core.insightexpressai.com trojan

Hello, I don't know if this is the correct place for this question...but I opened my macbook and found a survey pop up window with the address "core.insightexpressai.com" and it wouldn't go away when I force restart. I cleared the cache and history. Nothing. Restarted. Nothing. Downloaded ClamXav and scanned. Nothing.

The web indicates that it is a trojan that is pretty damaging.

I can't find ANYTHING about how to remove it from a mac.

HELP, PLEASE!

It's not a trojan, it's a valid web site that's displaying a pop up ad. Since you gave us no information about your Mac or which version of OS X you're running, we can't advise you how to stop it. Also which browser are you using?

I have a MacBook running 10.7.5 lion using safari.

I'm curious why you say it's not a Trojan and others say it is?

Not that I doubt you, it's just conflicting with what I've read and this pop up is unlike any other I've seen with the way it is sticking around.

Thanks for the reply!

Random speculation that it's a trojan does not mean that it is one. It's a popup ad, and a rather intrusive one that has been referenced as long ago as 2009 in my Google search.
Does anyone know how to block the survey pop-up?
Ad Pop-Up - core.insightexpressai.com/adServer? - Yahoo! Answers

It would help if you could post a screenshot so we can see what you are seeing exactly. It would also help to know what apps are loading on login. Perhaps you have installed something that is loading these popups. Also take note of my signature.

With one of those browser pop ups that just won't go away, what has worked for me...

As soon as you open the browser, immediately begin clicking on the close button on every tab - before they can load.

If it pops up again while you're doing that - press and hold the option & command keys - then toggle the esc key - then Force Quit the browser.

You may have to do this multiple times, depending on how many tabs you have open in order to get the offending tab closed.

Once you have done that, and can open Safari without that popup:

open Safari - Preferences - General tab - and change "Safari opens with:" to "A New Window".
(Note to others reading this thread - do the above now on your Mac - never keep the option for Safari to open all windows from last session)

Next, install Adblock - link.

lifeisabeach said:

Random speculation that it's a trojan does not mean that it is one. It's a popup ad, and a rather intrusive one that has been referenced as long ago as 2009 in my Google search.
Does anyone know how to block the survey pop-up?
Ad Pop-Up - core.insightexpressai.com/adServer? - Yahoo! Answers

It would help if you could post a screenshot so we can see what you are seeing exactly. It would also help to know what apps are loading on login. Perhaps you have installed something that is loading these popups. Also take note of my signature.

Click to expand...

I saw the second link before I posted here, but the malware program was for a PC.
I found clamXav and installed it and removed sophos. Ran clam on "all my files" and found nothing. Clam did not give me the option to scan my drive, though.

This is why I thought that it was a virus:
Remove Core.insightexpressai.com virus, removal instructions



Here are my screen shots of apps and the pop-up. The pop-up is now just a blank window. I have not tried to close them yet, because I was afraid that it was a virus. A Netflix pop-up is accompanying the core.insights pop-up.

Look, it's NOT a virus or any kind of malware. Having been referenced as long ago as 2009, there is simply NO WAY the AV vendors, and even Apple with the built-in malware detection, have dropped the ball and overlooked it if it was.

You really shouldn't be posting screen caps showing off software that reads databases of stolen software keys. Unless you don't mind announcing to the world that you are a software pirate.

Those pop-up windows aren't "active", so I can't tell what app they belong to. When those windows are selected, what application is showing in the menubar that they belong to? If it's Safari, then it'd be helpful to know what extensions and internet plug-ins you have installed.

Right off the bat, I can tell you to get rid of CleanMyMac and CleanMyDrive. I have a very poor impression of that developer and know of a couple cases where their software caused problems.

Apps with names like "Fastest Free YouTube Downloader" just screams "adware". I wouldn't be the slightest surprised if that or one of a few of your other apps are generating those pop-ups. I haven't used VUZE in years, but iirc it's ad-supported and mabey it is popping those ads up.

My recommendation: download AppCleaner and use it to delete the following apps (along with their support files):
Vuze (Transmission is far superior)
Aimersoft Video Converter (I've never heard of these people... something about them sets off red flags in my head here, and Handbrake is free and likely much better anyway)
CleanMyMac
CleanMyDrive
Fastest Free YouTube Downloader
iSerial Reader
RealPlayer (seriously? You have that installed?)
All those DivX apps (VLC handles DIVX fine and Handbrake can convert them. Those apps are pointless.)

Reboot and see if the problem went away. If you did, then you'll know one of them was the problem.

EDIT: you didn't tell us what software is loading on startup. To do so, open System Preferences, Users & Groups, Login Items (for your user account).

Thanks, there are quite a few apps on there that I don't really know what they are. An acquaintance through a friend claimed he had some "cool apps" and put some stuff on my computer. I didn't know what to do with most of them. I don't pirate anything so if there is anything on there that is related to that I would like to just get it off of my computer.

Thanks for bringing that to my attention.

I closed the pop up windows and will delete the list you gave me and reboot to see if I have any issues.

When using Appcleaner, will it delete the support files?

Is there an alternate app similar to Clean my mac and clean my drive that is solid?

It sounds like that app is not necessary?

Is there an alternate app similar to Clean my mac and clean my drive that is solid?

Click to expand...

The only one we recommend is OnyX, free. Download from here. Read the help files and use it in Auto mode. It's safe. Most of the regulars here including myself use it and have been using it for years.

tcraig1 said:

When using Appcleaner, will it delete the support files?

Click to expand...

Yes, it will. It's one of the best ones for that.

tcraig1 said:

Is there an alternate app similar to Clean my mac and clean my drive that is solid?

It sounds like that app is not necessary?

Click to expand...

I tested out CMM some time back, and it makes a lot of bold claims that it doesn't live up to. The module to "clean system junk" doesn't seem to actually do much of anything. I ran it on a new folder full of copies of image files and it claimed to have recovered some trivial amount of drive space, yet nothing changed, not even the invisible files that I was monitoring. It's FUDware.

As chscag said, Onyx is our top recommended system utility. I also use TinkerTool System, which isn't free but is outstanding. It has a few more tricks up its sleeve and does a much better job of explaining what it does. But really I think you'll be fine sticking with Onyx. You don't have to run these types of tools on a regular basis. I'd recommend it after an OS update or as a troubleshooting measure if something isn't working quite right, but otherwise there's just no need.

"core.insightexpressai.com"

I have an iMAc running on OSX 10.8.5. When I open my browser I have it set to Yahoo and all is fine. However when I go to AOL mail log on page I get a pop up that states Safari can't verify the identity of website "core.insightexpressai.com".
What can I do to stop this hijacking of may AOL log on page so I can log into my email account?

Sorry, new to forum and may have posted this to the wrong topic area.

Same thing (repost)

My original post didn't got through but I have the same issue.

FIRST it was on my air book - and i proceeded to check my e-mail anyway (bad idea?)

THEN i went to my office and same issue on my iMac when logging into AOL!! (YIKES)

i called Apple because anything i found online to remove this pop up was for PC's only
they said it's NOT A VIRUS (although i read it was)
and that the problem is with AOL - not the computer

i couldn't get through to AOL

however - i see the pop up when singing into AOL through Safari
when i try Firefox i can log in no problem

?????

"core.insightexpressai.com"

I have an iMAc running on OSX 10.8.5. When I open my browser I have it set to Yahoo and all is fine. However when I go to AOL mail log on page I get a pop up that states Safari can't verify the identity of website "core.insightexpressai.com".
What can I do to stop this hijacking of may AOL log on page so I can log into my email account?

Thanks for sharing this information, it just started today. Yesterday I was doing some shopping on line and thought it may have come from one of the sites I visited. I will try going in through another browser. Still concerned that this needs to be removed from iMac somehow.

yes...

i thought it maybe came from a website i was browsing yesterday but it's strange now that it's on two separate computers

i even went into preferences and deleted cookies, reset safari, changed my aol password, updated my mac and NOTHING works

i'm still a little worried about it but we can't be the only 2 with this problem!

i google it to show results from last 24 hours and only see your post

It's probably an ad on AOL's page that safari cant verify. Try Ghostery for Safari or AdBlock.
https://www.macupdate.com/app/mac/39627/ghostery-safari-extension

core.insightexpresssai.com problems

I also received a warning today when trying to sign into my AOL mail on my Imac. The safari pop up says that it can not verify the identity of the website "core.insightexpresssai.com" Some of the research I did mentioned that it is a "nasty browser redirect virus", but most of the references were on sites I was not familiar with. I could not find reference to it on any anti-virus sites I am familiar with such as Norton and Kapersky.
Also, for the past few days Safari has been freezing and acting a bit off.

I too would appreciate any insight or suggestions anyone has. Thank you cradom for your comments. Those recommendations look helpful for future web browsing. But at the moment I am concerned that there is a virus or malware on my computer, and would like to clear things up.

Thanks

Clearly malware of some sort

I won't get into a battle of semantics, but this is some form of malware. I have encountered it today on my computer -- in Safari. It appears to be an attempt to redirect me, presumably to an unsafe site. When I open Safari, I am OK -- but, when I try to access my AOL mail, I get this message:

"
Safari can't verify the identity of the website "core.insightexpressai.com".

The certificate for this website is invalid. You might be connecting to a website that is pretending to be "core.insightexpressai.com", which could put your confidential information at risk. Would you like to the website anyway?
"

Then, there's 3 buttons: Show Certificate -- Cancel -- and -- Continue

Per directions I saw elsewhere, I removed "all website data" under Safari preferences, but I keep getting this warning.

If anyone could suggest a solution to remove what is some sort of infection/hijack effort, I'd be thrilled.