Safari Hijacked and Certificates that won't go away.  Malware?

Four times over the last 4 or 5 months "something" hijacks Safari and freezes it.
The first 3 times I was in Google.   I clicked on a site, it would freeze Safari and I would get a message from an unrelated website telling me to call a number for Apple Support which was not Apple.
Each of those 3 times I called Apple Care and they went to Finder>Library> Cache and removed files from Launch Agents, Launch Daemons and Plug-ins.  That removed the problem.
This time I was in Words With Friends when a Certificate popped up for the website Secure.RubiconProject.Com.   I spent over an hour on the phone with Apple looking for bad files.  None were found but we couldn't get rid of the Certificate and Safari was frozen.   Also, WWF would keep crashing Safari.
The Apple guy had me install a 2 week free trial of Web Root antivirus.  It found some problems which it took care of.  When I went back to Words with Friends the Certificate popped up again but this time I clicked on it since Web Root would tell me if there was an issue. 
The screen was blank but since then: 1.  No certificate and 2. an error message that was always across the top of WWF about having to reload the page was gone.  When I used Firefox to work on this problem with Apple, I would keep getting a message that said Firefox would not direct this to another page and I had to click an OK button.  That is gone.
I don't know why I keep getting this issue since each time it is different.   I told Apple guy that I had read that Apple doesn't need antivirus and in fact they can cause more problems than they help.   He said Apple has a Firewall but nothing for malware which is become more and more prevalent.  There are threads here about not needed anti viruses but I'm at a loss. 
I have Apple Care for 2 more years but I don't want to keep calling them if I can find a solution to this.  I'm not tech savvy.   I would like an antivirus that is a one time fee. 
Advice please?

You may have inadvertently installed adware. Eradicating it is simple and you don't have to download or install anything to fix it.
Although adware relies upon deception, it does not get installed without your consent, and "anti-virus" utilities cannot prevent users from willfully installing garbage. Only you can do that, by recognizing adware's appearance, which is constantly changing as adware authors constantly attempt to thwart automatic means of detection.
For an explanation or how this may have occurred, how to avoid it in the future, and for Apple's recommended solution read How to install adware.
Webroot is garbage that won't help prevent adware. Uninstall it. Be sure to follow its uninstallation instructions.
I have Apple Care for 2 more years but I don't want to keep calling them if I can find a solution to this.
You should call them, as often as necessary. AppleCare is a service you paid for. Let them work for you. I suggest you express your displeasure regarding their inept recommendation to install Webroot. OS X's software firewall is also completely irrelevant to your concern.

Similar Messages

  • Pubsub, RSS, Safari, and feeds that won't go away

    So...I've been helping out a friend of mine with an interesting issue.  He has somehow managed to subscribe to a less the reputable RSS feed (mobilism).  Here's some places/steps I've taken:
    Safari->Bookmarks->Show all Bookmarks->All RSS Feeds-> deleted everything there
    ~/Library/Pubsub/Feeds-> deleted everything here, including sub-directories
    ~/Library/Pubsub/Database-> deleted Database.sqlite2
    Doing a "pubsub list" in terminal will, after doing the above, show nothing.  However, rebooting the machine and starting Safari, sure enough...if I go to terminal and type "pubsub list" it's there again.  Anyone have any thoughts on just how this thing is coming up again?  Thanks.
    James

    Heh...so this is solved.  Apple stores rss feeds in a varity of places...bookmarks, bookmark bar, topsites, rss feeds, and pubsub.  Of great annoyance is the fact that even if you go to "All RSS Feeds" and emtpy it, RSS feeds elsewhere (TopSites) won't show up.  Long story short you get to search around and try and find where it's at   Quite a hoot.

  • Lost icons in finder sidebar, and folders that won't go away

    I've somehow lost the icons for documents, movies, music and pictures in the finder sidebar...and i dragged some folders to the sidebar to use temporarily but they keep reappearing even after i've trashed them...is there a way to reset my sidebar to the default (and tehn i will hope that solves both problems)? Thanks!

    Hi AYS,
    Navigate to ~(yourhome)/library/preferences and trash these two files:
    com.apple.finder.plist
    com.apple.sidebarlists.plist
    Then log out and back in again. Or restart.
    (You will have to reset a few finder prefs the way you like them.)
    Let us know.
    -mj
    [email protected]

  • Cp 4 and frames that won't go away

    Hey all!
    Weird question here.  I am splitting up a CP 4 project that is waaaay too large (24,00 frames) that was imported from CP 1.  I saved a copy of the project, renamed it, and deleted the slides I am dumping from this new, smaller part of teh project.  I saved.  I went into the library and dumped unused elements.  I saved.  I closed the project, and even closed Cp. Upon re-entering, I still have 24,000 frames in the saved and edited instance.  You cannot see anything that I deleted, but frame count does not change.  Weird.
    What kind of voodoo dance do I have to do to get the frames to go away?
    Thanks all
    nuguy

    Hello Nuguy,
    Those are indeed frames in the same sense as in Flash, but for the total project. If you did not change the standard settings the speed of the CP-movie is 30 fps (frames/second) and you will see that the total time (p.e. 00:50) multiplied with the frame rate (30) results in this total number (1550). But in routine work with CP, you do not really work frame by frame, as in Flash. The timeline is not in frames but in seconds (different from Flash).
    I'm not a Flash guru at all, a little bit more used to Captivate because it delivers e-learning in a fraction of time need otherwise in Flash.
    Enjoy CP,
    Lilybiri

  • HT1527 when I try to download apps in my iphone , i get a spinning circle that won't go away and a icon that is gray and says "waiting". Any ideas how to solve?

    When I try to download apps in my iphone , I get a spinning circle that won't go away and a grey icon that says "waiting" .Any ideas how to fix the problem?

    First go into settings, Itunes and App store,  sign out and then sign in again! (This might not work)

  • Have a number badge in settings that won't go away and there are no updates that need to be done.  Help!!!

    On my settings, there is a number one (red) that won't go away.  There are no updates that need to be done.

    Maybe you should try updating 5.1.1 from iTunes? Because I had the same thing and it was 5.0.1.

  • IMac screen colour, how to show tints and shades that won't appear

    iMac screen colour, how do I show tints and shades that won't appear on screen
    I have a 2 month old imac, with a great screen. But for some reason I cant  se light shades of colour like 5% of a tint.
    yet on older macs, and a 2 year old imac, i can see them prefectly.
    Some designs have light panels with 5% colours, some a precent of a colour.
    Can anyone suggest a way to calibrate the screen, or set the screen to show all the colours n tints used as accuratley as possible.
    Advice much appreciated

    The fdisk output shows that it is a single GPT disk. Has any disk manipulation been done, like resizing or repartitioning.
    Your GPT looks correct. If you create a Hybrid MBR via gdisk and include partitions 2,3 and 4 and make 4 bootable, does Windows partition show up in Startup and as a separate volume in Finder?
    Please see https://discussions.apple.com/thread/5641066 for Hybrid MBR creation.

  • Ghost Rental in my IPOD Video Library...there's a video that I rented that won't go away...how to remove?

    I rented a video on my ipod, watched it, and now it won't go away.  I can't rewatch it either.  When I sync, it is not on the computer as far as rentals.  Can anyone help me remove this?

    See if you have enabled 'VoiceOver'…
    Open Apple Menu > System Preferences > Accessibility, select VoiceOver in the sidebar list, disable that if it is enabled. You may also see a keyboard shortcut listed there (e.g. cmd+F5), it's possible you hit that accidentally

  • When I try to go to the app store, I have a popup for a game that won't go away.  I can't get it off the screen. Suggestions?

    When I try to go to the app store, I have a popup for a free game that won't go away.  I can't get into the app store.

    This happened to me twice lately.  I finally got around it by double tapping the home key to go back to the homepage finding the app store that was running and flicked  it up to get rid of it.
    When I went back to the App Store the Popup was gone.

  • I'm getting mdmclient error that won't go away

    I restored my computer yesterday and it was working fine.  This morning after booting, I am now recieving an error messag that won't go away even when I click 'Ignore'
    Below are the details when I click 'Report...'
    Process:         mdmclient [2736]
    Path:            /usr/libexec/mdmclient
    Identifier:      mdmclient
    Version:         1.6 (520)
    Code Type:       X86-64 (Native)
    Parent Process:  launchd [273]
    User ID:         501
    Date/Time:       2013-01-14 11:12:37.422 -0700
    OS Version:      Mac OS X 10.8.2 (12C60)
    Report Version:  10
    Sleep/Wake UUID: 8691BEB3-4C2A-4ED1-9E8B-FAD122CCF685
    Interval Since Last Report:          1304923 sec
    Crashes Since Last Report:           17472
    Per-App Crashes Since Last Report:   164
    Anonymous UUID:                      5EB6D6FB-1718-D922-77A4-19931C576C6F
    Crashed Thread:  0
    Exception Type:  EXC_BREAKPOINT (SIGTRAP)
    Exception Codes: 0x0000000000000002, 0x0000000000000000
    Application Specific Information:
    dyld: launch, loading dependent libraries
    Dyld Error Message:
      Library not loaded: /System/Library/PrivateFrameworks/ConfigurationProfiles.framework/Versions/A/Co nfigurationProfiles
      Referenced from: /usr/libexec/mdmclient
      Reason: image not found
    Binary Images:
           0x100032000 -        0x10006efff  mdmclient (1.6 - 520) <E228B3E9-A4D7-390D-A318-B3487E890F21> /usr/libexec/mdmclient
        0x7fff5fc32000 -     0x7fff5fc6693f  dyld (210.2.3) <36CAA36E-72BC-3E48-96D9-B96A2DF77730> /usr/lib/dyld
        0x7fff8c7da000 -     0x7fff8c92bfff  com.apple.audio.toolbox.AudioToolbox (1.8 - 1.8) <833DA682-A3C1-39E7-AEC3-9EDC734DE2A9> /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
        0x7fff8dee0000 -     0x7fff8e23cfff  com.apple.Foundation (6.8 - 945.11) <A5D41956-A354-3ACC-9355-BE200072223B> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
    Model: MacBookPro6,1, BootROM MBP61.0057.B0F, 2 processors, Intel Core i7, 2.66 GHz, 8 GB, SMC 1.57f17
    Graphics: Intel HD Graphics, Intel HD Graphics, Built-In, 288 MB
    Graphics: NVIDIA GeForce GT 330M, NVIDIA GeForce GT 330M, PCIe, 512 MB
    Memory Module: BANK 0/DIMM0, 4 GB, DDR3, 1067 MHz, 0x802C, 0x31364A53463531323634485A2D3147314431
    Memory Module: BANK 1/DIMM0, 4 GB, DDR3, 1067 MHz, 0x802C, 0x31364A53463531323634485A2D3147314431
    AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0x93), Broadcom BCM43xx 1.0 (5.106.98.81.22)
    Bluetooth: Version 4.0.9f33 10885, 2 service, 18 devices, 2 incoming serial ports
    Network Service: AirPort, AirPort, en1
    Network Service: Parallels Host-Only #1, Ethernet, vnic1
    Serial ATA Device: ST9500325ASG, 500.11 GB
    Serial ATA Device: HL-DT-ST DVDRW  GS23N
    USB Device: hub_device, 0x0424  (SMSC), 0x2514, 0xfa100000 / 2
    USB Device: BRCM2070 Hub, 0x0a5c  (Broadcom Corp.), 0x4500, 0xfa110000 / 4
    USB Device: Bluetooth USB Host Controller, apple_vendor_id, 0x8218, 0xfa113000 / 6
    USB Device: Apple Internal Keyboard / Trackpad, apple_vendor_id, 0x0236, 0xfa120000 / 3
    USB Device: hub_device, 0x0424  (SMSC), 0x2514, 0xfd100000 / 2
    USB Device: Backup+ Desk, 0x0bc2  (Seagate LLC), 0xa0a4, 0xfd140000 / 5
    USB Device: IR Receiver, apple_vendor_id, 0x8242, 0xfd120000 / 4
    USB Device: Built-in iSight, apple_vendor_id, 0x8507, 0xfd110000 / 3

    I FIXED IT.
    The issue was a folder name.  For some reason, a folder was name Fersions when it should have been called Version.  I have no clue why it was named that way, but I named it correctly and the error disappeared.

  • HT4059 I have a "call out" window that won't go away.  It's there no matter where I go in iBook, my library, all my books etc.  what can I do about it?

    I have a "call-out" that won't go away.  It's there no matter where I go, or what I do within iBook, be it my library, or other books.  How can I get it to go away?

    Have you tried turning your phone off and back on?
    Reset the phone hold the home button and the sleep button in until the phone turns off ignore the "slide to power off" message and keep holding the buttons, the phone will reboot

  • I have an error message that won't go away.

    The message says "This iPad hasn't been backed up in 5 weeks.  Backups happen when this iPad is plugged in, locked and connected to Wi-Fi."  I have tried to do as instructed, but it doesn't seem to backup and the message won't go away.  I can't even shut the iPad down to try and reset it because I am unable to swipe to power down.  HELP!!

    Found another discussion after I posted this.  Followed the instructions given there and it solved my problem!

  • There is a pop up on my safari that won't go away

    i have a pop up on my safari saying that I need to call a toll free number to contact apple support because there is some sort of security issue. I tried clicking ok and x but that doesn't work. I then checked here and have seen that people have the same problem however, all the answers were for Macs. Does anyone know how to get rid of it on an iPhone 6?

    Helpful Links Regarding Malware Problems
    If you are having an immediate problem with ads popping up see The Safe Mac » Adware Removal Guide, AdwareMedic, or Remove unwanted adware that displays pop-up ads and graphics on your Mac - Apple Support.
    Open Safari, select Preferences from the Safari menu. Click on Extensions icon in the toolbar. Disable all Extensions. If this stops your problem, then re-enable them one by one until the problem returns. Now remove that extension as it is causing the problem.
    The following comes from user stevejobsfan0123. I have made minor changes to adapt to this presentation.
    Fix Some Browser Pop-ups That Take Over Safari.
    Common pop-ups include a message saying the government has seized your computer and you must pay to have it released (often called "Moneypak"), or a phony message saying that your computer has been infected, and you need to call a tech support number (sometimes claiming to be Apple) to get it resolved. First, understand that these pop-ups are not caused by a virus and your computer has not been affected. This "hijack" is limited to your web browser. Also understand that these messages are scams, so do not pay any money, call the listed number, or provide any personal information. This article will outline the solution to dismiss the pop-up.
    Quit Safari
    Usually, these pop-ups will not go away by either clicking "OK" or "Cancel." Furthermore, several menus in the menu bar may become disabled and show in gray, including the option to quit Safari. You will likely have to force quit Safari. To do this, press Command + option + esc, select Safari, and press Force Quit.
    Relaunch Safari
    If you relaunch Safari, the page will reopen. To prevent this from happening, hold down the 'Shift' key while opening Safari. This will prevent windows from the last time Safari was running from reopening.
    This will not work in all cases. The shift key must be held at the right time, and in some cases, even if done correctly, the window reappears. In these circumstances, after force quitting Safari, turn off Wi-Fi or disconnect Ethernet, depending on how you connect to the Internet. Then relaunch Safari normally. It will try to reload the malicious webpage, but without a connection, it won't be able to. Navigate away from that page by entering a different URL, i.e. www.apple.com, and trying to load it. Now you can reconnect to the Internet, and the page you entered will appear rather than the malicious one.

  • When I touch the email icon there is a draft email stuck on the screen that won't go away if I delete or save it.  I've already tried deleting and resetting the email account which didn't work.  How do I get rid of it?

    I have the new iPad 3 and every time I touch the email icon there is a draft message stuck on the screen that won't disappear even if I touch save or delete.  I've tried removing the email account and putting it back on which didn't work either.  How do I get this draft to disappear?

    Reboot the iPad by holding down on the sleep and home buttons at the same time for about 10-15 seconds until the Apple Logo appears - ignore the red slider - let go of the buttons.
    Or Quit the mail app.
    Go to the home screen first by tapping the home button. Double tap the home button and the task bar will appear with all of your recent/open apps displayed at the bottom. Tap and hold down on any app icon until it begins to wiggle. Tap the minus sign in the upper left corner of the app that you want to close. Tap the home button.
    Go back to mail and see if it is fixed.

  • Safari, Mail and Disk Utility won't run unless Font Book is Open

    Recently Safari, Mail and Disk Utility would crash and spin and the "Application Not Responding" line would appear when I checked the program in the dock. After following a variety of tips from other Apple users, I finally got the programs to run. However, I started them while Font Book was open and now they only work when it remains open. I've been using Apple/Mac products since the beginning of time and have never seen anything like this. I've repaired permissions, throught out preferences, etc., etc. and can't resolve this problem. Please, someone, help me.

    Hello buhrow:
    That makes two of us that go back to the beginning of time and have never seen anything like that. Have you run the fontbook applications to eliminate duplicates and check for corrupt fonts? Offhand, I cannot understand why just having a program open would prevent other programs from crashing.
    If nothing else works, you might want to consider an archive and install (after backing up, of course):
    http://docs.info.apple.com/article.html?artnum=107120
    Barry
    Message was edited by: Barry Hemphill (spelling, no checker)

Maybe you are looking for

  • Windows Installer 4.5 Error while installing in windows 2008 32 bit

    In windows 2008 server (standard edition), i am trying to install the exchange server 2007 sp2 before that i need to install the windows installer 4.5 to install my exchange server 2007sp2, while installing the windows installer 4.5 system showing th

  • Reader Crashes When Printing

    Hello, Reader crashes after pressing the print button. This happens for any printer connected to our network or via USB. It also only crashes specifcally for that user, but not when logged in with one of the local admin accounts on the machine. I hav

  • Raw material Stock not reducing when cancelling Subcontracting MIGO

    Dear All, We are facing problem in subcontracting process. Suppose we have a HALB material X which is made up of material a and b. When we are receiving material X stock of material a and b is reducing at vendor end. but when we are cancelling MIGO o

  • I need help centering a div!

    Hi! So i'm attempting to set up all the body content in my website so that it is always in the center of my webpage dispite the size of the browser. I had it going fine for a while, but then something happened and I lost it. What did I do wrong? Help

  • Nexus 5K OSPF with vPC

    Hi, I know it is well documented using IGP's, more specifically OSPF with 7K's and vPC's but when it comes to the same thing on 5K's I am still a little confused. My topology is: 5K01 and 5K02 are connected and are vPC peers, I currently have a manag