Probable Flashback malware problem

Discussion in 'macOS' started by jbarnes, Apr 1, 2014.

  1. jbarnes macrumors newbie

    Joined:
    Sep 30, 2012
    #1
    I hope someone can help with this. I’m having a problem with what seems like a piece of malware, but which is behaving in way that’s very hard to understand.

    My Macbook is on Mountain Lion. I work across two wifi systems, one at home, one at work. The home one is new (to me – I didn’t set it up), as I’ve recently moved house.

    A week or so after moving to the new house I started to get what looks like Flashback popping up in my browsers (I’ve tried with different browsers – it affects both Chrome and Firefox). It blocks access to some sites such as YouTube and Google Books, and generally makes the browsers difficult to use. It’s extremely frustrating.

    I’ve run the Terminal test described here, as well as the test on flashbackcheck.com. Both say the computer is clean.

    Since Flashback, most of the tools related to it and media stories about it date from 2012, at first I just thought that I had caught a new version of Flashback which evaded the tests. Perhaps that’s the case. But here’s the odd thing: on the work wifi, the computer behaves normally – I have no problems accessing anything I want. The malware is a problem only at home. Over roughly the last week, that’s been the clear pattern.

    Can anyone explain what’s happening? How can I remove a piece of malware that I appear to have, but which the tests say I don’t? And why would its behaviour be affected by which wifi I’m using?

    Thanks in advance.
     
  2. Weaselboy Moderator

    Weaselboy

    Staff Member

    Joined:
    Jan 23, 2005
    Location:
    California
    #2
    If you are on Mountain Lion and you have been doing software updates, you don't have Flashback. ML was patched to stop Flashback quite sometime ago.

    It sounds more like something to do with your router and wifi setup at home.

    Can you change the DNS settings in the home router to the OpenDNS DNS servers below?

    Code:
    208.67.222.222
    208.67.220.220
    If you cannot do that, try setting the OS X DNS servers to the OpenDNS servers.
     
  3. jbarnes thread starter macrumors newbie

    Joined:
    Sep 30, 2012
    #3
    OK, I've changed the OSX DNS servers as suggested. It seems to have fixed the problem, but I'll have to keep an eye on it over the next while to be sure.

    Thanks very much for your help.
     

Share This Page