Remove MacKeeper from my Mac

Somehow you did it.

You don’t know why or how you came to this place.

But you came.

You wanted to keep your loved Mac safe. Safe from all worms, malware, viruses and all the evil. Maybe you just came across a ‘dirty’ webpage as well? Doesn’t matter.

And you signed up for MacKeeper. The promise for a safe and clean Macintosh-Experience. Left your credit card details and agreed to pay a monthly fee.

As everyone who promise you happiness and less sorrows there is always a dark side. Especially in the world of computers!

Take a look at this:

http://www.cnet.com/news/mackeeper-exposes-personal-data-of-13-million-users/

Hmmmm…

To make it clear: remove this scamware immediately!

I wrapped a script (written by https://github.com/kitzy) into this one-click application.

You can download it here.

Security is a very important topic also in using Mac OS X. There a several serious vendors for Antivirus/Malware and tons of possibilities for securing your Mac with tools build into Mac OS X. Feel free to contact me for any questions or comments!


# This program will uninstall MacKeeper and JustCloud

#################
### Variables ###
#################

# Items at the system level to be removed
systemItems=(
	/Applications/MacKeeper.app
	/Applications/JustCloud.app
	/Library/Preferences/.3FAD0F65-FC6E-4889-B975-B96CBF807B78
	/private/var/folders/mh/yprf0vxs3mx_n2lg3tjgqddm0000gn/T/MacKeeper*
	#Following items added by Elliot Jordan, Linde Group
    /private/tmp/MacKeeperOffers
    /private/tmp/_--_BRAND_--_.app
    /private/tmp/brand.tar.gz
    /private/tmp/com.mackeeper.MacKeeper.Installer.config
    /private/tmp/preinstall-JustCloud.log
    /private/tmp/postinstall-JustCloud.log
)

# Items at the user level to be removed
userItems=(
	Library/Application\ Support/MacKeeper\ Helper
	Library/LaunchAgents/com.zeobit.MacKeeper.Helper.plist
	Library/LaunchAgents/com.jdibackup.JustCloud.autostart.plist
	Library/LaunchAgents/com.jdibackup.JustCloud.notify.plist
	Library/Logs/JustCloud
	Library/Logs/MacKeeper.log
	Library/Logs/MacKeeper.log.signed
	Library/Preferences/.3246584E-0CF8-4153-835D-C7D952862F9D
	Library/Preferences/com.zeobit.MacKeeper.Helper.plist
	Library/Preferences/com.zeobit.MacKeeper.plist
	Library/Saved\ Application\ State/com.zeobit.MacKeeper.savedState
	Downloads/MacKeeper*
	Documents/MacKeeper*
)

#################
### Functions ###
#################

function deleteItems()
{
	declare -a toDelete=("${!1}")

	for item in "${toDelete[@]}"
		do
			if [[ ! -z "${2}" ]]
				then
					item=("${2}""${item}")
			fi

			echo "Looking for $item"

			if [ -e "${item}" ]
				then
					echo "Removing $item"
					rm -rf "${item}"
			fi
		done
}

####################
### Main Program ###
####################

# Kill the apps, if they are running
# Added by Elliot Jordan, Linde Group
echo "Killing MacKeeper-related apps"
killall "JustCloud"
killall "MacKeeper Helper"
killall "MacKeeper"

# Delete system level items
deleteItems systemItems[@]

# Delete user level items
for dirs in /Users/*/
		do
			deleteItems userItems[@] "${dirs}"
		done

exit 0

Install-Package to fill User-Template or existing User-Library

At my client, the main tools for keeping Macs up running are Absolute Manage and Apple Remote Desktop. So I have to find a way to deploy files to Users or preparing Macs in advanced with a preconfigured User-Template.

One method is to take over the screen of the User, navigate to the Library and drag-and-drop the files.

Hmmm… It can be done this way… but.

Another way: using the Copy-Functions of Apple Remote Desktop in the menu, where destination-path etc. can be specified.

A little bit better…

With an Installer-Package things can be done more straightforward and it goes like this:

The installer copies the files to /tmp on the target.

A Postinstall-Script checks for all users and copies the files from /tmp to the User-Directories and changes to the right permissions:

#!/bin/sh
## postinstall
localUsers=$( dscl . list /Users UniqueID | awk '$2 >= 501 {print $1}' )
for userName in "$localUsers"; do
cp -R /tmp/INSTALLATIONFILE-OR-DIRECTORY /Users/$userName/Library/Preferences/
chown -R $userName /Users/$userName/Library/Preferences/INSTALLATIONFILE-OR-DIRECTORY
done
rm -Rf /tmp/INSTALLATIONFILE-OR-DIRECTORY
exit 0

With On-Demand-Calls from Users (Ring-ring-ring… “Hello, my SAP is broken, can you help?”) a message with osascript can give delightful results:

osascript -e 'tell app "System Events" to display dialog "Your SAP-Settings are refreshed!" buttons {"OK"} '

A little but more subtle? Notification Center:

osascript -e 'display notification "Your SAP-Settings are refreshed!" with title "Installation Message"'

In preparing the Mac for upcoming users, the files have to be copied into the User-Template:

cp -R /tmp/INSTALLATIONFILE-OR-DIRECTORY /System/Library/User\ Template/English.lproj/Library/Preferences/

sysadminctl: our new friend

While Mac OS X grew out of NetInfo into Opendirectory with bringing the not so obvious dscl-Commands, Yosemite got even more improvements with a new User-Management-Command: sysadminctl.

The command creates a user, sets home directory, updates a password or deletes the user-account:

sysadminctl
-deleteUser [-secure || -keepHome]
-newPassword -oldPassword [-passwordHint ]
-resetPasswordFor -newPassword [-passwordHint ]
-addUser [-fullName ] [-UID ] [-password ] [-hint ] [-home ] [-admin] [-picture ]

The purpose of dscl (type man dscl and you know what I mean) is more about the general directory-management of Mac OS X and its processes, while sysadminctl is esp. about real human users.

Inspired by the work of the JAMF-User-Community and the necessity at my client, I created a script that works from Mac OS X Mavericks to ElCapitan for creating a local User-account.

It checks what kind of Mac OS X-Version is installed and depending on $OSXVERSION , the commands sysadminctl or dscl is started.

#!/bin/sh
#
##############################
# create_user.sh
# holger bartels, 2015
# contact@the-mac-trainer.com 
##############################
#
if [ "$(id -u)" != "0" ]; then
echo "Sorry, you are not root."
exit 1
fi
# === For creating a User we need some input! ===
echo "Enter your desired user name: "
read USERNAME
echo "Enter a full name for this user: "
read FULLNAME
echo "Enter a password for this user: "
read -s PASSWORD
# ====
# A list of (secondary) groups the user should belong to
# This makes the difference between admin and non-admin users.
echo "Is this an administrative user? (y/n)"
read GROUP_ADD
if [ "$GROUP_ADD" = n ] ; then
    SECONDARY_GROUPS="staff"  # for a non-admin user
elif [ "$GROUP_ADD" = y ] ; then
    SECONDARY_GROUPS="admin _lpadmin _appserveradm _appserverusr" # for an admin user
else
    echo "You did not make a valid selection!"
fi
# ====
# check the OS X Version
OSXVERSION=$(sw_vers -productVersion | awk -F '.' '{print $2}')
# Create a UID that is not currently in use
echo "Creating an unused UID for new user..."
# Find out the next available user ID
MAXID=$(dscl . -list /Users UniqueID | awk '{print $2}' | sort -ug | tail -1)
USERID=$((MAXID+1))
#if 10.10 or more then run
if [[ "$OSXVERSION" -ge 10 ]]; then
echo "Your installation is 10.10+. Using sysadminctl. "
sysadminctl -addUser $USERNAME -fullName "$FULLNAME" -UID=$USERID -password $PASSWORD
        #if 10.7 to 10.9 then run
	elif [[ "$OSXVERSION" -ge 7 ]]; then
        echo "Mac OS 10.7 - to 10.9 is installed, using dscl."
	# Create the user account by running dscl (normally you would have to do each of these commands one
	# by one in an obnoxious and time consuming way.
	echo "Creating necessary files..."
	dscl . -create /Users/$USERNAME
	dscl . -create /Users/$USERNAME UserShell /bin/bash
	dscl . -create /Users/$USERNAME RealName "$FULLNAME"
	dscl . -create /Users/$USERNAME UniqueID "$USERID"
	dscl . -create /Users/$USERNAME PrimaryGroupID 20
	dscl . -create /Users/$USERNAME NFSHomeDirectory /Users/$USERNAME
	dscl . -passwd /Users/$USERNAME $PASSWORD
	# Create the home directory
	echo "Creating home directory..."
	createhomedir -c 2>&1 | grep -v "shell-init"
fi
# Add user to any specified groups
echo "Adding user to specified groups..."
for GROUP in $SECONDARY_GROUPS ; do
dseditgroup -o edit -t user -a $USERNAME $GROUP
done
echo "Created user #$USERID: $USERNAME ($FULLNAME)"
exit 0

This can be a quick answer for al these situations like this:
Phonecall of a Group-Leader: “Hello, we got a new volunteer, and she’s starting to work now.”
Sure, there are policies, rules to follow, a user-management with MS Active Directory… But to be honest (by experience): who cares in the free world of business. It will be done somehow later.

Create SSH-Key and copy to a remote machine

Verry simple and quite obvious to do – but often not used: Keyboardless authentication via SSH is a must and not an exception.

Create your Keyfile (don’t share the private key, please :) ):

ssh-keygen -t rsa
Copy the public key to the remote machines:

cat ~/.ssh/idrsa.pub | ssh USERNAME@$REMOTEHOST "mkdir ~/.ssh; cat >> ~/.ssh/authorizedkeys"

Login with out typing passwords. It saves time and improves security!

Playing with ~/.bash_profile and “alias” for often connected hosts gives a lot more comfort.

Import System-Certificates with Terminal.app

It is pretty easy to deploy certificates to a bunch of Macs via an installer and a postinstall-script or via Terminal.app

For example, the installer copies the certificates to a hidden directory, the postinstall-script imports the files into the System-Keychain and adds the Trust-Settings.

First, setup a Testing-Mac, import the Certificates and mark them as always trusted. In my case, it was about the Proxy-Server-Certificates, which have to be on all machines.

Export the Trust-Settings into a .plist-File:

security trust-settings-export -d /Users/Shared/trust_settings.plist

Then copy the certificates and the ‘trust_settings.plist’ to your Machine.

Next, on the client this command imports the certificates into the System-Keychain

security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "/my/path/to/my/certificate.cer"

and

security trust-settings-import -d /my/path/to/my/trust_settings.plist

imports the Trust-Settings.

If you have JAMF CasperSuite or other possibilities to deploy Configuration Profiles, you should definitely do it with these more powerful abilities.

If not, this can be a huge timesaver.

Mac Cleaning for the Rest of Us

Since Mac OS X came out, the necessity for cleaning the Mac from unused Log-Files, Caches etc became also more urgent, esp. in the productive and professional environment.

There are many of great tools out there, esp. Onyx, which gives powerful options for keeping the Mac up healthy.

Very nice! But in a professional environment a lot of clicks to do! Imagine: You have 300 Macs for Graphic-Designers complaining about crashing Adobe InDesign or slow Application-Starts and sadly JAMF CasperSuite with the awesome Selfheal-Package placed in SelfService.app is not available.

So one can shrink the most common tasks into these four:

  • Clear Log Files
  • Clear Font Caches
  • Rebuild Boot Caches
  • Repair DiskPermissions (okay with 10.11 ‘El Capitan’ this will not work anymore)
  • Reboot

 

#!/bin/sh
#
# Delete Log-Files
find /private/var/log/asl -type f -name ‘*.asl’ -ctime +7 -print0 | xargs -0 rm -f &
echo "Logfiles are cleaned!"
sleep 5
#clear FontCaches
atsutil databases -remove &
echo "Font Caches are removed!"
# Rebuild dyld-Shared Caches
update_dyld_shared_cache -force &
echo "Boot-Process got enhancements!"
#RepairPermissions
diskutil repairPermissions / &
wait
echo "Permissions are checked and repaired!"
sleep 2
echo "This Mac will reboot in 5 Seconds"
sleep 5
osascript -e 'tell app "loginwindow" to «event aevtrrst»'

Wrap it with Platypus into an Application and go for it.