I am having trouble with a redirect virus; how to fix?
I think I have a virus or spyware on my computer. It redirects me to a third-party site (something like LinkBucks) when I try to visit Facebook, Google or YouTube. This happens in both Safari and in Mozilla Firefox. I have tried scanning with ClamX, MacScan, but they are not finding any viruses. I also downloaded a kit that scans the computer for DNS redirect changer viruses, but it can't find any. What should I do now?
ComputerUser23483 wrote:
I think I have a virus or spyware on my computer. It redirects me to a third-party site (something like LinkBucks) when I try to visit Facebook, Google or YouTube. This happens in both Safari and in Mozilla Firefox.
I have been seeing a few of these over the past few days, so it could be something new, but let me give you a couple of suggestions for what has been discovered in the last couple of weeks.
Here's an AppleScript written by fane_j which will check for what we know about the last two Flashback Trojans. Open Script Editor (/Applications/Apple Script/) then copy and paste what follows into the window:
--script begins
property theItems : {"defaults read ~/.MacOSX/environment", "ls -al /Applications/Safari.app/Contents/Resources/*COAA*", "java -version 2>&1"}
on run
set myClip to ""
repeat with i in theItems
try
do shell script i
set myClip to myClip & result & return & return
on error errText
set myClip to myClip & i & " -- " & errText & return & return
set myClip to result
end try
end repeat
set the clipboard to myClip
end run
--script ends
Press the run button. Results will be on your clipboard which you can paste into a text document, e-mail or back here.
It performs three checks:
The first will identify whether or not you have the Flashback.G Trojan (as well as a couple of earlier versions). If you are infected it will look something like this:
"DYLD_INSERT_LIBRARIES" = "/Users/Shared/.<dylib_filename>.so";
If it says that, STOP everything and return here for instructions! Do not attempt any file deletions or you can easily lock yourself out of your account.
If it says anything else or cannot find the file, you are OK on this one.
The second test looks for the Flashback.N Trojan, but since we have not been able to find anybody who was infected yet and the information on it is incomplete, there's no assurances for this one.
The third checks to see what version of Java you have. If it says anything less than 1.6.0_29 followed by some other alpha-numerics, you are vulnerable to being infected without any action on your part other than visiting a web site. In such a case use Software Update to get the latest patch.
The other suggestion would be to check for the old DNSChanger by visiting the site http://www.dcwg.org/checkup.html, click on "Mac OSX" in the left box and follow the directions.
If that's OK then click on "Checking Via Browser" and follow those directions.
It's possible that your router is infected, but unfortunately they still have not posted instructions for that.
To fix any problems you find click on the "Cleanup" tab at the top.
Feel free to read anything else on the site you might be curious about.
Similar Messages
-
I am having trouble with plug-ins being blocked. I have an I-Mac, 2.4 Ghz processor, 2 GB memory, and using Safari as my browser. My operating system is MAC OSX Version 10.6.8
Any particular plugin or all of them? If Adobe Flash Player, try un-installing and then re-installing.
Adobe Flash Uninstaller
Adobe Flash Player -
Someone please help me I got my IPad off of craigslist but brand new in the box.
Once you purchase or download an app it will always be associated with the Apple ID used to download it. When that app requires and update you must use the Apple ID and password used to download it in the first place. The only way around this is to delete the apps the require the old Apple ID and download or purchase them again with the new Apple ID.
-
I am having trouble with sound on my iPad
I am having trouble with sound on my iPad
Found the fix.
If the reboot doesn't fix it.
If the headphoens work find, but no external speakers.
If the double-click and page right to the software mute, doesn't show the sound knob - just the brightness
If your pop-up shows "Docking Station"
Then, the problem is very likely a dirty connector. The iPad/iPhone/iPod connector uses a resistor value to determine if the device is connected to an external 'speaker'. There are a range of resistances, for a range of products. This is known as the Connector Pin 21 issue.
Take some windex on a que-tip, or perhaps a Windex paper scrub and rub it on the bottom connector port. Somehow, "something" has gotten on those contacts, and it is pulling the voltage on pin #21 down - so that the iPad "thinks" it's connected to an external speaker - this will disable the internal speaker circuitry, as well as the internal speaker volume controls.
Do not over-saturate and short out your iPad. Do not throw it in the sink, do not use the kitchen faucet to flush it out. A Que-tip with a few drops of Windex (or other gentle cleaner) should work just fine. Takes all of 30 seconds - and magically, the volume knob appeared and everything worked just fine. -
Having trouble with my iTunes/apps
Having trouble with my iTunes/apps
How did you fix it cause with mine I bought an iTunes card to get music and apps and it's telling to give a credit card.
-
I'm having trouble with a virus or something which affects Google search results when I use Firefox on my PC ...
When I search a topic gives me pages of links as normal, but when I click on a link, the page is hijacked to a site called 'www.goingonearth.com' ...
I've done a separate search and found that other users are affected, but there doesn't seem to be a clear-cut solution ... (Norton, McAfee and Kaspersky don't seem to be able to detect/fix it).
I'd like to continue using the Firefox/Google combination (nb: the hijack virus also affects IE but not Safari) - do you have a patch/fix that could rectify the vulnerability in your software?
thanks''' "... vulnerability in your software?" ''' <br />
And it affects IE, too? Ya probably picked up some malware and you blame it on Firefox.
Install, update, and run these programs in this order. They are listed in order of efficacy.<br />'''''(Not all programs detect the same Malware, so you may need to run them all to solve your problem.)''''' <br />These programs are all free for personal use, but some have limited functionality in the "free mode" - but those are features you really don't need to find and remove the problem that you have.<br />
''Note: If your Malware infection is bad enough and you are mis-directed to URL's other than what is posted, you may have to use a different PC to download these programs and use a USB stick to transfer them to the afflicted PC.''
Malwarebytes' Anti-Malware - [http://www.malwarebytes.org/mbam.php] <br />
SuperAntispyware - [http://www.superantispyware.com/] <br />
AdAware - [http://www.lavasoftusa.com/software/adaware/] <br />
Spybot Search & Destroy - [http://www.safer-networking.org/en/index.html] <br />
Windows Defender: Home Page - [http://www.microsoft.com/windows/products/winfamily/defender/default.mspx]<br />
Also, if you have a search engine re-direct problem, see this:<br />
http://deletemalware.blogspot.com/2010/02/remove-google-redirect-virus.html
If these don't find it or can't clear it, post in one of these forums for specialized malware removal help: <br />
[http://www.spywarewarrior.com/index.php] <br />
[http://forum.aumha.org/] <br />
[http://www.spywareinfoforum.com/] <br />
[http://bleepingcomputer.com] -
I am having trouble with my mac book air. I think I have a virus because everytime i click on a link it openes up popup windows and other things. How do I reset teh computer?
Please post a screenshot that shows what you mean. Be careful not to include any private information.
Start a reply to this message. Click the camera icon in the toolbar of the editing window and select the image file to upload it. You can also include text in the reply. -
Having trouble with Flash Player in regards to youtube
Hello,
Recently I started having trouble with Flash Player in regards to using it with youtube. Sometimes all I see is a blank white screen and sometimes I do see the video with no surrounding youtube webpage or suggested videos etc. Nothing has changed on my computer as far as I know except the usual updates etc. I have tried uninstalling Flash Player and reinstalling with no luck. I even tried an older version. I am running windows XP and IE and have McAfee for my anti-virus. I am not the most computer savy person in the world and could sure use some help.
Thanks,
RonHitomi,
Thanks for the links. I am pretty sure it is not a problem with Flash Player itself but something else that is causing this. I don't know how to do a "screen shot", but even if I did I don't know that it would do anygood to show that because the youtube video screen and surrounding webpage only show for a second and then it goes totally white.
Pat,
Here is what I found:
Intel(R) 82915G/GV/910GL Express Chipset Family
Driver Provider Intel corporation
Driver Date 6/8/2005
Driver Version 6.14.10.4332
Digital Signer Microsoft Windows Hardware Compatability Publis
Update:
This morning after doing some further reading and research on the Internet I tried running youtube in the "InPrivate Browsing" window and youtube worked fine. So thinking I should delete my Internet Browing History, Cache, and Cookies, based on what I read I went ahead and did that but it still doesn't want to work. I think I did the deletions correctly? As I mentioned above I am not very computer savvy but can get by on the basics. Where should I go from here based on this info?
Thanks,
Ron -
I am having a bit of trouble with ip redirects on an airnet 1042N
Here is what happens, I turn off ip redirect, everything works fine, turn it on, everything works fine. The problem is when I apply an ACL to it.
If I apply an ACL, I can ping web sites, but I can not browse websites or telnet to port 80. This is simply a test configuration before I move it into production. 10.0.0.0/22 is our subnet. I want the guest ssid to allow access to the internet, but not the the internal network (with the exception of the gateway (10.0.1.254) , dhcp, and dns servers (same server 10.0.1.221)
Running config
Current configuration : 2475 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname testap
logging rate-limit console 9
enable secret 5 $1$PBvp$dH8HqNdXBTP7eCzYanRRo.
no aaa new-model
dot11 syslog
dot11 ssid main
authentication open
authentication key-management wpa version 2
wpa-psk ascii 7 1234567890abcdefghi
ip redirection host 10.0.1.254 access-group 102 in
dot11 ssid secondary
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii 7 075E731F1A5C4F524F4B5B0D06292F212E343D2B
ip redirection host 10.0.1.254 access-group 103 in
username Cisco password 7 01300F175804
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm
ssid main
ssid secondary
antenna gain 0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface Dot11Radio1
no ip address
no ip route-cache
shutdown
antenna gain 0
dfs band 3 block
channel dfs
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
ip address 10.0.2.150 255.255.252.0
no ip route-cache
duplex auto
speed auto
no keepalive
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 10.0.2.150 255.255.252.0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
access-list 101 permit ip any host 10.0.1.254
access-list 101 permit ip any host 10.0.1.221
access-list 101 deny ip 10.0.0.0 0.0.3.255 10.0.0.0 0.0.3.255
access-list 101 permit ip any any
access-list 102 permit ip any 10.0.0.0 0.0.3.255
access-list 103 permit 80 any any
access-list 103 permit ip any host 10.0.1.254
access-list 103 permit ip any host 10.0.1.221
access-list 103 deny ip 10.0.0.0 0.0.3.255 10.0.0.0 0.0.3.255
access-list 103 permit ip any any
access-list 120 permit ip host 10.0.3.41 any
access-list 120 permit ip any host 10.0.3.41
bridge 1 route ip
line con 0
logging synchronous
line vty 0 4
login local
endJames:
Welcome to the forum.
To enable both encrypted and unencrypted traffic on same radio you need to use VLANs. If you are using only the native VLAN then you are abide by only one encryption method for all SSIDs.
Check this for multiple SSIDs and multiple VLANs:
https://supportforums.cisco.com/docs/DOC-14496
For your network above, you should review the ACL and make sure it allows the needed traffic. Make sure both ports 80 and 23 are opened. Make sure to choose correct ports (udp, tcp) on the ACL.
You can also try configuring ip redirect from GUI. give a look to the ip redirect doc: http://tiny.cc/gdsekw.
HTH
Amjad
Rating useful replies is more useful than saying "Thank you" -
I have 64-bit Vista on an HP laptop, and am having trouble with P4
I have 64-bit Vista on an HP laptop, and am having trouble with P4. When I go to the "Compatibility" tab in for the P4 .exe file, 32-bit Vista does not show up as a compatibility option. The latest version shown is XP with SP2. Am I missing something? Is there a patch or download that updates P4?(The problem I'm having is stuttering and stopping in the imported avi2 files I have downloaded from my Panasonic digital camcorder and converted from avi to avi2 using DVDate. Also, I get stuttering with digital photos - jpg files - that I want to insert in the movie with added narration.)
A.T. Romano
It gets a little complicated. This is a simplification, but I hope this
helps to visualize what's happening.
The 32 bit and 64 bit environments are separated from each other.
There are separate program files directories, separate shared dll library
directories, and even separate registry entries. You can't mix 32 and
64 bit modules, and some applications, like Internet Explorer, install
both a 32 bit and a 64 bit version on the same computer. (IE does that
so it can process web pages that use 32 bit executable controls).
Vista 64 has 32 bit emulation built-in using a subsystem called Windows
on Windows 64 or WOW64 for short. WOW64 intercepts 32 bit
application calls to the operating system and handles the 32 to 64 bit
conversions and the redirection of the file and registry locations.
The program files themselves contain flags that indicate whether they
are 32 bit and whether the file uses the 64 bit version of the file
structure.
If the program is marked 32 bit, it will run in 32 bit using WOW64.
Programs are generally installed by an installer program which places
the application files in the proper locations and writes the registry
entries and any other setup tasks that are needed. To install a 64
bit program, a 64 bit installer is needed. For 32 bit installers, the files
and registry entries are redirected to the 32 bit locations. -
Having trouble with custom web auth page on 4404
Hi all
I am having trouble with a custom web auth page on my controller, we have edited the original file, but when we click login it goes to page cannot be displayed and it doesnt redirect to the page I want, however when I close the window and reopen it has already authenticated me.
Has anyone got a copy of some working html code I can use ?
cheersThere is sample Web Authentication bundle avaiable for download from cisco.com. if you go to the software download page and go to Wireless->Standalone Controllers->4404 you should see a link for Wireless Lan Web Authentication Bundle.
Its the same bundle whether you have a WiSM, 4404 or 2100 -
I'm having trouble with the install of Adobe digital editions
I'm having trouble with the install of Adobe digital editions, how can we fix this? It will begin to dowload it says complete but stops there, no other prompts and if you click the close button it appears that it begins to delete itself. How can i fix this issue?
Hi,
It would be great, if you provide us with the environment where you are trying the install the ADE.
For Example,
- ADE version
- Operating System
- Anti-Virus you are using.
- did you logged in as Admin or user on your computer.
(*any error message you are able to locate/view from Event Viewer- If using Windows OS)
Regards,
Yuvraj. -
Okay. I don't know if it's the broadband that I'm using or is it firefox, but I'm having trouble with a certain website namely Tumblr. I can login just fine, but everytime it tries to redirect me to its dashboard, it'll direct me to another site instead. I really am not sure if it's firefox or is it my internet broadband is the problem. HELP ME. I NEED TO REBLOG SOMETHING OFF TUMBLR SOOO BAD!
No problem just happy you got it working again
Happy Days -
Hi, i am having trouble with my mac mail account, i cannot send or receive any emails because of the server connection problems. Message says it could not be connected to SMTP server. Thanks in advance for your help.
Hello Sue,
I have an iPad 3, iPad Mini and iPhone 5S and they are all sluggish on capitalisation using shift keys. I hope that Apple will solve the problem because it is driving me crazy.
I find using a Microsoft Surface and Windows 8 phone, which I also have, work as well as all the ios devices before the ios 7 upgrade.
It has something to do with the length of time that you need to hold the shift key down. The shift key needs to be held longer than the letter key for the capitalisation to work. For some reason, this is a major change in the way we have learnt to touch type on computers. I am having to relearn how to type!
Michael -
my ipad is having trouble with my music... i had recently gotten a new one when i signed into my icloud the music that i had on the orignal one was not there.... some songs were in fact there but not clickable ( it was there only gray)... i was looking for help on how to get the music on the ipad
my ipad is having trouble with my music... i had recently gotten a new one when i signed into my icloud the music that i had on the orignal one was not there.... some songs were in fact there but not clickable ( it was there only gray)... i was looking for help on how to get the music on the ipad
Maybe you are looking for
-
BEWARE....Sound No Longer Works Since 2.2 Update
....not sure what the heck is going on, but, since upgrading to v 2.2 tonight, my speaker no longer works. No music, no movies....I hope this lil sucka rings when I get a phone call. THAT would be really f 'd. I've checked my settings and everything
-
Hello I'm I Own A HP Slate 7 Beats Special Edition And I Have A Question. When Will HP Update Its Firmware To 4.3 Or Higher. I Want To Use A App But I Need Open Gl 3 And That's Only For 4.4 And Higher.
-
Handling Relationships in What-If Analysis Worksheets.
Hi All, I am currently working on a rulebase in OPM v10.4 where we have used quite a few relationships and the final output for the rulebase rests on certain selections in these relationships. Global | ->The Company Employee |--------------> The Comp
-
New-Cluster Report file location
Hi All, I'm creating a cluster with new-cluster cmdlet and I need this to be a silent run. New-Cluster -Name $ClusterName -Node $Node1, $Node2, $Node3 -NoStorage -StaticAddress $IPAddress,$IPAddress2 *>&1 | Out-Null But I can't get around the followi
-
Flash Player repeatedly downloads to Chrome even though installed.
Windows 7 Home Premium 64 bit Flash player 11.6.202.171 Chrome: 25.0.1364.152 m Flash updater asked if I wanted to install update. I said yes. It installed Flash + McAfee. I do not want McAfee. I have Norton. I uninstalled McAfee. Every time I close