After upgrading to Sequoia, I noticed that there are 4 new volume disks on my desktop. They all have the exact same name: "Creedence11M6270.SECUREPKITRUSTSTOREASSETS_SECUREPKITRUSTSTORE_Cryptex", are all the same size/ have the same files, and are APFS format. Can I delete these files? or the duplicates and leave one? Screenshot attached.
iMac 21.5″, macOS 15.0
One of our customers has this issue too, currently in the process of troubleshooting it and so far managed to get rid of the dmg from mounting. Now in the process of figuring out what the source is.
I recommend using this process to figure out which app(s) is/are causing this
Go to your login items (launch daemons) and literally turn off everything that has a slider in the list and once you've done that reboot your Mac. You'll notice that it won't come up anymore.
After that try turning on a handfull of startup apps every time to narrow down which app(s) are causing this to come up.
This will help you find out the reason, since only 1 person is affected from our customer I have asked that person to perform these steps as he's a local admin on his Mac.
I just started seeing these folder on March 16, 2025 after updating to 15.3.2
I believe that this Creedence/Cryptex issue is due to, and is the result of, ANY Carbonite-Regulated Hard/SSD Drive, Internal or External, (or "CRD" for short), that is attached to any other computer (PC or Mac) different from the "CRD" computer itself, i.e., where the Carbonite App resides and is Licensed to protect.
It looks to be a clandestine means of tracking where the CRD "goes", i.e.,
this particular CRD, a Mac TimeMachine external HDD that was originally connected to a family-member's MacStudio (Sequoia 15.3.2) for regular backups, became full, and was replaced by a newer, larger RAID drive.
The original older CRD HDD (a 4Tb Seagate) was Carbonite "protected", but was removed BEFORE it could be "un-protected" by the CRD MacStudio that had the Licensed Carbonite App on it.
When this original 4Tb Seagate CRD was subsequently attached to a completely different, non-Carbonite-Licensed Mac (an iMac 2019), to be secure-erased and reformatted, the iMac 2019 became "infected" with the Creedence/Cryptex issue, that DID NOT EXIST prior to this connection.
Maybe some Apple or Carbonite folks might like to chime-in here?
Unfortunately, after sliding all of them off and rebooting, the cryptex volume still appears in Disk Utility...
Apart being annoying because it's there, it doesn't make any harm so, not sure I will follow the full procedure mentioned by @Todd G. Myers. Also, as I still have Ventura on my internal, I probably can't use Recovery to reinstall Sequoia on my external TB enclosure...
patrickfrompaducah wrote:
After getting online with Apple
[...]
The drive will still be used by Apple Criptex stuff, but not annoy you.
Did Apple support tell you why those ...Cryptex.dmg files were recently introduced to external boot drives?
The function of it is to allow Apple to update parts of the MacOS without a full update. It creates these secure partitions on any drive that you boot from or contains one of these areas of the OS, regardless of internal or external.
So, @patrickfrompaducah , it only appears for those booting Sequoia from an external drive if I follow you correctly... or do you mean anyone with external drives on their Sequoia computer?
Thanks,
Patrice
I wrote:
So far I have spotted these .dmg files generated only on external drives in Sequoia 15.1.1 or later.
I now see that .dmg also on Sequoia 15.2 internal disk at:
/System/Library/AssetsV2/com_apple_MobileAsset_PKITrustStore/purpose_auto/6dd55b0d06633a00de6f57ccb910a66a5ba2409a.asset/AssetData/Restore/SECUREPKITRUSTSTOREASSETS_SECUREPKITRUSTSTORE_Cryptex.dmg
I swear it did not exist there a few months ago although it and its enclosing and subfolders, and other files there have date 19. Sep 2024. Previously those items were only present on external Sequoia boot volumes.
The remaining difference to external boot volumes is that Disk Utility does not show that .dmg as an unmounted volume at the bottom of its list on the left when booted to the internal volume while when booted to an external volume it is listed there (it has never auto-mounted for me when booted to the external volume).
I have decided to ignore that gremlin. I guess it is just some new part of macOS security chain and updates.
That's kind of scary... I have experimented almost the same, but I had installed only 4 apps that I trust for the moment on top of the OS. I've succeed formatting the Creedence drive by stopping a deamon. I was then able to unmount it. Then I have scanned my whole drive with Bitdefender Virus scanner but found nothing. My Mac CPU was used abnormally by some invisible background process though. Also the WindowServer seems to use too much CPU. My CPU is always at 100% even if I do nothing. So I have reinstalled Sequoia. Now the background activity is less suspicious but still anormal I think... I will try to do a clean reinstall of sequoia probably tomorrow to see if that "new virus" still use my cpu or the Creedence reappears.
It was using 100% of my CPU, and even after reinstalling the OS,(not a clean install though) it still uses, most of the time, a lot of background processing. The WindowsServer deamon for exemple use too much processing even if I do nothing except monitoring with the activity monitor. That is suspicious...
I've just experienced the same on my iMac. I have a feeling it is related to the Cisco Any Connect app and the connecting over VPN. But would welcome any suggestions to fix it.
My other theory is that it is the DropBox change to being a "location" from being a folder.
I took my 2019 27-inch Mac to the Apple Store because the Creedence Cryptex disk and Container disk4 appeared in the disk utility. The Mac has been running very slowly ever since I upgraded to Sequoia 15.3. The Apple techs didn't know what they were, and they tried to delete them, erase them, and unmount them.
The disks are gathering information as I write this. To do what with? They suggested I reinstall the operating system and start with a clean slate. Any thoughts?
I mentioned this on 1/24/25
So I had one Creedence .dmg file in my disk utility window-IT SHOULD not be there. I started up with an external drive and made all the files visible on the boot drive and external drive there by seeing the invisible Creedence .dmg in the AssetsV2 folder. I deleted the Creedence .dmg from there.
I figured if it already installed what it needed to install- no need for the .dmg file and it seemed to me as an errant remnant file. Made all the files visible again and restarted from boot drive. Everything is fine and no Creedence image file in disk utility. How and why it appeared, I have no idea. Maybe from a failed start up from an old copy of Ventura on an external drive, possibly!
just did a fresh install of macOS 15.1- iv never had this before..
@etresoft
What would be an example of a 3rd party system modification app?
Would this cause a bad case of the Pinwheel of Death?
4 disks called "Creedence Cryptex" appeared on my desktop
