6
2
MacKeeper (http:// mackeeperapp.zeobit.com
) has hijacked my Safari browser. I have had to open Firefox, in order to get to the internet. I would rather use Safari, since that is where my bookmarks and favorite links are on the toolbar.
A MacKeeper ad was in the sidebar, of the page I was on. I clicked on a link, to go to a website (not MacKeeper), and the window opened for MacKeeper, with a pop-up to let MacKeeper clean my Mac.
The ONLY option is to click "OK", which I refuse to do, because I know almost all of these "cleaner" apps are malware, with hidden stroke counting codes.
The box says
> > > RECOMMENDED DOWNLOAD < < <
We recommend to clean your Mac with MacKeeper - award-winning system utility.
There is an "OK" button, but no way to close out of the box.
Now, there is no way to get out of the website either. When it first started, I panicked, and pushed the power button, because it froze all the tabs and Safari functions, and I didn’t want it to download to my hard drive. I thought if I shut down the computer, it would stop the app from running, which would prevent it from downloading on my hard drive.
I also thought when I turned my computer back on, The MacKeeper pop-up window would be gone, and then I could close the MacKeeper website. But it wasn't gone. I can't do anything in Safari now. I am guessing MacKeeper figures people will eventually get frustrated, and give in, clicking the button, allowing MacKeeper onto the hard drive.
All of my tabs have the rotating circle, indicating something is happening, but the websites, on those tabs, can’t be opened. I tried clicking on the black “x”, one the tabs, but there is no black “x”. I also can’t close the pop-up window, because there is no black “x” on it either.
I went to Finder, to see if MacKeeper had installed itself on my hard drive, and it is not in my /Applications
folder. If I go to the application Library
, it is not there either. So essentially, MacKeeper has hijacked my browser, but apparently hasn't installed itself on my hard drive.
I found a question, here on Super User, about essentially the same thing:
That user had intentionally installed MacKeeper, and uninstalled it, but missed a file in the uninstall, and was able to delete it in the Library. That is not the case here. I did not want anything to do with MacKeeper. It came onto my browser without being invited.
On that discussion, a couple people said that clicking the “OK” button, won’t allow MacKeeper to be installed on my hard drive, but I don’t trust MacKeeper, to not do it behind the scenes. I have heard of other cleaner apps, that have done the same thing, so I don’t trust any of them.
Also on the same discussion, someone from MacKeeper answered, saying that it is totally safe, and clicking on “OK” wouldn’t do anything. How can I trust him, when others, have had problems with MacKeeper, and some experts have called it “malware”? I have a hard time trusting a company that has a reputation for selling malware.
Can anyone tell me how to get rid of the pop-up box, without clicking on the “OK” button? I can’t use my Safari, until it is gone. I really don’t want to recreate all the bookmarks and favorite links, that I have on Safari, to Firefox. I just did that last Fall, when my hard drive crashed, and it is a real pain!
2
@Claudia Vogel: It's just a standard Javascript alert that cannot do anything. It's simply trying to persuade you to buy the software and clicking the OK button is not going to make any difference. That's not to say that the site you're on won't make further attempts to persuade you to download the software. If you're really that worried then it should be possible to force quit Safari: http://www.itworld.com/software/210601/two-ways-force-quit-crashed-application-osx-lion
– James P – 2012-03-02T13:27:37.587@slhck: Thank you for your comment. I am 100% positive I didn't click on the link, for MacKeeper and didnt click OK. My husband was standing next to my chair, when it happened. I was in Yahoo Mail, and had clicked on "sign out", so I could go to his yahoo email. As soon as I clicked on "sign out", the MacKeeper site opened with the pop-up box. I did try opening Safari, going to "Safari" -> Reset Safari. I used to be able to Force Quit for Safari, but now even that is locked up. I can't get the Safari drop down to go away and hence can't click on the black apple, to force quit. – Devonviolet – 2012-03-02T19:20:06.950
Can you look into
– slhck – 2012-03-02T19:45:19.993/Library/Internet Plug-Ins
or~/Library/Internet Plug-Ins/
and see if there's anything suspicious? If Safari is crashing or behaving unexpectedly it's mostly due to third party stuff.@James. Thank you for your comment. I hear what you are saying about Javascripts, but am so worried about allowing my computer to be hacked. I have a lot of personal info on it, and can't afford to have anyone get at it. I know that %&!# hackers and producers of malware have gotten extremely sophisticated, and can do a lot of nasty things in the background, where you aren't even aware they are lurking. As I mentioned in my previous comment, all of my Safari functions are locked up, so doing a Force Quit isn't possible. – Devonviolet – 2012-03-02T20:49:33.093
Hi @slhck, Thanks for the suggestion. I did look in that location, and the most recent posting to the Plug-Ins is: JavaAppletPlugin.plugin on Feb 28, 2012, 80 Bytes Type: Alias. Since I don't know much about plugin's does this look suspicious? There are six others, but they go back to 2011, and they all seem to be legit. I finally was able to speak with my daughter, who designs websites and is my webmaster, for my Blog. She thought MacKeeper, probably already put codes on my computer. She said, if they can lock up your Safari, they had some kind of access to your computer. – Devonviolet – 2012-03-03T05:30:27.057
Cont.: She suggested I download AVAST, and run it to clean out any hidden codes, and protect my computer, from malware apps like MacKeeper. When my hard drive crashed last Nov. I lost all the antivirus/hacker, etc. software, that my SIL put on my computer before they moved out of state. Since I am not very computer literate, I didn't know what to install. AVAST tells me my computer is protected, so I clicked on OK, and closed the MacKeeper window. Then I went into Safari -> Preferences -> Privacy -> Remove all Website Data -> Details. – Devonviolet – 2012-03-03T05:42:45.420
Cont: I found about ten websites, that I didn't recognize, and that looked suspicious, so I removed them, only leaving ones that I know I use, like Yahoo, apple, superuser, etc. and made sure I had the highest security coverage in that box. I also emptied my cache and reset Safari. Is there anything else I should do to protect my computer from malware like MacKeeper and other apps that could hijack the computer or browser? One (?): B4 I could close MK, it put a weird web address up, like it was trying something bad. Shld I do anything about that? Once again, thank you so much for your help. – Devonviolet – 2012-03-03T05:45:03.247
JavaAppletPlugin.plugin
is legit. I'm not aware of any major browser hijack for Mac OS X yet, so it's questionable whether MacKeeper came through one website or possibly with something else. In any case, JavaScript doesn't do any harm, and you will need it for 90% of all websites. Java on the contrary isn't used that much anymore and can cause security problems. If you want, you can disable it by going to Applications/Utilities/Java Preferences.app, and unchecking the boxes on the first tab. – slhck – 2012-03-03T08:50:02.513So I take it your Safari works fine now? Maybe you can post your own answer below so it's easier for others with the same problem to try what you did. – slhck – 2012-03-03T08:51:19.387
Clearing your browser history and emptying your cache every day or two usually keeps MACKEEPER away. I wouldn't trust any company who force markets their product in the fashion that these guys do. – None – 2012-05-19T20:31:52.500