Comment by DanielleMolloy
6 years ago
It is mentioned in the third paragraph already, highlighted in green. They don't offer a method of clean removal to their users. They run a web server on your machine that will reinstall Zoom on your macOS whenever it is convenient for them (secretly, without asking you first).
See here: https://apple.stackexchange.com/questions/358651/unable-to-c...
That web server is exploitable, as explained in the article.
Note that most Zoom users (probably lots of business people) won't be capable of following the uninstall steps necessary at the moment..
Now, notwithstanding what I posted above, THIS is fucked up and inexcusable.
I do NOT appear to have the web server running, but I did have the ~/.zoomus folder and the ZoomOpener app there.
Is this because I'm scrupulous about killing LaunchAgents and LaunchDaemons?
Run this:
ps aux | grep zoom
You'll probably see "ZoomOpener" there. It is running but it's not in the "Force Quit" menu. Then, to kill it run:
killall zoom
Then you can follow the other directions indicated by the previous poster who gave information about how to lock your ~/.zoomus directory down to root so that it can't install itself again.
I do not have ZoomOpener running.
My feeling is that removing the startup item probably cripples this, no? I mean, fuck them for doing this, and get rid of all of it, but I think the StartupItem is required for their hack to work.
Right?