Q: I have been getting a msg stating that there is suspicious activity on my macbook pro and it freezes. it wants me to call a ph number.  HELP!!!

It is a scam

Don't call the number what ever you do

Allan beat me to the punch..... It's a scam, as Apple wouldn't notify you in that way. If anything, you would most likely get an email to your Apple ID, or a pop from OS X. I've never seen that particular pop up. If it freezes your machine, I would say try and remove the adware, by searching for the files. Remove unwanted adware that displays pop-up ads and graphics on your Mac - Apple Support

Remove Downlite, also known as VSearch

1. Select each line in the list below, starting with /Library/Application Support/VSearch.
2. Choose Edit > Copy.
3. From the Finder, choose Go > Go to Folder.
4. Choose Edit > Paste to paste the line you copied into the text field, then press Return.
5. If the file is on your Mac, a window opens with the file you searched for already selected. Drag the file to the Trash.

Repeat the steps above for each item in the following list. If you get a message that the folder can't be found, continue to the next item in the list./Library/Application Support/VSearch

/Library/LaunchAgents/com.vsearch.agent.plist/Library/LaunchDaemons/com.vsearch.daemon.plist

/Library/LaunchDaemons/com.vsearch.helper.plist/Library/LaunchDaemons/Jack.plist

/Library/PrivilegedHelperTools/Jack/System/Library/Frameworks/VSearch.framework

After you remove the files above, restart your Mac. Then choose Finder > Empty Trash to permanently remove the files.

Remove Conduit, also known as Trovi, MyBrand, or Search Protect

1. Select each line in the list below, starting with /Applications/SearchProtect.app.
2. Choose Edit > Copy.
3. From the Finder, choose Go > Go to Folder.
4. Choose Edit > Paste to paste the line you copied into the text field, then press Return.
5. If the file is on your Mac, a window opens with the file you searched for already selected. Drag the file to the Trash.

Repeat the steps above for each file in the following list. If you get a message that the folder can't be found, continue to the next item in the list./Applications/SearchProtect.app

/Library/LaunchAgents/com.conduit.loader.agent.plist/Library/LaunchDaemons/com.perion.searchprotectd.plist

/Library/Application Support/SIMBL/Plugins/CT2285220.bundle~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin

~/Library/Internet Plug-Ins/TroviNPAPIPlugin.pluginNow do the same for each folder in the following list. When these folders open, no file will be selected. Instead, select all items (Command-A) in the folder and drag them all to the Trash.

/Library/InputManagers/CTLoader//Library/Application Support/Conduit/

~/Conduit/~/Trovi/

After you remove the files above, restart your Mac. Then choose Finder > Empty Trash to permanently remove the files.

Remove Genieo, also known as InstallMac

First follow these steps to stop the Genieo or InstallMac processes, if they're running. Be particularly careful to restart your Mac when instructed.

1. Open the Activity Monitor app:
   You can use Spotlight (Command-Space) to search for "Activity Monitor," then choose Activity Monitor from the search results.
2. In the Activity Monitor window, click the CPU tab, then click Process Name at the top of that column to sort the list alphabetically.
3. Look for the process "Genieo." Select it, then click the Force Quit button in the upper-left corner of the window.
4. Look for the process "InstallMac." Select it, then click the Force Quit button.
5. Quit Activity Monitor.
6. From the Finder, choose Go > Go to Folder.
7. Type /private/etc/launchd.conf in the text field, then press Return.
8. If the file is on your Mac, a window opens with the file you searched for already selected. Drag the file to the Trash.

Restart your Mac, then continue to the next steps, below.Remove the files related to Genieo:

1. Select each item in the list below, starting with /Applications/Genieo.
2. Choose Edit > Copy.
3. From the Finder, choose Go > Go to Folder.
4. Choose Edit > Paste to paste the line you copied into the text field, then press Return.
5. If the file is on your Mac, a window opens with the file you searched for already selected. Drag the file to the Trash.

Repeat the steps above for each item in the following list. If you get a message that the folder can't be found, continue to the next item in the list./Applications/Genieo

/Applications/InstallMac/Applications/Uninstall Genieo

/Applications/Uninstall IM Completer.app~/Library/LaunchAgents/com.genieo.completer.download.plist

~/Library/LaunchAgents/com.genieo.completer.update.plist/Library/LaunchAgents/com.genieoinnovation.macextension.plist

/Library/LaunchAgents/com.genieoinnovation.macextension.client.plist/Library/LaunchAgents/com.genieo.engine.plist

/Library/LaunchAgents/com.genieo.completer.update.plist~/Library/LaunchAgents/com.genieo.completer.ltvbit.plist

/Library/LaunchDaemons/com.genieoinnovation.macextension.client.plist/Library/PrivilegedHelperTools/com.genieoinnovation.macextension.client

/usr/lib/libgenkit.dylib/usr/lib/libgenkitsa.dylib

/usr/lib/libimckit.dylib/usr/lib/libimckitsa.dylib

~/Library/Preferences/com.apple.genieo.global.settings.plist~/Library/SavedState/com.genieo.RemoveGenieoMac.savedState

Now do the same for each folder in the following list. When these folders open, no file will be selected. Instead, select all items (Command-A) in the folder and drag them all to the Trash.~/Library/Application Support/Genieo/

~/Library/Application Support/com.genieoinnovation.Installer/~/Library/Saved Application State/com.genieo.RemoveGenieoMac.savedState/

Restart your Mac, then continue to the next steps, below.

1. From the Finder, choose Go > Go to Folder.
2. Type /Library/Frameworks/GenieoExtra.framework in the text field, then press Return.
3. If the file is on your Mac, a window opens with the file you searched for already selected. Drag the file to the Trash.

Restart your Mac, then choose Finder > Empty Trash to permanently remove the files.

It's a scam, certainly; does it also mean that there is an adware problem?

Well, you said your Macbook Pro freezes. Does it freeze when you get the message? How many times have you gotten the message, and what were you doing when you got the message? In other words, using Safari, just surfing the web, or on a specific page that may have that adware attached. Most likely you have installed adware or an app did....

I had gotten redirected to a page for Mackeeper twice, once a month ago and once today, but I can't fid any of the files, and I haven't had any technical problems. I think, in my case, the page I was on had adware attached. I didn't install anything, it was just a pop trying to get me to use the service. In your case, that could be in part with a phishing scam email. Like I said, though, you said your Macbook Pro freezes, so you could have a virus.

Do you have a LinkSys/Cisco router? Just the other day a user reported similar problem caused by the router being hacked. It can also happen with other routers too. See:

http://www.thesafemac.com/how-to-manage-a-hacked-wireless-router/

This may not be malware. It may be a JavaScript scam that only affects your web browser, and only temporarily. There are several ways to recover.

1. Some of those scam pages can be dismissed very easily. Press the key combination command-W to close the tab or window. A huge box will pop up. Press the return key and both the box and the page will close. If that doesn't happen, continue.

2. Press and hold command-W. You may hear repeating alert sounds. While holding the keys, click the OK button in the popup. A different popup may appear, which you can cancel out of as usual.

3. From the Safari menu bar, select

          Safari ▹ Preferences... ▹ Security

and uncheck the box marked Enable JavaScript. Leave the preferences dialog open.

Close the malicious window or tab.

Re-enable JavaScript and close the preferences dialog.

4. If the Preferences menu item is grayed out, quit Safari. Force quit if necessary. Relaunch it by holding down the shift key and clicking its icon in the Dock. None of the windows and tabs will reopen.

After closing the malicious page, from the menu bar, select

          Safari ▹ Preferences... ▹ Privacy ▹ Remove All Website Data

to get rid of any cookies or other data left by the server. Open your Downloads folder and delete anything you don't recognize.

If the above steps don't solve the problem, ask for further instructions.