# Solved: mackeeper



## bellisimo (Dec 17, 2009)

I received an ad for mackeeper. It appears to be a registry cleaning software but I don't know if it's like so many of the ones they make for PCs that cause more problems than they're worth. I ran the scan on my mac book and it said I have a total of 900 files totaling 1.20 GB of hard drive space that I should remove.

I don't normally trust anything on my PC besides CCleaner.

Are my suspicions about mackeeper warranted?

Thank you,

bellisimo


----------



## exegete (Oct 26, 2005)

Check out these comments from MacUpdate. Not very favorable reviews.


----------



## RedWolfDeux (Oct 27, 2010)

I use Mackeeper on my MBP. It works fine, but does a weird thing with a file called "wine", which uses most of the CPU at times. You can force quit it via Activity Monitor, quite easily.
It's worth it to me to clean up the unnecessary junk. Others will disagree, I'm sure.


----------



## bellisimo (Dec 17, 2009)

Thank you for your replies. I read the reviews and I think I'll pass.

bellisimo


----------



## tingo (Jun 25, 2011)

RedWolfDeux said:


> I use Mackeeper on my MBP. It works fine, but does a weird thing with a file called "wine", which uses most of the CPU at times. You can force quit it via Activity Monitor, quite easily.
> It's worth it to me to clean up the unnecessary junk. Others will disagree, I'm sure.


 Here's what I posted in response to another user on a couple of other discussion boards today: "I now understand this "wine" thing in the CPU usage, which was very confusing to me because I also have a Wineskin Winery disc image installed to run a PC-only app. Digging in the package of MacKeeper had revealed a Windows-like structure alike, for all purposes, that of Wineskin. However, running MacKeeper (and its real-time protection) since last February on a MBP 3.06 GHz Core i2 Due and since April on a MBP 2.3 GHz Core i7, I haven't noticed the slightest slowdown. But, granted, it does rev up my CPU usage (and fans) to 80-100% every now and then."


----------



## tingo (Jun 25, 2011)

bellisimo said:


> Thank you for your replies. I read the reviews and I think I'll pass.
> 
> bellisimo


 You may want to think it over again, though. There's apparently an orchestrated campaign across discussion boards against this app.

Here's what I posted elsewhere earlier today, you may find it useful:

« I may be wrong, even as a Mac user for the past 17 years, and a user of two other OS's for 10 years before that, but...

For contractual reasons with clients in the corporate PC world, I have to have an AV application. ClamXav and Sophos, independently, caused me way too much trouble, and I considered MacKeeper. Before purchasing it last February, I looked into others' opinions on the net. One of the results is that I am as flabbergasted now as I was then at the level of insulting and misleading stuff hurled at MacKeeper, not to mention the downright false information posted by some, or the century-old Anglo racism towards Russians (yet, if these Anglos knew something about anything, they'd know that the people behind MacKeeper are from Ukraine**but they're all commies, ain't they?)

I've experienced trolling of the kind I'm reading above on countless forums discussing sensitive political issues, but I had never seen it on a Mac forum, nor on any tech forum for that matter. It would been enlightening for the rest of us if that/those poster(s) came out of the wood, or the woods, and told us what motivates it/he/she/them to go on bashing this app.

My experience with MacKeeper, and it's been a few months, has only been positive, nothing to add there: it does what it's supposed to.

I've only had one problem, and it's been with their support. Because the application update function also scans an external disk where I have Tiger installed, it reports as out-of-date some apps that either cannot be updated under Tiger or that I can't be bothered updating. I asked them how I could tell MacKeeper not to scan that external disk. First I got a reply from someone that hadn't even read my mail properly (typical, in our world), then no reply at all for a long time. It ended up curiously with the person at the other end asking my authorisation for their techies to remotely "enter" my computer  with my participation and under my observation. I'm not overly paranoid, but considering how unimportant the issue is (and how irrelevant their suggestion seems to be to it) and above all that my clients would kill me if they knew such a thing was taking place, I have denied them the access they requested. So far, I'm using a work-around, and that's switching off the external harddisk before scanning for app updates.

ADDITION: A while back, I was called to rescue when a couple of people, for reasons yet to be understood, went on a rampage of calumny on a Shoppers' forum against a restaurant owned by a friend of mine. Curiously, most of the comments there ressembled the "Thanks to all who commented", "Thank you to all of you who took the time to make such detailed reviews" and "Thanks to all you guys who have inspected...", as well as variants of "Terrible xxxx [restaurant, software], avoid this at all costs" that are mushrooming around. All, of course, under different ad hoc user names. Strange how uncreative people can be, not? »


----------



## Headrush (Feb 9, 2005)

No offence tingo but you "rebuttal" isn't likely to change people's opinions much for several reasons:

1) Your post has the feel of someone on the MacKeeper payroll. I'm not saying you are, but it reads that way and when you see your post verbatim on different sites, it gives it that feel even more.

2) By your own admission their support asked for remote access to your system. Whether you are watching or not, this is going to make people even more worried since this is something malware would try to do also.

3) Just randomly surfing the web, I've come across several sites that pop up a window for MacKeeper. Unfortunately, it's a popup window I've never asked for and it feels very similar to the the last few OS X malware trojans released. Whether there is an orchestrated campaign against this program I don't know, but I think the best approach won't be a "political" response but seeing detailed reviews about the program, what works, what needs work, and how it's better than other apps. (just saying ClamXav is trouble and say MacKeeper rocks doesn't help most people)

3.5) Even ZeoBIT's CEO Slava Kolomiychuk has admitted that they have 500 affiliates that are "pushing" this program. Unfortunately this has also led it to feel like malware.
I know they are a small company but maybe they need to re-think this approach.



> My experience so far, and it's been a few month, is the same as Jmay's above, on June 9th, so there's nothing to add there.


Who is Jmay?


----------



## tingo (Jun 25, 2011)

Headrush said:


> No offence tingo but you "rebuttal" isn't likely to change people's opinions much for several reasons:
> 
> 1) Your post has the feel of someone on the MacKeeper payroll. I'm not saying you are, but it reads that way and when you see your post verbatim on different sites, it gives it that feel even more.
> 
> ...


 You may say that you're not saying that I'm on MacKeeper's payroll, but still that's the silly insinuation we're ending up with  a method used on political forums for alledged adults (discredit the critics of your favourite policies by calling them anti-semites, communists or whatever, regardless of whether there's any substance to the accusation: same kind of "arguments" and lack of substance applied here and elsewhere to MacKeeper and ZeoBit). Anyone minimally endowed would understand that after reading my take on their bizarre request for access to my computer. Which you do mention, thank you.

Also: I've made no secret that I was posting this across several forums, so what's the problem? ("JMay": from another forum, my mistake, edited now).

I've surfed around for MacKeeper too, both before and after purchasing it, quite a bit, and as recently as yesterday when I was looking for something about MackKeeper, "wine", and CPU usage, and came across all the trashing. But I haven't encountered any of those pop-ups, probably because I'm allergic to advertising and I have popups deactivated by default.

ClamXav (which is not the point here): that was ages ago when I found it unusable, and I believe I posted something elsewhere at the time. Cannot remember. Sophos, Mac OS free version (not the point here either), was randomly resetting the prefs of certain apps (Safari, Dock, different on different computers). Issues went away when Sophos got uninstalled. Also posted elsewhere.

But I'll agree with you that ZeoBit's would do well to revise some of their approaches.

*Seriously now.* I've been in touch with the folks at Little Snitch's because of random requests for network access by "nmbd" to servers around the world. I was told that "nmbd" is related to Samba, in turn related to sharing folders with Windows users. As I have no such sharing or connection, and it's happening on a machine without Parallels installed, I have been wondering whether it might in some way or another be caused by the Wine "core" in the MacKeeper package. Little Snitch's support couldn't tell, and given my rather paltry experience with MacKeeper's support, I thought I'd ask first if anyone has any information in this respect? Serious information, not just uninformed bashing, thank you.


----------



## Headrush (Feb 9, 2005)

tingo said:


> You may say that you're not saying that I'm on MacKeeper's payroll, but still that's the silly insinuation we're ending up with  a method used on political forums for alledged adults (discredit the critics of your favourite policies by calling them anti-semites, communists or whatever, regardless of whether there's any substance to the accusation: same kind of "arguments" and lack of substance applied here and elsewhere to MacKeeper and ZeoBit). Anyone minimally endowed would understand that after reading my take on their bizarre request for access to my computer. Which you do mention, thank you.
> 
> Also: I've made no secret that I was posting this across several forums, so what's the problem? ("JMay": from another forum, my mistake, edited now).


You're missing my point. My point is whether you mention it or not, copying and pasting entire posts on different forums gives the appearance of the same calculated campaign *for* MacKeeper as the one you say people are using *against* it.

I never said you were and you might want to believe that I am insinuating that, but I wasn't. As I said, the best thing you can do against these negative campaigns is post the best, most thorough review of the software you can. (Not engage the campaign of negativity)

nbmd: Yes this is a Windows samba service. OS X has its own version of smbd and nmbd but the one you are seeing is directly related to MacKeeper. MacKeeper uses Windows applications run through a compatibility layer to run on OS X. (It's called WINE) Your best option for now is to use the OS X firewall, or your router to block the appropriate ports. (or Little Snitch)

Zeobit's devs say a new version coming soon will have native virus scanning and not use WINE anymore.

P.S. You can't discount all negative reviews either. People have had issues and the software is continually a in-progress project, even Zeobit's devs acknowledge that.


----------



## tingo (Jun 25, 2011)

Headrush said:


> You're missing my point. My point is whether you mention it or not, copying and pasting entire posts on different forums gives the appearance of the same calculated campaign *for* MacKeeper as the one you say people are using *against* it.
> 
> I never said you were and you might want to believe that I am insinuating that, but I wasn't. As I said, the best thing you can do against these negative campaigns is post the best, most thorough review of the software you can. (Not engage the campaign of negativity)
> 
> ...


 OK, let's say that we agree to disagree, and leave it at that. I do take notice of the civil tone of your replies, in stark contrast with the vulgarities and untruthfulness other places which caused my original outrage. On the other hand, besides raising my voice when I meet blatant injustice (admittedly, not on this thread), I'm primarily interested in problem-solving for the mutual benefit of the community: no amount of money would be able to pay me if I had to spend my life doing reviews in the six languages I have access to, in all the fields that are relevant to me (and computers/Macs, to me, are an essential tool, one that has to function as smoothly and safely as possible, but still nothing but a tool). Not to say, mind my word, that I don't find essential the dedication of people like you (judging from the number of your postings) or others who write reviews. As a matter of fact, this and other exchanges regarding MacKeeper all began in the wake of a review.

I don't discount negative reviews in the least, no more than I discount my own negative experiences. But take a look around on the net, and I'm sure you have the know-how to realise that in order to find a truly negative review of MacKeeper, often indeed properly addressed by their staff, you have to wade through a swamp vomitted by Russian-bashers, competitors-in-the-guise-of-users and more BS.

You seem to have a direct line to ZeoBit's devs, lucky you, if one may put it that way. I was already blocking nmdb manually, and what I needed to hear from LS's folks was whether it was OK to block it permanently. But how do you know that it is, as you state, 'directly related to MacKeeper'? Would you care to elaborate, possibly with some referrals? For, if that is the case, confirming my suspicion, what is MacKeeper doing trying through all kinds of ports to access all kinds of servers essentially located in Hispanic America (as well as one in Spain and one in Brazil)?


----------



## Headrush (Feb 9, 2005)

tingo said:


> OK, let's say that we agree to disagree, and leave it at that.


A little constructive criticism if you don't mind: I think you proved my point a bit. How much more time have we spent discussing reviews/comments about MacKeeper rather than the software itself? 



tingo said:


> You seem to have a direct line to ZeoBit's devs, lucky you, if one may put it that way. ... Would you care to elaborate, possibly with some referrals?


I don't have the exact link but it's in a thread on the Zeobit support forum.



tingo said:


> I was already blocking nmdb manually, and what I needed to hear from LS's folks was whether it was OK to block it permanently.


You don't need to hear from LS staff. If you aren't using use Windows file sharing, you DON'T need it.



tingo said:


> But how do you know that it is, as you state, 'directly related to MacKeeper'?


Restart. Open Activity monitor, start MacKeeper and watch nmbd process in Activity monitor.



tingo said:


> For, if that is the case, confirming my suspicion, what is MacKeeper doing trying through all kinds of ports to access all kinds of servers essentially located in Hispanic America (as well as one in Spain and one in Brazil)?


It's likely not just MacKeeper calling out, but once the nmbd service is running under Wine in MacKeeper, the service is responding to requests that are constantly being sent to your IP address in a probe like fashion.

P.S. I will check when I get home from work if this is a problem in general for any WINE based programs.


----------



## tingo (Jun 25, 2011)

Headrush said:


> A little constructive criticism if you don't mind: I think you proved my point a bit. How much more time have we spent discussing reviews/comments about MacKeeper rather than the software itself?


Absolutely.



> I don't have the exact link but it's in a thread on the Zeobit support forum.


Thanks, will look.



> You don't need to hear from LS staff. If you aren't using use Windows file sharing, you DON'T need it.


I _had_ heard back from them, but yes, they said just that too.



> Restart. Open Activity monitor, start MacKeeper and watch nmbd process in Activity monitor.


Hmm, fine. You'd have to have it _not_ be set to run in the background, though, or else you (I) wouldn't be able to tell. Anyhow, it's a bit of a moot point as far as I'm concerned, as nmbd's network access is now disactivated in LS.



> It's likely not just MacKeeper calling out, but once the nmbd service is running under Wine in MacKeeper, the service is responding to requests that are constantly being sent to your IP address in a probe like fashion.


Very enlightening, thanks.



> P.S. I will check when I get home from work if this is a problem in general for any WINE based programs.


I look forward to hearing more about it. This Wine stuff is complete news to me - not that I want to spend much energy on it, but I had to have it because Parallels 5 wouldn't run on my newer MBP. That's even before I found that it was in MK too, very confusing at first, as described in my first post above.


----------



## Couriant (Mar 26, 2002)

bellisimo said:


> I received an ad for mackeeper. It appears to be a registry cleaning software but I don't know if it's like so many of the ones they make for PCs that cause more problems than they're worth. I ran the scan on my mac book and it said I have a total of 900 files totaling 1.20 GB of hard drive space that I should remove.
> 
> I don't normally trust anything on my PC besides CCleaner.
> 
> ...


I am glad you are passing up on this. The first flag that you had here is that you recieved an ad for MK. I assume this came in a form of a pop up? If so then you should never do it. Especially when you use it to scan your computer and you have x amount to be removed. Generally thats how these companies work. Most reputable ones doesn't need to do pop up ads. Besides you shouldn't use any regsitry cleaner, as it can pose a big issue if it removes other stuff thats vital to the computer.

As to WINE, from what I know it's a linux/unix base program that allows you to run Windows-based programs. Since Mac is unix/linux based, I would venture a guess that it's used with BootCamp to run the Windows programs, but I don't use Mac too often to confirm that.


----------



## tingo (Jun 25, 2011)

Couriant said:


> I am glad you are passing up on this. The first flag that you had here is that you recieved an ad for MK. I assume this came in a form of a pop up? If so then you should never do it. Especially when you use it to scan your computer and you have x amount to be removed. Generally thats how these companies work. Most reputable ones doesn't need to do pop up ads. Besides you shouldn't use any regsitry cleaner, as it can pose a big issue if it removes other stuff thats vital to the computer.
> 
> As to WINE, from what I know it's a linux/unix base program that allows you to run Windows-based programs. Since Mac is unix/linux based, I would venture a guess that it's used with BootCamp to run the Windows programs, but I don't use Mac too often to confirm that.


Can't reply for _bellisimo_, but I got my MacKeeper licenses as part of the MacUpdate Promo 2010 Spring Bundle, together with Parallels which came very handy as VirtualPC couldn't run on Intel. Should we consider MacUpdate as an unreliable source?

Also: right away after installing it, MacKeeper found two bona fide viruses buried deep in /System Folder/Application Support/Caches/MRJ/(invisible folder)/. OK, they were innocuous, 'System Folder' being an OS9 relic on my disk and the files being PC viruses, but neither ClamXav nor Sophos had managed to dig them up previously (ClamXav had dug up something that possibly was more serious, but that's another story). Of course, Onyx, which I do use regularly, or similar cleaner apps would never be able to find them.


----------



## Headrush (Feb 9, 2005)

Couriant said:


> As to WINE, from what I know it's a linux/unix base program that allows you to run Windows-based programs. Since Mac is unix/linux based, I would venture a guess that it's used with BootCamp to run the Windows programs, but I don't use Mac too often to confirm that.


WINE is actually multi platform and provides an Windows API compatibility layer (if you will) to play Windows applications on Linux, Mac, BSDs and even newer Windows.

Some notable companies like Aspyr use a branch of it to bring some of the PC Game titles to OS X.
In the case of Zeobit, they are using it in MacKeeper to run a Windows based virus/spyware scanner.

P.S. tingo, sorry was too busy last night to get around to that testing. I swear my to do list is getting smaller.


----------



## tingo (Jun 25, 2011)

Headrush said:


> P.S. tingo, sorry was too busy last night to get around to that testing. I swear my to do list is getting smaller.


Lucky you, 2nd time, mine are getting larger. No rush, Headrush, take it easy,


----------



## tingo (Jun 25, 2011)

When moving files or file packages that are larger than a few Mb to the Trash, I have the progress dialog churn about for a few seconds or more before completing the task. I don't know when this behaviour dates back to, but I used to ascribe it to the TechTool Protection panel's Trash History function, or to the Finder that, even on a fast machine, can sometimes act a bit funny in OS*X.

Imagine my surprise then, while this behaviour was happening once again today as I was deleting a single dmg file and no other foreground app but the Finder was active, when I noticed the fan revving up almost right away**a sure sign of heavy CPU usage on this MBP, at this locality**and found that Wine, during those seconds, was taking over 80% of CPU power. At this point the only running Wine application was MacKeeper, so I figure that it's something related to the program's Undelete function, or some other function for that matter.

My point here is that while I don't experience any slowdown whatsoever on a MBP with 8*CPUs, it's easy to imagine how bothersome this might be on a single CPU machine.


----------



## Headrush (Feb 9, 2005)

tingo said:


> I look forward to hearing more about it. This Wine stuff is complete news to me - not that I want to spend much energy on it, but I had to have it because Parallels 5 wouldn't run on my newer MBP. That's even before I found that it was in MK too, very confusing at first, as described in my first post above.


Well I finally got around to doing some testing with several of the WINE based applications I have and I can't get one of them to have the same problem you had with nmbd.

So I installed MacKeeper to see if I could reproduce your issue and I still couldn't. I played with most services except for Anti-theft and I didn't sign up for an account.
I still was unable to reproduce your issue.

I wonder if your issue is related to something else on your system. Is the nmbd reported by Little Snitch the OS X system one located at /usr/sbin/nmbd ?


----------



## tingo (Jun 25, 2011)

Headrush said:


> *(···) and I didn't sign up for an account.
> I still was unable to reproduce your issue.


That might make a difference, I do have an account. Also: it's not like it was happening constantly, some days it did, some days it didn't, and anyhow no more than about twice a day.



> I wonder if your issue is related to something else on your system. Is the nmbd reported by Little Snitch the OS X system one located at /usr/sbin/nmbd ?


Yes, it is. Since I've had LS deny it any connection some days ago, I haven't noticed anything particular in the way the computer is running (16-18 hours a day).


----------



## Headrush (Feb 9, 2005)

Low and behold I just happen to be looking for something in my logs and even though I had removed MacKeeper and rebooted, I see a rogue leftover launchd process from MacKeeper Helper that is continually respawning every 10 seconds.

P.S. I'd be interested to know if you removed the LS connection denial for nmbd but blocked incoming requests for nmbd services on your router if it also prevented the problem. Usually nmbd is responding to requests outside your LAN so if you can block requests before they even get on your LAN, it's a better option overall.


----------



## tingo (Jun 25, 2011)

Headrush said:


> (...) I see a rogue leftover launchd process from MacKeeper Helper that is continually respawning every 10 seconds.


I found this MacKeeper Helper as a 180kb Unix Executable in the package, at _MacKeeper.app/Contents/Resources/MacKeeper Helper.app/Contents/MacOS_. In Activity Monitor, it's shown to be using 74.2 Mb, but I've been looking at it for a while now, and its CPU usage has remained at 0.0. Lauching MacKeeper in the foreground activated it very briefly, but left its mem usage at 75.6 Mb.



> P.S. I'd be interested to know if you removed the LS connection denial for nmbd but blocked incoming requests for nmbd services on your router if it also prevented the problem. Usually nmbd is responding to requests outside your LAN so if you can block requests before they even get on your LAN, it's a better option overall.


I don't think I can help you here. Besides the system's firewall and Little Snitch, as hardware there's only a Switch here, any router-like function being (as far as I understand) taken care of either in the antenna (we have WiFI broadband) or on our IP's server, thus nothing I believe I can figure how to setup myself. Our IP people are nice and helpful guys, but considering that it's hard enough to get them to figure out that a Mac is not a PC, I wouldn't dare to ask them anything in relation to this discussion. But you're welcome to come with any other suggestion.


----------



## tingo (Jun 25, 2011)

Yesterday, I had to make some space on my drive without emptying the Trash, and because FileXaminer's SuperDelete function doesn't work very well anymore after the disappearance of Contextual Menus in 10.6 (even if you select several objects, now it only deletes one file at a time), I gave a try to MacKeeper's Shredder function. The first try for testing went fine, but on the second try, 40 Gb of very large files and folders, MacKeeper appeared to choke while in the process of deleting a 100Mb application package.

As the progress bar had stopped moving completely for a sizeable number of minutes and there was something else I had to get busy with, I interrupted the process, but got a message from MacKeeper to the effect that the file 'Application XXX' might be corrupted. And found that its size was now reduced to 0Kb! Tried to shred it again, progress bar got stuck again, interrupted again. I then shredded some of the other files which hadn't been done yet when I'd interrupted the first time, and they all went away as expected. But at that point, the 0Kb 'app file' was suddenly gone too.

Years of computing (and serious damage caused by applications such as Norton and TechTool) have taught me to smell rotten fish even in the cleanest of environments, so I ran Disk Utility, expecting to find some dreadful corruption on the disk. Instead, lo and behold, everything was just OK!

On second thought, I figure that the app package contained lots and lots of files, and that MacKeeper was slowly churning its way through every single one of these. But the least I can say is that I'm thankful for what I'd call a SAFE file erasing routine.


----------



## tingo (Jun 25, 2011)

New version (1.8) of MacKeeper, appears to be... Wine-less. I haven't noticed any improvements, but then I wasn't experiencing any problems either.


----------



## Headrush (Feb 9, 2005)

tingo said:


> New version (1.8) of MacKeeper, appears to be... Wine-less. I haven't noticed any improvements, but then I wasn't experiencing any problems either.


It's just the virus scanner that was WINE based and that has been updated.
This should offer faster performance and real time scanning which wouldn't be possible using a WINE based approach. (I think)

FYI: For anyone interested, MacKeeper is using Avira Antivirus has its backend virus scanner.


----------

