Etre Check possible malware warning

[MacUser09]

Ran Etre Check on my 2018 MBP running Ventura 13.4. and it gave a warning about a Unix executable file "RemotePairingDataVault Helper" as possible malware.

/Library/Apple/System/Library/PrivateFrameworks/RemotePairing.framework/Versions/A/Resources/bin

Does anyone know what it might be? Anything to worry about?

 

[bogdanw]

That binary is signed by Apple, you can check from Terminal with

codesign -dvvv /Library/Apple/System/Library/PrivateFrameworks/RemotePairing.framework/Versions/A/Resources/bin/RemotePairingDataVaultHelper

On Ventura 13.4, it should return
"Authority=Software Signing
Authority=Apple Code Signing Certification Authority
Authority=Apple Root CA
Signed Time=Apr 19, 2023 at 8:18:48 AM"

 

[etresoft]

Ran Etre Check on my 2018 MBP running Ventura 13.4. and it gave a warning about a Unix executable file "RemotePairingDataVault Helper" as possible malware.

/Library/Apple/System/Library/PrivateFrameworks/RemotePairing.framework/Versions/A/Resources/bin

Does anyone know what it might be? Anything to worry about?

EtreCheckPro would not report that file as possible malware. Maybe you are running some version of EtreCheck from 7 years ago?