• Announcements

    • AdvancedSetup

      Support Alert - Hurricane Irma   09/08/2017

      Due to weather in the South East United States response times may be delayed. We appreciate your patience and understanding.  

Multz

Members
  • Content count

    3
  • Joined

  • Last visited

About Multz

  • Rank
    New Member
  1. Hi, thanks for your thoughts! This seems unlikely to me though, bc I had been using this wifi network for a month already before unusual behaviour appeared. No problems loading the same sites prior to that. Anything else it could be?
  2. *cross-posting from BleepingComputer forums. I didn't get any replies there for 5 days, I hope someone here may be willing to help.* I'd be grateful for some advice on my situation. I'm using Mac OSX 10.8.5 (I know I need upgrade as soon as I poss, currently travelling). I starting seeing "connection not secure" browser error dialogue when trying to open facebook, instagram, skype. But opened my bank's portal no problem. Same behaviour in FF, Chrome and Safari. Sometimes it would redirect and display an OpenDNS error page instead. I couldn't pick a pattern for why. Google search started prompting me to verify that I'm human. The problem disappeared when I found and removed OpenDNS addresses from my DNS settings. But prior to that I had taken a bunch of steps (listed below). Subsequently I've removed Spigot adware from my system. Now I'm not sure if I'm vulnerable to a MITM attack? Or is the problem is resolved? In particular, I'm not sure how the OpenDNS addresses got added to my DNS settings. Could it be the Spigot adware? Or should I be looking for something else? Steps I've taken: Checked that pages that produced the "not secure" error load with my phone and a different computer on the same wifi network - they do. So not a router issue Timezone, date and time are synced with Apple servers Updated Java Disabled all browser plugins Firefox, browser I use every day - cleared cache and offline files scan with clamxav (2016 version, updated definitions, no infection found) scan with knock-knock (current ver, no infection found) At this point I found OpenDNS addresses and removed them. scan with Avast 12.5, found and removed searchme@mybrowserbar.com.xpi Spigot-O "YahooEngine.xml" Several Spigot files already sitting in Malwarebytes "removals" folder Checked for Avast CA untrusted certificate in KeyChain - not present (but Avast is using MITM, switching in its own trusted certificate) Downgraded anti-malware bytes to 1.2.4 (1.2.5 requires OSX 10.9 or later, apparenty), found and removed "adware.Spigot" I'd appreciate some help on this! Many thanks