Once in a while a program nags me out of the blue to update. I seldom yield since I always suspect a trojan. For example today I get a persistent:
I launch Activity Monitor and sure enough, there is indeed a process with that name.
Yet after the last upgrade (to El Capitan) I didn't bother installing either Google Chrome or Google Earth. I confirm this in my /Applications folder.
But I do see the folder ~/Library/Internet Plug-Ins/Google Earth Web Plug-in.plugin, presumably left from a previous installation. I am puzzled. After looking at my login tasks
I see that Google Earth should not be running at login.
What launched it, and, more importantly, how do I confirm that such a request from an "Update Helper" is not a trojan?
Update
The answers and comments indicate that what I was asking is not clear. There are four questions/problems that need to be solved in this context. In order of increasing difficulty they are:
- I no longer use Chrome or Earth. How do I remove the Google Software Updater.
- How do I remove any one particular software updater if I no longer use, nor have installed since the last major OS X upgrade, that software?
- Some random window pops up and asks me to enter my password. It's bad enough if my user files are contaminated, but it's a completely different problem if I give a suspect program superuser privileges and take a chance in contaminating the system. How do I confirm which piece of software is popping the window? (And how could something be running without being present in the login tasks? I don't see any root cron jobs. Where else should I be looking?)
- There is a problem with OS X major release upgrades. I upgrade in-place (i.e., without formatting my drive). Both ~/Library and /Library are swelling
(sudo du -h -s /Libraryreports 3.5G andsudo du -h -s ~/Libraryreports 4.7G). How do I purge the unnecessary folders?
I meant to ask Q3, but I'll gladly settle for an answer to Q1.
In your answers and comments several people have recommended that this discussion will solve Q1. While that article is indeed very helpful, I don't have the file
~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/\
Resources/GoogleSoftwareUpdateAgent.app/Contents/Resources/install.py
The nearest file I have is
~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/\
Resources/GoogleSoftwareUpdateAgent.app/Contents/Resources/ksinstall
I'm tempted to just wipe out the folder
rm -fr ~/Library/Google/GoogleSoftwareUpdate/
Suggestions?
Best Answer
As others have mentioned, this discussion has some good tips for accomplishing this.
I have not tested any of these solutions as I still frequently use Google Chrome and do not want to delete these files myself.
If your Library contains a
install.pyfile:python ~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/Resources/install.py --uninstallor:
python /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/Resources/install.py --uninstallIf your Library instead contains a
ksinstallfile:~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/Resources/ksinstall --uninstallor:
/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/Resources/ksinstall --uninstallTest if it worked by running
defaults read com.google.Keystone.Agent. If it worked you should seeDomain com.google.Keystone.Agent does not exist.Alternatively you can also disable the updater without removing it completely by running:
defaults write com.google.Keystone.Agent checkInterval 0. The0essentially tells the updater to never check for updates.