“A critical vulnerability in MacKeeper, a controversial security program for Mac computers, could let attackers execute malicious commands on Macs when their owners visit specially crafted Web pages,” Lucian Constantin reports for IDG News Service.
“MacKeeper’s developers acknowledged the recently discovered problem and released a fix for it Friday,” Constantin reports. “[Editor’s note: We have instructions on how to uninstall the MacKeeper app and how to stop MacKeeper notifications from appearing in Safari.]”
“MacKeeper has been surrounded by controversy for years. Its previous owner, a Ukrainian-based company called ZeoBIT, was accused by Mac users of using aggressive advertising and scare tactics to push its product,” Constantin reports. “The company is close to settling a class-action lawsuit in the U.S. that sought $5 million in damages because MacKeeper warned users about fake security and performance problems to convince them to pay for the full version. If the settlement is reached, ZeoBIT will put $2 million into a fund for refunds, but won’t admit any fault.”
Read more in the full article here.
MacDailyNews Take: If you have MacKeeper on your Mac, follow the instructions to uninstall it and never install it again.
Related articles:
What ‘MacKeeper’ is and why you should avoid it – January 21, 2015
How to uninstall MacKeeper from your Mac – December 19, 2014
yes every time i see the ad with the MacKeeper robot i want to destroy him
He wants to destroy you, too.
cool
Had to remove this from my friends MacBook the other day.
Crapware, pure and simple.
MacKeeper, itself, is a virus. Everything associated with MacKeeper is sleazy.
Never install MacKeeper. If you see it’s popup ads or get link-jacked by their dirty JavaScripts, IGNORE them. Shut down your browser if you have to in order to avoid their scam. MacKeeper is one of the single worst programs you can install on your Mac. ZeoBIT, the source development company, currently has TWO class action multi-million dollar lawsuits pending against them for FRAUD.
The single solution to MacKeeper is to uninstall it.
How to uninstall MacKeeper from your Mac
If the instructions above don’t work, there are several other articles on the net about how to get rid of MacKeeper. Look for the most recent set of instructions, as the nefarious developer has changed what is installed over time.
Here is the SECOND pending class action lawsuit against ZeoBIT for FRAUD:
Class Says ‘MacKeeper’ Software Is Junkware
“Contrary to ZeoBIT’s marketing and in-software representations, however, neither the free trial nor the full registered versions of MacKeeper perform any credible diagnostic testing of a user’s Mac,” the complaint states. “Instead, ZeoBIT intentionally designed MacKeeper to invariably and ominously report that the consumer’s Mac needs repair and is at-risk due to harmful errors, privacy threats, and other problems, regardless of the computer’s actual condition.
. . .
Ward seeks class certification and damages for fraud, fraudulent inducement, breach of contract and unjust enrichment.
Some of the applications from Source Forge may come with advertising software built in, be careful, use only trusted sites, or the App Store.
Mal Advertizing
When a pop-up window appears warning of a VIRUS and instructs you to click OK on the dialog box. DO NOT CLICK OK!!!!!!!
Press Command w to close window.
If that doesn’t work Force Quit Safari.
In any case after Safari has quit, hold the shift key down and reopen. This will keep Safari from being redirected back to the site.
If you don’t already have it installed:
Download – Adware Medic and run to find and delete offending adware.
http://www.adwaremedic.com/index.php
Instructions for Ad-Injection Software Removal
Ad-injection software is advertising-supported software that can come from third-party download sites. Software that you download from such sites may have been customized to install both the software you want and the ad-injection software. If your Mac has ad-injection software installed, you might see pop-up windows, ads, and graphics while surfing the web, even if “Block pop-up windows” is selected in Safari preferences. Ad-injection software might also change your homepage and preferred search engine.
Check Safari settings and extensions
Go to Safari > Preferences, then follow these steps:
1. Click the General icon and make sure that the Homepage field contains the website you want.
2. Click the Search icon and make sure that the search engine setting shows your preferred search engine. Some versions of Safari have this setting in the General pane instead.
3. Click the Extensions icon. If you don’t want an extension or don’t know what it does, select the extension from the list and click Uninstall. These are examples of ad-injection extensions, but there are others:
• Amazon Shopping Assistant by Spigot Inc.
• Ebay Shopping Assistant by Spigot Inc.
• Searchme by Spigot, Inc.
• Slick Savings by Spigot Inc.
• GoPhoto.It
• Omnibar
Remove certain ad-injection software
Use this “Go to Folder” method to find and remove each item listed in the sections below, one item at a time:
1. Drag to select an entire line in the lists below, starting with /System/Library/Frameworks/v.framework, for example.
2. Choose Edit > Copy.
3. Open a Finder window, then choose View > As Columns.
4. Choose Go > Go to Folder.
5. Choose Edit > Paste to paste the line you copied into the text field.
6. Press Return.
• If the item is on your Mac, a window opens with the item you searched for already selected. Drag only that item to the Trash. If you’re asked to enter a password, enter your administrator password.
• If the item is not on your Mac, you’ll see a message that the folder can’t be found. Continue to the next item in the list.
Remove Downlite, VSearch, Conduit, Trovi, MyBrand, Search Protect
Use Go to Folder to find and remove each of these items:
/System/Library/Frameworks/v.framework
/System/Library/Frameworks/VSearch.framework
/Library/PrivilegedHelperTools/Jack
/Library/InputManagers/CTLoader/
/Library/Application Support/Conduit/
~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
~/Library/Internet Plug-Ins/TroviNPAPIPlugin.plugin
/Applications/SearchProtect.app
After you remove the items above, restart your Mac. Then choose Finder > Empty Trash to permanently remove them.
Remove Genieo, InstallMac
First follow these steps to stop the Genieo or InstallMac processes, if they’re running. Be sure to restart your Mac when instructed.
1. Open Activity Monitor.
You can use Spotlight (Command-Space) to search for “Activity Monitor,” then choose Activity Monitor from the search results.
2. In the Activity Monitor window, click the CPU tab, then click Process Name at the top of that column to sort the list alphabetically.
3. Look for the process “Genieo.” Select it, then click the Force Quit button (x) in the upper-left corner of the window.
4. Look for the process “InstallMac.” Select it, then click the Force Quit button.
5. Quit Activity Monitor.
6. Use Go to Folder to find and remove /private/etc/launchd.conf.
Restart your Mac
Use Go to Folder to find and remove each of these items:
/Applications/Genieo
/Applications/InstallMac
/Applications/Uninstall Genieo
/Applications/Uninstall IM Completer.app
/usr/lib/libgenkit.dylib
/usr/lib/libgenkitsa.dylib
/usr/lib/libimckit.dylib
/usr/lib/libimckitsa.dylib
/Library/PrivilegedHelperTools/com.genieoinnovation.macextension.client
~/Library/Application Support/Genieo/
~/Library/Application Support/com.genieoinnovation.Installer/
Restart your Mac
Now find and remove /Library/Frameworks/GenieoExtra.framework.
Restart your Mac
Choose Finder > Empty Trash to permanently remove the items.
Optionally remove other adware files
You don’t need to remove these files to disable the adware. If you do remove them, first remove the other files listed in the sections above. Use the same Go to Folder method to find and remove each item.
/Library/LaunchAgents/com.genieo.completer.update.plist
/Library/LaunchAgents/com.genieo.engine.plist
/Library/LaunchAgents/com.genieoinnovation.macextension.client.plist
/Library/LaunchAgents/com.genieoinnovation.macextension.plist
/Library/LaunchDaemons/com.genieoinnovation.macextension.client.plist
/Library/LaunchDaemons/Jack.plist
~/Conduit/
~/Trovi/
~/Library/Caches/com.Conduit.takeOverSearchAssetsMac
~/Library/Caches/com.VSearch.bulk.installer
~/Library/Caches/com.VSearch.VSinstaller
~/Library/LaunchAgents/com.genieo.completer.download.plist
~/Library/LaunchAgents/com.genieo.completer.ltvbit.plist
~/Library/LaunchAgents/com.genieo.completer.update.plist
~/Library/Preferences/com.genieo.global.settings.plist.lockfile
~/Library/Preferences/com.geneio.settings.plist.lockfile
~/Library/Preferences/com.geneio.global.settings.plist
~/Library/Saved Application State/com.genieo.RemoveGenieoMac.savedState
~/Library/Saved Application State/com.VSearch.bulk.installer.savedstate
Go to the /Library/LaunchAgents/ folder and look for a file named com.*.agent.plist. The asterisk (*) could be any word, including “Apple.” Example: com.midnight.agent.plist. Move the file to the Trash.
Go to the /Library/LaunchDaemons/ folder and look for a file named com.*.daemon.plist and a file named com.*.helper.plist. The asterisk (*) could be any word, but it will be the same word used in the LaunchAgents folder, above. Example: com.midnight.daemon.plist and com.midnight.helper.plist. Move the files to the Trash.
Go to the /Library/Application Support/ folder and look for a file name that is the same word used in the LaunchAgents and LaunchDaemons folders, above. Example: midnight. Move the file to the Trash.
Restart your Mac, then choose Finder > Empty Trash to permanently remove the items.
Source: Apple Inc.
🖖😀⌚️
no need for this app… apparently made to F&*% the Apple’s prestige.
Of course MacKeeper is crap. That’s the advertising that shows up most often when I watch YouPorn videos! – Seriously!
Tell everyone you know that Mackeeper is a junk program and a virus. Put every company that is related to this out of business.
From the very beginning, I considered it a virus unto itself. You know, like a Microsoft product.
Death penalty for the makers of MacKeeper!
Mackeeper is malware and does nothing to help your computer. Don’t install it. If you have it already toss it in the trash. It will pop up with an uninstaller. Comment that it is malware and it slows your system down. Restart your Mac to be rid of it.
Couldn’t you edit your hosts file so that Safari never is allowed to open mackeeper.com?
I’ve seen at least three websites used for MacKeeper click-jacking. They keep you busy dodging their bullets. But if you’re into editing your hosts file and collecting the sites, or can find a list of them (I didn’t collect them, but know another page was on zeobit.com) go for it!
I remember when Cult of Mac had a promotion for Mac Keeper, I have boycotted the site ever since.
They had a long standing deal with MacUpdate as well! A bunch of us pestered MacUpdate until they relented. Even then, MacUpdate was allowing the deluge of faked and coerced 4 and 5 star reviews of the crapware on their MacKeeper page. Thankfully, the tables are now turned. But ZeoBIT still has a lurker or two over there to bully actual reviewers.
Every time I see customers with MacKeeper installed, I tell them to uninstall it. It does NOTHING for your Mac other than consume system resources.
This just put the last nail in the coffin. Now it’s a huge security risk.
There was no reason and never will be a reason to use this program.
Eset CyberSecurity is a much better program for protecting your Mac, but in all-out honesty, just be mindful of what you install and where you install it from.
For example, if you want to install Adobe Flash Player, the ONLY place where you should get it from is Adobe.com and nowhere else.
*eats his Yoplait and watches as Mac uses screech, and smiles. holds up his yogurt in a solute* Welcome to the party.
You call Yoplait ‘yogurt’? Read what’s in it! Then choke on it.