Mac Malware Bleg

Malware is slowing down my Mac :(

For a month or so I had a small Bing sponsored magnifying glass appear over all graphics.  Then it went. But now, whenever I’m on a news-site I get a ‘Discovery Bar’ appearing at the bottom of my screen. It only appears in Chrome which I use as my default browser. But it and the Mac generally are slowing down after about two years of use. Anyway, if anyone has some tips on how I can reliably restore my Mac to better working order without a full system rebuild, I’d be grateful. Here’s what I see when I go to the SMH for instance – see the bar at the bottom.

Discover Bar

This entry was posted in Blegs, IT and Internet. Bookmark the permalink.

11 Responses to Mac Malware Bleg

  1. Crispin Bennett says:

    Have no idea what that bar is, but two things come to mind that might help:

    1) check if a rogue extension has crept into Chrome somehow (chrome -> preferences -> extensions, and delete any you don’t remember having installed).

    2) install the Ghostery extension (, which enables you to filter out lots of ad-tracking stuff (and associated undesirable pop-ups and other cruft).

    Regarding general slowing-down, there are really only two likely causes: increasing number or workload of processes running (possibly in the background), taxing RAM, processor or disk I/O); or a space-constrained drive.

    Lack of drive space is easy enough to diagnose, but discovering RAM/processor/IO constraints caused by running processes unfortunately requires a fair bit of sleuthing. You could try this as a starting point.

  2. Slim says:

    As Cripsin has suggested, I’d check Chrome extensions and probably remove them all and then maybe add the ones you know you need after a restart.
    As for declining performance, I’d check login items from user settings in Sys Prefs and remove any you ablsoutely don’t need. There is also a Startup Items folder somewhere in the Library – check and remove any that aren’t important (Goolge if in doubt). Remove all data from the two Cache folders (anything important will be recreated) – one is in /Library/Caches and the other ~/Library/Caches – and then restart. Use disk Utility to repair permisions and you should be about done.

    I’ve used a program called CleanMyMac which let’s you do all of the above through a well-designed interface which shows you what it wants to do before doing it – deselect things you aren’t sure about. It finds startups, legacy programs etc, clears a number of caches and cleans up your iPhoto lbrary if you use it. Costs about $40 and works like a charm. I’ve used the manual techniques above and CleanMyMac on a number of work colleagues macbooks (and my own) with reliable success – worth doing once a month to clear out the dross and stop the appearance of spinning beachballs of death. After it’s finished, repair disk permissions.
    And your HDD should have at least 20% free space to be relaxed and comfortable. If you need a bigger HDD, CarbonClone your system first to an external USB drive (or directly to the new drive) and reclone to new drive. Doubling/quadrupling RAM speeds things up, as does a SSD. My current macbook installation is now 5 years old – from Leopard to Mountain Lion over two macbook incarnations and continues to run smoothly without ever having to do a fresh install.
    Good Luck!

  3. conrad says:

    If you are too lazy to look through extensions, then you could always just uninstall and then reinstall Chrome (make sure you save your bookmarks first).

  4. Nicholas Gruen says:

    Thanks guys – I’d started clearing out extensions, but had only disabled them. Will remove them. It’s also not lack of HD space. I have 250 Gigs and have 95 up my sleeve.

  5. Tel says:

    About time the Mac caught up with that other desktop operating system, especially in the bloatware stakes.

    It may be my imagination, but I think more recent versions of chrome are bigger and slower than older versions. Also, every tab you have open in chrome is another background process and significant memory usage, and this is made worse because more and more web developers load active bits of javascript that run in the background. Also, disable flash as much as you can, because 90% of the time you don’t need it and it gets used for all sorts of bloated rubbish.

    Generally, this is the way of software, eat the resources available to it.

    • Slim says:

      I find ClickToFlash is useful as it prevents Flash content loading – a nice side effect is that most of the time it forces HTML5 video to load instead. I stopped using Chrome – too many runaway CPU processes causing overheating and battery wear and tear – and Google seem to have no interest in making a 64bit version for Mac. Best security practive requires 64bit Java which Chrome can’t support. It’s back to Safari with a few extensions (Glims) to make it more useable. Firefox suffers similar issues as Chrome with runaway processes.

  6. Alan says:

    This exact behaviour happened to me some time ago. The culprit was a program disguised as an updater for Adobe Flash. It actually downloaded a piece of malware that set up the effects you describe.

    The solution is to look in your downloads folder and you should find an application you do not expect to see there among your recent downloads. If you cannot find the ringin in your downloads folder you should check your login items. The names, as usual with malware are highly, variable. Scrubbing the rogue application and its preferences should fix your problems.

  7. hc says:

    I think my Mac has been slowing down. I tried Crispin’s “Ghostery” recommendation. I noticed two things. (i) Goggle gets its paws into most of my stuff; (ii) I am unsure what stuff I can eliminate given the vague warning that some programs depend on the Spyware to work properly. I’d be happy to live with a less efficient browser and to pay if I could cut off the snoops. Suggestions?

    • Crispin Bennett says:

      @hc: Yep, Google’s the creepiest known-known on our current e-horizon.

      Re what to block, what I do is allow Ghostery to block everything (ie. tick all the trackers in Ghostery’s options), and then loosen selectively as required.

      So if you subsequently find a site doesn’t work, you can add it into the Ghostery’s whitelist. If that fixes it, you can either leave things there, or have a closer look at what specific trackers are compromising that site’s functions.

      Having said all that, Ghostery isn’t a solution to general slowing-down. It can speed up some web-browsing through marketing crud removal, that’s all. It’s mainly aimed at reducing corporate spying.

      For general speed issues, you might want to look at @slim’s suggestions above.

  8. Nicholas Gruen says:

    Well folks, I uninstalled Chrome and reinstalled – sceptical because the computer keeps lots of files associated with the previous installation. Anyway, having backed up my bookmarks etc, on reinstalling the bookmarks all popped up, just as before – ie before I reinstalled them – but I’ve not had any problems with the malware, so Bob’s my uncle – at least so far.

    I’ve not had to resort to any heavier remedies, but there all here on record if I need to.


Comments are closed.