to commonly asked questions.

Don't fall for the Adobe update scam PLEASE!

Just ran across a particularly bad piece of malware this week. Catalina now warns that you may have bad software on your machine but doesn't do anything to help you remove it. You may have seen the "xsoftware" will damage your computer and should be removed". Then you're presented with the choice to show in finder or cancel. Problem is, when you choose to show in finder, nothing happens.

Publicadvisesearchdaemon and Techfunctionsearchdaemon are two very evil pieces of malware that go beyond the usual folders. Normally, you can find the malware in login items, LauchAgents, and LaunchDaemons as well as within the Frameworks and Application support folders of both the main library and the hidden user's library. You clean those out and you're good to go. These two devils however went much further than I normally see.

Screen Shot 2020-05-11 at 8.01.57 PM

This bad guy adjusted the network settings, set a proxy for outgoing traffic, enabled root, then placed files inside root. This was a masterpiece of malware. I have to give them credit. All they needed to do was trick the user into typing their password.

DO NOT fall the for the Adobe flash player update scam. In fact, never type in your admin password if you don't really know why you're typing it. Computers are secure. Humans are not. Lots of damage can be done to your life if you grant permission for it to happen. Typing in your computer's password allows anything to happen on your computer. You don't really need virus protection. You just need to stop typing your computer's password in.
This image is a theme.plist hack