![]() #MACOS MALWARE RUNONLY TO AVOID DETECTION REGISTRATION#.I doubt he’s the guy but Le Lu (Chinese name) is one of software engineering Google Scholars. The person who was interacting with me on YouTube comments said his name is Le Lu, though. You can open documents, read, write and move… and so on, like Finder + Adobe Acrobat on iPhone. I don’t know why it’s in Mandarin though. It’s a root app developed by Apple called Files (iCloud). Heard that’s also rare but a lot of people use torrents so still, can happen.įor the file descriptions in Chinese Mandarin, it’s not a downloaded software. Somebody had a remote access on my laptop and played with my YouTube comments (editing HTML? No idea) to have a brief interaction. I have Python 3 installed on my laptop! I looked up rootkits and learnt about EvilOSX how it can replicate a software and infiltrate users’ Mac and personal data once it’s given the permission to be installed… this is what I did basically in 2019. I’m glad I don’t have to go through another process of factory resetting again and suffer in pain with those tenacious Adobe leftovers. ![]() Hello, First I want to thank you both for walking through problems with some facts.Īs suggested, I used macparc to wipe out Adobe completely and my Macbook Pro’s finally handling Pages like a Pro. None of what you've posted so far gives any reason to believe your Mac is infected with malware. I can't tell you why some files are showing with Chinese characters on an iPhone in your first screenshot. This is probably Acrobat installing Python for some specific task, since Python is not installed by default on macOS any longer. There is absolutely no reason to believe that the Python item in /private/tmp (NOT, you should note, ~/private/tmp, which does not exist) is a rootkit, or any other type of malware. However, be aware that there is no malware for Mac, of any kind, that would survive wiping the hard drive, unless it were to be copied back onto the system as part of restoring from backups. There are a variety of definitions of "rootkit," and some still could exist. ![]() This is just general advice, not specific to this particular reply. ChatGPT will give you wrong or incomplete answers with supreme confidence. PLEASE do not ask ChatGPT questions and expect a truthful answer. ![]() This does not look in any way like malware activity. In this case, it looks like Acrobat is using that to encrypt form data of some kind. The screenshots from RansomWhere? mean that processes launched by Python (this is what "Python's kids" means) are encrypting files. You didn't answer my question about Adobe Acrobat. I'll have to refresh my memory on your Pages problem. Has been with every one of the dozen or so Macs I've owned or operated since the late 1980's. Ask any other Mac user to check their compared and they will confirm this is perfectly normal. As described, Safe mode disables not only 3rd party software and services, but only loads those Apple services absolutely necessary to allow it to boot-up. Running your Mac in safe mode will always result in strange occupancies, especially graphics, some more than others due to hardware differences. Again, macOS rootkits are not only less common than the Windows variety, they are out-and-out "rare." The only other possibility is that there's a new zero-day out there that nobody knows about yet. Yes, of course there have been macOS rootkits and I said that in my reply, but most are extinct (either patched to prevent or no longer in circulation) and those that are known to still exist would have been detected by Malwarebytes. Please help, I've been feeling paranoid for years. Why is my iCloud Files on my iPhone in Chinese Mandarin (I don't speak/use Mandarin at all)? Why can't I find "~/private/tmp/PKInstallSandbox.WRVN圓/tmp/Python/ amework/Versions/3.11/Resources/Python.app/Contents/MacOS/ Python" on Finder? This is a rootkit right? The external hard drive, which I used to use it for backups is still sitting in the corner of my room and I'm reluctant to use it as it contains those old pirated softwares from 2019. Mind you, the spec of my laptop isn't bad at all. I have not downloaded anything fishy at all since and been always very skeptical of pretty much everything that happens on my computer like emails, websites that I go onto etc. If you take a look at the screenshot I took on DiskUtility, I wonder why they made so many compartments <<< I find this very suspicious. I even had some creepy German guys (who called me privately during their working hours to flirt while my Macbook Pro was in their hands) at the Apple certified repair shop help me factory reset my laptop with a bootable USB two years ago and still, it's noticeably slow. My Macbook Pro's been acting very weird since 2019 when I downloaded some pirated softwares as a stupid broke student (deleted in 2019 the same year but problems persists).ĭespite having 'factory reset' my Macbook Pro 5-6 times, it hasn't been so successful.
0 Comments
Leave a Reply. |