Pulire un MAC da malware

[ugox@]

Ho beccato un malware che non mi faceva piu avviare il mac....sono riuscito a toglierlo per un pò, ma è ritornato...
Ho scaricato due programmi leggendo in rete adesso.

Malwarebites che mi dice che è pulito, ma vi lascio il file di EtreCheck


version: 5.4.4 (5063)
Report generated: 2019-11-07 22:46:04
Download EtreCheck from https://etrecheck.com
Runtime: 2:15
Performance: Excellent
Sandbox: Enabled
Full drive access: Disabled

Problem: No problem - just checking

Major Issues: None

Minor Issues:
These issues do not need immediate attention but they may indicate future problems or opportunities for improvement.
Upgradeable RAM - This machine has upgradeable RAM that would help its performance.
Unsigned files - There are unsigned software files installed. They appear to be legitimate but should be reviewed.
32-bit Apps - This machine has 32-bits apps will not work on macOS 10.15 “Catalina”.
Limited drive access - More information may be available with Full Drive Access.

Hardware Information:
iMac (21.5-inch, Mid 2011)
iMac Model: iMac12,1
1 2,5*GHz Intel Core i5 (i5-2400S) CPU: 4-core
4 RAM - Upgradeable
BANK 0/DIMM0 - 2*GB DDR3 1333*
BANK 1/DIMM0 - 2*GB DDR3 1333*
BANK 0/DIMM1 - Empty
BANK 1/DIMM1 - Empty

Video Information:
AMD Radeon HD 6750M - VRAM: 512*MB
iMac 1920 x 1080

Drives:
disk0 - Samsung SSD 840 EVO 250GB 250.06*GB (Solid State - TRIM: No)
Internal SATA 6 Gigabit Serial ATA
disk0s1 - EFI (MS-DOS FAT32) [EFI] 210*MB
disk0s2 [APFS Container] 249.85*GB
disk1 [APFS Virtual drive] 249.85*GB (Shared by 4 volumes)
disk1s1 - Ugo (APFS) (Shared - 214.64*GB used)
disk1s2 - Preboot (APFS) [APFS Preboot] (Shared)
disk1s3 - Recovery (APFS) [Recovery] (Shared)
disk1s4 - VM (APFS) [APFS VM] (Shared - 1.07*GB used)

Mounted Volumes:
disk1s1 - Ugo
249.85*GB (Shared - 214.64*GB used - 33.46*GB free)
APFS
Mount point: /
Encrypted

disk1s4 - VM [APFS VM]
249.85*GB (Shared - 1.07*GB used - 33.46*GB free)
APFS
Mount point: /private/var/vm

Network:
Interface SAMSUNG_MDM: SAMSUNG Modem
Interface en0: Ethernet
Interface fw0: FireWire
Interface en1: Wi-Fi
802.11 a/b/g/n
Interface en4: iPhone
Interface en3: Bluetooth PAN
Interface bridge0: Thunderbolt Bridge

System Software:
macOS High Sierra 10.13.6 (17G9016)
Time since boot: About 12 hours

Notifications:
Notifications not available without Full Drive Access.

Security:
System Status
Gatekeeper: Enabled
System Integrity Protection: Enabled

Antivirus software: Apple and Malwarebytes

Unsigned Files:
Launchd: /Library/LaunchDaemons/net.exirion.ssdfanctrl.plist
Executable: /Library/StartupItems/SSDFanControl/ssdfanctrl
Details: Exact match found in the whitelist - probably OK

Launchd: /Library/LaunchDaemons/com.wdc.WDPrivilegedHelper.plist
Executable: /Library/PrivilegedHelperTools/com.wdc.WDPrivilegedHelper
Details: Exact match found in the whitelist - probably OK

Login Item: ~/Library/Application Support/.FUS/fuspredownloader.app

32-bit Applications:
3 32-bit apps

Kernel Extensions:
/System/Library/Extensions
ssuddrv.kext (1.4.42 - SDK 10.6)

/System/Library/Extensions/ssuddrv.kext/Contents/PlugIns
ssudmdmcontrol.kext (1.4.42 - SDK 10.6)
ssudmdmdata.kext (1.4.42 - SDK 10.6)
ssudmtp.kext (1.4.42 - SDK 10.5)
ssudserial.kext (1.4.42 - SDK 10.6)

System Launch Agents:
[Not Loaded] 16 Apple tasks
[Loaded] 159 Apple tasks
[Running] 119 Apple tasks

System Launch Daemons:
[Not Loaded] 39 Apple tasks
[Loaded] 178 Apple tasks
[Running] 117 Apple tasks
[Other] One Apple task

Launch Agents:
[Running] com.malwarebytes.mbam.frontend.agent.plist (Malwarebytes Corporation - installed 2019-11-04)
[Running] com.wdc.WD-Drive-Agent.plist (Western Digital Corporation Branded Products Group - installed 2017-07-01)

Launch Daemons:
[Loaded] com.adobe.fpsaud.plist (Adobe Systems, Inc. - installed 2019-09-24)
[Loaded] com.apple.installer.osmessagetracing.plist (Apple - installed 2019-10-24)
[Running] com.malwarebytes.mbam.rtprotection.daemon.plist (Malwarebytes Corporation - installed 2019-11-07)
[Running] com.malwarebytes.mbam.settings.daemon.plist (Malwarebytes Corporation - installed 2019-11-04)
[Loaded] com.piriform.ccleaner.CCleanerAgent.plist (Piriform Ltd - installed 2019-11-02)
[Loaded] com.wdc.WDPrivilegedHelper.plist (? 9f7f4405 - installed 2017-08-28)
[Running] net.exirion.ssdfanctrl.plist (? 6fbe74f0 - installed 2013-10-31)

User Launch Agents:
[Loaded] com.google.keystone.agent.plist (Google, Inc. - installed 2019-10-03)
[Loaded] com.google.keystone.xpcservice.plist (Google, Inc. - installed 2019-10-03)

User Login Items:
fuspredownloader.app (? - installed 2017-07-10)
(Application - ~/Library/Application Support/.FUS/fuspredownloader.app)

Internet Plug-ins:
Default Browser: (? - installed 2019-10-17)
FlashPlayer-10.6: 32.0.0.270 (Adobe Systems, Inc. - installed 2019-10-09)
Flash Player: 32.0.0.270 (Adobe Systems, Inc. - installed 2019-10-09)

Audio Plug-ins:
AppleTimeSyncAudioClock: 1.0 (Apple - installed 2019-11-07)
BluetoothAudioPlugIn: 6.0.7 (Apple - installed 2019-11-07)
AirPlay: 2.0 (Apple - installed 2019-11-07)
AppleAVBAudio: 683.1 (Apple - installed 2019-11-07)
BridgeAudioSP: 4.69.2 (Apple - installed 2019-11-07)
iSightAudio: 7.7.3 (Apple - installed 2019-11-07)

Safari Extensions:
ABP - App Store (installed 2019-06-08)
ABP Control Panel - App Store (installed 2019-06-08)
AdGuard - App Store (installed 2019-10-26)
AdGuard Custom - App Store (installed 2019-10-26)
AdGuard Other - App Store (installed 2019-10-26)
AdGuard Privacy - App Store (installed 2019-10-26)
AdGuard Safari Icon - App Store (installed 2019-10-26)
AdGuard Security - App Store (installed 2019-10-26)
AdGuard Social - App Store (installed 2019-10-26)
AdvancedBlocking - App Store (installed 2019-10-26)

3rd Party Preference Panes:
Flash Player (installed 2019-09-24)

Time Machine:
Time Machine information not available without Full Drive Access.

Performance:
System Load: 1.79 (1 min ago) 1.72 (5 min ago) 1.58 (15 min ago)
Nominal I/O speed: 0.32*MB/s
File system: 32.96 seconds
Write speed: 399*MB/s
Read speed: 498*MB/s

CPU Usage Snapshot:
Type Overall
System 1*%
User 1*%
Idle 97*%

Top Processes Snapshot by CPU:
Process (count) CPU (Source - Location)
Other processes 5.22*% (?)
EtreCheck 4.46*% (App Store)
UserEventAgent 0.10*% (Apple)
WD Drive Agent 0.09*% (Western Digital Corporation Branded Products Group)
networkserviceproxy 0.05*% (Apple)

Top Processes Snapshot by Memory:
Process (count) RAM usage (Source - Location)
EtreCheck 433*MB (App Store)
com.apple.WebKit.WebContent (6) 117*MB (Apple)
Safari 111*MB (Apple)
photoanalysisd 110*MB (Apple)
com.apple.WebKit.Networking 49*MB (Apple)

Top Processes Snapshot by Network Use:
Process (count) Input / Output (Source - Location)
com.apple.WebKit.Networking 416*KB / 53*KB (Apple)
Other processes 129*KB / 114*KB (?)
SystemUIServer 0*B / 408*B (Apple)
routined 0*B / 0*B (Apple)
NotificationCenter 0*B / 0*B (Apple)

Virtual Memory Information:
Physical RAM: 4*GB

Free RAM: 15*MB
Used RAM: 3.00*GB
Cached files: 1008*MB

Available RAM: 1024*MB
Swap Used: 273*MB

Software Installs (past 30 days):
Install Date Name (Version)
2019-10-09 Adobe Flash Player
2019-10-26 AdGuard for Safari (1.5.4)
2019-10-31 XProtectPlistConfigData (2107)
2019-11-01 Safari (13.0.3)
2019-11-07 Malwarebytes for Mac
2019-11-07 EtreCheck (5.4.4)

Diagnostics Information (past 7 days):
Directory /Library/Logs/DiagnosticReports is not accessible.
Enable Full Drive Access to see more information.

End of report

[ugox@]

Nessuno? Mi è ritornato lo stesso problema si riavvia in partenza


Inviato dal mio iPhone utilizzando Tapatalk