Page 1 of 3 123 LastLast
Results 1 to 15 of 40
  1. #1


    Member Since
    Jun 18, 2012
    Posts
    13
    Exclamation URGENT - DNS Virus??
    I have 2 PPC's running 10.5.8 and just recently encountered a strange problem a couple days ago.

    Every time that I try and visit a popular website (ie. Google, Bing, Yahoo, etc.) it takes an extremely long time to load (approx 5 minutes). Eventually the site does load after a very long time which I have concluded to be a DNS problem (where the primary DNS times out and finally the secondary loads).

    All other sites load fine (as long as they are not using any scripts from the blocked sites).

    I have come to the conclusion that I have contracted some sort of DNS virus that is intentionally blocking these sites as the problem only occurs on my Mac.

    These sites load fine on my network when I am using my iPhone or my PC so the problem is specifically with my PPC macs and not my router or network settings.

    I have tried changing the DNS servers to a handful of different DNS settings and it does not make any difference, the sites are still not loading.

    I am completely stumped on how to fix this problem and have not been able to find any solutions.

    Does anyone have any idea on how to fix this problem? It is causing major problems for my workflow as I cannot access these essential sites.

    Any help would be greatly appreciated.

  2. #2

    chscag's Avatar
    Member Since
    Jan 23, 2008
    Location
    Fort Worth, Texas
    Posts
    48,840
    Specs:
    Late 2013 27" iMac, iPad 3, iPhone 6s+, iPhone 6+, 3 iPods, El Capitan
    There are no DNS viruses so that's not the problem. And even if there were a DNS virus, it would have infected your PC not the Mac.

    Try changing your DNS servers to either OpenDNS or Google Public DNS:

    In Leopard... open System Preferences, Network. Click on WiFi or Ethernet whichever you're using, then click on the Advanced button. Click on the DNS tab.

    You should see an address that's grayed out. Ignore it. Enter these two addresses by clicking on the small + sign below.

    8.8.8.8.
    8.8.4.4.

    Those are the addresses for Google Public DNS, primary and secondary. Exit System Preferences, reboot your router and the machine.

  3. #3


    Member Since
    Jun 18, 2012
    Posts
    13
    thanks but I clearly stated that I have already tried a handful of different DNS settings. Ive tried Google and about a half dozen other DNS addresses including a list from my own ISP.

    That is not the problem. If it was, then my whole network would be experiencing the issue. As I mentioned, it's only my PPC macs.

    I am about 99.9% certain that this is being caused by a virus. A virus would not effect my PC as it would only effect the computer in which it was contracted on.

    Its no coincidence that it's ONLY the popular sites that are being effected.

  4. #4

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by master.00 View Post
    I am about 99.9% certain that this is being caused by a virus. A virus would not effect my PC as it would only effect the computer in which it was contracted on.
    Viruses are self-replicating - by design, they are meant to infect multiple machines on accessible networks.

    How did you determine that this was a DNS issue? You mention that you're confident that this is the case. I ask because DNS lookups are relatively quick and if one fails, your Mac won't hang around waiting for the first one to fail multiple times. Second, if the problem persists with different addresses, it's probably not the DNS settings. If the problem had gotten worse (or the situation had gotten better) with a different set of DNS servers, I'd be inclined to agree with you. However, since the problem didn't change, I'm lead to believe that the problem isn't DNS related.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  5. #5


    Member Since
    Jun 18, 2012
    Posts
    13
    I am confident that its a virus and it is my assumption that it is a DNS issue.

    I have had DNS problems in the past which mimicked the exact same behavior where sites would take a long time to load which was the result of a primary DNS timeout.

    However, in that situation it was ALL sites that were effected and it was on all machines on my network. A simple DNS switch solved the problems in that particular situation.

    However, in this case, it's just the popular sites that are effected (Google, Facebook, Yahoo) and it's just my PPC Mac's., Changing the DNS servers has not made any difference.

    Also, the day before this problem started I had visited a site that was giving off malware alerts.

    Though, I've scanned my machines and nothing was found.

  6. #6

    IvanLasston's Avatar
    Member Since
    Feb 26, 2010
    Location
    Rocky Mountain High, Colorado
    Posts
    2,116
    Specs:
    1.8 GHz i7 MBA 11" OSX 10.8.2
    It may not be a virus - but it may be a Trojan. The distinction is that a trojan - is like the trojan horse - you have to let it in for it to be a problem. Viri spread without any interaction. Anyway - there are any number of ways to hijack dns - first look at /etc/hosts and see if anything looks fishy there.
    Then look through this google search and see if anything sounds familiar.
    https://www.google.com/search?sugexp...=1101&bih=1004

    So it could be malware - but it probably isn't a virus.

  7. #7

    Germany_chris's Avatar
    Member Since
    Oct 31, 2011
    Posts
    283
    Quote Originally Posted by master.00 View Post
    I am confident that its a virus and it is my assumption that it is a DNS issue.

    I have had DNS problems in the past which mimicked the exact same behavior where sites would take a long time to load which was the result of a primary DNS timeout.

    However, in that situation it was ALL sites that were effected and it was on all machines on my network. A simple DNS switch solved the problems in that particular situation.

    However, in this case, it's just the popular sites that are effected (Google, Facebook, Yahoo) and it's just my PPC Mac's., Changing the DNS servers has not made any difference.

    Also, the day before this problem started I had visited a site that was giving off malware alerts.

    Though, I've scanned my machines and nothing was found.
    Then you have the first PowerPC virus , and it was created 7 years after the last PowerPC Mac shipped.
    Mac Pro 4,1 (Flashed to 5,1) W3570 3.2 Quad..48GB RAM..Gainward GTX 570 "Phantom."
    MacBook Pro 5,2..2.8Ghz C2D..8GB RAM..240GB Vertex +

  8. #8


    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    20,911
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    Quote Originally Posted by master.00 View Post
    I am confident that its a virus and it is my assumption that it is a DNS issue.
    I found the problem. It's you.

    You're flat-out wrong on the first count (there are ZERO mac viruses) and probably wrong on the second count as well (since changing DNS addresses didn't fix the issue).

    You will probably make more headway by questioning your assumptions -- or better yet, assuming nothing -- and re-approach the problem with an open mind.

    For example, have you looked at your hosts file lately? There is some DNS re-direct MALWARE (not viruses) that might cause such a problem. Maybe that is what's really going on. Ivan's a smart guy, he may very well have the answer there for you.

    Another possibility: a corrupt cache in your browser. I didn't see anything in your original post that indicated you had tried other browsers (or mentioned which browser you're using for that matter). So there's a possibility of that.

    I don't know what the problem is, I'm just offering a couple of new approaches to help you find out what the real problem. Sticking to a discredited theory isn't going to help.

  9. #9


    Member Since
    Jun 18, 2012
    Posts
    13
    It IS a cross-browser problem.

    though, if I use a proxy the sites load fine.

  10. #10


    Member Since
    Jun 18, 2012
    Posts
    13
    I've checked the hosts file and there is nothing suspicious or unusual in there.

    I'm really stumped here as to what could be causing this! I've scanned with 4 different programs and nothing was found.

    This is really driving me crazy!

  11. #11

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by chas_m View Post
    I found the problem. It's you.
    This response was entirely unwarranted - there is no reason to pick on the OP because you disagree. Ease up on the abrasiveness.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  12. #12


    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    20,911
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    I'm not picking on the OP. I'm challenging him to look at the problem afresh.

    I'm genuinely sorry that I don't know what is causing his problem and I wish I could offer some solid help, but all I can do is suggest that he abandon the notions that have (clearly) not worked to resolve the issue.

    Next time I'll remember to put sufficient numbers of smiley faces where I intend to be light-hearted.

    Also, I take issue with your characterization of my post as "entirely" unwarranted. I offered three perfectly valid, helpful suggestions for new routes of investigation.

  13. #13


    Member Since
    Jun 18, 2012
    Posts
    13
    So, I found an old version of netscape and as it turns out, I can access google and all other sites using netscape.

    Safari and Firefox will not load the sites.

    I was able to ping the sites that are blocked in Firefox and Safari so it seems that the problem is that something is effecting those browsers in particular.

    I tried creating a new user account on my mac and was still unable to access those sites using Safari on the new account.

    Any ideas on what might cause this problem in Safari / Firefox but not netscape?

    I've been scratching my head for almost a week now and have found very little help here or elsewhere despite endless searching.

    I could really use some help here! ive done the following with no luck what-so-ever

    - scanned for trojans / virus
    - changed dns servers
    - checked host files
    - clear browser / system cache (manually / onyx)
    - created new system user
    - reinstalled browsers
    - ping / traceroute check

  14. #14

    RavingMac's Avatar
    Member Since
    Jan 07, 2008
    Location
    In Denial
    Posts
    7,913
    Specs:
    4GB Mac Mini 2012, 13" MBA, 15" MacBook Pro OSX 10.7, 32 GB iPhone 3GS, iPad2 64gb 3G
    I honestly have no real clue what is going on, but, assuming you have good backups have you tried doing a reformat and reinstall of the OS on one of the affected Macs to see if that gets rid of the problem?
    I've always wanted to be smart, handsome and modest. But, I guess I'll have to be satisfied with two out of three . . .

  15. #15

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    So, we can rule our DNS since those settings would affect every browser.

    Did you setup OS X to use a proxy server? Safari would use those and although Firefox has its own system, it defaults to using the system ones.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. DNS 8.8.8.8 or 8.8.4.4
    By zipboingarial in forum Internet, Networking, and Wireless
    Replies: 1
    Last Post: 03-20-2012, 07:52 AM
  2. Open DNS vs Google DNS
    By schweb in forum Internet, Networking, and Wireless
    Replies: 4
    Last Post: 07-29-2010, 08:04 AM
  3. DNS Issues - Open DNS works with Facebook - ISP DNS does not
    By David A in forum OS X - Operating System
    Replies: 3
    Last Post: 09-16-2009, 03:12 PM
  4. Virus scanner found virus...but I can't
    By JamesLJ in forum OS X - Operating System
    Replies: 4
    Last Post: 03-14-2009, 04:47 PM
  5. annoying and rare keyboard problem URGENT!! Virus!?
    By ErrorProne in forum Other Hardware and Peripherals
    Replies: 11
    Last Post: 07-26-2008, 04:56 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •