URGENT - DNS Virus??

RavingMac

Well-known member
Staff member
Moderator
Joined
Jan 7, 2008
Messages
8,303
Reaction score
242
Points
63
Location
In Denial
Your Mac's Specs
16Gb Mac Mini 2018, 15" MacBook Pro 2012 1 TB SSD
After 2 weeks of endless trial and error I had given up on hope of finding a solution to the problem and began digging a grave for my macs when all of a sudden the problem magically corrected itself.

This leaves me even more stumped as to what the cause (or solution) of the problem was.

I made no recent changes to my network or system settings that would have been responsible for fixing the problem. Just magically out of the blue both of my PPC machines began allowing access to the sites that would previously timeout.

Maybe something they did on their end, but would have to be common to multiple sites?

Regardless, glad to see things are working out for you.
 
OP
M
Joined
Jun 18, 2012
Messages
13
Reaction score
0
Points
1
Yea I was thinking that it might be related to something on their end for the following reasons.

- This started happening the exact day that the ivp6 was switched on

- Right around the same time my browser required a Flash update that I am unable to install (thanks to the abandonment of the PPC platform).

- It all started with Facebook and then 2-3 days later, Google, Bing, Yahoo, YouTube, and a handful of other sites all were inaccessible

Maybe it was, in fact, something that was corrected on their end or related to ipv6....? Yet, that wouldn't really explain why jlundberg still has the issue.....

A Whole New Version Of The Internet Is About To Be Switched On - Business Insider
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
Pleased to hear that your problems are gone master.00. I am still without any solution to this and it is surely driving me mad. I have the workaround to get to google by using one of their IP numbers directly but it seems more and more sites are getting in the zone of not getting pass the DNS and getting their IP numbers is always a nuisance and sometimes also not possible.

I have tried all sorts of solutions, looked at host files, cleared all caches, turned off IPv6 etc etc. but still nothing that helps.

My first thought was that I had got this flash trojan (since I am a developer and among other things also uses Flex 4.6 I thought that I by mistake had installed some dirty flash version) but investigation shows me I am clean of that.

I can not really remember what could have been installed when this problem first occured to me. I am not thinking if this may be caused by some of the many VPN tools I am using (I am really desperate for a solution and trying to grab every little thing I can).

If I haven't already stated that, I am using OSX 10.6.8 (switching to Lion is not an option since I need to be able to have some developer tools to support older systems). The error I get in Safari is the following
Safari can't open the page.
Safari can't open the page "http://www.youtube.com/" because the server
unexpectedly dropped the connection. This sometimes occurs when the server
is busy. Wait for a few minutes, and then try again.

No error is seen in the error console and the loading of the site (in this case youtube.com) can be seen in the attached screen shot.

The error I get in FF is
The connection was reset
The connection to the server was reset while the page was loading.
The site could be temporarily unavailable or too busy. Try again in a few
moments.
If you are unable to load any pages, check your computer's network
connection.
If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.


Still some sites are ok and mac-forums is one so I am still above the surface :)
If anyone has anything, please let me know!!!

Screen shot 2012-06-27 at 10.52.00.png
 
OP
M
Joined
Jun 18, 2012
Messages
13
Reaction score
0
Points
1
For information, if a site that I can not access (e.g. Google) has a https counterpart (i.e. https://www.google.com) the secure site is perfectly ok to browse to (same with youtube.com etc).

Can you access facebook?

Facebook worked for me about 2 days ago but now I can no longer access it. Though, I don't have a problem with any of the other sites that previously caused problems.

Have you tried using Opera to see what happens? I was unable to test because it does not support my system architecture.
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
Can you access facebook?

Facebook worked for me about 2 days ago but now I can no longer access it. Though, I don't have a problem with any of the other sites that previously caused problems.

Have you tried using Opera to see what happens? I was unable to test because it does not support my system architecture.

No, facebook is not accessible. And when going to download Opera I also found out that the main hub in Sweden (sunet.se) neither is accessible, I had to find out the IP to their site and enter that directly in cyberduck to be able to get anything from sunet.

After downloading Opera I have tried it but with the exact same result as with any other browser I have tried, see screen shot below.

Screen shot 2012-06-29 at 09.21.35.png
 
OP
M
Joined
Jun 18, 2012
Messages
13
Reaction score
0
Points
1
I couldn't test Opera because it's not supported by my platform.

Try and goto one of the oldversion sites and download an old version of netscape.

I used v7.2 and was able to access the blocked sites which didn't work in Firefox or Safari.

If that works for you then that might help to narrow down what the cause of the problem might be.
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
Netscape 7.2 works

master.00, you were right. I have made the following tests

Netscape version 7.1: NOT OK (same error as with all other browsers)
Netscape version 7.2: OK!
Netscape version 9: Crashes every time I try to start it with the following error
Code:
Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x00000000c9e58959

So version 7.2 of Netscape works! So why is this then? Could it be that Netscape 7.2 uses the Mac's own DNS system (which is used by the network utility app etc which works fine to lookup the host names)?
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
Problem away

Finally everything seems to work ok now... I went through the startup items, launch agents and launch daemons and removed the ones seen below (which caused the problem is not analyzed further).

The files I removed

/Library/LaunchAgents
  • com.adobe.AAM.Updater-1.0
  • com.adobe.CS5ServiceManager
  • com.cisco.anyconnect.gui
  • com.logmein.hamachimb
  • com.teamviewer.teamviewer_desktop
  • com.teamviewer.teamviewer

/Library/LaunchDaemons
  • com.bresink.system.securityagent
  • com.bresink.system.tinkertoolstartupsound
  • com.cisco.anyconnect.vpnagentd
  • com.equinux.VPNTracker6.agent
  • com.logmein.hamachi
  • com.microsoft.office.licensing.helper
  • com.sophos.autoupdate
  • com.sophos.intercheck
  • com.sophos.notification
  • com.teamviewer.teamviewer_service
  • com.vmware.launchd.vmware
  • PitStopServerWatchdog

/Library/StartupItems
  • BRESINKx86Monitoring
  • FanControlDaemon
  • Fantom
  • Oplmgr


~/Library/LaunchAgents
  • com.akamai.single-user-client
  • com.apple.FolderActions.enabled
  • com.apple.FolderActions.folders
  • com.vemedio.Snowtape.RadioAgent
 

RavingMac

Well-known member
Staff member
Moderator
Joined
Jan 7, 2008
Messages
8,303
Reaction score
242
Points
63
Location
In Denial
Your Mac's Specs
16Gb Mac Mini 2018, 15" MacBook Pro 2012 1 TB SSD
I have been following this thread with interest (and limited comprehension). ;)

Glad you appear to have nailed down your problem. Also interesting that it appears (at least to me) to result from Adobe, Microsoft and AV addons.
 
OP
M
Joined
Jun 18, 2012
Messages
13
Reaction score
0
Points
1
Well, Google, Yahoo, Youtube are once again inaccessible for me. Facebook is still remains inaccessible.

I can assure you the problem has nothing to do with those library files.
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
master.00, are you able to run the internal network utility without any issues pinging the host names etc? Can you for example run 'host google.com' in your terminal?

Are you using Airport or Ethernet (or other?), if you are Airporting, is the problem also visible on Ethernet cable?

Now when the problem re-occured, how is your current IPv6 setting? (mine is still set to off now).

Are you (as myself) using a lot of VPN connections? I have found that some of them sometimes locks the network (again, they would lock the WHOLE network, not just single hosts so this should really have nothing to do with it but since I know the frustration I try to keep any lead open).
 
Joined
Aug 15, 2011
Messages
373
Reaction score
1
Points
18
Your Mac's Specs
Early 2011 13 inch MacBook Pro i5 with 8gb of Ram
master.00, are you able to run the internal network utility without any issues pinging the host names etc? Can you for example run 'host google.com' in your terminal?

Are you using Airport or Ethernet (or other?), if you are Airporting, is the problem also visible on Ethernet cable?

Now when the problem re-occured, how is your current IPv6 setting? (mine is still set to off now).

Are you (as myself) using a lot of VPN connections? I have found that some of them sometimes locks the network (again, they would lock the WHOLE network, not just single hosts so this should really have nothing to do with it but since I know the frustration I try to keep any lead open).
I think my friend has the same problem and he was using ethernet.
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
I think my friend has the same problem and he was using ethernet.

Can you check what items he has in his startup (agents and daemons, both system and user library), disable them (by moving them so you may put them back) and restart to see if it solves the problem.

Is your friends symptoms the exact same (where only some addresses are inaccessible)?
 
Joined
Aug 15, 2011
Messages
373
Reaction score
1
Points
18
Your Mac's Specs
Early 2011 13 inch MacBook Pro i5 with 8gb of Ram
Can you check what items he has in his startup (agents and daemons, both system and user library), disable them (by moving them so you may put them back) and restart to see if it solves the problem.

Is your friends symptoms the exact same (where only some addresses are inaccessible)?
Yes. Try changing settings of your browser. Go to the wrench at the top right corner of Google Chrome. Then click on Settings then advanced and change network stuff.
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
Yes. Try changing settings of your browser. Go to the wrench at the top right corner of Google Chrome. Then click on Settings then advanced and change network stuff.
macuser1232, I'm not sure I am quite with you here...

>> Yes. Try changing settings of your browser.
My problems are solved, I have no issues anymore. Do you mean that if your friend is changing his settings, this problem disappears?

>> Go to the wrench at the top right corner of Google Chrome. Then click on Settings then advanced and change network stuff.
Does this settings change make your friends browser act differently? Has he tried any other web browser (i.e. could this be related to Google Chrome in his case?)
 
C

chas_m

Guest
I would bet good money that jlundberg's problems were solved by removing the so-called "anti-virus" software. I wonder if Macuser1232 has any such software on their machine ...
 
Joined
Jun 21, 2012
Messages
11
Reaction score
0
Points
1
Location
Sweden
I would bet good money that jlundberg's problems were solved by removing the so-called "anti-virus" software. I wonder if Macuser1232 has any such software on their machine ...

I would agree with you chas_m. The only thing speaking against that is the fact that I installed the Sophos after I got the first problems (just to scan and double check my drives).
 
OP
M
Joined
Jun 18, 2012
Messages
13
Reaction score
0
Points
1
master.00, are you able to run the internal network utility without any issues pinging the host names etc? Can you for example run 'host google.com' in your terminal?

Are you using Airport or Ethernet (or other?), if you are Airporting, is the problem also visible on Ethernet cable?

Now when the problem re-occured, how is your current IPv6 setting? (mine is still set to off now).

Are you (as myself) using a lot of VPN connections? I have found that some of them sometimes locks the network (again, they would lock the WHOLE network, not just single hosts so this should really have nothing to do with it but since I know the frustration I try to keep any lead open).


The problem is kind of at an intermediary state as I can now access Google but its exceptionally slow.

As I said I have 2 machines with the identical problem (one ethernet one wireless). If one machine has the problem, they both have it.

This is how I determined that it likely has nothing to do with system files as I cleared system files on one machine but not the other and the problem persists on both.

I can ping the host names and can still access the sites in Netscape 7.2.

I also installed Sophos after the problem occurred and only on one machine so again I dont think its the system files.

Still scratching my head and investigating other possibilities.
 
Joined
Sep 24, 2012
Messages
1
Reaction score
0
Points
1
Thank you for the list of library files that you deleted. I have been trying to find an answer to this same problem for over a month on 2 MacBook Pro laptops running 10.5.8. When I saw your list, the Cisco AnyConnect stood out for me. I deleted just those two files and I am able to connect to Yahoo and Google properly on the 2 laptops. Thank you again!
 

Shop Amazon


Shop for your Apple, Mac, iPhone and other computer products on Amazon.
We are a participant in the Amazon Services LLC Associates Program, an affiliate program designed to provide a means for us to earn fees by linking to Amazon and affiliated sites.
Top