MacKeeper/Zerobit Pop Up ad Problem

I have a problem with the macKeeper popup. Whenever it comes up it prevents me from quitting Safari and even firefox. Every time it pops up I have to restart my computer just to get it to go away. Is there any remedy for this? I have not downloaded it

I don't know why it locks your Safari up, with me, it goes when I use the 'close window' button or <CMND-W>

However, the reason you get it in the first place is that you visit a website that gets it's money from MacKeeper by allowing the MacKeeper ad window to automatically open in your browser. Apparently this is called a 'Pop-Under', and is ignored by Safari's Popup blocker. It isn't a popup, it's simply a page that opens.

The simplest way to avoid it is to stop visiting the website that activates it.

eg. I always get it when I visit snopes.com and enter a search query. Snopes are quite unapologetic about this - it helps fund their website.

pete

Good advice, peter.

I use GlimmerBlocker -- It's free, and made for Macs.

Takes up hardly any space, and that, along with checking "Block Popups" in Safari preferences,

makes certain that I get to sneaky pops -- ups, or unders! It's fabulous.

I surf the web in peace and this is my method

1: Firefox - AD Block Plus, NoScript, Ghostery, BetterPrivacy, HTTPS Everywhere, WOT

2: OpenDNS on my router

3: A hosts file addition that makes OS X refuse to connect to the parasites of the Internet (needs to be updated once a month or so)

Firefox + NoScript blocks Javascript which is responsible for pop-unders and MacSheild/Defender and MacKeeper from appearing.

When you need Javascript you enable it by clicking on the NoScript button to "Temporarily Allow All This Page" and Javascript will run. What your doing is establishing trust first and then running your scripts, not running around with your scripts on for every site, reducing the exposure window.

Note: Firefox (like Chrome) is a RAM hog, so if your menu's lock, simply close all open windows and open a new one. It's being fixed in the next version.

One should also be checking the status of their plug-ins routinely here:

https://www.mozilla.com/en-US/plugincheck/

Flash has a new auto-notify that will tell you your Flash is out of date, but only when you use Flash.

#3 is the hardest part and the most risky as it's messing with a system level file, but I've gotten the method down so new users don't have to use the Terminal.

A: Select all and copy all that you see on this page: (bookmark it for later use/updating)

http://winhelp2002.mvps.org/hosts.txt

B: Download the free TextWrangler from BareBones.

C: Open Text Edit and PASTE

D: Delete the line (important!)

127.0.0.1 localhost

E: Do a Find and Replace for ALL instances of

127.0.0.1

change to

0.0.0.0

F: Select All > Copy

G: Open TextWrangler and open File by Name

/etc/hosts

H: Do not touch the original entry! Add some returns to the bottom and PASTE

I: Save the file with your Admin Password.

J: When updating the hosts addition, repeat the same exact steps as above, just replacing the old hosts addition part with the new one. IT's VERY LONG! Do it once a month or when a update rolls out.

Copy this info, save it and surf in peace.

If you can't understand or do the above, don't. I can't help you any further.

Disable everything before changing over to OS X Lion as a precaution.

In short, your resolving the DNS for those hostile websites, ad servers and other crap yourself with 0.0.0.0 or "nothing" so your computer connects to "nothing".

"Nothing" connects, so "nothing" gets downloaded, thus "nothing" gets displayed.

Good Luck and surf in peace. 🙂

DS --

Did you used to be a PC user?

I can't imagine going to those lengths for a Mac.

Just asking . . .

I am afraid its worsen then THAT. I bought two licences from those fraud spammers, liftetime with "satisfaction or moneyback.Both my Imac and MacPro kept crashing after installing it. All the helpdesk from zeobit did for me was sending me mails i should re-install osx and mackeeper. When that didnt help, the gave in. I asked my money back, as in the guarentee. Thet denied flat out. "Sir this is not OUR software causing the problem, but OSX. Go there with your complained!"

Alsoo there newsletter......i UNLISTED 9 times now and still i get 5-8 spam mails a week.

It´s a fraud a company !!

> Can someone PLEASE tell me how to stop these MacKeeper/Zerobit pops from happening on my computer?

this is a 'Popunder' which is basically a website you visit who are sponsored by zerobit.

eg. when I visit Snopes.com and do a search, it launches a new window in the background for MacKeeper.

I asked Snopes about this and they were quite unapologetic. Clearly Zerobit help Snopes' cashflow, and in return anyone doing a Snopes search gets the joy of a new window ad for MacKeeper.

Now I know about it, I simply find the window - because I know it's there- and squish it.

Nasty, cockroachy thing :-(

If you're not getting this from Snopes, then you're getting it from another site.

It isn;t, AFAIK, anything installed on your computer.

pete

if its still on the App Store, perhaps there's a complaints procedure?

also, you might like to add your comment here:

http://www.macupdate.com/app/mac/33710/mackeeper

pete

I was getting the MacKeeper popups in Chrome. What I did was I went in to Chrome's "Preferences" > "Under the Hood" > "Content Settings" > "All Cookies and Site Data" and then searched for Zeobit in the little search bar. It showed up. I deleted that cookie (2 separate cookies associated with zeobit). There were 10 in total. I'm not sure if it worked, but it was the first time I could actually see the zeobit on my Mac to actually remove it. Definitely a SpamBot.

StarryDreamer: I don;t believe that it is a spambot - whenever you carry out a specific action, their webpage is launched. It also plants a cookie. The thing is like an automatic marketing link.

In my case, if I visit Snopes.com and conduct a search, up it pops, but in the background.

Snopes admit to allowing this in return for sponsorship - they call it a 'Popunder'

I imagine Neobit have similar deals with other websites.

hope this helps

pete

I've had notification of a reply to my post from Thomas A Reed.

Yet when I click the links either to this discussion or his actual post, I get an alert saying that I am unauthorised: " it appears you're not allowed to view what you requested. You might contact your administrator if you think this is a mistake."

why would this be, and how can I contact the administrator?

Is this topic under some sort of censorship?

pete

On this thread? I don't remember replying to any of your posts, and there are none of my responses on this thread. It's possible that I responded to someone else's post on this thread, which could have caused you to get a notification, and the post I replied to was removed.

Censorship does happen here, in a way, but only due to violation of the terms of use. Posts that violate those terms can be reported and the moderators can remove them, if they feel it is necessary. The poster in question will receive an e-mail explaining why the post was removed. Since I didn't get an e-mail, I can only assume that a post I replied to was removed, but cannot recall what that might have been.

> On this thread? I don't remember replying to any of your posts

here is what I got as an email update yesterday - it may be a different thread, but I the email links simply don;t let me in:

Is there a list somewhere of websites who adopt this procedure?

You mean a list of sites that advertise MacKeeper, or a list of sites that are dishonest like the MacKeeper folks? I'm not aware of the former, but one option for spotting (and reporting) bad sites is Web of Trust.

Note that if you start using WOT, I encourage you to also visit clamxav.org - a site devoted to scamming people looking for the real ClamXav site into downloading MacKeeper - and give it a poor rating.

Yup, I remember posting that, but can't find that now, nor the post that I was replying to. No idea why one of the "parent" posts would have been removed, but that obviously is what happened.

Thomas, I went to the ClamXav site and the comments page has been withdrawn :-)

It still downloads MacKeeper though

what a bunch of carrotwinkers :-(

pete