I was looking at my login items and noticed that the entry for AddressBookSurceSyncScheduleHelper was shown having an unidentified developer. Since this is a standard Apple issue app I would expect that it would have identified Apple (or at least not said unidentified developer). My question is "is this something I should be concerned about".
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
AddressBookSurceSyncScheduleHelper
- Thread starter JacobWhale
- Start date
- Sort by reaction score
I don’t think it should be in your login items.
What macOS version are you using?
In Sequoia 15.5, AddressBookSourceSyncScheduleHelper is just a broken alias in /System/Library/Frameworks/AddressBook.framework/Versions/A/Resources/AddressBookSourceSyncScheduleHelper
What macOS version are you using?
In Sequoia 15.5, AddressBookSourceSyncScheduleHelper is just a broken alias in /System/Library/Frameworks/AddressBook.framework/Versions/A/Resources/AddressBookSourceSyncScheduleHelper
Ventura
There is more to the story, though. Yesterday I was going through my emails and came across a facebook message from a group that I use find additional information for my hobby. I had not responded to it and went to the site (regretably from the link provided. (bad on my partl). When I got to the site I was quickly switch to another page. Clearly not something associated with the site. I then got a stark warning message supposedly from Google ultimately telling me not to turn off my computer. Obvious attack. SO of course I shut down my computer. When I came on again I had a notification that this AddressBook.... had been added telling me that I could find it in General Settings.
This isn't something I'd normally do and and it took me a while to find it. Clicked the setting to prevent remote access....ONly later did Inotice the that it was an unknown developer. Spent some time researching for this. COuldn't find anything much, so I came here to check.
Not sure what I need to do now Don't know if I acted quickly enough to prevent damage. Have no idea how to delete this app.
ANy guidance greatly appreciated.
There is more to the story, though. Yesterday I was going through my emails and came across a facebook message from a group that I use find additional information for my hobby. I had not responded to it and went to the site (regretably from the link provided. (bad on my partl). When I got to the site I was quickly switch to another page. Clearly not something associated with the site. I then got a stark warning message supposedly from Google ultimately telling me not to turn off my computer. Obvious attack. SO of course I shut down my computer. When I came on again I had a notification that this AddressBook.... had been added telling me that I could find it in General Settings.
This isn't something I'd normally do and and it took me a while to find it. Clicked the setting to prevent remote access....ONly later did Inotice the that it was an unknown developer. Spent some time researching for this. COuldn't find anything much, so I came here to check.
Not sure what I need to do now Don't know if I acted quickly enough to prevent damage. Have no idea how to delete this app.
ANy guidance greatly appreciated.
Scan with these free apps from the App Store
Intego VirusBarrier Scanner https://apps.apple.com/app/id1200445649
Bitdefender Virus Scanner https://apps.apple.com/app/id500154009
Intego VirusBarrier Scanner https://apps.apple.com/app/id1200445649
Bitdefender Virus Scanner https://apps.apple.com/app/id500154009
You can get some more technical details about that login item (if you haven't already removed it) by running this in the Terminal:
"SFL" = Shared File List (kind of a legacy name for login items, recent items lists).
"BTM" = Background Task Management
This command will dump the current BTM database, which will include any login items and background tasks (e.g. privileged helper tools). The output will include the name of each item, the developer, the Team Identifier, bundle identifier, bundle identifier of the "parent", if applicable, and the URL (path) to the software that would actually get loaded when (if) the login item gets loaded. Hopefully that output will make it more clear whether the login item is nefarious, or just some Apple garbage that got added there accidentally (I've seen the latter).
Code:
sfltool dumpbtm"SFL" = Shared File List (kind of a legacy name for login items, recent items lists).
"BTM" = Background Task Management
This command will dump the current BTM database, which will include any login items and background tasks (e.g. privileged helper tools). The output will include the name of each item, the developer, the Team Identifier, bundle identifier, bundle identifier of the "parent", if applicable, and the URL (path) to the software that would actually get loaded when (if) the login item gets loaded. Hopefully that output will make it more clear whether the login item is nefarious, or just some Apple garbage that got added there accidentally (I've seen the latter).