Q: how to remove pop ups of mackeeper in my browser?

The popups are either being produced by the websites themselves or by adware on the computer.

In the first case, avoid visiting those sites or use an ad-blocker.

In the second case, click here and follow the instructions.

(132525)

You may have installed ad-injection malware ("adware").

Don't use any kind of "anti-virus" or "anti-malware" product on a Mac. There is never a need for it, and relying on it for protection makes you more vulnerable to attack, not less.

Some of the most common types of adware can be removed by following Apple's instructions. If those instructions don't work for you, or if you have trouble following them, see below.

This easy procedure will detect any kind of adware that I know of. Deactivating it is a separate, and even easier, procedure that doesn't involve downloading anything.

Some legitimate software is ad-supported and may display ads in its own windows or in a web browser while it's running. That's not malware and it may not show up. Also, some websites carry intrusive popup ads that may be mistaken for adware.

If none of your web browsers is working well enough to carry out these instructions, restart the computer in safe mode. That will disable the malware temporarily.

Step 1

Please triple-click the line below on this page to select it, then copy the text to the Clipboard by pressing the key combination command-C:

~/Library/LaunchAgents

In the Finder, select

          Go ▹ Go to Folder...

from the menu bar and paste into the box that opens by pressing command-V. Press return. Either a folder named "LaunchAgents" will open, or you'll get a notice that the folder can't be found. If the folder isn't found, go to the next step.

If the folder does open, press the key combination command-2 to select list view, if it's not already selected. Please don't skip this step.

There should be a column in the Finder window headed Date Modified. Click that heading twice to sort the contents by date with the newest at the top. If necessary, enlarge the window so that all of the contents are showing.

Follow the instructions in this support article under the heading "Take a screenshot of a window." An image file with a name beginning in "Screen Shot" should be saved to the Desktop. Open the screenshot and make sure it's readable. If not, capture a smaller part of the screen showing only what needs to be shown.

Start a reply to this message. Drag the image file into the editing window to upload it. You can also include text in the reply.

Leave the folder open for now.

Step 2

Do as in Step 1 with this line:

/Library/LaunchAgents

The folder that may open will have the same name, but is not the same, as the one in Step 1. As in that step, the folder may not exist.

Step 3

Repeat with this line:

/Library/LaunchDaemons

This time the folder will be named "LaunchDaemons."

Step 4

Open the Safari preferences window and select the Extensions tab. If any extensions are listed, post a screenshot. If there are no extensions, or if you can't launch Safari, skip this step.

Step 5

If you use the Firefox or Chrome browser, open its extension list and do as in Step 4.

To remove adware without using the over-complicated instructions you have been given, which means poking around in various directories and the possibility that you may inadvertently do some damage to one of them, get https://www.malwarebytes.org/antimalware/mac/index.html

Malwarebytes Anti-Malware for Mac (free) is completely safe, has been used by numerous users, including myself, with no adverse effects (please note: this may be replied to by a user in this thread with "evidence" that has already been completely debunked), and it will not reveal your personal data.

Despite its name, it is not an "anti-malware," or "anti-virus" program. It is specifically designed to look for and remove only adware.

Your question brings up the subject of removing adware. This is a general comment on that subject.

Under no circumstances should you ever allow anti-virus software to delete something for you.

The only tools that anyone needs to detect and remove adware are the Finder and a web browser, both of which you already have. Anyone who has enough computer skill to install adware can just as well remove it without using anything else. That's not just my opinion; it's the official position of Apple Support, as you can see by following the links below.

Apple doesn't endorse any third-party "anti-virus" or "anti-malware" product. Here and here are its general statements about malware protection, and here are its instructions for removing the most common types of ad-injection malware. None of those support pages mentions anti-malware products. An Apple employee who recommends such a product is speaking only for himself or herself, not for the company. See this thread for an example of what the results can be.

You become infected with malware by downloading unknown software without doing research to determine whether it's safe. If you keep making that mistake, the same, and worse, will keep happening, and no anti-malware will rescue you. Your own intelligence and caution are the only reliable defense.

The Windows/Android anti-malware industry had more than $75 billion in sales in 2014 [source: Gartner, Inc.] Its marketing strategy is to convince people that they're helpless against malware attack unless they use its products. But with all that anti-malware, the Windows and Android platforms are still infested with malware—most of it far more harmful than mere adware. The same can be expected to happen to the Mac platform if its users trust the same industry to protect them, instead of protecting themselves.

You are not helpless, and you don't have to give full control of your computer—and your data—to strangers in order to be rid of adware.

These are generalities. Regarding the "malwarebytes" product in particular, you may be told that there are no reports that is has caused damage. In fact, I know of two such reports: one by ASC user Big Kev55 in this thread, and one by LizardMBP in this thread. Read those reports and draw your own conclusions. There are also many reports that the Windows version of the product has deleted essential Windows system files; see, for example, this thread on the developer's own support forum.

Whether the software damages the system or not, it takes full adminstrative control and connects to a server controlled by the developer. The developer's privacy policy reads in part as follows:

"Without limiting the Privacy Policy, you agree that Malwarebytes may track certain data it obtains from your Computer including data about any malicious software or other threats flagged by the Software, data about your license, data about what version of the Software you are using and what operating conditions it runs under and data concerning your geographic location."

(Emphasis added.) So the developer admits to tracking your location, as well as other unspecified data, and gives itself the legal right to collect any data it chooses. How it uses that right, you don't know. By running the software, you accept these terms.

The question then is: as a security-conscious computer user, do you want to take such risks when there is no offsetting benefit?

These are generalities. Regarding the "malwarebytes" product in particular, you may be told that there are no reports that is has caused damage. In fact, I know of two such reports: one by ASC user Big Kev55 in this thread, and one by LizardMBP in this thread. Read those reports and draw your own conclusions. There are also many reports that the Windows version of the product has deleted essential Windows system files; see, for example, this thread on the developer's own support forum.

The links you provide in the above text have been examined by myself and a number of others. When inspected carefully, they completely fail to satisfy as evidence that Malwarebytes for Mac was responsible for any damage. It is clear that other factors may have been responsible. Besides that, Lizard MBP, the author of the second one, admitted to fabricating an entire story about what this program had done to his system, and then requested that the relevant post be removed by the hosts, which it was.

Whether the software damages the system or not, it takes full adminstrative control and connects to a server controlled by the developer. The developer's privacy policy reads in part as follows:

 

"Without limiting the Privacy Policy, you agree that Malwarebytes may track certain data it obtains from your Computer including data about any malicious software or other threats flagged by the Software, data about your license, data about what version of the Software you are using and what operating conditions it runs under and data concerning your geographic location."

 

(Emphasis added.) So the developer admits to tracking your location, as well as other unspecified data, and gives itself the legal right to collect any data it chooses. How it uses that right, you don't know. By running the software, you accept these terms.

 

The question then is: as a security-conscious computer user, do you want to take such risks when there is no offsetting benefit?

>>it takes full adminstrative control and connects to a server controlled by the developer.

It does no such thing. The only prompt I have ever gotten from Little Snitch for an outgoing connection was to the signature update server.

I have downloaded and installed Malwarebytes for Mac on my own computer. At no point, from getting the download from the site, or the page where the actual download link resides, is there anything indicating what you say about agreeing to give up data or location. And then, at no point after getting the download, from running the dmg installer, to moving the application into /Applications and then opening it, was I confronted with any agreement of any kind to accept. thomas_r., the developer of this program, has stated elsewhere, regarding the text you are quoting, that that applies only to the Windows A-V of Malwarebytes, and has nothing to do with his program--which is not, at least currently, an A-V.  I strongly suggest that you download and install the program yourself before stating that ones privacy and data are being sacrificed by using this application.