goodday,
i had already paid for and downloaded my macbook keeper before i entered this forumn but i have not noticed any problems from my mac yet so i just wanna find out if there are things i should look out for
Thanks
MacBook Pro, Mac OS X (10.6.8), macbook pro 3,1
Isn't it possible users are confusing popup ads or other web page stuff with something left over from uninstalling MacKeeper?
That is what I assumed for a long time. I actually got criticized by some folks for downplaying such concerns. A number of private communications, as well as a few here, eventually convinced me that the popups were actually coming from MacKeeper. Especially when people removed all the Mackeeper LaunchDaemons and LaunchAgents and had the popups go away.
Not really... since it's already been removed successfully, I'd say you covered the bases well!
Thanks.
Thomas A Reed wrote:
A number of private communications, as well as a few here, eventually convinced me that the popups were actually coming from MacKeeper. Especially when people removed all the Mackeeper LaunchDaemons and LaunchAgents and had the popups go away.
OK, good to know, but maybe more to the point is if anybody can confirm that the uninstaller does not remove these items. The often mentioned Phil Stokes link says to avoid using the uninstaller because "It doesn’t actually clear out all of MacKeeper’s files, and it phishes for personal details before it lets you even run it."
But it never says exactly what files aren't removed & the "phishes for personal details" comment seems to be about nothing more than the dialog box that forces users to choose a reason for why they are uninstalling it before the uninstaller will continue. The whole piece seems sensationalistic, at least somewhat misleading, & lacking in details an "Apple & Doc Writer" would normally include.
Assuming users manually removed the files he mentioned -- most of which are harmless & contain nothing that can do anything without the launch items -- but missed one of those four, that could explain the "popups" as nothing more than notices that the app needs to be reinstalled.
There is an ironic twist to all this: MacKeeper uses some of the same techniques elsewhere considered OK, but because of its dubious if not downright deceptive marketing, it may in a sense be its own worst enemy.
Regardless, I think it quite obvious that there is no way to avoid unverifiable speculation without a "smoking gun" -- a file that can be shown to cause some specific kind of popup behavior, whatever that may be, & that the uninstaller fails to remove it, with or without first sending some "personal details," whatever they may be, that are somehow sent with malicious intent.
Failing that, the claims of it being genuine malware are & will remain unproven & at least somewhat dubious. I don't see any way to resolve that without access to firsthand reports that provide enough detail to duplicate those same results. Do you?
The problem of verifying the behavior I have described is that, if etresoft is correct, the behavior has changed. Just like I can no longer prove that they own the ClamXav.org domain... I kick myself frequently for not taking a screenshot of the Whois info back when it wasn't obfuscated!
Regarding Phil's info, I make no statements one way or another about phishing attempts or any of the rest of his page. Other than to say that his removal instructions seem to work.
As to MacKeeper being malware, I never make that claim. I agree with you on that point... Calling MacKeeper malware muddies the water and confuses people. The company is unethical and dishonest, and the software isn't worth the price, but that doesn't make it malware. It's just software best avoided.
R C-R wrote:
Are you ignoring or unaware of the fact that the latest versions of Flashback exploited a vulnerability in Java that did not require elevated privileges to install its payload? What stopped it was Apple's release of a patched version of Java that removed the vulnerability.
I think I heard something about that. The thing is, contrary to a lot of other misinformation, Flashback couldn't get out of restricted userland permissions without help. That means it couldn't do a lot of nasty things that would otherwise make it very problematic. I am sure that Windows would never have gotten the bad reputation it has if Windows malware had been restricted to user accounts like they are on the Mac. It makes cleanup on the Mac quick and easy. Maybe Apple should incude a malware removal script as part of its periodic maintenance scripts. Only, instead of running nightly, it runs once a decade.
Nobody has answered the OP's question, except in vague ways sadly lacking in practical information. What exactly should he look out for with MacKeeper installed? That's what this topic should be about, not all this pointless bickering!
stevejobsfan0123 created another thread in the other forum. People chose to fight it out in public instead. I'm cool with that. Such is the nature of community. Sometimes it gets messy.
As for the original poster's question, there isn't anything to answer. If someone has installed software and their machine is running fine, what should they look out for? Maybe some sort of indications that it isn't running fine. If that happens, my first suggestion would be to uninstall any antivirus 🙂. Luckily, with MacKeeper, that's easy.
Thomas A Reed wrote:
The problem of verifying the behavior I have described is that, if etresoft is correct, the behavior has changed.
But if it has changed, then everything reported about its previous behavior is (in this one respect) now irrelevant, right?
BTW, my intent is not to prolong an endless debate about this product's worth. I'm just trying to focus the discussion on info the OP can use. I have no desire to try it nor would I recommend it to anyone. But that too is irrelevant to the OP's situation.
The only things that are really relevant are 1) what specific problems should he look out for & 2) to a much lesser extent if the uninstaller is safe to use if he encounters problems that warrant its removal.
Without up-to-date, firsthand knowledge about the product, I don't see any way to provide that.
But if it has changed, then everything reported about its previous behavior is (in this one respect) now irrelevant, right?
Only if you consider a pattern of past unethical behavior on the part of Zeobit to be irrelevant.
Flashback couldn't get out of restricted userland permissions without help. That means it couldn't do a lot of nasty things that would otherwise make it very problematic.
Absolute rubbish! Ask all the people who got infected without providing an admin password if this was a problem. Tell them that any possible phishing through browser redirection or data collection that it might have done isn't a problem. Your ignorance of security issues is truly astounding.
You simply need to stop this kind of misinformation. I doubt very many people would believe that malware that has gotten installed on their system is not a problem, but some may be.
People chose to fight it out in public instead.
Hmm, yes, wonder who those "people" were? Which people went throwing out accusations of slander and libel and outright called me a liar in a public forum before I had even set foot in this discussion? I know of only one.
Thomas A Reed wrote:
Your ignorance of security issues is truly astounding.
Not as astounding as your ignorance of technology issues in general. Do you even know what "~" means?
Hmm, yes, wonder who those "people" were? Which people went throwing out accusations of slander and libel and outright called me a liar in a public forum before I had even set foot in this discussion? I know of only one.
Is your website a private forum? If so, why do you keep posting links to it here? If you are going to say something in public, make sure it is true next time by checking it yourself instead of relying on what people tell you. If you can't prove something is true, don't repeat it. That advice is just as good now as it was in kindergarten.
etresoft wrote:
I think I heard something about that. The thing is, contrary to a lot of other misinformation, Flashback couldn't get out of restricted userland permissions without help. That means it couldn't do a lot of nasty things that would otherwise make it very problematic.
I don't know what you "think" you heard or where you heard it but the Flashback variants that exploit the Java vulnerability Apple's patch closes (basically, what F-Secure calls the "I" & "K" variants) do not need access to anything besides the user domain to compromise user's systems by installing malicious binaries that run whenever a user logs in or launches an application. This has been explained in detail by F-Secure, for instance here for the K variant.
You have seen these links before in other discussions, yet you still cling to the idea that they are somehow misinformation. If I'm not mistaken, you even disputed that the infection was widespread, using Symantec as your source, yet that company's comments here & most recently here show that to be wrong.
I respect your efforts to investigate MacKeeper's behavior firsthand but you only undermine your own credibility with poorly researched, vague comments like the above. It's time for Mac users to quit indulging in wishful thinking & take real malware threats seriously. MacKeeper is not malware, but there are real malware threats out there "in the wild," & they are constantly getting more sophisticated.
Thomas A Reed wrote:
Only if you consider a pattern of past unethical behavior on the part of Zeobit to be irrelevant.
I consider it to be irrelevant to the OP's issue unless it can be shown how it applies to him. Any number of companies, Apple included, have been guilty of dubious ethical behavior according to many people & even some government agencies, so why is so much vile hyperbole & secondhand speculation focused on this one particular company?
And why especially have there been no answers forthcoming to what should be easy to show; namely, how exactly the product does whatever undesirable things it is accused of doing?
R C-R wrote:
And why especially have there been no answers forthcoming to what should be easy to show; namely, how exactly the product does whatever undesirable things it is accused of doing?
This may shed some light on the popup issues that have been mentioned. Many of you have probably seen it before. Dispite what you might think about the individual and his choice of usernames, it does appear that he did his homework.
There is also quite a bit of information about the "paid" comments on MacUpdates' MacKeeper page and also an admission by at least one user in the forum that they were offered a free upgrade to the 2012 version in exchange for a comment.
MadMacs0 wrote:
This may shed some light on the popup issues that have been mentioned. Many of you have probably seen it before. Dispite what you might think about the individual and his choice of usernames, it does appear that he did his homework.
I browsed through that ten page topic but I didn't see anything specifically about uninstall issues. In fact, most of it seemed to be about web page popups, popunders, & such.
Is there a particular post or date range you can direct me to in that topic that I might have overlooked?
is mackeeper safe on my systems as i have already downloaded and installed it
