Redirect Virus on Mac (Searchdiscovered)

Discussion in 'Mac Basics and Help' started by lazeinadream, Jul 27, 2011.

  1. lazeinadream macrumors newbie

    Joined:
    Jul 14, 2011
    #1
    Hey all -

    I've done some research and can't figure out how to get rid of (what I'm pretty sure is) a virus on my Mac (10.4.11). This is the first!

    On certain websites I'm being redirected to a different URL. I'm being routed via "SearchDiscovered.com" which I hope can help you out with this diagnosis. Also, in accessing a normal website like "facebook.com" I'm occasionally being told I don't have an SSL connection (which is out of the blue and usual.)

    I'm happy to provide any further information for you. I've got ClamX Virus Scan which hasn't detected anything, but clearly something's up.

    Thanks!
     
  2. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #2
    Please consult the part called Why am I being redirected to other sites? in the following FAQ, please:

    Mac Virus/Malware Info by GGJstudios
    There are currently no viruses for Mac OS X in public circulation, only a handful of trojans and other malware, which have to be installed manually via entering the administrator password.
    The only anti-virus you need to protect your Mac is education and common sense.
     
  3. lazeinadream thread starter macrumors newbie

    Joined:
    Jul 14, 2011
    #3
    Thanks for the quick reply, but this doesn't quite get me to an answer.

    Posting OpenDNS or Google DNS addresses looks like a temporary fix to me. I should mention that looking in both my Router and current DNS settings in "System Preferences"/"Network" there are NO unusual DNS configurations or proxies.

    I'd like to understand what's behind this behavior on my computer. Ok, so it's not a "virus" - but it's still some infiltration of programming that shouldn't be there... I want to get to the source.

    Help?

    Thanks again.
     
  4. GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #4
    No, it's not a temporary fix. It's a permanent fix. You can use other trusted DNS servers, but the Google and OpenDNS servers are a safe bet and perform well. There is no "infiltration programming" at work here. Just choose good DNS servers and your problem is permanently fixed.
     
  5. lazeinadream thread starter macrumors newbie

    Joined:
    Jul 14, 2011
    #5
    Thanks again, and I realize that will fix the specific issue I'm having indefinitely. But I don't consider that a wholesome fix.

    • Why did the redirection start happening in the first place?
    • What's causing it to do that?
    • If you say there's no "infiltration programming" then what would have caused this? If you don't want to call it a virus, we can call it "malware" or something else. Nevertheless, it's something.

    Presumably, therefore, there's something still living in my system - but it will be "disabled" by your suggested DNS re-route.

    Anyone know what's going on here?

    Thanks.
     
  6. Nermal Moderator

    Nermal

    Staff Member

    Joined:
    Dec 7, 2002
    Location:
    New Zealand
    #6
    That's not good advice; changing DNS servers can cause other issues such as slow downloads. I've seen this first-hand.

    For example, if I use Google DNS then watch a YouTube video, it will grab the video from a US server instead of the NZ mirror, which is noticeably slower. It's easily fixed; once I swap back to my ISP's servers then the NZ mirrors will kick in again.

    Sure, some sites/mirrors look at your IP address, but picking the "wrong" DNS servers will cause trouble for anything using DNS-based geolocation.
     
  7. GGJstudios, Jul 28, 2011
    Last edited: Jul 28, 2011

    GGJstudios macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #7
    It's not malware of any kind. There's nothing "living in your system". The DNS servers you were using may have been compromised (which would have nothing to do with your computer), or you may have installed an app that modified the settings. At any rate, choosing new DNS servers is a complete fix and it's highly unlikely you'll ever experience this problem again.

    The only Mac OS X malware that exists in the wild consists of a handful of trojans that require that you actively install them, usually entering your admin password. As long as you're careful what software you install, malware is the least of your concerns on Mac OS X.
    It's not bad advice to recommend Google or OpenDNS to resolve the redirection issue. Certainly you can optimize your DNS server selections for performance with something like namebench, but that doesn't make Google or OpenDNS bad choices. They're safe choices, if not the fastest.
     
  8. waynep macrumors 6502

    Joined:
    Dec 31, 2009
    #8
    It is possible your DNS provider has been compromised. I use OpenDNS for my primary DNS service. I like it because of the filtering it provides and I don't notice a performance problem compared to my ISP DNS.
     

Share This Page