Ok, firstly a mea culpa. In a moment of weakness (post dinner + wine++), I down loaded and installed malware of some type.
It was the fake Adobe Flash update request that some website was asking for, and because I had recently upgraded to 10.14 I assumed it was needed following that.
The following morning I noticed safari was sluggish and then unresponsive. This is what I’ve done so far to try and remove it:
- deleted the installation files and downloads.
- Deleted the browser I downloaded it on (Opera).
- Ran Bytedefender (from the App Store) and sure enough that found some malicious files, in various locations named ‘PegasusSearch’. Deleted those and restarted, problem NOT fixed.
- ran Bytedefender again (on entire HD), no further problematic files found.
- checked Safari extension, there are none.
- deleted Safari website data and cookies and history.
- restarted, no change.
- opened Activity monitor and can see PegasusSearch running under network (see attachment).
- With Safari running I Force Quit that process, and Safari recoveries, briefly, but I can see PegasusSearch returning and that coincides with Safari ceasing functioning (losing access to the net).
- I note PegasusSearch is sitting in ‘root’.
- I run reinstall of Mac OS Mojave, thinking that would fix it.
Ok, so what next? There are two obvious options: I backedup to Timemachine prior to updating the OS (unfortunately though, not afterwards).
Do I Restore from that? Will that revert back to the previous OS? If it doesn’t will the problem still reside in OS 10.14?
Is there anything else I can do prior to a complete erase and doing a clean install?
Welcome any suggestions as I’m at head scratching point.