MBP, OSX Sierra
Today while looking at the network preference panel I saw a modem device with a name 'MT67xx Preloader' which googles to some generic mediatek device name – this macbook doesn't afaik have a modem and none was connected via USB or bluetooth pairing as far as I know, is it possible that OSX somehow installed device drivers for it as I was (physically) browsing the smartphone section of a large retail store or should I suspect someone has physically tampered with it ?
How can I link this device to drivers / executables / processes on the system ?
What log files can be expected to contain info about it being installed ?
Best Answer
Run "ioreg -l | grep your search word"in the terminal maybe? Probably again without grep and just command F to search the modem name to see the things its associated with, if at all. That name with the two x's looks like things I've seen too. Sure there's more you can do but I'm no expert..just been dealing with a lot of odd things with Sierra myself. Are you doing this from single user or recovery?
If you're in recovery mode you should look for a bunch of ramdisks with "diskutil list" (15-18 about) if it's this embedded operating system firmware malware my devices all have.