| |
| |||||||
Alles rund um Mac OSX & Linux: Spyware, Keylogger?Windows 7 Für alle Fragen rund um Mac OSX, Linux und andere Unix-Derivate. |
02.06.2017, 07:39
| #1 |
| |  Spyware, Keylogger? Im Feb 2017 hatte ich bereits einen keylogger auf meinem Rechner. Von Malwarebytes erkannt und gelöscht. Festplatte gelöscht und komplette Neuinstallation. Meine Ex hat interne Informationen, die ich mir nicht erklären kann. Wurde mein REchner infiziert? Ich bin totaler Laie. Deswegen bitte Geduld mit mir? Code:
ATTFilter EtreCheck version: 3.3.3 (397)
Report generated 2017-06-02 07:32:20
Download EtreCheck from https://etrecheck.com
Runtime: 2:47
Performance: Excellent
Click the [Lookup] links for more information from Apple Support Communities.
Click the [Details] links for more information about that line.
Show signature failures: Enabled
Ignore expected failures in Apple tasks: Disabled
Problem: No problem - just checking
Hardware Information: ⓘ
MacBook Pro Intel Core i5, Intel Core i7, 13" (Mid 2012)
[Technical Specifications] - [User Guide] - [Warranty & Service]
MacBook Pro - model: MacBookPro9,2
1 2,5 GHz Intel Core i5 (i5-3210M) CPU: 2-core
8 GB RAM Upgradeable - [Instructions]
BANK 0/DIMM0
4 GB DDR3 1600 MHz ok
BANK 1/DIMM0
4 GB DDR3 1600 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: en1: 802.11 a/b/g/n
Battery: Health = Normal - Cycle count = 191
Video Information: ⓘ
Intel HD Graphics 4000 - VRAM: 1536 MB
Color LCD 1280 x 800
System Software: ⓘ
macOS Sierra 10.12.6 (16G12b) - Time since boot: about one hour
Disk Information: ⓘ
Samsung SSD 850 EVO 500GB disk0 : (500,11 GB) (Solid State - TRIM: No)
[Show SMART report]
EFI (disk0s1 - MS-DOS FAT32) <not mounted> : 210 MB
Recovery HD (disk0s3 - Journaled HFS+) <not mounted> [Recovery]: 650 MB
FS (disk2 - Journaled HFS+) / [Startup]: 498.89 GB (378.76 GB free)
Encrypted AES-XTS Unlocked
Core Storage: disk0s2 499.25 GB Online
Samsung SSD 840 EVO 500GB disk1 : (500,11 GB) (Solid State - TRIM: No)
[Show SMART report]
EFI (disk1s1 - MS-DOS FAT32) <not mounted> : 210 MB
Boot OS X (disk1s3 - Journaled HFS+) <not mounted> : 134 MB
Boot OS X (disk1s5 - Journaled HFS+) <not mounted> : 134 MB
USB Information: ⓘ
USB20Bus
hub_device
hub_device
Apple Inc. Apple Internal Keyboard / Trackpad
Apple Computer, Inc. IR Receiver
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
USB20Bus
hub_device
Apple Inc. FaceTime HD Camera (Built-in)
USB30Bus
Thunderbolt Information: ⓘ
Apple Inc. thunderbolt_bus
Configuration files: ⓘ
/etc/sudoers, File size 1275 but expected 1563
Gatekeeper: ⓘ
Mac App Store and identified developers
Kernel Extensions: ⓘ
/Library/Extensions
[loaded] com.bitdefender.SelfProtect (1.1 - SDK 10.8) [Lookup]
[loaded] com.bitdefender.TMProtection (5.0.0 - SDK 10.11) [Lookup]
System Launch Agents: ⓘ
[loaded] com.apple.RemoteDesktop.plist (Apple, Inc. - installed 2017-03-16)
[loaded] com.apple.SSInvitationAgent.plist (Apple, Inc. - installed 2017-03-16)
[not loaded] com.apple.SafariPlugInUpdateNotifier.plist (? ? ? - installed 2017-05-31) - >/usr/libexec/SafariPlugInUpdateNotifier: Executable not found!
[loaded] com.apple.bluetooth.PacketLogger.plist (? ? ? - installed 2016-12-06) - /AppleInternal/DevTools/Hardware/PacketLogger.app/Contents/MacOS/PacketLogger: Executable not found!
[loaded] com.apple.screensharing.MessagesAgent.plist (Apple, Inc. - installed 2017-03-06)
[loaded] com.apple.screensharing.agent.plist (Apple, Inc. - installed 2017-03-06)
[not loaded] 7 Apple tasks
[loaded] 173 Apple tasks
[running] 96 Apple tasks
System Launch Daemons: ⓘ
[loaded] com.apple.RFBEventHelper.plist (Apple, Inc. - installed 2017-03-06)
[loaded] com.apple.airplaydiagnostics.server.mac.plist (? ? ? - installed 2016-10-13) - /AppleInternal/Applications/AirPlayDiagnostics.app/Contents/Resources/AirPlayDiagnosticsServer: Executable not found!
[loaded] com.apple.driver.eficheck.plist (Apple, Inc. - installed 2017-05-26)
[running] com.apple.driver.ethcheck.plist (Apple, Inc. - installed 2017-05-26)
[running] com.apple.driver.ethcheckthunderbolt.plist (Apple, Inc. - installed 2017-05-26)
[not loaded] com.apple.jetsamproperties.Mac.plist (? ? ? - installed 2017-05-09) - Invalid signature!
[failed] com.apple.mobile.keybagd.plist (? ? ? - installed 2016-11-11) - /usr/libexec/keybagd: Executable not found!
[not loaded] com.apple.screensharing.plist (Apple, Inc. - installed 2017-03-06)
[loaded] org.cups.cupsd.plist (Apple, Inc. - installed 2017-05-26)
[loaded] org.postfix.master.plist (Apple, Inc. - installed 2017-03-17)
[not loaded] 41 Apple tasks
[loaded] 170 Apple tasks
[running] 99 Apple tasks
Launch Agents: ⓘ
[not loaded] com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist (Adobe Systems, Inc. - installed 2017-02-18) [Lookup]
[running] com.bitdefender.antivirusformac.plist (Bitdefender SRL - installed 2017-04-27) [Lookup]
[loaded] com.intego.commonservices.integomenu.plist (INTEGO - installed 2017-05-09) [Lookup]
[loaded] com.intego.commonservices.taskmanager.plist (INTEGO - installed 2017-05-09) [Lookup]
[loaded] com.intego.commonservices.uninstaller.plist (INTEGO - installed 2017-05-09) [Lookup]
[not loaded] com.intego.netbarrier.alert.plist (INTEGO - installed 2017-05-09) [Lookup]
[running] com.intego.netupdate.agent.plist (INTEGO - installed 2017-05-09) [Lookup]
Launch Daemons: ⓘ
[loaded] com.adobe.ARMDC.Communicator.plist (Adobe Systems, Inc. - installed 2017-02-18) [Lookup]
[loaded] com.adobe.ARMDC.SMJobBlessHelper.plist (Adobe Systems, Inc. - installed 2017-02-18) [Lookup]
[loaded] com.bitdefender.AuthHelperTool.plist (Bitdefender SRL - installed 2017-04-27) [Lookup]
[running] com.bitdefender.agent.plist (Bitdefender SRL - installed 2017-05-09) [Lookup]
[loaded] com.bitdefender.upgrade.plist (Bitdefender SRL - installed 2017-04-27) [Lookup]
[loaded] com.bombich.ccchelper.plist (Bombich Software, Inc. - installed 2017-05-20) [Lookup]
[running] com.intego.commonservices.daemon.integod.plist (INTEGO - installed 2016-06-07) [Lookup]
[running] com.intego.commonservices.daemon.taskmanager.plist (INTEGO - installed 2017-03-29) [Lookup]
[loaded] com.intego.commonservices.icalserver.plist (INTEGO - installed 2016-06-07) [Lookup]
[loaded] com.intego.commonservices.metrics.kschecker.plist (INTEGO - installed 2017-03-29) [Lookup]
[running] com.intego.netbarrier.daemon.logger.plist (INTEGO - installed 2017-03-02) [Lookup]
[running] com.intego.netbarrier.daemon.monitor.plist (INTEGO - installed 2017-03-02) [Lookup]
[running] com.intego.netbarrier.daemon.plist (INTEGO - installed 2017-03-02) [Lookup]
[running] com.intego.netupdate.daemon.plist (INTEGO - installed 2017-03-13) [Lookup]
[loaded] com.macpaw.CleanMyMac3.Agent.plist (MacPaw Inc. - installed 2017-05-18) [Lookup]
[running] com.malwarebytes.HelperTool.plist (Malwarebytes Corporation - installed 2017-02-16) [Lookup]
[loaded] com.microsoft.autoupdate.helper.plist (Microsoft Corporation - installed 2017-04-13) [Lookup]
[loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2016-12-09) [Lookup]
[running] me.hide.osxhelper.plist (EVENTURE LTD. - installed 2017-05-31) [Lookup]
User Launch Agents: ⓘ
[loaded] com.macpaw.CleanMyMac3.Scheduler.plist (MacPaw Inc. - installed 2017-06-02) [Lookup]
User Login Items: ⓘ
CleanMyMac 3 Menu Programm (MacPaw Inc. - installed 2017-05-31)
(/Applications/CleanMyMac 3.app/Contents/MacOS/CleanMyMac 3 Menu.app)
Internet Plug-ins: ⓘ
QuickTime Plugin: 7.7.3 (installed 2017-05-31)
JavaAppletPlugin: 15.0.1 (installed 2017-02-14) Check version
Safari Extensions: ⓘ
[enabled] Ghostery - GHOSTERY, Inc. - https://www.ghostery.com/ (installed 2017-05-23)
[enabled] JS Blocker 5 - Travis Roman - hxxp://jsblocker.toggleable.com/ (installed 2017-05-28)
[enabled] TrafficLight - Bitdefender SRL - hxxp://trafficlight.bitdefender.com/ (installed 2017-05-23)
3rd Party Preference Panes: ⓘ
None
Time Machine: ⓘ
Mobile backups: OFF
Auto backup: NO - Auto backup turned off
Volumes being backed up:
FS: Disk size: 498.89 GB Disk used: 120.12 GB
Destinations:
Time Machine [Local]
Total size: 349.70 GB
Total number of backups: 2
Oldest backup: 28.05.17, 20:27
Last backup: 30.05.17, 12:19
Size of backup disk: Too small
Backup size 349.70 GB < (Disk used 120.12 GB X 3)
Top Processes by CPU: ⓘ
10% mdworker -s mdworker-bundle -c [and 3 more arguments]
10% mdworker -s mdworker-bundle -c [and 3 more arguments]
9% mds
6% WindowServer -daemon
3% kernel_task
Top Processes by Memory: ⓘ
913 MB kernel_task
573 MB CLIQZ
369 MB i1kvjcrp.default 619 gecko-crash-server-pipe.619 org.mozilla.machname.673236960 [and one more argument]
303 MB BDLDaemon
139 MB Mail
Top Processes by Network Use: ⓘ
Input Output Process name
1 MB 126 KB Mail
8 KB 13 KB apsd
10 KB 7 KB mDNSResponder
5 KB 2 KB CLIQZ
4 KB 2 KB bdagentd
Top Processes by Energy Use: ⓘ
9.32 WindowServer -daemon
4.74 CLIQZ
3.32 i1kvjcrp.default 619 gecko-crash-server-pipe.619 org.mozilla.machname.673236960 [and one more argument]
0.26 AntivirusforMac
Virtual Memory Information: ⓘ
3.62 GB Available RAM
163 MB Free RAM
4.38 GB Used RAM
3.46 GB Cached files
0 B Swap Used
Diagnostics Information: ⓘ
2017-06-01 16:46:15 ~/Library/Logs/DiagnosticReports/com.apple.WebKit.WebContent_2017-06-01-164615_[redacted].crash
/System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent
Application Specific Information:
Bundle controller class:
BrowserBundleController
2017-06-01 16:39:57 /Library/Logs/DiagnosticReports/BDLDaemon_2017-06-01-163957_[redacted].cpu_resource.diag [Details]
/Library/Bitdefender/*/antivirus.bundle/BDLDaemon
Mac OS X version Version 10.12.6 (Build 16G12b) System uptime: 0d 02:48:40 Helper tool version: 1.2.6.730 Signatures version: 206 Safari extensions ----------------------- FS FS Name: Ghostery Path: /Users/FS/Library/Safari/Extensions/Ghostery.safariextz Modified: 2017-05-23 11:34:51 +0000 Name: JS Blocker 5 Path: /Users/FS/Library/Safari/Extensions/JS Blocker 5.safariextz Modified: 2017-05-28 09:07:14 +0000 Name: TrafficLight Path: /Users/FS/Library/Safari/Extensions/TrafficLight.safariextz Modified: 2017-05-23 11:30:23 +0000 Chrome extensions ----------------------- Firefox extensions ----------------------- User Login Items ----------------------- User: FS Name: CleanMyMac 3 Menu Path: /Applications/CleanMyMac 3.app/Contents/MacOS/CleanMyMac 3 Menu.app System startup items ----------------------- User launch agents ----------------------- /Users/FS/Library/LaunchAgents/com.macpaw.CleanMyMac3.Scheduler.plist System launch agents ----------------------- /Library/LaunchAgents/com.adobe.ARMDCHelper.cc24aef4a1b90ed56a725c38014c95072f92651fb65e1bf9c8e43c37a23d420d.plist /Library/LaunchAgents/com.bitdefender.antivirusformac.plist /Library/LaunchAgents/com.intego.commonservices.integomenu.plist /Library/LaunchAgents/com.intego.commonservices.taskmanager.plist /Library/LaunchAgents/com.intego.commonservices.uninstaller.plist /Library/LaunchAgents/com.intego.netbarrier.alert.plist /Library/LaunchAgents/com.intego.netupdate.agent.plist System launch daemons ----------------------- /Library/LaunchDaemons/com.adobe.ARMDC.Communicator.plist /Library/LaunchDaemons/com.adobe.ARMDC.SMJobBlessHelper.plist /Library/LaunchDaemons/com.bitdefender.AuthHelperTool.plist /Library/LaunchDaemons/com.bitdefender.upgrade.plist /Library/LaunchDaemons/com.bombich.ccchelper.plist /Library/LaunchDaemons/com.intego.commonservices.daemon.integod.plist /Library/LaunchDaemons/com.intego.commonservices.daemon.taskmanager.plist /Library/LaunchDaemons/com.intego.commonservices.icalserver.plist /Library/LaunchDaemons/com.intego.commonservices.metrics.kschecker.plist /Library/LaunchDaemons/com.intego.netbarrier.daemon.logger.plist /Library/LaunchDaemons/com.intego.netbarrier.daemon.monitor.plist /Library/LaunchDaemons/com.intego.netbarrier.daemon.plist /Library/LaunchDaemons/com.intego.netupdate.daemon.plist /Library/LaunchDaemons/com.macpaw.CleanMyMac3.Agent.plist /Library/LaunchDaemons/com.malwarebytes.HelperTool.plist /Library/LaunchDaemons/com.microsoft.autoupdate.helper.plist /Library/LaunchDaemons/com.microsoft.office.licensingV2.helper.plist /Library/LaunchDaemons/me.hide.osxhelper.plist Kernel extensions ----------------------- /Library/Extensions/ACS6x.kext /Library/Extensions/ArcMSR.kext /Library/Extensions/ATTOCelerityFC8.kext /Library/Extensions/ATTOExpressSASHBA2.kext /Library/Extensions/ATTOExpressSASRAID2.kext /Library/Extensions/CalDigitHDProDrv.kext /Library/Extensions/HighPointIOP.kext /Library/Extensions/HighPointRR.kext /Library/Extensions/PromiseSTEX.kext /Library/Extensions/SelfProtect.kext /Library/Extensions/SoftRAID.kext /Library/Extensions/TMProtection.kext launchd.conf contents ----------------------- Hosts file ----------------------- ## # Host Database # # localhost is used to configure the loopback interface # when the system is booting. Do not change this entry. ## 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost fe80::1%lo0 localhost Scan log ----------------------- 2017-05-27 10:40:17 : 2017-05-27 10:40:17 : ----- Scan Started ----- 2017-05-27 10:40:17 : Scanning with signatures version 205 (2017-5-26) 2017-05-27 10:40:26 : *** Scan time: 0d 00:00:08 *** 2017-05-27 10:40:26 : ------ Scan Ended ------ 2017-05-27 19:15:13 : 2017-05-27 19:15:14 : ----- Scan Started ----- 2017-05-27 19:15:14 : Scanning with signatures version 206 (2017-5-27) 2017-05-27 19:15:29 : *** Scan time: 0d 00:00:15 *** 2017-05-27 19:15:29 : ------ Scan Ended ------ 2017-05-28 12:58:16 : 2017-05-28 12:58:16 : ----- Scan Started ----- 2017-05-28 12:58:16 : Scanning with signatures version 206 (2017-5-27) 2017-05-28 12:58:29 : *** Scan time: 0d 00:00:13 *** 2017-05-28 12:58:29 : ------ Scan Ended ------ 2017-05-30 06:24:55 : 2017-05-30 06:24:56 : ----- Scan Started ----- 2017-05-30 06:24:56 : Scanning with signatures version 206 (2017-5-27) 2017-05-30 06:25:07 : *** Scan time: 0d 00:00:11 *** 2017-05-30 06:25:07 : ------ Scan Ended ------ 2017-05-30 07:58:08 : 2017-05-30 07:58:09 : ----- Scan Started ----- 2017-05-30 07:58:09 : Scanning with signatures version 206 (2017-5-27) 2017-05-30 07:58:20 : *** Scan time: 0d 00:00:11 *** 2017-05-30 07:58:20 : ------ Scan Ended ------ 2017-05-30 08:14:54 : 2017-05-30 08:14:54 : ----- Scan Started ----- 2017-05-30 08:14:54 : Scanning with signatures version 206 (2017-5-27) 2017-05-30 08:15:05 : *** Scan time: 0d 00:00:10 *** 2017-05-30 08:15:05 : ------ Scan Ended ------ 2017-05-30 08:35:05 : 2017-05-30 08:35:05 : ----- Scan Started ----- 2017-05-30 08:35:05 : Scanning with signatures version 206 (2017-5-27) 2017-05-30 08:35:23 : *** Scan time: 0d 00:00:18 *** 2017-05-30 08:35:23 : ------ Scan Ended ------ 2017-05-30 09:31:52 : 2017-05-30 09:31:53 : ----- Scan Started ----- 2017-05-30 09:31:53 : Scanning with signatures version 206 (2017-5-27) 2017-05-30 09:32:07 : *** Scan time: 0d 00:00:14 *** 2017-05-30 09:32:07 : ------ Scan Ended ------ 2017-05-30 15:42:09 : 2017-05-30 15:42:09 : ----- Scan Started ----- 2017-05-30 15:42:09 : Scanning with signatures version 206 (2017-5-27) 2017-05-30 15:42:31 : *** Scan time: 0d 00:00:21 *** 2017-05-30 15:42:31 : ------ Scan Ended ------ 2017-05-31 06:00:31 : 2017-05-31 06:00:31 : ----- Scan Started ----- 2017-05-31 06:00:31 : Scanning with signatures version 206 (2017-5-27) 2017-05-31 06:00:43 : *** Scan time: 0d 00:00:11 *** 2017-05-31 06:00:43 : ------ Scan Ended ------ 2017-05-31 07:28:56 : 2017-05-31 07:28:57 : ----- Scan Started ----- 2017-05-31 07:28:57 : Scanning with signatures version 206 (2017-5-27) 2017-05-31 07:29:11 : *** Scan time: 0d 00:00:14 *** 2017-05-31 07:29:11 : ------ Scan Ended ------ 2017-06-02 06:25:07 : 2017-06-02 06:25:07 : ----- Scan Started ----- 2017-06-02 06:25:07 : Scanning with signatures version 206 (2017-5-27) 2017-06-02 06:25:19 : *** Scan time: 0d 00:00:11 *** 2017-06-02 06:25:19 : ------ Scan Ended ------ 2017-06-02 08:29:32 : 2017-06-02 08:29:32 : ----- Scan Started ----- 2017-06-02 08:29:33 : Scanning with signatures version 206 (2017-5-27) 2017-06-02 08:29:43 : *** Scan time: 0d 00:00:10 *** 2017-06-02 08:29:43 : ------ Scan Ended ------ |
| Themen zu Spyware, Keylogger? |
| bereits, erkannt, erklären, festplatte, infiziert, informationen, inter, interne, keylogger, komplette, malwarebytes, meinem, nicht, platte, spyware, totaler |
Spyware, Keylogger?
Baum-Darstellung