Hello wonderful people,
So this keeps appearing in my Security preferences, which is odd as I'm not trying to install, well anything, and no profiles are appearing in preferences.
Has anyone else encountered this or similar?
MacBook Air (2020 or later)
Cambridge University UIS and I recall having this come up before that was installed. From their website and checked its provenance with my college. Only for the purpose of access to journals etc.
I mean maybe it's all fine and I'm just being too curious:
James Brickley wrote:
This could be dangerous malware.
It could be malware. But then when the OP mentioned “university”, all bets are off.
Can you locate "MyApplication"?
I've been struggling to work out what application this is an identifier for.
Can you click on the Open Profiles button and take a screenshot of the profile it's trying to install?
Do not install it however.
Whenever I click Open Profiles, it shows as empty. Then when I go back to the Security it looks normal:
That's normal ^
Then randomly a few times an hour goes back to:
It's entirely possible I'm making a fuss over nothing
If this is Adware -- Suggest downloading the Application Etrecheck directly from a well Respected ASC Contributor. and Should identify it as such and offer a solution.
If this is Malware -- Suggest downloading from a Respected ASC Contributor the application Malwarebytes for Mac. It is free or paid for added features. Run the Application and it should remove the malware / adware. Once done, restart computer and test.
There are no known Viruses in the wild that self replicate and affect macOS. There are Malware and Adware that does affect macOS and are often times downloaded as part of an Application from Third Party UnTrusted Site and get installed along with the Application.
This is deeply suspicious and very unprofessional. It is likely malware and if it did employe a Configuration Profile it is more dangerous than just adware.
Do you have a Profiles icon in System Preferences? Because it's normally not listed unless you have Configuration Profiles installed. Configuration Profiles are normally used by employers to manage fleets of Mac's. They can force settings well beyond what a normal user can typically accomplish under normal circumstances.
Please reply with a screen shot of the Profiles window. Along with the EtreCheck system report, attached as additional text.
Question - it the VPN came from what source ?? Was it downloaded from the University IT Department or was is download by your choice of Source ??
Point # 2 A - Commercial VPNs should only be used if Mandated by Corporate Head Office for working remotely. Otherwise - ones Privacy and Security touted by the VPN is suspect.
This could be dangerous malware. We really need to see the EtreCheck report and if you click that Open Profiles button it should display the profile information, capture a screenshot of it and attach the image in your reply.
DO NOT ALLOW the "MyApplication". When opening the Profile do not allow it if prompted on the Profile screen. Just take a screen shot.
Suggest downloading the Application Etrecheck directly from a well Respected ASC Contributor. The application is free or paid from added features. Run the application with Full Disc Access ( Security & Privacy - Full Disc Access ). It will take a Snap Shot - both the hardware and software. The Report will Not Reveal Any Personal Information. Post back the Full Report - copy and paste - using the Additional Text Icon ( 3rd Icon to last )
We can have a look at the report for possible issues and may have possible suggestions to resolve the issues.
Until that is done and addition questions in earlier posting are answered - it is difficult to know what is what. Has the University Mandated a VPN or their VPN ??
Do they Mandate surrounding the control of your computer to a MDM Service of their choosing ??
Until that is done and addition questions in earlier posting are answered - it is difficult to know what is what. Has the University Mandated a VPN or their VPN ??
Uni Cam created it for access to content such as journals. For publisher IP purposes...
Do they Mandate surrounding the control of your computer to a MDM Service of their choosing ??
Nope. Have checked. I did wonder...
P. Phillips wrote:
Suggest downloading the Application Etrecheck directly from a well Respected ASC Contributor. The application is free or paid from added features. Run the application with Full Disc Access ( Security & Privacy - Full Disc Access ).
Etre is fantastic.
EtreCheck report doesn't list the Configuration Profiles nor the kernel / system extensions. Please run the commands below and Terminal and copy paste the output in a reply.
List kernel extensions excluding Apple extensions
kextstat | grep -v com.apple
List the system extensions
systemextensionsctl list
It should list any unapproved extensions requiring activation which should list the MyApplication pending kernel extension
Next, let's capture all the Configuration Profile details.
By default this should return "There are no configuration profiles installed for user <username>"
profiles show
By default this should return "There are no configuration profiles installed in the system domain"
sudo profiles show
If you get a huge amount of results on this last profiles command run this to capture it to a file
sudo profiles show > /Users/Shared/profile_list.txt
Then attach the /Users/SHared/profile_list.txt by copying it's contents and using the Additional Text button in reply
All null, this is the odd thing, yet this strange Security and Privacy screen keeps coming back. The other odd thing about the screen is that normally I have it set to only allow Apps downloaded from Apple Store and not identified developers (which I manually check). Maybe it's just a bug and I'm fussing about nothing. That's very possible. Oddly, though it seemed to be preventing an MRT update (which I've just done manually - despite my having it all set up to auto update all in system prefs).
sjha@pc-1-2 ~ % kextstat | grep -v com.apple
Executing: /usr/bin/kmutil showloaded
No variant specified, falling back to release
Index Refs Address Size Wired Name (Version) UUID <Linked Against>
sjha@pc-1-2 ~ % systemextensionsctl list
0 extension(s)
sjha@pc-1-2 ~ % profiles show
There are no configuration profiles installed for user 'sjha'
sjha@pc-1-2 ~ % sudo profiles show
Password:
There are no configuration profiles installed in the system domain
Ps . I've removed the Cambridge VPN - the only one showing - to see if it happens again
Good idea and see what happens. The run another Etrecheck report for good measure IMHO
Since Gatekeeper keeps flashing the message about " Not A Trusted Developer " their Digital Certificate is Not Accepted by at least Apple - Thusly the message. Until that is resolved, most of the rest is rather mute.
Ok so message returns without the Uni VPN profile. Should I just leave GK to do this or is there a certificate or some such in keychain I should be deleting?
*I have everything I need to have installed installed.
Ohokthen wrote:
Ps . I've removed the Cambridge VPN - the only one showing - to see if it happens again
At what point did you remove the VPN? And did you remove the profile too?
Are there any other users on this computer? EtreCheck is really not designed for managed devices. I'm sure this is all something that the university is doing.
Gatekeeper - Strange unknown application trying to constantly install and bypass GK and mention of a profile that doesn't seem to exist
