Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

David.cg

macrumors newbie
Original poster
Nov 9, 2023
24
0
Good morning,


For my work I had to install an application called Purple, to be able to enter engineering mode, purple mode, on some Apple devices, such as iPhone or iPad.


It turns out that I have been surprised to see that every morning the antivirus/antimalware detects malware called FileRepPup [PUP] and Other: PUP-gen [PUP], both of which come from an infected file called Purple Pro, which I deduce is It comes from the Purple program but I already uninstalled it due to the malware problem, but even so, every day the antivirus continues to detect this malware, it comes from this file and it quarantines it for me.


Is there any way to do a deep clean, root clean all this malware and eradicate it completely so that the antivirus does not notify me every day that it detects me and quarantines this file???



Thank you so much.
 
No one could tell me how to remove this malware??
It's been 200 visits and a week and no one has told me anything.
 
What Purple app have you installed? What antivirus detects it, but doesn't remove it?
 
The application is Purple Pro, it is for iOS engineering, to enter purple mode in iOS.
It is detected by the antivirus called Avast Security.
And no, it doesn't delete it, it always puts it in quarantine, then I go into section forty and manually delete the infected file.
But every day the same infected file appears and it's always the same.
 
Exactly, I am referring to that known exploit that comes from 1nsane.dev.
But I don't know if I downloaded it from a malicious site or something, but as a result of this, the Avast antivirus, every day, even if I delete it, detects a file as malware.
 
Okay, thanks
I will try one of these two to see if it eliminates it, if not, comment again here

Thank you.
 
It has been of no use to pass the antimalware that you have offered me, Avast keeps pointing out the file infected by the purple malware.

I'm still in the same condition and I don't know what to do.

Any other ideas or suggestions.

Thank you.
 
If you don't have any valuable data on your device, why not perform a disk wipe and start over? Reinstall macOS and other programs and restore your data...

Or remove the antimalware installed since you are bothered with the pop up...
 
I had already thought about deleting everything and reinstalling macOS, but it's a pain to have to do that.
I would prefer to be able to delete the malware file but I can't do it.
Although the antivirus gives me the option to delete the file it quarantined, the same thing appears every day, even though it was previously deleted.

If anyone has any idea of how to actually delete what is infected and not have to reinstall again, I would appreciate it, if not, then I have to reinstall.
 
I uninstall Avast, but what do I install?
Clearly I have a malware problem, if I uninstall this I will be left unprotected.
In its place, what would you put that was in good condition?
 
Where is the file that Avast claims to be infected? Can’t you just delete it from Finder?
 
Curiously, I have tried to access the file manually, through the finder to be able to delete the folder where the supposed file is located, but the sequence of folders that Avast shows me, if I follow it with the finder, there comes a time when it is cut off and no such folder appears.
Therefore I cannot delete anything manually, because it is as if it did not exist, I cannot find it.
I have the option of being able to see hidden system files, so that is not the problem.
 
Please post a screen capture of the path Avast is showing. You can hide the user name, if it's shown.
 
I put two screenshots because the Avast window that shows the file path is small and I have to do it in two parts.
Done says "Ruta de archivo", it means the file path. It is in Spanish, sorry.
 

Attachments

  • Captura de Pantalla 2023-11-17 a las 15.09.20.png
    Captura de Pantalla 2023-11-17 a las 15.09.20.png
    1.2 MB · Views: 45
  • Captura de Pantalla 2023-11-17 a las 15.11.06.png
    Captura de Pantalla 2023-11-17 a las 15.11.06.png
    1.2 MB · Views: 50
Where the /CmRMfJ/ folder is supposed to be, I can't find it anymore, logically everything that came in front of that, well, neither.
 
Thanks for your contribution.
But most of the files tell me that Read-only file system or Operation not permitted, Directory not empty.

I don't know if the process has really been carried out satisfactorily or not.
 
My guess is that Avast stores the quarantined files in those folders. Uninstall Avast, reboot, see if the folders are still there.
 
The files containing the CmRMfJ folder have all been deleted, but the CmRMfJ folder itself is still there without being deleted.
I don't know if it belongs to the system or is from Avast itself, but it's still in the same place.

I don't know whether to install another antivirus, because I don't know if I have any files infected with malware.

VirusBarrier Scanner, it detected me, now I don't remember, malware or virus and apparently I deleted it, I don't remember the name of it either, it seems to me that it didn't name it, it just said some numbers.
 
Delete the Purple app, reinstall Avast, see if it still detects "malware".

For the record, this is what Intego flags in the Purple app:
Intego.jpg
They are all iOS jailbreak tools.

Bitdefender flags more, still all iOS jailbreak tools.
Bitdefender.jpg
 
So, could we say that it really is not malware? or do they use malware for jailbreak tools?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.