# Mac OS - Full screen pop-ups and redirects!



## silvertidee (Oct 28, 2010)

Hello TSF,
I have had a problem for a few weeks now and have not been able to resolve it. While browsing the web (no specific set of sites) after I click a link or just click on the screen somewhere, randow full screen pop-ups show behind my firefox window. They send me to such urls as "epoclick" "googleanalytics" etc. My normal browsing also seems slower since the problem has started. Recently certain tabs will be redirected to different "ad" sites as well...

No, I did not download a porn codec although I understand I must have screwed up somewhere along the way which bothers me more since I am the good one in the family with computers!

Fixes I have tried:
-reset my router info to default settings and created new wireless name and password
-Scanned with ClamX (no results)
-Erased ALL information in Safari and Firefox (cookies, history, etc)
-MacScan found nothing

On many other boards I have found that iAntivirus seems to solve this issue (possibly a trojan) for many people BUT since I am using OS X 10.4.11 I cannot use this program which requires at least 10.5.

This is a work computer for my home office which is why it is so important I fix it.

PLEASE HELP!!


----------



## sinclair_tm (Mar 11, 2005)

Do you have the Mac's built in firewall on? Have you uninstalled Firefox, telling it to remove everything, and tried it. Does it only happen when using Firefox, not Safari? Does it still happen when booted into safe mode, or logged on as a different user?


----------



## silvertidee (Oct 28, 2010)

Hello! Thanks for your reply. Yes my firewall is on and has been since day 1. It does happen in both browsers which is why I have not tried uninstalling firefox yet because I thought it had to be something else if it was affecting safari too. I will attempt safe mode and report back with my findings.


----------



## silvertidee (Oct 28, 2010)

Safe mode seemed to not be loading and so I just rebooted regularly and it took (no lie) a minimum of 10 minutes to boot, I actually think it was a bit longer.


----------



## sinclair_tm (Mar 11, 2005)

Something is really wrong if it took that long. I hate to say it, but the best thing for you to do is to dig out the latest OS installer you have, copy your important files to a DVD, and then reformat your hard drive and install the OS fresh, and be careful where you go on the web. Games and video sites can do this to you too.


----------



## silvertidee (Oct 28, 2010)

Hmm, that's not good news.

One more thing, I have had this macbook for over four years and have moved 3 times since getting it; I am not sure if and where I would still have the disc. Is there anyway to obtain one someone?


----------



## silvertidee (Oct 28, 2010)

2 Extra points to make.

Last night I ran Disc Util at the recommendation of a friend. It seemed to fix a good bit of things. Shut down at home this morning and brought computer to starbucks to see if all the issues would happen outside of home.

This time around computer took like a minute to boot up and (knock on wood) thus far I have not had any issues with the full screens or redirecting. If it doesnt happen at all could it still be my wireless router even though I had reset it to default and changed username/pass?

Will update when done at starbucks and say if it happened at all.


----------



## silvertidee (Oct 28, 2010)

UPDATE:

I worked online at starbucks for approx 1.5 hours. Nothing went wrong with internet. Now I am at my girlfriends testing and computer booted in under a minute and so far so good with internet. Since I have already reset the default on my router:

1)Do you think it is the router?
2)Should I just replace it?

Thanks!!


----------



## sinclair_tm (Mar 11, 2005)

Well, wait until you get home and try it there again to see what happens.


----------



## silvertidee (Oct 28, 2010)

I had used it at home this morning before going to starbucks and it was still having issues


----------



## Jaygyver (Nov 4, 2010)

Have you tried going to FireFox or Apples/Safari's website to see if they have any answers?
Apple/support/safari
http://support.mozilla.com/en-US/kb/Firefox+Help?style_mode=inproduct[url]http://support.mozilla.com/en-US/kb/Firefox+Help?style_mode=inproduct[/URL]

The Mac OS is extremely solid, BUT, it's not bullet proof.
I don't know if you leave it on at night or turn it off/put it to sleep but the OS has a daily(?), weekly, and monthly maintenance schedule that runs in the early morning (3:00?AM), (it runs in the background), and sometimes after a crash, or what it thinks was a crash or such, it will also do a minor maintenance check during boot up so between the two after you had an issue with rebooting it into safe mode it probably did everything at one time. 

You might also try making another "Test" account and log into that one whenever you have a problem like that and see if you have the same issues. That usually will tell you if it's an account problem, (programs having issues, etc,) or a system problem. (computer crashing, programs crashing, etc).

Also, there really is no reason really to erase/reformat when you are only having a problem with your browsers, if the computer was crashing or having other issue's than maybe then. If you do find your OS disk then worst case scenario you could just do an "Archive and Install" and that will just re-install your operating system (OS) and leave the other programs and 3rd party stuff alone. Then just use the "Software Update" to finish up.

And before you do that, you might try one of the free/shareware/comercial system utility's that will do some of the normal maintenance and other stuff that you might need. 

Each Mac OS disk is SPECIFIC to that computer when you buy the computer, so do not borrow it from someone else UNLESS it's a full retail version, store bought. Unless you new someone with the EXACT computer you had you could have major issues! Usually the Grey ones are factory disk's so beware of e-bay and the like.

If you can't find your Mac OS disk then that tells me you haven't been keeping up with the maintenance of the OS. I think up to 10.4 it's still "suggested" to boot up to the Mac OS DVD to run "Repair Permissions" and at the same time you can run the "Repair Disk" as you can't "repair" the start up disk while booted to it.
I have an external hard drive I use for that purpose. I just install the Mac OS onto that one, along with DiskWarrior, etc, and keep it updated, and then I can reboot into the external and do all the maintenance on my normal disk. After 10.5 supposedly it's suggested you do the permissions on the fly as it were, while booted up normally. With each OS update it now changes the way permissions are used, so you would be using an out of date permission repair, but you still need to boot to another disk to do the "disk repair" tho.

The only two commercial ones I have is DiskWarrior and TechToolPro. I'm the computer "Geek" in my family also and they have been extremely helpful. If Apples "Disk Utility/Repair Disk" can't fix/repair the drive then these two will. Well, 99 percent of the time anyway.

As far as your router is concerned, unless you can't connect to the internet or have problems connecting to web sites, as in they won't open at all, or can't connect to another computer then it's usually not the router. All it does is pass the information to or from. The only time I've ever had problems is when we have had "Brown outs" or lost power then it's almost always the DSL modem I have to reboot but not very often with my router. You may see if the firmware is up to date just to make sure.

Just some things I've come across over the years, hope this helps....


----------



## silvertidee (Oct 28, 2010)

Thank you for the advice, I will try some of those steps.

As for the router; if it would not be the router how can it be explained that the problem happens at home but not when connected to the internet elsewhere?

Thanks so much.


----------



## Jaygyver (Nov 4, 2010)

Sorry, didn't read the part about you went home already. Did it work at your girl friends house. The browser?
Have you checked the firmware version at the manufacturer's site? When you went back to default, was it a "hard" reset? As in, using a paper clip, unplugging, etc, what ever the Manufacturer said for a hard reset. Some are different then others.
Can you use the girlfriends house or computer to try your router out? Either take your router to her if she has a computer, or her computer to you?
If your computer works at her house then yeah, it's probably the router. The routers are cheap now, you can buy a "N" name brand one for under $60, less if you shop around, but it would save $ if you don't need it.
It still won't explain the pop ups tho. You might just have two problems.


----------



## silvertidee (Oct 28, 2010)

Hey, thanks for the quick response. At both starbucks and my girlfriends, the internet works fine. By fine, I mean there are no pop-ups, redirects etc etc. I have read forums about dns changers getting into routers which is what I am wondering about with mine.

When I did a reset on my router I went through the internet and selected to reset everything and honestly it would not work at first so I had to input some data manually. I have heard of some routers having the small hole you can poke to reset it completely and was looking at mine today before I left to find one but was unsuccessful. There may still be one but maybe I just couldn't see it. Lastly, no I had not checked on the firmware, that is one solution I had not read about.


----------



## sinclair_tm (Mar 11, 2005)

I wouldn't just look at the router, but the modem as well. The modem is what passes the DNS information from your ISP to your router, which in turn passes it to your Mac. If you go home and still have the issues, open the network system preference pane and manually input Google's free DNS servers and see if the problem goes away. If it does, then I'd contact your ISP and inform them that there is an issue with a hijacked DNS. They should be able to check your modem and see if it's information is correct, and adjust it if not.


----------



## silvertidee (Oct 28, 2010)

UPDATE:

So issue continued at home. I attempted another full restore on the router, updated firmware and changed password BUT was unable to connect to the internet. Spent an hour on the phone with netgear tech guy who could not help me. Out of anger just went and got a new router and just set it up. Was able to connect and (so far) no issues. I will update again tonight after I have been connected for a bit.

If it ends up that it really was the router I am taking it out into a field and bashing it "Office Space" style.


----------



## sinclair_tm (Mar 11, 2005)

Just as long as no one else get hurts, enjoy taking out your frustrations. Glad to hear you found the culprit. I wonder why it was doing it though. I recommend also setting up the router to do wireless MAC address filtering. It's an added layer of protection from others using your internet. To find out what your wireless's MAC address is, open the network system preferences and click the advanced button. At the bottom of the window that lists all your saved wireless networks, there is an ID number. It'll be in the form 00:00:00:00:00.


----------



## kr4m (Jan 4, 2011)

Hello everyone, I hope someone still reads this post because I'm in deep chaos and this post is the most similar thing to my problem that I found on the web.

Well, almost one month ago I started experiencing popups from russian websites (ru-santa, moswar.ru and a popup that wants me to download agent.exe) which are not offensive (no porn), but really annoying.
I thought it was a problem with Win7, which is not so strange, so I decided to format my pc and I tried installing Linux (Ubuntu 10.10), being sure I would have removed the problem at its roots.
Well, I wouldn't be here if it was so.
The russian popups are still coming out, no difference if I use opera, firefox or chrome...they're still there.

So I started thinking it was a problem with the router (USR9108), which is strange because it is WPA2 protected, but it could happen...
I changed the router with my previous one (DLink DLS-G624M) and set the security and then tried connecting...you know what? Popups are still there.

One thing I noticed is I get popups ONLY in computers connected through LAN, while computers on WLAN are safe.

I switched back to USR9108 which I prefer, and I noticed that my log is full of "Intrusion....from ip:....", where with whois I found out that all ips are from Latvia, Russia, China....


Well, first of all sorry for my very scolastic english.

Secondly, do you have any idea?

The last thing that came in my mind is to ask my provider to change my static ip address, which seems to be under attack...I have no other ideas...
Thank you all


----------



## Shi_Canada (Jan 4, 2011)

It seems like your router is working normally, but the IP is rather having issue as being attacked as we speak. I would definitely recommend to contact ISP to refresh the Modem IP first before going any further.


----------



## Jaygyver (Nov 4, 2010)

I don't think it would be the router as much as probably a virus, malware, adware, etc, on the computer. The Web browsers try to do their best on "pop ups" but they don't keep up some times, hence the "pop unders", they do OK on the pop ups but they've moved onto other ways.

Running Window's, etc, your probably going to need to down load an "Anti-Adware" AND "Anti-Virus" programs to get rid of the problem now. (Which you should of already had by the way.)
Reformatting and RE-installing Window's (a fresh install, NOT reinstalling from a back up) "should" have helped but you could have the "malware" on a backup disk, thumb drive, etc, that you re-introduced again. 

I would definitely have your IP changed to be safe. And turn your firewall back on in your computer.
Don't forget to change your routers "Admin" and "password" from the stock one also.
Using WPA2 isn't bullet proof, so unless you have a really good password to go along with it, it won't be "that much" better. 

If you don't get much help here you might try re-posting your question in the Windows section, you might get more specific help there. This is more or less for the Mac.
Just "copy/paste" what you have here would be great.

Good luck...


----------

