New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
OS X - Operating System General OS operation information and support

possible virus???


Post Reply New Thread Subscribe

 
Thread Tools
hooyeah123

 
Member Since: Jul 15, 2008
Posts: 18
hooyeah123 is on a distinguished road

hooyeah123 is offline
I'm getting a "Windows Internet Security" popup randomly in my browsers.
It's been happening in the last week or so.

First it only started in google chrome, now it's happening in safari. I have VMware fusion installed but haven't launched it in quite a while. I just restored both my internal HDs with snow leopard install disks.

any ideas?
QUOTE Thanks
Oneironaut

 
Oneironaut's Avatar
 
Member Since: Feb 23, 2009
Posts: 1,312
Oneironaut is just really niceOneironaut is just really niceOneironaut is just really niceOneironaut is just really niceOneironaut is just really nice
Mac Specs: 21" iMac * 2.8 Ghz Intel Core i7 * 16GB 1333 Mhz DDR3 * 1TB HD *AMD Radeon HD 6770M 512 MB

Oneironaut is offline
Sounds like a pop up ad. It's presuming you're using Windows and is trying to get you to go a site for one nefarious reason or another. It may be trying to get you to download a virus, but no Windows virus will affect your Mac.
QUOTE Thanks
chas_m

 
chas_m's Avatar
 
Member Since: Jan 22, 2010
Location: Victoria, BC
Posts: 16,412
chas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond reputechas_m has a reputation beyond repute
Mac Specs: 2009 MBP, Black speakers, Black Benq second monitor, black(ish) iPhone 5s, Black 2012 iPad, etc.

chas_m is offline
There aren't any viruses for Mac. It's a nefarious pop-up ad that Safari's built-in pop-up blockers can't stop. It's a scam, you just need to add a better adblocker to your browsers of choice.
QUOTE Thanks
hooyeah123

 
Member Since: Jul 15, 2008
Posts: 18
hooyeah123 is on a distinguished road

hooyeah123 is offline
Apparently this is a virus that infects routers and changes the DNS to route where it wants. My DNS server is greyed out in my network settings.

I downloaded ClamXav and wasn't able to update the definitions... it wasn't letting me connect. which made me very suspicious.

Apple - Support - Discussions - Microsoft windows threat of infection ...

Fake Windows Internet Security

http://www.suggestafix.com/index.php?showtopic=33650
QUOTE Thanks
Jaygray

 
Jaygray's Avatar
 
Member Since: Mar 04, 2008
Posts: 1,115
Jaygray is a jewel in the roughJaygray is a jewel in the roughJaygray is a jewel in the rough
Mac Specs: Unibody MacBook Pro 2.26, 4gb RAM, 500gb HD

Jaygray is offline
Most routers have a reset button that reverts them back to the original factory settings. It's usually a tiny button recessed inside a small hole on the back. You push it with the end of a paperclip. Resetting should undo whatever harmful changes were made. Be aware that you'll also lose any settings that you made when you initially setup the router. It will be exactly like it was it was when you first unwrapped it. You have have to configure it again.
QUOTE Thanks
hooyeah123

 
Member Since: Jul 15, 2008
Posts: 18
hooyeah123 is on a distinguished road

hooyeah123 is offline
I'm wondering how this happened in the first place?
How did my router become infected?
would it be from a site or an intruder on my network?

I have an old verizon DSL modem that I had the firmware flash upgraded back in 2009. I wonder if I'll have to reflash the firmware?
QUOTE Thanks
DarkestRitual

 
Member Since: Apr 09, 2009
Location: Ithaca NY
Posts: 2,073
DarkestRitual is just really niceDarkestRitual is just really niceDarkestRitual is just really niceDarkestRitual is just really nice
Mac Specs: 13 inch alMacBook 2GHz C2D 4G DDR3, 1.25GHz G4 eMac

DarkestRitual is offline
Well, judging by the fact that you are not alone, I doubt it was somebody on your network. It probably broke your router's password by brute force attack using something that behaves like THC hydra or Brutus but attempts to log into your router instead.
QUOTE Thanks
DaFlake

 
Member Since: Jun 02, 2008
Posts: 709
DaFlake has a spectacular aura about

DaFlake is offline
OK folks... This is malware and has nothing to do with a virus for Mac or a router infection.

This Malware attacks windows machines by tricking people to click on it as it looks like it found viruses on your machine. The user then clicks the "fix it" icon and the program is downloaded and installed on the machine. It then sets the computer policies to block the user from opening control panel or killing the service which continually asks the user to pay to remove it.

More than likely the sites that you are visiting are infected and not your machine. As long as you don't install anything when it asks you, you will be ok.
QUOTE Thanks
DaFlake

 
Member Since: Jun 02, 2008
Posts: 709
DaFlake has a spectacular aura about

DaFlake is offline
Rogue Security Software | Fake Virus Alerts | Scareware
QUOTE Thanks
DarkestRitual

 
Member Since: Apr 09, 2009
Location: Ithaca NY
Posts: 2,073
DarkestRitual is just really niceDarkestRitual is just really niceDarkestRitual is just really niceDarkestRitual is just really nice
Mac Specs: 13 inch alMacBook 2GHz C2D 4G DDR3, 1.25GHz G4 eMac

DarkestRitual is offline
Yes, it's a scareware ad, but if you click the link on the Apple Support site and read you'll see that it is a DNS redirect if you actually follow the link. Just play it safe, don't click things that are blatant fakes, and you'll be fine.
QUOTE Thanks
hooyeah123

 
Member Since: Jul 15, 2008
Posts: 18
hooyeah123 is on a distinguished road

hooyeah123 is offline
well I'm not on a windows machine. I didn't download anything from it (why would I don't runs windows anti-virus) and it keeps popping up on different sites.

The network DNS numbers don't look anything like my old IP numbers, they are greyed out and won't let me change them, and it won't let me connect to ClamXav.

so keep saying it's all in my mind but something wacky is going on. alot of other people are getting it also, so it has to be something...
QUOTE Thanks
DaFlake

 
Member Since: Jun 02, 2008
Posts: 709
DaFlake has a spectacular aura about

DaFlake is offline
Yes, but for it to do the DNS redirect, you have to install it. Is it possible that they created a OSX version? Yep... Does it sound like you installed it? Yep...


Still, not a virus, just malware.
QUOTE Thanks
hooyeah123

 
Member Since: Jul 15, 2008
Posts: 18
hooyeah123 is on a distinguished road

hooyeah123 is offline
well rebooted/reset my router and now I can change my DNS without it changing back.
Downloaded the ClamXav updates, and am running a scan now.
we'll see what comes up.

thought I'd post in case any other mac users have this trouble, and are looking for possible solutions.
QUOTE Thanks

Post Reply New Thread Subscribe


« Backups 101 | Syncing folders from different computers? »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
Virus Myths appleXcore OS X - Operating System 9 10-21-2009 09:12 PM
the big virus question... jpfritz OS X - Operating System 10 09-23-2009 10:02 AM
Mac 10.x hosting Windows Virus' mtyoung400 OS X - Apps and Games 2 05-25-2009 11:27 PM
Virus in & formatting windows chriskwn Running Windows (or anything else) on your Mac 0 02-11-2009 04:59 PM
Stupid Windows Virus Matt Schweb's Lounge 15 08-02-2004 04:05 AM

All times are GMT -4. The time now is 08:22 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?