Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 6 subscribers
  • Views 4349 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

google redirect virus???

archaeoamy

For the last two days I have been unable to get on to google search and instead, get a warning that their certificate has expired (whether I type google.com or a word/phrase to search in the heading, I get the same response below; though I can get on to gmail).  When I click on continue, instead of going to the website, it gives a text error saying that it is unable to go to the url (google).  After several minutes it stops showing the error/certificate problem and goes to google as it is supposed to.  It happens several times throughout an hour of use, showing the identity warning/webpage error, then working again after several minutes.  After researching, I believe this may be a redirect virus that is targeting google users, but it's hard to tell.  I ran sophos av, but it didn't catch anything, though it did catch a few issues with adobe flash player.  

Does anyone know what's going on or how to fix it?  Below is a screenshot of what happens:

Screen Shot 2014-11-09 at 12.33.57 PM.png

When I click on continue it brings up an error page, saying there's a problem with the url.  When I go to my history to see if I can find the webpage that it brings up in the error, this is all that shows:  

An error occurred:
An internal error occurred: 5078606DFAF02.A32EAC5.C006165
:1019851


This thread was automatically locked due to age.
Parents
  • 0

    Hello archaeoamy,

    the certificate is the one from guzzoni.apple.com (aka Siri). Don't think a virus would gain much from redirecting your Google requests to Siri.

    When receiving the request intended for Google (which is sent when you click Continue) the Siri server drops the connection (which is expected). The question is why Safari goes to the wrong address. I'd open a Terminal window and when the certificate error occurs check the name resolution with the following commands:

    host -v www.google.com

    host -v guzzoni.apple.com

    (for a quick test omit the -v switch, if the same addresses are displayed in both responses repeat the commands with the switch). If you are unfamiliar with host feel fre to post the results here.

    Christian 

       

    :1019853
Reply
  • 0

    Hello archaeoamy,

    the certificate is the one from guzzoni.apple.com (aka Siri). Don't think a virus would gain much from redirecting your Google requests to Siri.

    When receiving the request intended for Google (which is sent when you click Continue) the Siri server drops the connection (which is expected). The question is why Safari goes to the wrong address. I'd open a Terminal window and when the certificate error occurs check the name resolution with the following commands:

    host -v www.google.com

    host -v guzzoni.apple.com

    (for a quick test omit the -v switch, if the same addresses are displayed in both responses repeat the commands with the switch). If you are unfamiliar with host feel fre to post the results here.

    Christian 

       

    :1019853
Children
No Data
Unfiltered HTML