Utorrent hangover

Hello lowtechunderstanding,

Maybe all you need to do is eject the "GoogleSoftwareUpdate" volume. However, uTorrent has nothing to do with Google, so this kind of looks like adware or malware. Maybe try this....

I wrote a little diagnostic program to help show what adware is installed. Download EtreCheck from https://www.etrecheck.com, run it, and paste the results here. EtreCheck is perfectly safe to run, does not ask for your password to install, and is signed with my Apple Developer ID. When you are done, EtreCheck can be thrown in the trash.

If adware is installed, EtreCheck will help you remove it, although you may have to supply a password. If you aren’t comfortable with that, just post the EtreCheck report here and other helpers can tell you exactly what files need to be deleted and how to do so.

Disclaimer: Although EtreCheck is free to download and use at first, it will eventually ask you to buy a license. There are also other links on my site that could give me some form of compensation, financial or otherwise.

EtreCheck is only going to list what software you have running in the background. If you have adware, it will help you disable it. Unfortunately, EtreCheck isn't going to help you eject the volume. You will always have to do that yourself.

If you don't want to use EtreCheck, you could try MalwareBytes instead (https://www.malwarebytes.com). But you will still have to download a program. Although it is very effective, MalwareBytes does includes a kernel extension, which is a low-level system modification. You can uninstall MalwareBytes later, but make sure to use the proper uninstaller app.

The problem is that these adware and malware apps also use low-level system modifications. I can tell you how to find and remove them manually, but it requires using the Terminal. You will also want to have a good backup. The few times that I've ever given people instructions on manually removing such system modifications, they get inside some hidden directory, get confused, and destroy the operating system so that it no longer boots. It looks like your machine is new enough to be immune to that, but you could still do damage if you don't know what to do or look for.

etresoft is a long time user here who developed and maintains EtreCheck. It has been used thousands of times on these forums alone. EtreCheck and MalwareBytes for Mac are pretty much the only two apps in this category experienced members will recommend without hesitation.

Still up to you, of course. I'm just saying there's nothing to worry about.

I don't see anything there, other than the mounted disk image. It should be listed in your Finder sidebar on the left hand side. If not, go to Finder > Preferences and make sure "Devices" is selected. You could also get to it using Disk Utility.

It should go away if you restart too.

lowtechunderstanding wrote:

Thanks etresoft. I'll try restart now. One more question, Is it not odd that google chrome helper is using 9.06gb of ram?

That is quite a bit, even for Chrome. That "(66)" means that there are 66 distinct Chrome processes. I assume that is at least one for each tab. Do you have that many tabs open?

EtreCheck only looks closely at Safari and Safari is getting harder and harder to inspect. It doesn't know anything about Chrome. You could have adware or other malicious extensions in Chrome. It can never hurt to review your extensions.

All of Google's apps are extreme resource hogs. Chrome, Google Earth, etc. Their actual function is to watch your Internet usage (what you buy, sites you visit) and send that marketing data back to Google's servers. That's what the process com.google.keystone.agent.plist does the entire time your Mac is on, whether Chrome or other Google app is running or not. Personally, I will always strongly recommend removing anything by Google from your computer.

Hi there,

just me personally I'm very happy and I would swear for Transmission BitTorrent client. It's widely used cross-platform lightweight torrent client, although it got also infected in 2016 it's quite closely monitored by the community and information about all possible problems spreads pretty quickly. It should be available from https://transmissionbt.com/

I would say everything around BitTorrent clients and sites is a bit shady area and everyone have to be careful when installing this kind of software because it's often used to spread malware and viruses. You should definitely check file hashes, those are available from Transmission Download page and I would also go and check both download-link and also unpacked content of downloaded file with https://www.virustotal.com

This should give you some confidence about what are you setting up on your system.

Btw. good luck with cleaning up your Mac from Google's stuff have great day,

Manoli