malware wurde nicht identifiziert:
Zitat:
Malwarebytes Anti-Malware 1.2.5.715 system report - 17. Januar 2017 um 13:47:45 MEZ
Mac OS X version Version 10.12.2 (Build 16C67)
System uptime: 1d 03:12:55
Helper tool version: 1.2.5.715
Signatures version: 160
Safari extensions
-----------------------
HoffmannJens
HoffmannJens
Name: Open in Internet Explorer
Path: /Users/HoffmannJens/Library/Safari/Extensions/OpenIE.safariextz
Modified: 2014-03-01 23:19:40 +0000
Name: uBlock
Path: /Users/HoffmannJens/Library/Safari/Extensions/uBlock.safariextz
Modified: 2017-01-03 19:44:40 +0000
Chrome extensions
-----------------------
HoffmannJens
Default
Name: Google Drive
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/Default/Extensions/apdfllckaahabafndbhieahigkjlhalf
Modified: 2015-10-25 19:50:36 +0000
Name: YouTube
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/Default/Extensions/blpcfgokakmgnkcojhhkbfbldkacnbeo
Modified: 2015-09-24 10:12:35 +0000
Name: Google Search
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/Default/Extensions/coobgpohoikkiipiblmjeljniedjpjpf
Modified: 2015-10-28 20:36:53 +0000
Name: Chrome Web Store Payments
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda
Modified: 2016-04-02 10:09:36 +0000
Name: vidIQ Vision for YouTube
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/Default/Extensions/pachckjkecffpdphbpmfolblodfkgbhl
Modified: 2017-01-16 00:34:18 +0000
Name: Gmail
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/Default/Extensions/pjkljhegncpnkpknbcohdijeoejaedia
Modified: 2015-03-28 04:31:31 +0000
Name: Chrome Media Router
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/Default/Extensions/pkedcjkdefgpdelpbcmbmeomcjbeemfm
Modified: 2016-12-02 13:07:02 +0000
Chrome
Name: Virtual Keyboard
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/External Extensions/mcobjbefejmnadahpjbfibgkgchhmjke.json
Modified: 2015-12-08 09:56:40 +0000
Name: URL Advisor
Path: /Users/HoffmannJens/Library/Application Support/Google/Chrome/External Extensions/pkieijajahdaingdfhjldoilpicoogel.json
Modified: 2015-12-08 09:56:38 +0000
Name: Virtual Keyboard
Path: /Users/HoffmannJens/Library/Application Support/Kaspersky Lab/Extensions/chrome/KasperskyVirtualKeyboard.crx
Modified: 2015-12-08 09:56:40 +0000
Name: URL Advisor
Path: /Users/HoffmannJens/Library/Application Support/Kaspersky Lab/Extensions/chrome/KasperskyURLAdvisor.crx
Modified: 2015-12-08 09:56:38 +0000
Firefox extensions
-----------------------
HoffmannJens
6dqmahb7.default
Name: Domain Hammer SEO Analysis
Path: /Users/HoffmannJens/Library/Application Support/Firefox/Profiles/6dqmahb7.default/extensions/contact@domainhammer.com.xpi
Modified: 2016-04-27 16:25:01 +0000
Name: Firebug
Path: /Users/HoffmannJens/Library/Application Support/Firefox/Profiles/6dqmahb7.default/extensions/firebug@software.joehewitt.com.xpi
Modified: 2016-10-18 11:24:31 +0000
Name: SEOquake
Path: /Users/HoffmannJens/Library/Application Support/Firefox/Profiles/6dqmahb7.default/extensions/{317B5128-0B0B-49b2-B2DB-1E7560E16C74}.xpi
Modified: 2016-12-29 14:33:06 +0000
Name: Video DownloadHelper
Path: /Users/HoffmannJens/Library/Application Support/Firefox/Profiles/6dqmahb7.default/extensions/{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Modified: 2017-01-04 20:14:51 +0000
Name: Web Developer
Path: /Users/HoffmannJens/Library/Application Support/Firefox/Profiles/6dqmahb7.default/extensions/{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
Modified: 2016-08-26 18:13:11 +0000
Name: SoundCloud Downloader - Technowise
Path: /Users/HoffmannJens/Library/Application Support/Firefox/Profiles/6dqmahb7.default/extensions/{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi
Modified: 2015-12-10 14:47:06 +0000
Name: Adblock Plus
Path: /Users/HoffmannJens/Library/Application Support/Firefox/Profiles/6dqmahb7.default/extensions/{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Modified: 2016-12-01 18:07:10 +0000
User Login Items
-----------------------
User: HoffmannJens
Name: HMA! Pro VPN
Path: /Applications/HMA! Pro VPN.app
Name: Dropbox
Path: /Applications/Dropbox.app
Name: Adguard
Path: (null)
System startup items
-----------------------
/Library/StartupItems/tap
/Library/StartupItems/tun
User launch agents
-----------------------
/Users/HoffmannJens/Library/LaunchAgents/.DS_Store
/Users/HoffmannJens/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist
/Users/HoffmannJens/Library/LaunchAgents/com.spotify.webhelper.plist
/Users/HoffmannJens/Library/LaunchAgents/com.valvesoftware.steamclean.plist
System launch agents
-----------------------
/Library/LaunchAgents/com.adobe.AAM.Updater-1.0.plist
/Library/LaunchAgents/com.adobe.AdobeCreativeCloud.plist
/Library/LaunchAgents/com.google.keystone.agent.plist
/Library/LaunchAgents/com.Monity.Helper.plist
/Library/LaunchAgents/com.oracle.java.Java-Updater.plist
/Library/LaunchAgents/com.radiosilenceapp.agent.plist
/Library/LaunchAgents/org.macosforge.xquartz.startx.plist
/Library/LaunchAgents/syncmateStarter.plist
System launch daemons
-----------------------
/Library/LaunchDaemons/com.adobe.adobeupdatedaemon.plist
/Library/LaunchDaemons/com.adobe.agsservice.plist
/Library/LaunchDaemons/com.adobe.SwitchBoard.plist
/Library/LaunchDaemons/com.google.keystone.daemon.plist
/Library/LaunchDaemons/com.malwarebytes.HelperTool.plist
/Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist
/Library/LaunchDaemons/com.objective-see.ransomwhere.plist
/Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist
/Library/LaunchDaemons/com.radiosilenceapp.nke.plist
/Library/LaunchDaemons/com.radiosilenceapp.nke.PrivateEye.plist
/Library/LaunchDaemons/org.macosforge.xquartz.privileged_startx.plist
/Library/LaunchDaemons/rapiback.plist
Kernel extensions
-----------------------
/System/Library/Extensions/EltimaAsync.kext
/System/Library/Extensions/heimdall.kext
/System/Library/Extensions/hp_fax_io.kext
/System/Library/Extensions/hp_Inkjet8_io_enabler.kext
/System/Library/Extensions/JMicronATA.kext
/System/Library/Extensions/ssuddrv.kext
/System/Library/Extensions/ssuddrv.kext/Contents/PlugIns/ssudmdmcontrol.kext
/System/Library/Extensions/ssuddrv.kext/Contents/PlugIns/ssudmdmdata.kext
/System/Library/Extensions/ssuddrv.kext/Contents/PlugIns/ssudmtp.kext
/System/Library/Extensions/ssuddrv.kext/Contents/PlugIns/ssudserial.kext
/Library/Extensions/ACS6x.kext
/Library/Extensions/ArcMSR.kext
/Library/Extensions/ATTOCelerityFC8.kext
/Library/Extensions/ATTOExpressSASHBA2.kext
/Library/Extensions/ATTOExpressSASRAID2.kext
/Library/Extensions/CalDigitHDProDrv.kext
/Library/Extensions/HighPointIOP.kext
/Library/Extensions/HighPointRR.kext
/Library/Extensions/hp_io_enabler_compound.kext
/Library/Extensions/klif.kext
/Library/Extensions/klnke.kext
/Library/Extensions/PromiseSTEX.kext
/Library/Extensions/SoftRAID.kext
/Library/Extensions/tap.kext
/Library/Extensions/TMProtection.kext
/Library/Extensions/tun.kext
launchd.conf contents
-----------------------
Hosts file
-----------------------
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
# Adobe Blocker
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
Scan log
-----------------------
2016-10-21 19:44:50 :
2016-10-21 19:44:50 : ----- Scan Started -----
2016-10-21 19:44:50 : Scanning with signatures version 134 (2016-10-19)
2016-10-21 19:44:54 : Adware.IronCore : /Users/HoffmannJens/Library/Safari/Extensions/searchtab.safariextz
2016-10-21 20:03:02 : *** Scan time: 0d 00:18:12 ***
2016-10-21 20:03:02 : ------ Scan Ended ------
2016-10-21 20:03:46 : ---- File Removal Started ----
2016-10-21 20:03:46 : ===========================================
2016-10-21 20:03:46 : REMOVING ITEM: Adware.IronCore
2016-10-21 20:03:46 : >> Removing extension item: /Users/HoffmannJens/Library/Safari/Extensions/searchtab.safariextz
2016-10-21 20:03:46 : ---- File Removal Complete ----
2016-10-23 10:24:22 :
2016-10-23 10:24:22 : ----- Scan Started -----
2016-10-23 10:24:22 : Scanning with signatures version 135 (2016-10-21)
2016-10-23 10:28:07 : *** Scan time: 0d 00:03:44 ***
2016-10-23 10:28:07 : ------ Scan Ended ------
2016-10-30 23:12:24 :
2016-10-30 23:12:24 : ----- Scan Started -----
2016-10-30 23:12:24 : Scanning with signatures version 135 (2016-10-21)
2016-10-30 23:12:48 : ---- Scan Cancelled ----
2016-11-08 14:06:00 :
2016-11-08 14:06:00 : ----- Scan Started -----
2016-11-08 14:06:00 : Scanning with signatures version 140 (2016-11-07)
2016-11-08 14:09:03 : *** Scan time: 0d 00:03:02 ***
2016-11-08 14:09:03 : ------ Scan Ended ------
2016-12-03 10:21:36 :
2016-12-03 10:21:36 : ----- Scan Started -----
2016-12-03 10:21:36 : Scanning with signatures version 147 (2016-12-2)
2016-12-03 10:25:03 : *** Scan time: 0d 00:03:26 ***
2016-12-03 10:25:03 : ------ Scan Ended ------
2016-12-05 11:25:29 :
2016-12-05 11:25:29 : ----- Scan Started -----
2016-12-05 11:25:29 : Scanning with signatures version 147 (2016-12-2)
2016-12-05 11:28:20 : *** Scan time: 0d 00:02:50 ***
2016-12-05 11:28:20 : ------ Scan Ended ------
2016-12-14 17:22:13 :
2016-12-14 17:22:13 : ----- Scan Started -----
2016-12-14 17:22:13 : Scanning with signatures version 152 (2016-12-12)
2016-12-14 17:24:17 : *** Scan time: 0d 00:02:03 ***
2016-12-14 17:24:17 : ------ Scan Ended ------
2017-01-01 20:34:42 :
2017-01-01 20:34:42 : ----- Scan Started -----
2017-01-01 20:34:42 : Scanning with signatures version 154 (2016-12-27)
2017-01-01 20:35:56 : *** Scan time: 0d 00:01:13 ***
2017-01-01 20:35:56 : ------ Scan Ended ------
2017-01-11 03:44:43 :
2017-01-11 03:44:43 : ----- Scan Started -----
2017-01-11 03:44:43 : Scanning with signatures version 156 (2017-1-5)
2017-01-11 03:45:30 : *** Scan time: 0d 00:00:46 ***
2017-01-11 03:45:30 : ------ Scan Ended ------
|
17.01.2017, 13:49
Ist mein Mac infiziert? Versteckter Trojaner möglich?
Hybrid-Darstellung
