Random apps freezing on macOS

[hyperknot]

Since a week, random apps are freezing on macOS. Firefox for example is unusable, I tried removing everything, making a new profile, even upgrading to an older version, but the moment I open any website it freezes.

AppCleaner also does the same once I try to delete an app.

How can I diagnose what is going on? I always get a crash log, which I always Report to Apple. Is there any tools or similar to allow me to see what's going on in that crash log?

I suspect it might be related to SoundSource, which I updated last week, but it might be entirely unrelated.

How would you debug this situation?

M1 Macbook Pro, macOS 14.7

 

[Fishrrman]

"I suspect it might be related to SoundSource, which I updated last week, but it might be entirely unrelated."

Have you tried COMPLETELY REMOVING SoundSource, to see if that makes a difference?

 

[hyperknot]

Hi, yes, that's what I did, but I had to figure out from terminal what to do.

I deleted /Library/Audio/Plug-Ins/HAL/* both ACE and ARK was present.

Then I deleted launch agents and daemons

com.rogueamoeba.arkaudiod
com.rogueamoeba.aceagent.label
com.rogueamoeba.acetool.label

Now, after a restart, it seems to be working correctly again.

 

[anxious.dev]

<<Caveated: depending on one's config>>

hyperknot, glad you were able to locate it!

I'm using Sequoia 15.0.1 on a MacBook Pro M1. For me, I had a similar problem but without having SoundSource, I noticed while occasionally sampling randomly "frozen" apps from within Activity Monitor that my unresponsive apps were getting blocked at keychain auth. Higher frequency examples randomly included Preview, Excel (with my personal subscription to office 360), TextEdit, Safari, and others. I was also receiving hourly keychain requests to use "login" from various things, including transparent network proxy, Excel, Bookmark requests for auth, and sometimes not entertaining them. Turns out my keychain was corrupted and blocking various typically unannounced processes that take advantage of the keychain, which is usually fine with me.

P.S. For others stumbling into my reply because Google sent you here, I'm very shy to mention this because of the few jerky dismissers, the abundant "it's nothing to worry abouts", the "post your details or just don't post" friends, and others with interests requiring divertive intentions, but I'll take the risk anyway and briefly say... I think I'm seeing *what I believe* could be a Pegasus-like trojan that, like others have stated, has the ability under lockdown to grab and takeover my keychain, launch/hide/use unauthorized MDM (Classroom/studentd) containers on my personal machine, completely takeover Duet and SoftwareUpdate, hide and takeover NVRAM, Preboot, and bridgeOS for self-reinstalling after several wipe-and-start-again-from-scratch attempts, install extensions whenever they choose, opendirectory, and whatever hidden apps and dylibs they want, set up workflows to process through any MacOS deamons including spotlight, language translation ai frameworks, replayd, screen-grabs paired with unindicated cam and audio recordings, generate scripts, set up their own unreachable (by root and my admin-level user id) shared volumes, fake symlinks, remove/prevent log entries and analytics transmissions, escape virus detection and etrecheck call-outs because after all it's just normal MDM and normal MacOS classes so maybe check your meds there Elliot Alderson... while also all illegal af in my jurisdiction. All of this to say if it's Apple doing this to me because I've done something to trigger to be blacklisted like installing Arabic language fonts or whatever, just ***** say and I'll happily relax and get out of the way of it. Otherwise, I'm not cool with just ignoring it, and ready to dedicate my time and resources to tracking down and holding whomever accountable in whatever means possible, legal of course, per se.