HELP! Searh Engine Redirect Virus
Moderators: malletphreak, Hostrauser
- The Aceman
- Support Staff
- Posts: 3599
- Joined: Thu Oct 30, 2003 12:58 pm
- Location: Escondido, Ca
- Contact:
HELP! Searh Engine Redirect Virus
Someone Help! I seem to have a virus that causes all my search engine results to be redirected. It's affecting all the search engines, Yahoo, Google, Alta Vista!!! When I perform a search the normal results come up, but when I click on a result it doesn't take me to the actual site, it comes up with a http://reults.yahoo.com and then takes me to some stupid spam page. The yahoo results address comes up no matter which search engine I use. The virus is not appear to be browser related, I have the same problem in Firefox, Opera, and Safari. Is anyone else having this problem or is the virus on my computer, or is it universal at the moment? Having a Mac I never really have to deal with viruses, so I'm not sure what to do, but it is quite annoying.
Go read "Ishmael" a novel by Daniel Quinn. It will literally change your life.
Corruptissima re publica plurimae leges.
Corruptissima re publica plurimae leges.
- bassoonuba
- Section Leader
- Posts: 896
- Joined: Thu Jan 04, 2007 8:13 pm
- Location: California
Could be a virus or more likely, malware. Based on previous posts I assume that you're running a mac. Try downloading Adaware and running a scan. If you're on a PC then Windows Defender is quite a bit better.
- Hostrauser
- Support Staff
- Posts: 7984
- Joined: Tue Oct 29, 2002 6:46 am
- Location: Milwaukee, WI
- Contact:
- The Aceman
- Support Staff
- Posts: 3599
- Joined: Thu Oct 30, 2003 12:58 pm
- Location: Escondido, Ca
- Contact:
I downloaded and ran MacScan which found a few minor viruses, I deleted them all and still had the problem. I ended up just clearing all my cookies and that fixed the problem. But it's annoying having to login to all my pages and having to tell my browser to remember them again.
Go read "Ishmael" a novel by Daniel Quinn. It will literally change your life.
Corruptissima re publica plurimae leges.
Corruptissima re publica plurimae leges.
- The Aceman
- Support Staff
- Posts: 3599
- Joined: Thu Oct 30, 2003 12:58 pm
- Location: Escondido, Ca
- Contact:
- bassoonuba
- Section Leader
- Posts: 896
- Joined: Thu Jan 04, 2007 8:13 pm
- Location: California
Doh! I thought adaware ran on any platform.
Although I'm not sure how to do it on a mac, the next step would be to look at your startup programs (on a pc it's msconfig) to see if there is anything out of the ordinary. Also be on the alert for a double entry (ie if it shows acrobat twice, be a little suspicious of it). I'm almost positive that macs have 2 startup folders... 1 for login startup and one for computer/os startup... you will need to check both.
Although I'm not sure how to do it on a mac, the next step would be to look at your startup programs (on a pc it's msconfig) to see if there is anything out of the ordinary. Also be on the alert for a double entry (ie if it shows acrobat twice, be a little suspicious of it). I'm almost positive that macs have 2 startup folders... 1 for login startup and one for computer/os startup... you will need to check both.
- IsnipeWithAknife
- Drum Major
- Posts: 2858
- Joined: Fri Apr 25, 2003 1:38 am
- Location: Los Angeles
- Contact:
is there a safe mode on Macs? you should try some computer cleaning in safe mode. I've never had any virus problems since the late 90s. Friends of mine had some success defeating ad/spyware running cleaning programs and clearing cookies on safe mode.
WHS '05, UCSB '10
WOP OT Round 1 Picture Battle Champion!
WOP OT Mafia Game II: First ever mafia champions
http://officeofstrategicinfluence.com/spam/
WOP OT Round 1 Picture Battle Champion!
WOP OT Mafia Game II: First ever mafia champions
http://officeofstrategicinfluence.com/spam/
An attack like this would generally be an infection in the winsock catalog on a PC. Basically, you access the internet through a series of programs called LSPs (Layered Service Providers) stored in the winsock catalog. Each one has the ability to do ANYTHING IT WANTS to ANY INTERNET TRAFFIC currently running on your computer.
On windows there's an easy command (netsh wins reset) to reset the catalog to a "clean" state (that is, the same way it was when the OS was installed). I don't know if the same exists for Mac.
On windows there's an easy command (netsh wins reset) to reset the catalog to a "clean" state (that is, the same way it was when the OS was installed). I don't know if the same exists for Mac.
It's 5:00... do you know where your ancestors came from?
- The Aceman
- Support Staff
- Posts: 3599
- Joined: Thu Oct 30, 2003 12:58 pm
- Location: Escondido, Ca
- Contact:
UNIX systems do not require a Winsock equivalent because TCP/IP and its use of sockets was designed to run directly with UNIX application programs. Basically eliminates the middle man, there is no WinSock.dll in between your browser and your TCP/IP on a mac.mkosbie wrote:An attack like this would generally be an infection in the winsock catalog on a PC. Basically, you access the internet through a series of programs called LSPs (Layered Service Providers) stored in the winsock catalog. Each one has the ability to do ANYTHING IT WANTS to ANY INTERNET TRAFFIC currently running on your computer.
On windows there's an easy command (netsh wins reset) to reset the catalog to a "clean" state (that is, the same way it was when the OS was installed). I don't know if the same exists for Mac.
Go read "Ishmael" a novel by Daniel Quinn. It will literally change your life.
Corruptissima re publica plurimae leges.
Corruptissima re publica plurimae leges.
- The Aceman
- Support Staff
- Posts: 3599
- Joined: Thu Oct 30, 2003 12:58 pm
- Location: Escondido, Ca
- Contact:
OK, so I finally got rid of it. All I had to do was flush my DNS cache, and voila. I'm assuming since that fixed the problem, the malware I had was a Trojan Virus DNS Changer, had all the syptoms and flushing the DNS cache solved the problem.
Go read "Ishmael" a novel by Daniel Quinn. It will literally change your life.
Corruptissima re publica plurimae leges.
Corruptissima re publica plurimae leges.
- Hostrauser
- Support Staff
- Posts: 7984
- Joined: Tue Oct 29, 2002 6:46 am
- Location: Milwaukee, WI
- Contact:
- The Aceman
- Support Staff
- Posts: 3599
- Joined: Thu Oct 30, 2003 12:58 pm
- Location: Escondido, Ca
- Contact: