Forums
New posts
Articles
Product Reviews
Policies
FAQ
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Menu
Log in
Register
Install the app
Install
Forums
Apple Computing Products:
macOS - Desktop Hardware
Help! How do I change my DNS server settings on router?
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Feisty411" data-source="post: 1421418" data-attributes="member: 259222"><p><strong>All sorted now!</strong></p><p></p><p>Oh finally!! Sorted!</p><p>I didn't need to do anything with my cable modem/router in the end.</p><p></p><p>I'd like to thank everyone for their advice and help on this. It was much appreciated. In the end it was using crontab that did it for me and in case anyone new has a problem with this in the future, this was the process:</p><p></p><p></p><p>Go into Utilities in Applications and open the <strong>Terminal</strong> app</p><p>Type <strong>cat /etc/resolv.conf</strong> to check what servers you have</p><p>To delete the rogue servers from here type <strong>sudo nano /etc/resolv.conf.</strong></p><p><strong>Enter your password.</strong></p><p><strong>Delete rogue servers.</strong> You have to scroll with your cursor to get to the end of the line and then delete from there.</p><p>Press <strong>Control - O</strong> to write out and save changes</p><p>Press <strong>Control - X</strong> to exit.</p><p>Restart machine.</p><p></p><p>This actually didn't work for me personally. So after more searching, help and advice, I got this process:</p><p></p><p>Go into <strong>Terminal</strong></p><p>Type <strong>sudo crontab -l</strong> (That's the letter ell) This shows what entries are in the directory. In mine, the malware script showed up as <strong>/Library/Internet Plug-Ins/QuickTime.xpt</strong>. If you have more than the malware entry in there, you will want to edit and delete. To do this for a single line:</p><p>Type <strong>sudo crontab -e.</strong> Use arrow key to navigate to line. I scrolled to end of line.</p><p>Type <strong>dd</strong> to delete the line</p><p>Type <strong>wq</strong> and press Return to write out the file and quit.</p><p></p><p>I had only the one entry and that was the malware script so I was able to use <strong>sudo crontab -r</strong> which will delete everything in there, so you have to be careful with it. After that I also flushed the cache. For <strong>Tiger</strong> you go into <strong>Terminal</strong> and type <strong>lookupd -flushcache</strong>. This is like a reset. Two extra servers showed up and I assume they are the original servers that were there - which means that when I called my ISP to ask for the servers they used, they gave me 2 different ones from the original. Whatever.</p><p></p><p>I restarted my machine and the google alert was gone. I checked out the site that tells you if you're still 'infected' and the background was green. I'm clear.</p><p></p><p>Thanks everyone!</p></blockquote><p></p>
[QUOTE="Feisty411, post: 1421418, member: 259222"] [b]All sorted now![/b] Oh finally!! Sorted! I didn't need to do anything with my cable modem/router in the end. I'd like to thank everyone for their advice and help on this. It was much appreciated. In the end it was using crontab that did it for me and in case anyone new has a problem with this in the future, this was the process: Go into Utilities in Applications and open the [B]Terminal[/B] app Type [B]cat /etc/resolv.conf[/B] to check what servers you have To delete the rogue servers from here type [B]sudo nano /etc/resolv.conf.[/B] [B]Enter your password.[/B] [B]Delete rogue servers.[/B] You have to scroll with your cursor to get to the end of the line and then delete from there. Press [B]Control - O[/B] to write out and save changes Press [B]Control - X[/B] to exit. Restart machine. This actually didn't work for me personally. So after more searching, help and advice, I got this process: Go into [B]Terminal[/B] Type [B]sudo crontab -l[/B] (That's the letter ell) This shows what entries are in the directory. In mine, the malware script showed up as [B]/Library/Internet Plug-Ins/QuickTime.xpt[/B]. If you have more than the malware entry in there, you will want to edit and delete. To do this for a single line: Type [B]sudo crontab -e.[/B] Use arrow key to navigate to line. I scrolled to end of line. Type [B]dd[/B] to delete the line Type [B]wq[/B] and press Return to write out the file and quit. I had only the one entry and that was the malware script so I was able to use [B]sudo crontab -r[/B] which will delete everything in there, so you have to be careful with it. After that I also flushed the cache. For [B]Tiger[/B] you go into [B]Terminal[/B] and type [B]lookupd -flushcache[/B]. This is like a reset. Two extra servers showed up and I assume they are the original servers that were there - which means that when I called my ISP to ask for the servers they used, they gave me 2 different ones from the original. Whatever. I restarted my machine and the google alert was gone. I checked out the site that tells you if you're still 'infected' and the background was green. I'm clear. Thanks everyone! [/QUOTE]
Verification
Post reply
Forums
Apple Computing Products:
macOS - Desktop Hardware
Help! How do I change my DNS server settings on router?
Top