirus.infosd.plist (2016-12-06) [Support]
[running] com.avg.Antivirus.services.plist (2016-12-06) [Support]
[loaded] com.boxcryptor.BCFS.KextLoaderHelper.plist (2016-01-09) [Support]
[loaded] com.boxcryptor.BCFS.Mounter.Helper.plist (2016-10-27) [Support]
[running] com.boxcryptor.osx.PrivilegedHelper.plist (2016-10-27) [Support]
[running] com.malwarebytes.HelperTool.plist (2016-12-18) [Support]
[running] com.microsoft.autoupdate.helper.plist (2016-12-15) [Support]
[loaded] com.microsoft.office.licensing.helper.plist (2014-11-17) [Support]
[loaded] com.microsoft.office.licensingV2.helper.plist (2016-01-09) [Support]
[running] com.siber.gs-server.plist (2016-12-16) [Support]
[loaded] com.sibersystems.gs-helper.plist (2016-12-16) [Support]
[failed] com.sibersystems.gsync-[redacted].plist (2016-12-16) [Support]
[loaded] net.tunnelblick.tunnelblick.tunnelblickd.plist (2016-12-19) [Support]
[loaded] org.macosforge.xquartz.privileged_startx.plist (2015-10-16) [Support]
User Launch Agents: ⓘ
[loaded] com.google.keystone.agent.plist (2016-08-24) [Support]
[running] com.plexapp.helper.plist (2016-11-03) [Support]
[running] com.spotify.webhelper.plist (2016-11-20) [Support]
[not loaded] com.symantec.NortonInstaller.plist (2016-12-21) [Support] - /Applications/Install Norton Security.app/Contents/MacOS/Install Norton Security: Executable not found!
[not loaded] net.tunnelblick.tunnelblick.LaunchAtLogin.plist (2016-11-18) [Support]
User Login Items: ⓘ
CheatSheet Programm
(/Applications/CheatSheet.app)
iTunesHelper Programm Hidden (2016-12-14)
(/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)
Boxcryptor Programm Hidden
(/Applications/Boxcryptor.app)
OneDrive Programm Hidden
(/Applications/OneDrive.app)
GoodSync Programm Hidden
(/Applications/GoodSync.app)
MacID Programm
(/Applications/MacID.app)
Internet Plug-ins: ⓘ
FlashPlayer-10.6: 24.0.0.186 - SDK 10.9 (2016-12-14) [Support]
QuickTime Plugin: 7.7.3 (2016-10-29)
AdobePDFViewerNPAPI: 15.017.20053 - SDK 10.11 (2016-08-06) [Support]
AdobePDFViewer: 15.017.20053 - SDK 10.11 (2016-08-06) [Support]
Flash Player: 24.0.0.186 - SDK 10.9 (2016-12-14) [Support]
SharePointBrowserPlugin: 14.6.6 - SDK 10.6 (2016-07-13) [Support]
Silverlight: 5.1.41212.0 - SDK 10.6 (2016-02-13) [Support]
JavaAppletPlugin: 15.0.1 - SDK 10.12 (2016-08-29) Check version
Safari Extensions: ⓘ
Adblock Plus - Eyeo GmbH - https://adblockplus.org/ (2016-01-10)
Open in Internet Explorer - Parallels - hxxp://www.parallels.com (2016-07-24)
Browser-Add-on zur Deaktivierung von Google Analytics - Google, Inc. - hxxp://tools.google.com/dlpage/gaoptout (2014-10-11)
3rd Party Preference Panes: ⓘ
Flash Player (2016-12-11) [Support]
Time Machine: ⓘ
Skip System Files: NO
Mobile backups: OFF
Auto backup: YES
Volumes being backed up:
iMac HD 1: Disk size: 250.14 GB Disk used: 127.53 GB
Destinations:
HD1 Backup - TimeMachine [Network]
Total size: 5.95 TB
Total number of backups: 32
Oldest backup: 16.11.16, 17:04
Last backup: 18.12.16, 21:13
Size of backup disk: Excellent
Backup size 5.95 TB > (Disk size 250.14 GB X 3)
Top Processes by CPU: ⓘ
13% WindowServer
4% Safari
2% kernel_task
2% com.apple.AmbientDisplayAgent
1% com.apple.WebKit.WebContent(6)
Top Processes by Memory: ⓘ
1.34 GB kernel_task
1.23 GB com.apple.WebKit.WebContent(6)
459 MB Safari
344 MB Mail
213 MB mdworker(8)
Virtual Memory Information: ⓘ
8.19 GB Available RAM
4.67 GB Free RAM
7.81 GB Used RAM
3.52 GB Cached files
1.35 GB Swap Used
|
|
23.12.2016, 12:50
| #23 | |
| /// Mac Expert | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Uhmp Zitat:
dann... MalwareBytes for Mac
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche?  Spende fürs trojaner-board? |
|
23.12.2016, 16:23
| #24 |
| | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Ok mach ich. Kaspersky und Norton sind eigentlich schon deinstalliert. Woran liegt es, dass da noch deren Reste rumliegen? Warum müssen die denn erst deinstalliert werden Malwarebytes scheint auch so zu laufen. Dein Einleitung "Uhmp" klingt nach Optimierungspotiential. :-) Elaboriere bitte. Ich schmeiß derweil die AVG und LS runter. Code:
ATTFilter Malwarebytes Anti-Malware 1.2.5.715 system report - 23. Dezember 2016 um 16:10:45 MEZ Mac OS X version Version 10.12.1 (Build 16B2555) System uptime: 0d 00:09:56 Helper tool version: 1.2.5.715 Signatures version: 152 Safari extensions ----------------------- Laura Laura Name: Adblock Plus Path: /Users/Laura/Library/Safari/Extensions/Adblock Plus-2.safariextz Modified: 2016-10-28 00:09:15 +0000 Name: Adblock Plus Path: /Users/Laura/Library/Safari/Extensions/Adblock Plus.safariextz Modified: 2016-01-05 11:40:07 +0000 Name: Path: /Users/Laura/Library/Safari/Extensions/Browser-Add-on zur Deaktivierung von Google Analytics.safariextz Modified: 2014-10-11 01:00:00 +0000 Name: Open in Internet Explorer Path: /Users/Laura/Library/Safari/Extensions/OpenIE.safariextz Modified: 2016-07-24 21:46:49 +0000 Chrome extensions ----------------------- Laura Default Name: Google Slides Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/aapocclcgogkmnckokdopfmhonfmgoek Modified: 2015-05-27 18:36:39 +0000 Name: Google Docs Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/aohghmighlieiainnegkcijnfilokake Modified: 2015-05-27 18:36:39 +0000 Name: Google Drive Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/apdfllckaahabafndbhieahigkjlhalf Modified: 2015-05-27 18:36:39 +0000 Name: YouTube Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/blpcfgokakmgnkcojhhkbfbldkacnbeo Modified: 2015-05-27 18:36:39 +0000 Name: Google Search Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/coobgpohoikkiipiblmjeljniedjpjpf Modified: 2015-05-27 18:36:39 +0000 Name: URL Advisor Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/ddoleachckhhdmhpbkddgechjfhnphpe Modified: 2015-05-27 18:36:11 +0000 Name: Google Sheets Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/felcaaldnbdncclmgdcncolpebgiejap Modified: 2015-05-27 18:36:39 +0000 Name: Chrome Hotword Shared Module Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/lccekmodgklaepjeofjdjpbminllajkg Modified: 2015-05-27 18:36:13 +0000 Name: Virtual Keyboard Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/mcobjbefejmnadahpjbfibgkgchhmjke Modified: 2015-05-27 18:36:11 +0000 Name: Google Wallet Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda Modified: 2015-05-27 18:36:39 +0000 Name: Gmail Path: /Users/Laura/Library/Application Support/Google/Chrome/Default/Extensions/pjkljhegncpnkpknbcohdijeoejaedia Modified: 2015-05-27 18:36:39 +0000 Chrome Name: [unknown Chrome extension format] Path: /Users/Laura/Library/Application Support/Google/Chrome/External Extensions/mcobjbefejmnadahpjbfibgkgchhmjke.json Modified: 2015-10-29 20:29:54 +0000 Name: [unknown Chrome extension format] Path: /Users/Laura/Library/Application Support/Google/Chrome/External Extensions/pkieijajahdaingdfhjldoilpicoogel.json Modified: 2015-10-29 20:29:52 +0000 Firefox extensions ----------------------- Laura User Login Items ----------------------- User: Laura Name: CheatSheet Path: /Applications/CheatSheet.app Name: iTunesHelper Path: /Applications/iTunes.app/Contents/MacOS/iTunesHelper.app Name: Boxcryptor Path: /Applications/Boxcryptor.app Name: HD1 - Media iTunes Path: (null) Name: OneDrive Path: /Applications/OneDrive.app Name: GoodSync Path: /Applications/GoodSync.app Name: NIHardwareAgent Path: /Library/Application Support/Native Instruments/Hardware/NIHardwareAgent.app Name: MacID Path: /Applications/MacID.app System startup items ----------------------- User launch agents ----------------------- /Users/Laura/Library/LaunchAgents/com.google.keystone.agent.plist /Users/Laura/Library/LaunchAgents/com.plexapp.helper.plist /Users/Laura/Library/LaunchAgents/com.spotify.webhelper.plist /Users/Laura/Library/LaunchAgents/com.symantec.NortonInstaller.plist /Users/Laura/Library/LaunchAgents/net.tunnelblick.tunnelblick.LaunchAtLogin.plist System launch agents ----------------------- /Library/LaunchAgents/com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist /Library/LaunchAgents/com.fujitsu.pfu.ScanSnap.AOUMonitor.plist /Library/LaunchAgents/net.culater.SIMBL.Agent.plist /Library/LaunchAgents/org.macosforge.xquartz.startx.plist System launch daemons ----------------------- /Library/LaunchDaemons/com.adobe.ARMDC.Communicator.plist /Library/LaunchDaemons/com.adobe.ARMDC.SMJobBlessHelper.plist /Library/LaunchDaemons/com.adobe.fpsaud.plist /Library/LaunchDaemons/com.boxcryptor.BCFS.KextLoaderHelper.plist /Library/LaunchDaemons/com.boxcryptor.BCFS.Mounter.Helper.plist /Library/LaunchDaemons/com.boxcryptor.osx.PrivilegedHelper.plist /Library/LaunchDaemons/com.malwarebytes.HelperTool.plist /Library/LaunchDaemons/com.microsoft.autoupdate.helper.plist /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist /Library/LaunchDaemons/com.microsoft.office.licensingV2.helper.plist /Library/LaunchDaemons/com.siber.gs-server.plist /Library/LaunchDaemons/com.sibersystems.gs-helper.plist /Library/LaunchDaemons/com.sibersystems.gsync-SamGold.plist /Library/LaunchDaemons/net.tunnelblick.tunnelblick.tunnelblickd.plist /Library/LaunchDaemons/org.macosforge.xquartz.privileged_startx.plist Kernel extensions ----------------------- /Library/Extensions/ACS6x.kext /Library/Extensions/ArcMSR.kext /Library/Extensions/ATTOCelerityFC8.kext /Library/Extensions/ATTOExpressSASHBA2.kext /Library/Extensions/ATTOExpressSASRAID2.kext /Library/Extensions/CalDigitHDProDrv.kext /Library/Extensions/EPSONUSBPrintClass.kext /Library/Extensions/HighPointIOP.kext /Library/Extensions/HighPointRR.kext /Library/Extensions/klif.kext /Library/Extensions/klnke.kext /Library/Extensions/PromiseSTEX.kext /Library/Extensions/SoftRAID.kext launchd.conf contents ----------------------- Hosts file ----------------------- ## # Host Database # # localhost is used to configure the loopback interface # when the system is booting. Do not change this entry. ## 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost Scan log ----------------------- 2016-12-18 21:09:44 : 2016-12-18 21:09:45 : ----- Scan Started ----- 2016-12-18 21:09:45 : Scanning with signatures version 120 (2016-9-19) 2016-12-18 21:09:53 : *** Scan time: 0d 00:00:08 *** 2016-12-18 21:09:53 : ------ Scan Ended ------ 2016-12-19 14:15:08 : 2016-12-19 14:15:08 : ----- Scan Started ----- 2016-12-19 14:15:08 : Scanning with signatures version 152 (2016-12-12) 2016-12-19 14:18:06 : *** Scan time: 0d 00:02:57 *** 2016-12-19 14:18:06 : ------ Scan Ended ------ 2016-12-23 16:02:14 : 2016-12-23 16:02:14 : ----- Scan Started ----- 2016-12-23 16:02:14 : Scanning with signatures version 152 (2016-12-12) 2016-12-23 16:03:06 : *** Scan time: 0d 00:00:51 *** 2016-12-23 16:03:06 : ------ Scan Ended ------ |
|
23.12.2016, 17:13
| #25 | |||
| /// Mac Expert | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran?Zitat:
Zitat:
Zitat:
Schritt 1 und weiter, prüfe bitte ob folgende Einträge noch in deinem System sind.
Pfad: Code:
ATTFilter ~/Library/LaunchAgents
Schritt 2 Nachfolgen führe bitte die Schritte aus dem Lesestoff aus Sicherer Systemstart
Sierra: Für gewöhnlich steht oben rechts in roter Schrift der Hinweis für den sicheren Systemstart. Bei Sierra kann es vorkommen das dieser Hinweis nicht angezeigt wird. Log dich deshalb bitte ein und prüfe das in dem du folgende Schritte ausführst.
Schritt 3 Prüfen mit DetectX
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? |
|
23.12.2016, 23:28
| #26 |
| | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran?Code:
ATTFilter DetectX Inspector: Timestamp (6): 23 Dez., 2016 11:10:17 PM Mitteleuropäische Normalzeit MODEL: iMac16,2 RAM: 16.384 GB DISK SPACE: 50.57% OS X: 10.12.1 BUILD: 16B2555 Login Items: "CheatSheet" "iTunesHelper" "Boxcryptor" "HD1 - Media iTunes" "OneDrive" "GoodSync" Home folder: hidden & invisibles (path: ~/) .bash_history .bash_sessions .cache .CFUserTextEncoding .config .cups .dropbox .DS_Store .fontconfig .gitconfig .gitignore_global .goodsync .hgignore_global .hornetdrive .lesshst .plex .plexht .Rhistory .rstudio-desktop .ssh .subversion Papierkorb Library User Library: (path: ~/Library/) .DS_Store .localized Accounts Address Book Plug-Ins Application Scripts Application Support Assistant Assistants Audio Autosave Information Caches Calendars CallServices ColorPickers Colors com.apple.nsurlsessiond Compositions Containers Cookies CoreData CoreFollowUp Developer Dictionaries Favorites Filters FontCollections Fonts Fonts Disabled Frameworks GameKit Google Group Containers IdentityServices iMovie Input Methods Internet Plug-Ins iTunes Keyboard Keyboard Layouts KeyboardServices Keychains LanguageModeling LaunchAgents Logs Mail Maps Messages Metadata Mobile Documents openvpn Parallels Passes Personas PreferencePanes Preferences Printers PubSub Safari Saved Application State Screen Savers Services Sharing Sounds Spelling Suggestions SyncedPreferences TextWrangler Voices WebKit User Launch Agents: (path: ~/Library/LaunchAgents/) .DS_Store com.google.keystone.agent.plist com.plexapp.helper.plist com.spotify.webhelper.plist net.tunnelblick.tunnelblick.LaunchAtLogin.plist User Internet Plug-Ins: (path: ~/Library/Internet Plug-Ins/) User Application Support: (path: ~/Library/Application Support/) .apsgprsgs .DS_Store AddressBook Adobe Aperture App Store audacity Boxcryptor CallHistoryDB CallHistoryTransactions CEF CheatSheet CloudDocs com.apple.QuickLook com.apple.sbd com.apple.sharedfilelist com.apple.spotlight com.apple.spotlight.Shortcuts com.apple.TCC com.avg.Antivirus com.BuhlData.WISOsteuerMac2014 com.BuhlData.WISOsteuerMac2015 com.github.GitHub.ShipIt com.grammarly.DesktopEditor.ShipIt com.iskysoft.PDF_Editor_Pro com.mediaatelier.CheatSheet com.sibersystems.goodsyncmac2000 com.sqwarq.DetectX com.yourcompany.yourapp_146808414928158 Console CrashReporter DiskImages Dock DVD Player eSellerate EtreCheck Firefox GIMP GitHub for Mac GoodSync Google Grammarly HandBrake Helper icdd iCloud iLifeAssetManagement iLifeMediaBrowser iSerial Reader iskysoft Little Snitch Mail Malwarebytes Mendeley Desktop Micro Snitch Microsoft mixpanel-b23e89f7bfb31077ff70c93adb1bac7b-events.plist mixpanel-b23e89f7bfb31077ff70c93adb1bac7b-people.plist mixpanel-b23e89f7bfb31077ff70c93adb1bac7b-properties.plist MobileSync Movavi Movavi Video Converter 6 Mozilla Native Instruments OmniFocus org.videolan.vlc PFU Plex Plex Home Theater Preview Quick Look Skype Skype.app SourceTree SpiderOak Spotify SyncServices T TextWrangler TorBrowser-Data Tunnelblick Wine WineBottler Xcode Safari Extensions: (path: ~/Library/Safari/Extensions/) Adblock Plus.safariextz Browser-Add-on zur Deaktivierung von Google Analytics.safariextz Extensions.plist OpenIE.safariextz uBlock Origin.safariextz Applications folder: .DS_Store .localized ABBYY FineReader Express.app ABBYY FineReader for ScanSnap Aperture.app App Store.app Audacity.app AudioBookBinder.app Automator.app AVG AntiVirus.app Boxcryptor.app Calculator.app Calendar.app CheatSheet.app Chess.app ClipGrab.app Contacts.app Dashboard.app DetectX.app Dictionary.app Disk Inventory X.app Dropbox.app DVD Player.app EtreCheck.app ExifPurge.app FaceTime.app Firefox.app Font Book.app Geekbench.app GIMP.app GitHub Desktop.app GoodSync.app Google Chrome.app Grammarly.app GsExplorer.app HandBrake.app iBooks.app iCal Dupe Deleter.app iExplorer.app Image Capture.app iSerial Reader.app iTunes.app Jaikoz.app Launchpad.app Little Snitch Configuration.app MacID.app Mail.app Malwarebytes Anti-Malware .app Maps.app Mendeley Desktop.app Messages.app Micro Snitch.app Microsoft Excel.app Microsoft OneNote.app Microsoft Outlook.app Microsoft PowerPoint.app Microsoft Remote Desktop.app Microsoft Silverlight Microsoft Word.app Mission Control.app Native Instruments Notes.app OmniFocus.app OneDrive.app Overtone Analyzer Free Edition.lnk Parallels Desktop.app Photo Booth.app Photos.app Plex Home Theater.app Plex.app Pocket.app Preview.app Prezi.app PropEdit.app QuickTime Player.app R.app ReadKit.app Reminders.app RStudio.app Safari.app ScanSnap ScanSnap Manual.localized ScanSnap Online Update.localized ScanSnap Organizer Siri.app Skim.app Skype.app SourceTree.app Spotify.app steuerMac 2016.app Stickies.app Streaming.app Synology Assistant.app System Preferences.app Telegram Desktop.app TextEdit.app TextWrangler.app The Unarchiver.app Time Machine.app TorBrowser.app Tunnelblick.app UnRarX.app Utilities VLC.app VPNAutoConnect.app Windows 10 Users Shared Folder: (path: /Users/Shared:) .apsgprsgs .DS_Store .localized adi SC Info Local Domain Library Folder (path: /Library/) .localized Application Support Audio Automator Caches ColorPickers ColorSync Components Compositions Contextual Menu Items CoreMediaIO Desktop Pictures DirectoryServices Documentation DropboxHelperTools Extensions Filesystems Fonts Fonts Disabled Frameworks Graphics Handsoff Image Capture Input Methods Internet Plug-Ins Java Keyboard Layouts Keychains LaunchAgents LaunchDaemons Little Snitch Logs Managed Preferences Messages Modem Scripts OpenDirectory PDF Services Perl PreferencePanes Preferences Printers PrivilegedHelperTools Python QuickLook QuickTime Receipts Ruby Sandbox Screen Savers ScriptingAdditions Scripts Security Services Speech Spotlight StartupItems SystemMigration SystemProfiler Updates User Pictures Video WebServer Widgets Local Domain Library Application Support (path: /Library/Application Support/) .run Adobe App Store Apple ApplePushService BootCamp com.apple.TCC com.avg.Antivirus com.buhl-data CrashReporter GoodSync Google iLifeMediaBrowser Kaspersky Lab Macromedia Microsoft Native Instruments Objective Development PFU ProApps Script Editor SIMBL Tunnelblick Local Domain Library Launch Agents (path: /Library/LaunchAgents/) at.obdev.LittleSnitchUIAgent.plist com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist com.avg.Antivirus.gui.plist com.fujitsu.pfu.ScanSnap.AOUMonitor.plist net.culater.SIMBL.Agent.plist org.macosforge.xquartz.startx.plist Local Domain Library Launch Daemon (path: /Library/LaunchDaemons/) at.obdev.littlesnitchd.plist com.adobe.ARMDC.Communicator.plist com.adobe.ARMDC.SMJobBlessHelper.plist com.adobe.fpsaud.plist com.avg.Antivirus.crashpad.plist com.avg.Antivirus.infosd.plist com.avg.Antivirus.services.plist com.boxcryptor.BCFS.KextLoaderHelper.plist com.boxcryptor.BCFS.Mounter.Helper.plist com.boxcryptor.osx.PrivilegedHelper.plist com.malwarebytes.HelperTool.plist com.microsoft.autoupdate.helper.plist com.microsoft.office.licensing.helper.plist com.microsoft.office.licensingV2.helper.plist com.siber.gs-server.plist com.sibersystems.gs-helper.plist com.sibersystems.gsync-SamGold.plist net.tunnelblick.tunnelblick.tunnelblickd.plist org.macosforge.xquartz.privileged_startx.plist Local Domain Library Internet Plug-Ins (path: /Library/Internet Plug-Ins/) AdobePDFViewer.plugin AdobePDFViewerNPAPI.plugin Disabled Plug-Ins Flash Player.plugin flashplayer.xpt JavaAppletPlugin.plugin Quartz Composer.webplugin SharePointBrowserPlugin.plugin SharePointWebKitPlugin.webplugin Silverlight.plugin Local Domain Library PrivilegedHelperTools (path: /Library/PrivilegedHelperTools/) com.adobe.ARMDC.Communicator com.adobe.ARMDC.SMJobBlessHelper com.boxcryptor.BCFS.KextLoaderHelper com.boxcryptor.BCFS.Mounter.Helper com.boxcryptor.osx.PrivilegedHelper com.malwarebytes.HelperTool com.microsoft.autoupdate.helper com.microsoft.office.licensing.helper com.microsoft.office.licensingV2.helper com.sibersystems.gs-helper Local Domain Library Scripting Additions (path: /Library/ScriptingAdditions) SIMBL.osax Local Domain Library StartupItems (path: /Library/StartupItems) Sudo Permissions File: (path: /etc/sudoers) /etc/sudoers was created on 2015-07-31 23:38:00 +0200 and does not appear to have been modified since. ------------------------- ▼ ------------------------- Installer History (path: /Library/Receipts/InstallHistory.plist) Recent items: Traktor 2 installed on 2016-12-06 15:50:10 +0000 Traktor 2 installed on 2016-12-06 16:02:11 +0000 Chinese Word List Update installed on 2016-12-07 19:09:33 +0000 Gatekeeper Configuration Data installed on 2016-12-07 19:09:36 +0000 iTunes installed on 2016-12-14 11:52:35 +0000 Adobe Flash Player installed on 2016-12-14 11:55:18 +0000 Microsoft AutoUpdate installed on 2016-12-15 16:52:16 +0000 Gatekeeper Configuration Data installed on 2016-12-15 17:48:35 +0000 Gatekeeper Configuration Data installed on 2016-12-18 12:22:41 +0000 VPNAutoConnect installed on 2016-12-18 21:34:10 +0000 Microsoft PowerPoint for Mac installed on 2016-12-19 00:26:35 +0000 Microsoft Outlook for Mac installed on 2016-12-19 00:27:07 +0000 Microsoft Excel for Mac installed on 2016-12-19 00:27:42 +0000 Microsoft Word for Mac installed on 2016-12-19 00:28:41 +0000 Microsoft OneNote for Mac installed on 2016-12-19 11:45:04 +0000 System Launch Agents: (path:/System/Library/LaunchAgents/) com.apple.accountsd.plist com.apple.AddressBook.abd.plist com.apple.AddressBook.AssistantService.plist com.apple.AddressBook.ContactsAccountsService.plist com.apple.AddressBook.SourceSync.plist com.apple.AirPlayUIAgent.plist com.apple.AirPortBaseStationAgent.plist com.apple.akd.plist com.apple.alf.useragent.plist com.apple.AOSHeartbeat.plist com.apple.AOSPushRelay.plist com.apple.AppleGraphicsWarning.plist com.apple.appleseed.seedusaged.plist com.apple.appsleepd.plist com.apple.appstoreupdateagent.plist com.apple.apsctl.plist com.apple.askpermissiond.plist com.apple.AskPermissionUI.plist com.apple.AssetCacheLocatorService.plist com.apple.assistant_service.plist com.apple.assistantd.plist com.apple.AssistiveControl.plist com.apple.avconferenced.plist com.apple.bird.plist com.apple.bluetooth.PacketLogger.plist com.apple.bluetoothUIServer.plist com.apple.btsa.plist com.apple.cache_delete.plist com.apple.CalendarAgent.plist com.apple.CallHistoryPluginHelper.plist com.apple.CallHistorySyncHelper.plist com.apple.cdpd.plist com.apple.cfnetwork.AuthBrokerAgent.plist com.apple.cfnetwork.cfnetworkagent.plist com.apple.cfprefsd.xpc.agent.plist com.apple.cloudd.plist com.apple.cloudfamilyrestrictionsd-mac.plist com.apple.cloudpaird.plist com.apple.cloudphotosd.plist com.apple.cmfsyncagent.plist com.apple.CommCenter-osx.plist com.apple.ContactsAgent.plist com.apple.ContainerRepairAgent.plist com.apple.CoreAuthentication.agent.plist com.apple.CoreLocationAgent.plist com.apple.CoreRAIDAgent.plist com.apple.coreservices.appleid.authentication.plist com.apple.coreservices.lsactivity.plist com.apple.coreservices.sharedfilelistd.plist com.apple.coreservices.UASharedPasteboardProgressUI.plist com.apple.coreservices.uiagent.plist com.apple.CryptoTokenKit.ahp.agent.plist com.apple.csuseragent.plist com.apple.ctkbind.plist com.apple.ctkd.plist com.apple.cvmsCompAgent3425AMD_i386.plist com.apple.cvmsCompAgent3425AMD_i386_1.plist com.apple.cvmsCompAgent3425AMD_x86_64.plist com.apple.cvmsCompAgent3425AMD_x86_64_1.plist com.apple.cvmsCompAgent3600_i386.plist com.apple.cvmsCompAgent3600_i386_1.plist com.apple.cvmsCompAgent3600_x86_64.plist com.apple.cvmsCompAgent3600_x86_64_1.plist com.apple.cvmsCompAgent_i386.plist com.apple.cvmsCompAgent_i386_1.plist com.apple.cvmsCompAgent_x86_64.plist com.apple.cvmsCompAgent_x86_64_1.plist com.apple.cvmsCompAgentLegacy_i386.plist com.apple.cvmsCompAgentLegacy_i386_1.plist com.apple.cvmsCompAgentLegacy_x86_64.plist com.apple.cvmsCompAgentLegacy_x86_64_1.plist com.apple.DataDetectorsLocalSources.plist com.apple.DiagnosticReportCleanup.plist com.apple.diagnostics_agent.plist com.apple.DictationIM.plist com.apple.DiskArbitrationAgent.plist com.apple.diskspaced.plist com.apple.distnoted.xpc.agent.plist com.apple.Dock.plist com.apple.dt.CommandLineTools.installondemand.plist com.apple.DwellControl.plist com.apple.EscrowSecurityAlert.plist com.apple.familycircled.plist com.apple.familycontrols.useragent.plist com.apple.familynotificationd.plist com.apple.FileStatsAgent.plist com.apple.FilesystemUI.plist com.apple.Finder.plist com.apple.findmymacmessenger.plist com.apple.FirmwareUpdateHelper.plist com.apple.FolderActionsDispatcher.plist com.apple.followupd.plist com.apple.FollowUpUI.plist com.apple.fontd.useragent.plist com.apple.FontRegistryUIAgent.plist com.apple.FontValidator.plist com.apple.FontValidatorConduit.plist com.apple.FontWorker.plist com.apple.FTCleanup.plist com.apple.gamed.plist com.apple.geodMachServiceBridge.plist com.apple.helpd.plist com.apple.icdd.plist com.apple.icloud.findmydeviced.findmydevice-user-agent.plist com.apple.icloud.fmfd.plist com.apple.iCloudUserNotifications.plist com.apple.iconservices.iconservicesagent.plist com.apple.identityservicesd.plist com.apple.idsremoteurlconnectionagent.plist com.apple.imagent.plist com.apple.imavagent.plist com.apple.imklaunchagent.plist com.apple.IMLoggingAgent.plist com.apple.imtransferagent.plist com.apple.installandsetup.migrationhelper.user.plist com.apple.installd.user.plist com.apple.InstallerProgress.la.plist com.apple.isst.plist com.apple.java.InstallOnDemand.plist com.apple.java.updateSharing.plist com.apple.keyboardservicesd.plist com.apple.languageassetd.plist com.apple.lateragent.plist com.apple.locationmenu.plist com.apple.loginwindow.LWWeeklyMessageTracer.plist com.apple.lsd.plist com.apple.ManagedClientAgent.agent.plist com.apple.ManagedClientAgent.enrollagent.plist com.apple.Maps.pushdaemon.plist com.apple.maspushagent.plist com.apple.mbbackgrounduseragent.plist com.apple.mbfloagent.plist com.apple.mbuseragent.plist com.apple.mdmclient.agent.plist com.apple.mdworker.32bit.plist com.apple.mdworker.bundles.plist com.apple.mdworker.isolation.plist com.apple.mdworker.lsb.plist com.apple.mdworker.mail.plist com.apple.mdworker.shared.plist com.apple.mdworker.single.plist com.apple.mdworker.sizing.plist com.apple.mediaanalysisd.plist com.apple.mediaremoteagent.plist com.apple.metadata.mdbulkimport.plist com.apple.metadata.mdflagwriter.plist com.apple.metadata.mdwrite.plist com.apple.midiserver.plist com.apple.MRTa.plist com.apple.navd.plist com.apple.neagent.plist com.apple.netauth.user.auth.plist com.apple.netauth.user.gui.plist com.apple.NetworkDiagnostics.plist com.apple.networkserviceproxy-osx.plist com.apple.noticeboard.agent.plist com.apple.notificationcenterui.plist com.apple.nsurlsessiond.plist com.apple.nsurlstoraged.plist com.apple.OSDUIHelper.plist com.apple.PackageKit.InstallStatus.plist com.apple.parentalcontrols.check.plist com.apple.parsecd.plist com.apple.passd.plist com.apple.pboard.plist com.apple.pbs.plist com.apple.PCIESlotCheck.plist com.apple.personad.plist com.apple.photoanalysisd.plist com.apple.photolibraryd.plist com.apple.PhotoLibraryMigrationUtility.XPC.plist com.apple.pictd.plist com.apple.PIPAgent.plist com.apple.pluginkit.pkd.plist com.apple.pluginkit.pkreporter.plist com.apple.powerchime.plist com.apple.printtool.agent.plist com.apple.printuitool.agent.plist com.apple.protectedcloudstorage.protectedcloudkeysyncing.plist com.apple.PubSub.Agent.plist com.apple.quicklook.32bit.plist com.apple.quicklook.config.plist com.apple.quicklook.plist com.apple.quicklook.ThumbnailsAgent.plist com.apple.quicklook.ui.helper.plist com.apple.rcd.plist com.apple.recentsd.plist com.apple.RemoteDesktop.plist com.apple.ReportCrash.plist com.apple.ReportCrash.Self.plist com.apple.ReportGPURestart.plist com.apple.ReportPanic.plist com.apple.reversetemplated.plist com.apple.Safari.SafeBrowsing.Service.plist com.apple.SafariCloudHistoryPushAgent.plist com.apple.safaridavclient.plist com.apple.SafariNotificationAgent.plist com.apple.SafariPlugInUpdateNotifier.plist com.apple.scopedbookmarkagent.xpc.plist com.apple.ScreenReaderUIServer.plist com.apple.screensharing.agent.plist com.apple.screensharing.MessagesAgent.plist com.apple.scrod.plist com.apple.secd.plist com.apple.secinitd.plist com.apple.security.agent.plist com.apple.security.cloudkeychainproxy3.plist com.apple.security.DiskUnmountWatcher.plist com.apple.security.idskeychainsyncingproxy.plist com.apple.security.keychain-circle-notification.plist com.apple.sharingd.plist com.apple.Siri.plist com.apple.soagent.plist com.apple.SocialPushAgent.plist com.apple.softwareupdate_notify_agent.plist com.apple.speech.speechdatainstallerd.plist com.apple.speech.speechsynthesisd.plist com.apple.speech.synthesisserver.plist com.apple.spindump_agent.plist com.apple.spotlight.IndexAgent.plist com.apple.Spotlight.plist com.apple.SSInvitationAgent.plist com.apple.StorageManagementUIHelper.plist com.apple.storeaccountd.plist com.apple.storeassetd.plist com.apple.storedownloadd.plist com.apple.storeinappd.plist com.apple.storeinstallagent.plist com.apple.storelegacy.plist com.apple.storeuid.plist com.apple.suggestd.plist com.apple.sulogoutmonitor.plist com.apple.swcd.plist com.apple.syncdefaultsd.plist com.apple.syncservices.SyncServer.plist com.apple.syncservices.uihandler.plist com.apple.sysdiagnose_agent.plist com.apple.systemprofiler.plist com.apple.SystemUIServer.plist com.apple.talagent.plist com.apple.tccd.plist com.apple.telephonyutilities.callservicesd.plist com.apple.thermaltrap.plist com.apple.tiswitcher.plist com.apple.TMHelperAgent.plist com.apple.TMHelperAgent.SetupOffer.plist com.apple.touristd.plist com.apple.trustd.agent.plist com.apple.TrustEvaluationAgent.plist com.apple.universalaccessAuthWarn.plist com.apple.universalaccesscontrol.plist com.apple.universalaccessd.plist com.apple.universalaccessHUD.plist com.apple.unmountassistant.useragent.plist com.apple.USBAgent.plist com.apple.UserEventAgent-Aqua.plist com.apple.UserEventAgent-LoginWindow.plist com.apple.usernoted.plist com.apple.UserNotificationCenterAgent-LoginWindow.plist com.apple.UserNotificationCenterAgent.plist com.apple.VoiceOver.plist com.apple.warmd_agent.plist com.apple.webdriverd.plist com.apple.webinspectord.plist com.apple.WebKit.PluginAgent.plist com.apple.wifi.WiFiAgent.plist com.apple.WiFiVelocityAgent.plist com.apple.xpc.loginitemregisterd.plist com.apple.xpc.otherbsd.plist com.apple.ZoomWindow.plist com.openssh.ssh-agent.plist System Launch Daemons: (path:/System/Library/LaunchDaemons/) bootps.plist com.apple.afpfs_afpLoad.plist com.apple.afpfs_checkafp.plist com.apple.airplaydiagnostics.server.mac.plist com.apple.AirPlayXPCHelper.plist com.apple.airport.wps.plist com.apple.airportd.plist com.apple.akd.plist com.apple.alf.agent.plist com.apple.AppleFileServer.plist com.apple.appleseed.fbahelperd.plist com.apple.applessdstatistics.plist com.apple.apsd.plist com.apple.aslmanager.plist com.apple.AssetCacheLocatorService.plist com.apple.atrun.plist com.apple.audio.coreaudiod.plist com.apple.audio.systemsoundserverd.plist com.apple.auditd.plist com.apple.autofsd.plist com.apple.automountd.plist com.apple.avbdeviced.plist com.apple.awacsd.plist com.apple.awdd.plist com.apple.backupd-auto.plist com.apple.backupd.plist com.apple.blued.plist com.apple.bluetoothaudiod.plist com.apple.bluetoothReporter.plist com.apple.bnepd.plist com.apple.bsd.dirhelper.plist com.apple.captiveagent.plist com.apple.cfprefsd.xpc.daemon.plist com.apple.cloudfamilyrestrictionsd-mac.plist com.apple.cmio.AppleCameraAssistant.plist com.apple.cmio.AVCAssistant.plist com.apple.cmio.IIDCVideoAssistant.plist com.apple.cmio.iOSScreenCaptureAssistant.plist com.apple.cmio.VDCAssistant.plist com.apple.colorsyncd.plist com.apple.CommCenterRootHelper.plist com.apple.comsat.plist com.apple.configd.plist com.apple.configureLocalKDC.plist com.apple.CoreAuthentication.daemon.plist com.apple.corecaptured.plist com.apple.coreduetd.osx.plist com.apple.CoreRAID.plist com.apple.coreservices.appleevents.plist com.apple.coreservices.appleid.passwordcheck.plist com.apple.coreservices.launchservicesd.plist com.apple.coreservices.sharedfilelistd.plist com.apple.coreservicesd.plist com.apple.corestorage.corestoraged.plist com.apple.corestorage.corestoragehelperd.plist com.apple.coresymbolicationd.plist com.apple.CrashReporterSupportHelper.plist com.apple.CryptoTokenKit.ahp.plist com.apple.csrutil.report.plist com.apple.ctkd.plist com.apple.cvmsServ.plist com.apple.DataDetectorsSourceAccess.plist com.apple.defragx.plist com.apple.DesktopServicesHelper.plist com.apple.diagnosticd.plist com.apple.diagnosticextensions.osx.bluetooth.helper.plist com.apple.diagnosticextensions.osx.getmobilityinfo.helper.plist com.apple.diagnosticextensions.osx.spotlight.helper.plist com.apple.diagnosticextensions.osx.timemachine.helper.plist com.apple.diagnosticextensions.osx.wifi.helper.plist com.apple.diskarbitrationd.plist com.apple.diskmanagementd.plist com.apple.diskmanagementstartup.plist com.apple.displaypolicyd.plist com.apple.distnoted.xpc.daemon.plist com.apple.dnsextd.plist com.apple.dpaudiothru.plist com.apple.dpd.plist com.apple.dprivacyd.plist com.apple.dspluginhelperd.plist com.apple.DuetHeuristic-BM-OSX.plist com.apple.DumpGPURestart.plist com.apple.DumpPanic.plist com.apple.dvdplayback.setregion.plist com.apple.dynamic_pager.plist com.apple.dz.dznd.plist com.apple.eapolcfg_auth.plist com.apple.efilogin-helper.plist com.apple.emlog.plist com.apple.emond.aslmanager.plist com.apple.emond.plist com.apple.eppc.plist com.apple.familycontrols.plist com.apple.FileCoordination.plist com.apple.findmymac.plist com.apple.findmymacmessenger.plist com.apple.firmwaresyncd.plist com.apple.fontd.plist com.apple.fontmover.plist com.apple.FontWorker.plist com.apple.fseventsd.plist com.apple.ftp-proxy.plist com.apple.GameController.gamecontrollerd.plist com.apple.getty.plist com.apple.gkreport.plist com.apple.GSSCred.plist com.apple.gssd.plist com.apple.hdiejectd.plist com.apple.hidd.plist com.apple.hidfud.plist com.apple.icloud.findmydeviced.plist com.apple.iconservices.iconservicesagent.plist com.apple.iconservices.iconservicesd.plist com.apple.IFCStart.plist com.apple.ifdreader.plist com.apple.installandsetup.systemmigrationd.plist com.apple.installd.plist com.apple.InstallerDiagnostics.installerdiagd.plist com.apple.InstallerDiagnostics.installerdiagwatcher.plist com.apple.InstallerProgress.plist com.apple.IOAccelMemoryInfoCollector.plist com.apple.IOBluetoothUSBDFU.plist com.apple.ionodecache.plist com.apple.jetsamproperties.Mac.plist com.apple.kcproxy.plist com.apple.kdumpd.plist com.apple.Kerberos.digest-service.plist com.apple.Kerberos.kadmind.plist com.apple.Kerberos.kcm.plist com.apple.Kerberos.kdc.plist com.apple.Kerberos.kpasswdd.plist com.apple.KernelEventAgent.plist com.apple.kextd.plist com.apple.kuncd.plist com.apple.locate.plist com.apple.locationd.plist com.apple.lockd.plist com.apple.logd.plist com.apple.logind.plist com.apple.loginwindow.LFVTracer.plist com.apple.loginwindow.plist com.apple.logkextloadsd.plist com.apple.lsd.plist com.apple.ManagedClient.cloudconfigurationd.plist com.apple.ManagedClient.enroll.plist com.apple.ManagedClient.plist com.apple.ManagedClient.startup.plist com.apple.mbsystemadministration.plist com.apple.mbusertrampoline.plist com.apple.mdmclient.daemon.plist com.apple.mdmclient.daemon.runatboot.plist com.apple.mDNSResponder.plist com.apple.mDNSResponderHelper.plist com.apple.mediaremoted.plist com.apple.metadata.mds.index.plist com.apple.metadata.mds.plist com.apple.metadata.mds.scan.plist com.apple.metadata.mds.spindump.plist com.apple.mobile.fud.plist com.apple.mobile.keybagd.plist com.apple.mobileassetd.plist com.apple.MobileFileIntegrity.plist com.apple.MRTd.plist com.apple.msrpc.echosvc.plist com.apple.msrpc.lsarpc.plist com.apple.msrpc.mdssvc.plist com.apple.msrpc.netlogon.plist com.apple.msrpc.srvsvc.plist com.apple.msrpc.wkssvc.plist com.apple.mtmd.plist com.apple.mtmfs.plist com.apple.mtmhelper.plist com.apple.nehelper.plist com.apple.nesessionmanager.plist com.apple.netauth.sys.auth.plist com.apple.netauth.sys.gui.plist com.apple.netbiosd.plist com.apple.NetBootClientStatus.plist com.apple.NetworkDiagnostics.plist com.apple.NetworkLinkConditioner.plist com.apple.NetworkSharing.plist com.apple.newsyslog.plist com.apple.nfsconf.plist com.apple.nfsd.plist com.apple.nis.ypbind.plist com.apple.noticeboard.state.plist com.apple.notifyd.plist com.apple.nsurlsessiond.plist com.apple.nsurlstoraged.plist com.apple.ocspd.plist com.apple.odproxyd.plist com.apple.ODSAgent.plist com.apple.opendirectoryd.plist com.apple.PasswordService.plist com.apple.PCIELaneConfigTool.plist com.apple.periodic-daily.plist com.apple.periodic-monthly.plist com.apple.periodic-weekly.plist com.apple.pfctl.plist com.apple.pfd.plist com.apple.platform.ptmd.plist com.apple.postfix.master.plist com.apple.postfix.newaliases.plist com.apple.powerd.plist com.apple.powerd.swd.plist com.apple.preferences.timezone.admintool.plist com.apple.preferences.timezone.auto.plist com.apple.printtool.daemon.plist com.apple.racoon.plist com.apple.RemoteDesktop.PrivilegeProxy.plist com.apple.remotepairtool.plist com.apple.ReportCrash.Root.plist com.apple.ReportPanicService.plist com.apple.revisiond.plist com.apple.RFBEventHelper.plist com.apple.rootless.init.plist com.apple.rpcbind.plist com.apple.rtcreportingd.plist com.apple.sandboxd.plist com.apple.SCHelper.plist com.apple.screensharing.plist com.apple.scsid.plist com.apple.secinitd.plist com.apple.security.agent.login.plist com.apple.security.authhost.plist com.apple.security.FDERecoveryAgent.plist com.apple.security.syspolicy.plist com.apple.securityd.plist com.apple.securityd_service.plist com.apple.sessionlogoutd.plist com.apple.smb.preferences.plist com.apple.smbd.plist com.apple.softwareupdate_download_service.plist com.apple.softwareupdate_firstrun_tasks.plist com.apple.softwareupdated.plist com.apple.speech.speechsynthesisd.plist com.apple.spindump.plist com.apple.startupdiskhelper.plist com.apple.statd.notify.plist com.apple.storagekitd.plist com.apple.storeaccountd.daemon.plist com.apple.storeagent.daemon.plist com.apple.storeassetd.daemon.plist com.apple.storedownloadd.daemon.plist com.apple.storeinstalld.plist com.apple.storereceiptinstaller.plist com.apple.SubmitDiagInfo.plist com.apple.suhelperd.plist com.apple.symptomsd.plist com.apple.sysdiagnose.plist com.apple.syslogd.plist com.apple.sysmond.plist com.apple.system_installd.plist com.apple.systemkeychain.plist com.apple.systemstats.analysis.plist com.apple.systemstats.daily.plist com.apple.tailspind.plist com.apple.taskgated-helper.plist com.apple.taskgated.plist com.apple.tccd.system.plist com.apple.thermald.plist com.apple.TMCacheDelete.plist com.apple.trustd.plist com.apple.TrustEvaluationAgent.system.plist com.apple.ucupdate.plist com.apple.uninstalld.plist com.apple.unmountassistant.sysagent.plist com.apple.updateEFIDesktopPicture.plist com.apple.usbd.plist com.apple.usbmuxd.plist com.apple.UserEventAgent-System.plist com.apple.UserNotificationCenter.plist com.apple.uucp.plist com.apple.var-db-dslocal-backup.plist com.apple.vsdbutil.plist com.apple.warmd.plist com.apple.watchdogd.plist com.apple.wdhelper.plist com.apple.wifid.plist com.apple.wifivelocityd.plist com.apple.WindowServer.plist com.apple.wirelessproxd.plist com.apple.WirelessRadioManagerd-osx.plist com.apple.wwand.plist com.apple.xpc.smd.plist com.apple.xpc.uscwoap.plist com.apple.xsan.plist com.apple.xsandaily.plist com.apple.xscertadmin.plist com.apple.xscertd-helper.plist com.apple.xscertd.plist com.vix.cron.plist finger.plist ftp.plist ntalk.plist org.apache.httpd.plist org.cups.cups-lpd.plist org.cups.cupsd.plist org.net-snmp.snmpd.plist org.ntp.ntpd.plist org.openldap.slapd.plist org.postfix.master.plist ssh.plist telnet.plist tftp.plist ------------------------- ▼ ------------------------- Bluetooth Hardware Info: Bluetooth Low Energy Supported: Yes Handoff Supported: Yes Instant Hot Spot Supported: Yes Bluetooth Power: On Discoverable: Off Connectable: Yes Auto Seek Pointing: On Remote wake: On Network Info: /etc/hosts -count: 9 Network: iPad: Type: Ethernet Hardware: Ethernet BSD Device Name: en6 IPv4: Configuration Method: DHCP Proxies: Exceptions List: *.local, 169.254/16 FTP Passive Mode: Yes Service Order: 0 iPhone: Type: Ethernet Hardware: Ethernet BSD Device Name: en4 IPv4: Configuration Method: DHCP Proxies: Exceptions List: *.local, 169.254/16 FTP Passive Mode: Yes Service Order: 1 Ethernet: Type: Ethernet Hardware: Ethernet BSD Device Name: en0 IPv4 Addresses: IPv4: AdditionalRoutes: DestinationAddress: SubnetMask: 255.255.255.255 Addresses: ARPResolvedHardwareAddress: ARPResolvedIPAddress: Configuration Method: DHCP ConfirmedInterfaceName: en0 Interface Name: en0 Network Signature: IPv4.Router=;IPv4.RouterHardwareAddress= Router: Subnet Masks: 255.255.255.0 DNS: Domain Name: Server Addresses: DHCP Server Responses: Domain Name: Domain Name Servers: Lease Duration (seconds): 0 DHCP Message Type: 0x05 Routers: Server Identifier: Subnet Mask: 255.255.255.0 Ethernet: MAC Address: Media Options: Full Duplex, Flow Control Media Subtype: 1000baseT Proxies: Exceptions List: *.local, 169.254/16 FTP Passive Mode: Yes Service Order: 2 Wi-Fi: Type: AirPort Hardware: AirPort BSD Device Name: en1 IPv4: Configuration Method: DHCP Ethernet: MAC Address: Media Options: Media Subtype: Auto Select Proxies: Exceptions List: *.local, 169.254/16 FTP Passive Mode: Yes Service Order: 3 Thunderbolt Bridge: Type: Ethernet Hardware: Ethernet BSD Device Name: bridge0 IPv4: Configuration Method: DHCP Proxies: Exceptions List: *.local, 169.254/16 FTP Passive Mode: Yes Service Order: 4 Bluetooth PAN: Type: Ethernet Hardware: Ethernet BSD Device Name: en5 IPv4: Configuration Method: DHCP Proxies: Exceptions List: *.local, 169.254/16 FTP Passive Mode: Yes Service Order: 5 Netherlands VPN: Type: IPSec IPv4: Configuration Method: Automatic Service Order: 6 VPN (Cisco IPSec): Type: IPSec IPv4: Configuration Method: Automatic Proxies: Exceptions List: *.local, 169.254/16 Exclude Simple Hostnames: 0 FTP Proxy Enabled: No FTP Passive Mode: Yes Gopher Proxy Enabled: No HTTP Proxy Enabled: No HTTPS Proxy Enabled: No Auto Configure Enabled: No Auto Discovery Enabled: No RTSP Proxy Enabled: No SOCKS Proxy Enabled: No Service Order: 38 Netherlands VPN: Type: IPSec IPv4: Configuration Method: Automatic Service Order: 39 VPN (Cisco IPSec): Type: IPSec IPv4: Configuration Method: Automatic Proxies: Exceptions List: *.local, 169.254/16 Exclude Simple Hostnames: 0 FTP Proxy Enabled: No FTP Passive Mode: Yes Gopher Proxy Enabled: No HTTP Proxy Enabled: No HTTPS Proxy Enabled: No Auto Configure Enabled: No Auto Discovery Enabled: No RTSP Proxy Enabled: No SOCKS Proxy Enabled: No Service Order: 71 ------------------------- ▼ ------------------------- Disk Information: Storage: iMac HD 1: Available: 126,5 GB (126.495.023.104 bytes) Capacity: 250,14 GB (250.140.434.432 bytes) Mount Point: / File System: Journaled HFS+ Writable: Yes Ignore Ownership: No BSD Name: disk0s2 Volume UUID: ECDD8ABE-DF86-3D6C-AC80 Physical Drive: Device Name: APPLE SSD SM0256G Media Name: APPLE SSD SM0256G Media Medium Type: SSD Protocol: PCI Internal: Yes Partition Map Type: GPT (GUID Partition Table) S.M.A.R.T. Status: Verified Aktivitätsanzeige sagt mir eigentlich immer nur um die 5,56GB belegt von 16GB... |
|
24.12.2016, 00:27
| #27 |
| /// Mac Expert | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Alles sauber der immense Speicherverbrauch liegt daran du du Wine verwendest und Daten zwischengespeichert werden. Du solltest dennoch überlegen die eine oder andere Anwendung zu löschen.... DetectX entfernen
Code:
ATTFilter /Applications/DetectX.app
Code:
ATTFilter ~/Library/Application Support/com.sqwarq.DetectX
Code:
ATTFilter ~/Library/Caches/com.sqwarq.DetectX
Code:
ATTFilter ~/Library/Preferences/com.sqwarq.DetectX.plist
Malwarebytes deinstallieren
Code:
ATTFilter ~/Library/Preferences/com.malwarebytes.antimalware.plist ~/Library/Application Support/com.malwarebytes.antimalware ~/Library/Application Support/Malwarebytes ~/Library/Application Support/ Malwarebytes Anti-Malware ~/Library/Caches/com.malwarebytes.antimalware ~/Library/Caches/com.malwarebytes.Malwarebytes-XPC-Service ~/Library/Saved Application State/com.malwarebytes.antimalware.savedState Nachfolgend wird das Admin-Passwort benötigt! /Library/LaunchDaemons/com.malwarebytes.HelperTool.plist /Library/PrivilegedHelperTools/com.malwarebytes.HelperTool /private/var/folders/g_/l2b0cm_s2_gbcpxgx0fxw7m40000gn/C/com.malwarebytes.antimalware /private/var/db/BootCaches/7AA62581-9456-44A7-AD96-EBFA077787A1/app.com.malwarebytes.antimalware.playlist Starte anschliessend den Rechner neu Wenn du weitere Hilfe bei De-Installationen benötigst oder weitere Fragen hast bitte melden.
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? |
|
24.12.2016, 00:39
| #28 |
| | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Cool, danke Dante!!! Warum soll ich DetectX und Malwarebytes wieder löschen. Kann man doch immer mal wieder brauchen? Winebottler hatte ich nur kurz installiert aber wieder gelöscht, weil es nicht funktioniert. Welche Daten von Wine sind denn noch im Speicher. Wie werd ich die Leichenteile wieder los? Ist auch kein Prozess am laufen der Wine oder Bottler im Namen hat. Das kanns also nicht sein. Was frisst denn den ganzen Speicher? Ich hab wie gesagt nur 5,5GB belegt. |
|
24.12.2016, 00:45
| #29 |
| /// Mac Expert | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Die De-Installation stelle ich meistens rein für den Fall das du diese entfernen möchtest. Du musst es aber nicht. DetectX ist kostenpflichtig... Zu wein ich hab nur gesehen das yourapp in den Einstellungen ist. Wenn du Wine entfernt hast ist das ok da brauchst du nichts weiter machen, den Rest macht das System selbst. In der Standardeinstellung macht das System ein Selbstreinigung. Wenn du App-Nap verwendest brauchst du gar nichts machen da im Schlafmodus diese Prozesse automatisch gestartet werden.
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? Geändert von Dante12 (24.12.2016 um 01:02 Uhr) |
|
24.12.2016, 01:01
| #30 |
| | Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? Ok, alles klar. Macht er das auch, wenn der ganze Mac im Schlafmodus ist? Was ist aber dann die Erklärung für die hohe Speicherauslastung? |
 |
| Themen zu Habe ich einen Trojaner und kann dieser an meinen Schlüsselbund ran? |
| ausgehen, browser, email, emails, erhalte, erhalten, gmx-account, kurze, leute, mac, meinem, passwort, troja, trojaner, trojaner?, versuch, versucht, zugreife, zugreifen |
Linear-Darstellung
