Versteckte Malware zeigt im Chrome Werbung und Pop-Ups

[rafaelwa]

<div class="bbWrapper">Ich habe mit heute ein lern Programm von eine anscheinend unseriösen Seite runtergeladen, und seitdem zeigt es bei Google Chrome auf jeder Seite Werbung und es öffnen sich alle paar Minuten ein pop-up.<br /> <br /> In den Erweiterungen habe ich kein Plug-in gefunden das sich installiert hat, und so konnte ich auch nichts finden.<br /> <br /> Wäre schön wenn da jemand eine Lösung hätte.<br /> <br /> <br /> Liebe Grüße</div>

 

[dg2rbf]

<div class="bbWrapper">Hi,<br /> Malwarebytes runterladen, und damit das System desinfinzieren..</div>

 

[rafaelwa]

<div class="bbWrapper"><blockquote data-attributes="member: 108628" data-quote="dg2rbf" data-source="post: 5218209" class="bbCodeBlock bbCodeBlock--expandable bbCodeBlock--quote js-expandWatch"> <div class="bbCodeBlock-title"> <a href="/community/goto/post?id=5218209" class="bbCodeBlock-sourceJump" rel="nofollow" data-xf-click="attribution" data-content-selector="#post-5218209">dg2rbf schrieb:</a> </div> <div class="bbCodeBlock-content"> <div class="bbCodeBlock-expandContent js-expandContent "> Hi,<br /> Malwarebytes runterladen, und damit das System desinfinzieren.. </div> <div class="bbCodeBlock-expandLink js-expandLink"><a role="button" tabindex="0">Zum Vergrößern anklicken....</a></div> </div> </blockquote>Danke für deine schnelle Antwort, habe ich eben ausgeführt und es wurden auch einige sachen gelöscht..<br /> Das problem mit der Werbung ist aber noch immer da..</div>

 

[ottomane]

<div class="bbWrapper">Lade dir EtreCheck und führe es aus. Das Logfile postest du dann hier mit Code-Tags.<br /> <br /> Software bitte IMMER nur beim Hersteller oder im Apple Store laden.</div>

 

[rafaelwa]

<div class="bbWrapper"><blockquote data-attributes="member: 163791" data-quote="ottomane" data-source="post: 5218221" class="bbCodeBlock bbCodeBlock--expandable bbCodeBlock--quote js-expandWatch"> <div class="bbCodeBlock-title"> <a href="/community/goto/post?id=5218221" class="bbCodeBlock-sourceJump" rel="nofollow" data-xf-click="attribution" data-content-selector="#post-5218221">ottomane schrieb:</a> </div> <div class="bbCodeBlock-content"> <div class="bbCodeBlock-expandContent js-expandContent "> Lade dir EtreCheck und führe es aus. Das Logfile postest du dann hier mit Code-Tags.<br /> <br /> Software bitte IMMER nur beim Hersteller oder im Apple Store laden. </div> <div class="bbCodeBlock-expandLink js-expandLink"><a role="button" tabindex="0">Zum Vergrößern anklicken....</a></div> </div> </blockquote>Danke!<br /> <br /> <div class="bbCodeBlock bbCodeBlock--screenLimited bbCodeBlock--code"> <div class="bbCodeBlock-title"> Code: </div> <div class="bbCodeBlock-content" dir="ltr"> <pre class="bbCodeCode" dir="ltr" data-xf-init="code-block" data-lang=""><code>EtreCheck version: 4.1 (4A162) Report generated: 2018-03-01 22:05:52 Download EtreCheck from https://etrecheck.com Runtime: 4:60 Performance: Good Problem: No problem - just checking Major Issues: Anything that appears on this list needs immediate attention. No Time Machine backup - Time Machine backup not found. Proxies - Network proxies detected. This could be evidence of malware. Gatekeeper disabled - Gatekeeper security protection is disabled. This computer is at risk of malware infection. Minor Issues: These issues do not need immediate attention but they may indicate future problems. High battery cycle count - Your battery may be losing capacity. Clean up - There are orphan files that could be removed. Unsigned files - There is unsigned software installed. It appears to be legitimate but should be reviewed. System modifications - There are a large number of system modifications running in the background. Corrupt hosts file - Hosts file is corrupt. 32-bit Apps - This machine has 32-bits apps that may have problems in the future. Hardware Information: MacBook Pro (13-inch, Mid 2012) MacBook Pro Model: MacBookPro9,2 1 2,5 GHz Intel Core i5 (i5-3210M) CPU: 2-core 16 RAM Upgradeable BANK 0/DIMM0 8 GB DDR3 1333 ok BANK 1/DIMM0 8 GB DDR3 1333 ok Battery: Health = Replace Soon - Cycle count = 2043 Video Information: Intel HD Graphics 4000 - VRAM: 1536 MB Color LCD 1280 x 800 Drives: disk0 - Samsung SSD 850 EVO 500GB 500.11 GB (Solid State - TRIM: No) Internal SATA 6 Gigabit Serial ATA disk0s1 - EFI (MS-DOS FAT32) [EFI] 210 MB disk0s2 499.90 GB disk1s1 - M***********D (APFS) 499.90 GB 433.94 GB disk1s2 - Preboot (APFS) [APFS Preboot] 499.90 GB 21 MB disk1s3 - Recovery (APFS) [Recovery] 499.90 GB 507 MB disk1s4 - VM (APFS) [APFS VM] 499.90 GB 2.15 GB Mounted Volumes: disk1s1 - M***********D 499.90 GB (63.14 GB free) APFS Mount point: / disk1s4 - VM [APFS VM] 499.90 GB (63.14 GB free) APFS Mount point: /private/var/vm Network: Interface LJAMobileConnector1423: USB Modem 3 Interface LJADeviceInterface1421: USB Modem Interface LIAVoiceInterface1422: USB Modem 2 Interface en0: Ethernet Proxies: HTTP, HTTPS Interface fw0: FireWire Interface bridge0: Thunderbolt Bridge Proxies: HTTP, HTTPS Interface en3: Bluetooth PAN Proxies: HTTP, HTTPS Interface en1: Wi-Fi 802.11 a/b/g/n One IPv4 address 2 IPv6 addresses Proxies: HTTP, HTTPS Interface /dev/ttys000: XSManager-1 Interface LJAMobileConnector1413: USB Modem 6 Interface LJADeviceInterface1411: USB Modem 4 Interface LIAVoiceInterface1412: USB Modem 5 System Software: macOS High Sierra 10.13.3 (17D47) Time since boot: About 10 hours System Load: 1.73 (1 min ago) 1.72 (5 min ago) 1.88 (15 min ago) Configuration Files: /etc/hosts - Count: 16 - Corrupt! Security: System Status Gatekeeper Anywhere System Integrity Protection Enabled Unsigned Files: Launchd: /Library/LaunchAgents/com.adobe.CS5ServiceManager.plist Executable: /Library/Application Support/Adobe/CS5ServiceManager/CS5ServiceManager.app/Contents/MacOS/CS5ServiceManager -launchedbylogin Details: Exact match found in the whitelist - probably OK Launchd: ~/Library/LaunchAgents/XSManager.plist Executable: /Applications/XSManager.app/Launcher.app/Contents/MacOS/Launchd Skript Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.edb.launchd.postgresql-9.3.plist Executable: /Library/PostgreSQL/9.3/bin/postmaster -D/Library/PostgreSQL/9.3/data Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.maintain.Restart.plist Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script &quot;killall Cocktail&quot; -e end try -e ignoring application responses -e try -e tell application &quot;System Events&quot; to restart -e end try -e end ignoring Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.Arturia.UpdaterHelper.plist Executable: /Library/PrivilegedHelperTools/com.Arturia.UpdaterHelper Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.maintain.ShutDown.plist Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script &quot;killall Cocktail&quot; -e end try -e ignoring application responses -e try -e tell application &quot;System Events&quot; to shut down -e end try -e end ignoring Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.maintain.Sleep.plist Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script &quot;killall Cocktail&quot; -e end try -e ignoring application responses -e try -e tell application &quot;System Events&quot; to sleep -e end try -e end ignoring Details: Exact match found in the whitelist - probably OK Launchd: ~/Library/LaunchAgents/spid-uninstall.plist Executable: /bin/sh -c &quot;$HOME/Library/SPI/uninstallerwatcher.sh&quot; Launchd: /Library/LaunchAgents/de.rme-audio.firefaceAgent.plist Executable: /Library/Extensions/FirefaceAudioDriver.kext/Contents/Resources/firefaceAgent.app/Contents/MacOS/firefaceAgent Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.maintain.LogOut.plist Executable: /usr/bin/osascript -e delay 3 -e try -e do shell script &quot;killall Cocktail&quot; -e end try -e ignoring application responses -e try -e tell application &quot;System Events&quot; to log out -e end try -e end ignoring Details: Exact match found in the whitelist - probably OK Launchd: ~/Library/LaunchAgents/XSManager Executable: /Applications/XSManager.app/Launcher.app/Contents/MacOS/Launchd Skript Launchd: /Library/LaunchDaemons/com.oracle.java.Helper-Tool.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Helper-Tool Details: Exact match found in the whitelist - probably OK Launchd: ~/Library/LaunchAgents/tapufind.plist Executable: ~/Library/Application Support/Agent/tapufind DistributerName=mcwnet ChannelId=003 DeviceId=228674af-5e88-5572-b789-0865de906813 Country=AT BarcodeId=52413003 Date=2018-02-27 Launchd: /Library/LaunchDaemons/com.microsoft.office.licensing.helper.plist Executable: /Library/PrivilegedHelperTools/com.microsoft.office.licensing.helper Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.adobe.SwitchBoard.plist Executable: /Library/Application Support/Adobe/SwitchBoard/SwitchBoard.app/Contents/MacOS/launch.switchboard Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchAgents/com.oracle.java.Java-Updater.plist Executable: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Resources/Java Updater.app/Contents/MacOS/Java Updater -bgcheck Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/PACESupport.plist Executable: /System/Library/Extensions/PACESupportFamily.kext/Contents/Resources/paceload Details: Exact match found in the whitelist - probably OK Launchd: /Library/LaunchDaemons/com.maintain.CocktailScheduler.plist Executable: /usr/bin/osascript -e try -e set schedulerOwner to do shell script &quot;defaults read /Library/'Application Support'/Cocktail/Scheduler.plist SchedulerOwner&quot; -e do shell script &quot;users&quot; -e if the result contains schedulerOwner then -e do shell script &quot;/bin/sh /Library/'Application Support'/Cocktail/Scheduler.sh&quot; -e end if -e end try Details: Exact match found in the whitelist - probably OK 32-bit Applications: Name Version Uninstall Spicy Guitar 1.0.0 Adobe AIR Uninstaller 18.0 WaveBurner 1.6.1 Microsoft Document Connection 14.1.3 InfiniteHD 0.1 {D467C6EE-6F62-478D-935C-A31AB179F36E} 9.0.0.65 Batch Monitor 3.5.3 PokerTracker 4 4.15 SoundGrid Driver Uninstaller 9.7.99.211 Adobe CEF Helper EH 3.8.0.310 Adobe CEF Helper 3.8.0.310 T-RackS CS 4.8.0 Adobe CEF Helper NP 3.8.0.310 GTRSolo 3 9.91.51 MultiRack SoundGrid 9.80.13 SwitchBoard SBSV 2.0.13.7486 Microsoft Alerts Daemon 14.1.3 Soundtrack Pro 3.0.1 Install 3.8.0.310 InkServer 10.9 Sonalksis Plugin Manager 1.0 Prosoniq Plug-In MiniHost 1.0.3 FileZilla 3.7.4 TruePianos AIM 505 Logic Node 9.1.8 Open XML for Excel 14.1.3 ICMIZER 2 1.0 Microsoft Word 14.1.3 Apple Qadministrator 3.5.3 MP Navigator 3 Version 3.0.4 ExtendScript Toolkit ESTK CS6 3.8.0.12 Adobe Application Updater 3.8.0.310 Uninstall Product 9.0.0.65 Adobe Device Central CS5 3.0.0.376 zoom 4.0.22259.0125 Microsoft Chart Converter 14.1.3 Microsoft OneNote 15.13.3 Custom Shop 1.8.0 ServiceCenter 2.6.0.137 {327492D4-78EB-11E1-8ABE-84C55623D190} 6.0.98.0 Microsoft Database Utility 14.1.3 AAM Registration Notifier 10.0.0.40 Adobe Extension Manager CS5 &quot;5.0.0.298&quot; Microsoft Ship Asserts 1.1.2 ADManager 2.0.2 CS5ServiceManager 5.0.0.738 Waves AU Reg Utility2 9 9.91.60 SLLauncher 1.0 Microsoft Graph 14.1.3 AdobeIPCBroker 5.2.0.49 Authorization Manager 1.0 AmericasCardroomPoker 23.0 dynamiclinkmanager 6.0.0 SoundGrid Studio 9.7.99 DVD-Player 5.8 Microsoft Outlook 14.1.3 Fireface Settings 3.33 Microsoft-Fehlerberichterstattung 2.2.7 AAMLauncherUtil 10.0.0.49 AriaReporter 1.098 Microsoft Query 12.0.0 SpicyGuitar 1.3 Apple Loops-Dienstprogramm 3.0.1 Creative Cloud Installer 3.8.0.310 SoundGrid Driver Control Panel setup 5.0 AAM Updates Notifier 9.0.0.281 Creative Cloud 3.8.0.310 Equation Editor 14.1.0 quicklookd32 5.0 Adobe InDesign CS6 8.0.0.370 Adobe Flash Player Install Manager 28.0.0.161 Microsoft Upload Center 14.1.3 Microsoft Communicator 13.0.0 stackbuilder 3.1.1 {DD5B1FAF-47FA-4B6D-A31C-5E313EB0DD07} 5.0.65.0 SiteSucker 2.3.6 iPatcher 371 MRRCEditor 9.80.13 PreFlopper 2.1.1 GoToMeeting v6.4 6.4.12.2331 Microsoft Office Reminders 14.1.3 {38C72D42-0672-43B1-9E05-E7631684F9A1} 9.0.0.61 TASCAM US-122MKII US-144MKII Control Panel 2.10 Waves AU Reg Utility 9 9.91.55 {2614BC86-757D-4293-9E25-E4E16F370A9E} 9.0.0.64 Prosoniq Plug-In Helper 1.2.1 Apple Qmaster 3.5.3 Uninstaller 3.8.0.310 XSManager 3.0 One Window 35.0.1916.153 Microsoft Excel 15.13.3 Adobe Extension Manager CS6 &quot;6.0.0.412&quot; MemServerUI 1.1 Adobe Desktop Service 3.8.0.310 InterLok Helper 5.9.1 Adobe Application Manager 10.0.0.49 Sonarworks Reference 3 3.0 uTorrent 1.8.7 Microsoft Office Setup Assistant 14.0.0 Adobe Dreamweaver CS5 11.0.0.4909 AudioUnit Manager 2.0.2 BitTorrent 7.4.3 Adobe AIR Application Installer 18.0 pgAdmin3 1.18 crash_report_sender 1.0 iMovie 9.0.9 {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} 6.0.98.0 Creative Cloud Uninstaller 3.8.0.310 REAPER 5.24.0 ActivationManager 1.0.2 Impactor 0.9.38 Microsoft Database Daemon 14.1.3 CEPHtmlEngine 6.0.0.75 Remove SoundToys 1.0 Microsoft Messenger 8.0.0 Setup 9.0.0.65 Microsoft Clip Gallery 14.1.3 StellarPhoenixMacDataRecovery MultiRack 9.80.13 My Day 14.1.3 {EE2A0AA8-0386-11E5-8603-BC82F5DB1A71} 9.0.0.64 Waves Legacy Control 9 9.7.95 Audio Hijack Pro 2.10.7 SyncServicesAgent 14.1.3 Remotedesktopverbindung 2.1.0 Create Disc 1.0 CreativeCloud(URIHandler) 3.8.0.310 CORE Keygen 1.0 M1 1.3.0 dynamiclinkmediaserver 6.0.0 Adobe AIR Updater 18.0 VirtualDJ Pro Full 7.0.4 Waves Legacy Control 10 10.0.1 GTR 3 9.91.51 Authorize Max 1.0.0 Microsoft PowerPoint 15.13.3 SANE 3.4 Microsoft Language Register 14.1.3 CitrixOnlineLauncher 1.0.258 OrangeRemote 1.0.0 CS6ServiceManager 6.0.389 Compressor 3.5.3 Adobe Help 4.0.244 Kernel Extensions: /Applications/XSManager.app [Not Loaded] JRDMassStorageDriver32.kext (1.0.0 - SDK 10.4) [Not Loaded] JRDMassStorageDriver64.kext (1.0.0 - SDK 10.6) [Not Loaded] JRDUSBModemData32.kext (1.0.1 - SDK 10.4) [Not Loaded] JRDUSBModemData64.kext (4.0.8 - SDK 10.6) [Not Loaded] Sc7702Tty.kext (1.11 - SDK 10.2) [Not Loaded] JRDECMControlDriver32.kext (1.0 - SDK 10.5) [Not Loaded] JRDECMControlDriver64.kext (1.0 - SDK 10.6) [Not Loaded] JRDECMDataDriver32.kext (1.0 - SDK 10.5) [Not Loaded] JRDECMDataDriver64.kext (1.0 - SDK 10.6) [Not Loaded] JRDUSBCDC32.kext (1.0 - SDK 10.5) [Not Loaded] JRDUSBCDC64.kext (1.0 - SDK 10.6) [Not Loaded] LJACDDriver.kext (1.0.0d1) [Not Loaded] LJACDDriver64.kext (1.0.1) [Not Loaded] LJAUSBModemCDC.kext (1.0.0) [Not Loaded] LJAUSBModemCDC64.kext (4.0.2) [Not Loaded] LJAUSBModemData.kext (1.0.0.B1_20120506) [Not Loaded] LJAUSBModemData64.kext (4.0.2) [Not Loaded] LJAUSBModemNdisDial.kext (1.1.9) [Not Loaded] LJAUSBModemNdisDial64.kext (1.1.9 - SDK 10.8) /Applications/zoom.us.app [Not Loaded] ZoomAudioDevice.kext (1.1 - SDK 10.8) /Library/Extensions [Loaded] Soundflower.kext (2.0b2 - SDK 10.10) [Not Loaded] FirefaceAudioDriver.kext (3.33 - SDK 10.9) [Not Loaded] NIUSBGuitarRigMobile.kext (2.6.0 (R82) - SDK 10.8) [Loaded] MB_MBAM_Protection.kext (3.2 - SDK 10.13) [Loaded] MovaviSoundGrabber.kext (1.6.5 - SDK 10.9) [Not Loaded] BlockBlock.kext (0.9.4 - SDK 10.11) [Loaded] SoundGrid.kext (9.7.99) /System/Library/Extensions [Not Loaded] NIUSBAudioDriver.kext (2.4.23 (R38)) [Not Loaded] PACESupportFamily.kext (5.9.1 - SDK 10.6) [Not Loaded] TASCAM_US1xx.kext (2.10 - SDK 10.7) /System/Library/Extensions/PACESupportFamily.kext/Contents/PlugIns [Not Loaded] PACESupportLeopard.kext (5.9.1 - SDK 10.4) [Not Loaded] PACESupportPanther.kext (5.9.1 - SDK 10.-1) [Loaded] PACESupportSnowLeopard.kext (5.9.1 - SDK 10.6) [Not Loaded] PACESupportTiger.kext (5.9.1 - SDK 10.4) /System/Library/Extensions/TASCAM_US1xx.kext/Contents/PlugIns [Not Loaded] TASCAM_US1xxTiger.kext (2.10 - SDK 10.4) System Launch Agents: [Not Loaded] 8 Apple tasks [Loaded] 165 Apple tasks [Running] 117 Apple tasks System Launch Daemons: [Not Loaded] 41 Apple tasks [Loaded] 169 Apple tasks [Running] 123 Apple tasks Launch Agents: [Running] com.maintain.SystemEvents.plist (Apple, Inc. - installed 2018-01-19) [Loaded] com.oracle.java.Java-Updater.plist (? e1a7ea4 - installed 2016-06-22) [Loaded] com.adobe.AdobeCreativeCloud.plist (? faec172d - installed 2016-09-06) [Not Loaded] com.maintain.PurgeInactiveMemory.plist (Apple, Inc. - installed 2018-01-19) [Loaded] 9ZTHPRB4MV.com.soundradix.TTLWrapperAgent.SL.plist (? 2ff475b9 - installed 2014-08-11) [Not Loaded] com.maintain.Sleep.plist (? 94f768ba - installed 2018-01-19) [Loaded] 9ZTHPRB4MV.com.soundradix.TTLWrapperSandbox.SL.plist (? 75cd1866 - installed 2014-08-11) [Loaded] 9ZTHPRB4MV.com.soundradix.TTLWrapperSandbox.plist (? fc8634a3 - installed 2014-08-11) [Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2017-09-28) [Running] de.rme-audio.firefaceAgent.plist (? f775870f - installed 2017-07-14) [Not Loaded] com.teamviewer.teamviewer_desktop.plist (? d4765397 - installed 2016-02-15) [Not Loaded] com.adobe.AAM.Updater-1.0.plist (? ffb65062 - installed 2016-09-19) [Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2018-02-26) [Loaded] org.macosforge.xquartz.startx.plist (? d225a7da - installed 2014-08-12) [Not Loaded] com.maintain.LogOut.plist (? 1d95663e - installed 2018-01-19) [Other] com.adobe.CS5ServiceManager.plist (? 40cdc1ff - installed 2016-04-26) [Loaded] 9ZTHPRB4MV.com.soundradix.TTLWrapperAgent.plist (? 5fd02013 - installed 2014-08-11) [Not Loaded] com.maintain.Restart.plist (? 5421a7fd - installed 2018-01-19) [Running] com.waves.daemon.SoundGrid.DawNodeService.plist (Waves Inc - installed 2017-05-09) [Not Loaded] com.teamviewer.teamviewer.plist (? aa311aa9 - installed 2016-02-15) [Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-01-30) [Not Loaded] com.maintain.ShutDown.plist (? 9b7e817c - installed 2018-01-19) Launch Daemons: [Loaded] com.safervpn.HelperTool.plist (Safer Social Ltd. - installed 2015-10-04) [Loaded] com.anchorfree.ajaxserver.plist (? b7821fb8 - installed 2016-02-19) [Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2018-02-26) [Loaded] com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2018-02-02) [Loaded] com.cyberghostsrl.CyberghostPrivilegedHelper.plist (Cyberghost SRL - installed 2018-02-06) [Loaded] com.apple.aelwriter.plist (Apple, Inc. - installed 2014-06-16) [Loaded] com.microsoft.office.licensing.helper.plist (? 6d8cb30e - installed 2010-08-25) [Loaded] org.macosforge.xquartz.privileged_startx.plist (? 65395f14 - installed 2014-08-12) [Loaded] com.charlessoft.pacifist.helper.plist (? af18ad2 - installed 2014-05-07) [Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2018-02-26) [Loaded] com.bombich.ccchelper.plist (? c6624472 - installed 2015-10-01) [Running] me.hide.osxhelper.plist (EVENTURE LTD. - installed 2018-02-06) [Not Loaded] com.maintain.CocktailScheduler.plist (? 300b8a41 - installed 2018-01-19) [Loaded] com.Arturia.UpdaterHelper.plist (? 35ee0a24 - installed 2015-08-11) [Not Loaded] com.maintain.HideSpotlightMenuBarIcon.plist (Apple, Inc. - installed 2018-01-19) [Loaded] com.gobbler.bsd.HelperTool.plist (? dc0be1ef - installed 2016-12-13) [Loaded] com.mackeeper.MacKeeper.MacKeeperPrivilegedHelper.plist (KROMTECH ALLIANCE CORP. - installed 2018-02-27) [Loaded] com.google.keystone.daemon.plist (Google, Inc. - installed 2017-10-13) [Not Loaded] com.waves.daemon.SoundGrid.DisableNetworkRxPolling.plist (Apple, Inc. - installed 2018-01-19) [Running] com.adobe.agsservice.plist (Adobe Systems, Inc. - installed 2018-01-30) [Running] com.cleverfiles.cfbackd.plist (? 65468217 - installed 2017-10-08) [Other] com.applian.RMCConfigDaemon.plist (? ae7d78b6 - installed 2015-11-01) [Loaded] com.adobe.SwitchBoard.plist (? 856489a3 - installed 2014-02-14) [Other] com.edb.launchd.postgresql-9.3.plist (? 56bb852 - installed 2017-07-10) [Loaded] com.mac.adg.SquidMan.plist (Anthony Gray - installed 2017-08-29) [Loaded] com.gobbler.DownstreamProxy.plist (? 5f2ec67a - installed 2016-12-11) [Loaded] com.daisydiskapp.DaisyDiskAdminHelper.plist (? de20d690 - installed 2016-12-13) [Not Loaded] com.teamviewer.teamviewer_service.plist (? b485a599 - installed 2016-02-15) [Loaded] com.applian.JakstaConfigDaemon.plist (? c2fc9f5a - installed 2015-11-01) [Loaded] com.teamviewer.Helper.plist (? 7ca2e004 - installed 2016-02-15) [Loaded] com.oracle.java.Helper-Tool.plist (? e3fefdd2 - installed 2016-06-22) [Loaded] PACESupport.plist (? ab6b5614 - installed 2013-02-01) [Loaded] com.microsoft.office.licensingV2.helper.plist (Microsoft Corporation - installed 2015-08-15) [Running] com.adobe.adobeupdatedaemon.plist (? f00845ea - installed 2016-09-06) [Other] com.objectiveSee.blockblock.plist (? 154cef5c - installed 2016-06-11) [Loaded] com.surfeasy.ShieldService.plist (SurfEasy Inc - installed 2015-07-27) [Running] com.paceap.eden.licensed.plist (? b8fa6e6c - installed 2016-12-02) User Launch Agents: [Loaded] spid-uninstall.plist (? 0 - installed 2018-01-19) [Loaded] com.adobe.AAM.Updater-1.0.plist (? 0 - installed 2016-09-06) [Loaded] com.dropbox.DropboxMacUpdate.agent.plist (Dropbox, Inc. - installed 2017-08-10) [Loaded] spid.plist (Philippe Herard - installed 2018-02-27) [Other] com.objectiveSee.blockblock.plist (? 0 - installed ) [Loaded] com.adobe.GC.Invoker-1.0.plist (Adobe Systems, Inc. - installed 2018-01-30) [Not Loaded] XSManager (? 0 - installed 2017-02-10) [Running] XSManager.plist (? 0 - installed 2017-02-10) [Loaded] com.citrixonline.GoToMeeting.G2MUpdate.plist (? 0 - installed 2015-02-06) [Loaded] com.bittorrent.BitTorrent.plist (BitTorrent, Inc - installed 2016-03-17) [Running] com.spotify.webhelper.plist (Spotify - installed 2018-02-09) [Other] com.movavi.screencapturestudio3.screencapture.startup.plist (? 0 - installed ) [Loaded] com.skype.skype.shareagent.plist (? 0 - installed ) [Loaded] com.bittorrent.uTorrent.plist (BitTorrent, Inc - installed 2016-03-17) [Loaded] com.adobe.ARM.202f4087f2bbde52e3ac2df389f53a4f123223c9cc56a8fd83a6f7ae.plist (? 0 - installed 2014-12-03) [Loaded] tapufind.plist (? 0 - installed 2018-02-27) User Login Items: hide.me VPN Programm (EVENTURE LTD. (/Applications/hide.me VPN.app) Dropbox Programm (Dropbox, Inc. (/Applications/Dropbox.app) MailButler Programm (Fabian Jaeger (/Applications/MailButler.app) SmartDaemon Programm (/Library/Application Support/CleverFiles/SmartDaemon.app) Splice Programm (Distributed Creation Inc (/Applications/Splice.app) NIHardwareAgent Programm (Native Instruments GmbH (/Library/Application Support/Native Instruments/Hardware/NIHardwareAgent.app) Internet Plug-ins: Easy-WebPrint EX: 1.0.0 (installed 2010-09-29) GameFacePlugin: GameFacePlugin 1.8.0.1 (installed 2012-11-16) Unity Web Player: UnityPlayer version 5.1.3f1 (installed 2015-08-29) Google Earth Web Plug-in: 7.1 (installed 2016-08-04) AdobeAAMDetect: 3.0.0.0 (installed 2016-09-06) FlashPlayer-10.6: 28.0.0.161 (installed 2018-02-06) AdobePDFViewerNPAPI: 11.0.10 (installed 2015-03-25) Silverlight: 5.1.50901.0 (installed 2017-12-19) QuickTime Plugin: 7.7.3 (installed 2018-01-19) Flash Player: 28.0.0.161 (installed 2018-02-06) PepperFlashPlayer: 28.0.0.161 (installed 2018-02-06) SharePointBrowserPlugin: 14.1.3 (installed 2014-12-12) AdobePDFViewer: 11.0.10 (installed 2015-03-25) EPPEX Plugin: 4.1.0.0 (installed 2014-03-05) JavaAppletPlugin: Java 8 Update 101 build 13 (installed 2016-08-03) User Internet Plug-ins: CitrixOnlineWebDeploymentPlugin: 1.0.105 (installed 2013-04-26) Google Earth Web Plug-in: 7.1 (installed 2013-10-07) OctoshapeWeb: 1.0 (installed 2015-04-05) ZoomUsPlugIn: 4.0.22259.0125 (installed 2017-01-26) Audio Plug-ins: TASCAM_US1xx: Unknown (installed 2012-09-21) DVCPROHDAudio: 1.3.2 (installed 2015-10-15) TASCAM_US122L_US144: Unknown (installed 2006-10-19) Safari Extensions: AdBlock.safariextz - BetaFish, Inc. - https://getadblock.com (installed 2017-11-19) OpenIE.safariextz - Parallels - http://www.parallels.com (installed 2017-11-06) 3rd Party Preference Panes: Flash Player (installed 2018-02-02) FUSE (installed 2017-01-30) Java (installed 2016-08-03) Native Instruments USB Audio (installed 2016-06-19) Time Machine: Time Machine Not Configured! Top Processes by CPU: Process (count) Source % of CPU Google Chrome Helper (7) Google, Inc. 21 sandboxd Apple 17 Google Chrome Google, Inc. 8 System Events Apple, Inc. 6 WindowServer Apple 4 Top Processes by Memory: Process (count) Source RAM usage kernel_task Apple 1.25 GB Google Chrome Helper (7) Google, Inc. 1.18 GB Google Chrome Google, Inc. 316 MB mdworker (9) Apple 270 MB mitmdump (2) Philippe Herard 241 MB Top Processes by Network Use: Process Source Input Output Mail Apple 5 MB 64 KB mitmdump Philippe Herard 2 MB 470 KB mDNSResponder Apple 134 KB 103 KB apsd Apple 4 KB 4 KB netbiosd Apple 4 KB 3 KB Top Processes by Energy Use: Process (count) Source Energy usage (0-100) WindowServer Apple 4 System Events Apple, Inc. 2 Google Chrome Helper (7) Google, Inc. 2 launchservicesd Apple 1 Google Chrome Google, Inc. 1 Virtual Memory Information: Available RAM 9.83 GB Free RAM 5.34 GB Used RAM 6.17 GB Cached files 4.50 GB Swap Used 136 MB Clean up: ~/Library/LaunchAgents/com.skype.skype.shareagent.plist /Applications/Skype.app/Contents/Library/LaunchServices/com.skype.skype.shareagent.bundle/Contents/MacOS/com.skype.skype.shareagent Executable not found ~/Library/LaunchAgents/com.movavi.screencapturestudio3.screencapture.startup.plist /Applications/Movavi Screen Capture Studio 3.app Executable not found /Library/LaunchDaemons/com.objectiveSee.blockblock.plist /Applications/BlockBlock.app/Contents/MacOS/BlockBlock Executable not found /Library/LaunchDaemons/com.applian.JakstaConfigDaemon.plist /Applications/Jaksta.app/Contents/resources/JakstaConfigDaemon Executable not found ~/Library/LaunchAgents/com.objectiveSee.blockblock.plist /Applications/BlockBlock.app/Contents/MacOS/BlockBlock Executable not found /Library/LaunchDaemons/com.applian.RMCConfigDaemon.plist /Applications/Replay Media Catcher.app/Contents/resources/RMCConfigDaemon Executable not found /Library/LaunchDaemons/com.anchorfree.ajaxserver.plist /Library/Application Support/Hotspot Shield/ajaxserver Executable not found Diagnostics Information (past 7 days): 2018-03-01 12:01:26 Last Shutdown Cause: 3 - Hard shutdown 2018-02-27 23:32:28 Kontakt 5.app Crash 2018-02-27 23:22:06 Ableton Live 9 Suite.app Crash 2018-02-27 14:24:46 Ableton Live 10 Suite.app Crash End of report</code></pre> </div> </div></div>

 

[dg2rbf]

<div class="bbWrapper">Hi,<br /> diesen Müll, Deinstallieren/Löschen,<br /> <br /> ~/Library/LaunchAgents/com.skype.skype.shareagent.plist<br /> /Applications/Skype.app/Contents/Library/LaunchServices/com.skype.skype.shareagent.bundle/Contents/MacOS/com.skype.skype.shareagent<br /> Executable not found<br /> ~/Library/LaunchAgents/com.movavi.screencapturestudio3.screencapture.startup.plist<br /> /Applications/Movavi Screen Capture Studio 3.app<br /> Executable not found<br /> /Library/LaunchDaemons/com.objectiveSee.blockblock.plist<br /> /Applications/BlockBlock.app/Contents/MacOS/BlockBlock<br /> Executable not found<br /> /Library/LaunchDaemons/com.applian.JakstaConfigDaemon.plist<br /> /Applications/Jaksta.app/Contents/resources/JakstaConfigDaemon<br /> Executable not found<br /> ~/Library/LaunchAgents/com.objectiveSee.blockblock.plist<br /> /Applications/BlockBlock.app/Contents/MacOS/BlockBlock<br /> Executable not found<br /> /Library/LaunchDaemons/com.applian.RMCConfigDaemon.plist<br /> /Applications/Replay Media Catcher.app/Contents/resources/RMCConfigDaemon<br /> Executable not found<br /> /Library/LaunchDaemons/com.anchorfree.ajaxserver.plist<br /> /Library/Application Support/Hotspot Shield/ajaxserver<br /> Executable not found<br /> <br /> <br /> Franz</div>

 

[Macbeatnik]

<div class="bbWrapper">MacKeeper ist auch drauf und sollte runter. <br /> Ansonsten habe ich selten ein System gesehen, das zum einen so viele uralt Programme enthält und das so viele für gleiche Zwecke zu nutzende Programme installiert hat, sofern man dem etrecheck Bericht glauben kann. Was zb bei der Enterprise vielleicht etwas nutzt, nämlich viele Schilde hochzufahren, hat bei einem Rechner oftmals genau den gegenteiligen Effekt.</div>

 

[echo.park]

<div class="bbWrapper"><blockquote data-attributes="member: 187" data-quote="Macbeatnik" data-source="post: 5218261" class="bbCodeBlock bbCodeBlock--expandable bbCodeBlock--quote js-expandWatch"> <div class="bbCodeBlock-title"> <a href="/community/goto/post?id=5218261" class="bbCodeBlock-sourceJump" rel="nofollow" data-xf-click="attribution" data-content-selector="#post-5218261">Macbeatnik schrieb:</a> </div> <div class="bbCodeBlock-content"> <div class="bbCodeBlock-expandContent js-expandContent "> MacKeeper </div> <div class="bbCodeBlock-expandLink js-expandLink"><a role="button" tabindex="0">Zum Vergrößern anklicken....</a></div> </div> </blockquote>Diese Seuche stirbt einfach nicht aus.</div>

 

[rafaelwa]

<div class="bbWrapper">Danke Leute!<br /> <br /> Habe ich alles gelöscht, das Problem mit der Werbung ist aber noch immer da..Gibt es vielleicht einen ordner von Google Chrome wo eine malware Datei versteckt sein könnte ?</div>

 

[ottomane]

<div class="bbWrapper">Stelle noch einmal einen Etrecheck hier ein oder wühle dich selbst durch.</div>