google pages not loading - going to gone viral.com

Question

Level 1

6 points

google pages not loading - going to gone viral.com

Hi guys

I've been trying to load google since the start of my workday but all i'm getting is a whole of text to a website called gone viral.com. I'm using Safari and everything was working fine yesterday, i have not downloaded anything new or removed anything since yesterday. This is a copy of the text I'm getting when trying to load Google.

I have read some suggestions to reset the router and change networks but still the problem persists. I basically have to type in a webpages url for me to load anything..

Any suggestions would be appreciated.

Macbook Air YOSEMITE 10.10.1

"(function(){ var Linkbucks = { LinkId: "BXvnm", LinkType: 2, LinkTarget: 0, Exclusions: "", Frequency: 0, EncryptUrl: true, Domain:goneviral.com", LinkUrl: "http://www.goneviral.com/BXvnm", Outside: this, Init: function() { // Backwards compatibility if (this.LinkId == 0) { if (typeof this.Outside.lb_params != "undefined" && this.Outside.lb_params[0] != null) this.LinkId = this.Outside.lb_params[0]; else if (typeof this.Outside.uid != "undefined") this.LinkId = this.Outside.uid; if (this.LinkId != 0) this.AddScript("http://www." + this.Domain + "/WebServices/jsParseLinks.aspx?id=" + this.LinkId); return; } // Link does not exist if (this.LinkType == 0) return; // Attach to the click event on the document. This allows to support links created dynamically after script was run Linkbucks.AddEvent(document, "mousedown", function(e){ var anchor = Linkbucks.GetAnchorElement(e); if (anchor != null && !Linkbucks.IsExcluded(anchor)) { if (Linkbucks.LinkType == 3){ if (!anchor.boundPop){ Linkbucks.AddEvent(anchor, "click", Linkbucks.HandlePop); anchor.boundPop = true; } } else if (Linkbucks.Frequency == 0 || Linkbucks.Increment() <= Linkbucks.Frequency) { Linkbucks.HandleClick(anchor); } } }); }, HandlePop: function(){ if (Linkbucks.Frequency != 0 && Linkbucks.GetDisplays() >= Linkbucks.Frequency){ return; } Linkbucks.Increment(); var pop = new popUnder(Linkbucks.LinkUrl + '?r=' + encodeURIComponent(document.location.href), { name: 'ad_' + Math.floor(89999999 * Math.random() + 10000000), width: window.screen.availWidth, height: window.screen.availHeight, top: 0, left: 0 }); pop.open(); return; }, HandleClick: function(e) { if (this.LinkTarget == 1) e.target = "_top"; else if (this.LinkTarget == 2) e.target = "_blank"; var linkUrl = this.LinkUrl + "/url/"; if (this.LinkType == 4 || (this.LinkType == 2 && this.EncryptUrl)) e.href = linkUrl + this.ConvertToHex(this.Encode(e.href), ""); else e.href = linkUrl + e.href; }, IsExcluded: function(e) { var exclusionList = this.FormatExclusionsArray(this.Exclusions); exclusionList.push(this.LinkId, this.ConvertToUnicode(this.LinkId), this.ConvertToHex(this.LinkId, "%")); if (!this.StartsWith(e.href, new Array("http://", "https://"))) return true; if (exclusionList[0].length > 0 && this.MatchesWith(e.href, exclusionList)) return true; return false; }, AddEvent: function(target,eventName,handlerName) { if ( target.addEventListener ) { target.addEventListener(eventName, eval(handlerName), false); } else if ( target.attachEvent ) { target.attachEvent("on" + eventName, eval(handlerName)); } else { var originalHandler = target["on" + eventName]; if ( originalHandler ) { target["on" + eventName] = eval(handlerName); } else { target["on" + eventName] = eval(handlerName); } } }, AddScript: function(scriptUrl) { var s1 = document.createElement("script"); s1.type = "text/javascript"; s1.async = true; s1.src = scriptUrl; var s2 = document.getElementsByTagName("script")[0]; s2.parentNode.insertBefore(s1, s2); }, FormatExclusionsArray: function(items) { var exclusionList = items.split(","); var wildCardIndex = 0; for (i = 0; i < exclusionList.length; i++) { wildCardIndex = exclusionList[i].indexOf("*"); if (wildCardIndex > -1) { exclusionList[i] = exclusionList[i].substring(wildCardIndex+1); } exclusionList[i] = this.LTrim(this.RTrim(exclusionList[i])); } return exclusionList; }, GetAnchorElement: function(e) { if (!e) e = window.event; var srcElement = e.srcElement ? e.srcElement : e.target; do { if (srcElement.tagName == "A") return srcElement; if (srcElement.parentNode) srcElement = srcElement.parentNode; } while (srcElement.parentNode) return null; }, GetDisplays: function(){ var cookie = "lbfrequency"; var total = this.ReadCookie(cookie); return (total != null) ? total : 0; }, Increment: function() { var cookie = "lbfrequency"; var total = this.ReadCookie(cookie); total = (total != null) ? parseInt(++total) : 1; this.CreateCookie(cookie, total, 1); return total; }, CreateCookie: function(name, value, days) { if (days) { var date = new Date(); date.setTime(date.getTime()+(days*24*60*60*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; }, ReadCookie: function(name) { var ca = document.cookie.split(';'); var nameEQ = name + "="; for(var i=0; i < ca.length; i++) { var c = ca[i]; while (c.charAt(0)==' ') c = c.substring(1, c.length); //delete spaces if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length); } return null; }, ConvertToUnicode: function(value) { result = ''; for (i = 0; i < value.length; i++) { result += '&#' + value.charCodeAt(i); } return result; }, ConvertToHex: function(value, prepend) { var hex = ''; for (i = 0; i < value.length; i++) { if (value.charCodeAt(i).toString(16).toUpperCase().length < 2) { hex += prepend + "0" + value.charCodeAt(i).toString(16); } else { hex += prepend + value.charCodeAt(i).toString(16); } } return hex; }, StartsWith: function(str, e) { if (typeof e == "object") { for (_i = 0; _i < e.length; _i++) { if (str.toLowerCase().indexOf(e[_i].toLowerCase()) == 0) return true; } return false; } else return (str.toLowerCase().indexOf(e.toLowerCase()) == 0); }, MatchesWith: function(str, e) { if (typeof e == "object") { for (_i = 0; _i < e.length; _i++) { if (str.toLowerCase().indexOf(e[_i].toLowerCase()) > -1) return true; } return false; } else return (str.toLowerCase().indexOf(e.toLowerCase()) > -1); }, LTrim: function(str) { return str.replace(/^\s+/,''); }, RTrim: function(str) { return str.replace(/\s+$/,''); }, Encode: function(str) { var s = [], j = 0, x, res = '', k = arguments.callee.toString().replace(/\s+/g, ""); for (var i = 0; i < 256; i++) { s[i] = i; } for (i = 0; i < 256; i++) { j = (j + s[i] + k.charCodeAt(i % k.length)) % 256; x = s[i]; s[i] = s[j]; s[j] = x; } i = 0; j = 0; for (var y = 0; y < str.length; y++) { i = (i + 1) % 256; j = (j + s[i]) % 256; x = s[i]; s[i] = s[j]; s[j] = x; res += String.fromCharCode(str.charCodeAt(y) ^ s[(s[i] + s[j]) % 256]); } return res; } } Linkbucks.Init(); })();

MacBook Air, OS X Mavericks (10.9.4)

Posted on May 26, 2015 12:29 AM

Reply

Answer 1

Best reply

dominic23

Level 10

83,910 points

May 26, 2015 5:13 AM in response to Cool mba

Linkbucks.Init?

1. Force Quit .

Press command + option + esc keys together at the same time. Wait.

When Force Quit window appears, select Safari if not already.

Press Force Quit button at the bottom of the window. Wait.

Safari will quit.

2. Relaunch Safari holding the shift key down.

3. Turn off wifi and turn it back on.

Turn off Wifi. Click Wifi icon in the menu bar and select “Turn Wifi off”.

Visit another website.

You won’t have internet connection.

Turn on Wifi. Click Wifi icon in the menu bar and select “Turn Wifi on”.

Select your Network.

4. Safari > Preferences > Privacy

Cookies and website data:

Click “Details” button.

Remove all cookies except the ones from Apple, iCloud, your ISP and banks.

For.more info:http://www.thesafemac.com/eliminating-browser-redirects-and-advertisements/#more -753

Reply

Answer 2

Cool mba Author

Level 1

6 points

May 26, 2015 7:07 AM in response to dominic23

Hi Dominic

thanks for your time and response.

I have tried your suggestion, as well as read the article provided in your link in another thread here before i started this to check for possible solutions before starting a new thread.

Needless to say i'm still stuck with the same issue. if it helps, the only way i can access any website is typing https:// in the url, but any action afterward on the webpage redirects me to the dreaded gone viral / link bucks redirect😠

I'm on YOSEMITE 10.10.1 SAFARI 8.0.2 so will try updating to 10.10.3 tomorrow..

hope that makes a difference

Thanks again

Reply

Answer 3

Linc Davis

Level 10

209,547 points

May 26, 2015 9:51 AM in response to Cool mba

Your router has been hacked to direct DNS queries to a malicious server.

Follow the manufacturer's instructions to reset the router to the default state. Usually that involves inserting the end of a straightened paper clip or a similar tool into a pinhole somewhere in the back of the device, and pressing a switch inside for about 15 seconds. The pinhole may be marked "RESET."

Repeat the initial setup process. Make sure the router does not allow remote setup from the Internet (WAN port), if it has that feature—most do. The DNS servers should be set automatically by your ISP. If you still have trouble with those servers selected, contact your ISP.

Check the router manufacturer's website for a firmware update.

If you have a wireless network, it must be secured with WPA 2 encryption. The passwords for the network and the router must each be a string of at least 10 random upper- and lower-case letters and digits, and they should be different. Any password that you can remember is weak.

Reply

Answer 4

Cool mba Author

Level 1

6 points

May 27, 2015 6:41 AM in response to Linc Davis

Hi Linc

Thanks for the response. I tried your solution which i found on another thread here before i started a new one and it didn't work.

I've exhausted all options now from updating to yosemite to 10.10.3 to even restoring my MBA from a time machine backup to a point when the problem obviously didn't exist. Seen numerous youtube videos about deleting caches, launcher agents etc to no avail.

I've run various virus/adware programs such as Adware medic and AVG Antivirus, Clam xv to name a few and nothing shows up.

I forgot to mention that this does not happen to any other devices be it mine or other colleagues on the same network.

Thanks again for your time, much appreciated

Reply

Answer 5

Linc Davis

Level 10

209,547 points

May 27, 2015 7:03 AM in response to Cool mba

1. This procedure is a diagnostic test. It changes nothing, for better or worse, and therefore will not, in itself, solve the problem. But with the aid of the test results, the solution may take a few minutes, instead of hours or days.

The test works on OS X 10.7 ("Lion") and later. I don't recommend running it on older versions of OS X. It will do no harm, but it won't do much good either.

Don't be put off by the complexity of these instructions. The process is much less complicated than the description. You do harder tasks with the computer all the time.

2. If you don't already have a current backup, back up all data before doing anything else. The backup is necessary on general principle, not because of anything in the test procedure. Backup is always a must, and when you're having any kind of trouble with the computer, you may be at higher than usual risk of losing data, whether you follow these instructions or not.

There are ways to back up a computer that isn't fully functional. Ask if you need guidance.

3. Below are instructions to run a UNIX shell script, a type of program. As I wrote above, it changes nothing. It doesn't send or receive any data on the network. All it does is to generate a human-readable report on the state of the computer. That report goes nowhere unless you choose to share it. If you prefer, you can act on it yourself without disclosing the contents to me or anyone else.

You should be wondering whether you can believe me, and whether it's safe to run a program at the behest of a stranger. In general, no, it's not safe and I don't encourage it.

In this case, however, there are a couple of ways for you to decide whether the program is safe without having to trust me. First, you can read it. Unlike an application that you download and click to run, it's transparent, so anyone with the necessary skill can verify what it does.

You may not be able to understand the script yourself. But variations of it have been posted on this website thousands of times over a period of years. The site is hosted by Apple, which does not allow it to be used to distribute harmful software. Any one of the millions of registered users could have read the script and raised the alarm if it was harmful. Then I would not be here now and you would not be reading this message. See, for example, this discussion.

Another indication that the test is safe can be found in this thread, and this one, for example, where the comment in which I suggested it was recommended by one of the Apple Community Specialists, as explained here.

Nevertheless, if you can't satisfy yourself that these instructions are safe, don't follow them. Ask for other options.

4. Here's a general summary of what you need to do, if you choose to proceed:

☞ Copy a particular line of text to the Clipboard.

☞ Paste into the window of another application.

☞ Wait for the test to run. It usually takes a few minutes.

☞ Paste the results, which will have been copied automatically, back into a reply on this page.

These are not specific instructions; just an overview. The details are in parts 7 and 8 of this comment. The sequence is: copy, paste, wait, paste again. You don't need to copy a second time.

5. Try to test under conditions that reproduce the problem, as far as possible. For example, if the computer is sometimes, but not always, slow, run the test during a slowdown.

You may have started up in safe mode. If the system is now in safe mode and works well enough in normal mode to run the test, restart as usual. If you can only test in safe mode, do that.

6. If you have more than one user, and the one affected by the problem is not an administrator, then please run the test twice: once while logged in as the affected user, and once as an administrator. The results may be different. The user that is created automatically on a new computer when you start it for the first time is an administrator. If you can't log in as an administrator, test as the affected user. Most personal Macs have only one user, and in that case this section doesn’t apply. Don't log in as root.

7. Load this linked web page (on the website "Pastebin.") The title of the page is "Diagnostic Test." Below the title is a text box headed by three small icons. The one on the right represents a clipboard. Click that icon to select the text, then copy it to the Clipboard on your computer by pressing the key combination command-C.

If the text doesn't highlight when you click the icon, select it by triple-clicking anywhere inside the box. Don't select the whole page, just the text in the box.

8. Launch the built-in Terminal application in any of the following ways:

☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)

☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.

☞ Open LaunchPad and start typing the name.

Click anywhere in the Terminal window to activate it. Paste from the Clipboard into the window by pressing command-V, then press return. The text you pasted should vanish immediately.

9. If you see an error message in the Terminal window such as "Syntax error" or "Event not found," enter

exec bash

and press return. Then paste the script again.

10. If you're logged in as an administrator, you'll be prompted for your login password. Nothing will be displayed when you type it. You will not see the usual dots in place of typed characters. Make sure caps lock is off. Type carefully and then press return. You may get a one-time warning to be careful. If you make three failed attempts to enter the password, the test will run anyway, but it will produce less information. If you don't know the password, or if you prefer not to enter it, just press return three times at the password prompt. Again, the script will still run.

If you're not logged in as an administrator, you won't be prompted for a password. The test will still run. It just won't do anything that requires administrator privileges.

11. The test may take a few minutes to run, depending on how many files you have and the speed of the computer. A computer that's abnormally slow may take longer to run the test. While it's running, a series of lines will appear in the Terminal window like this:

[Process started]

Part 1 of 8 done at … sec
…
Part 8 of 8 done at … sec

The test results are on the Clipboard.

Please close this window.

[Process completed]

The intervals between parts won't be exactly equal, but they give a rough indication of progress. The total number of parts may be different from what's shown here.

Wait for the final message "Process completed" to appear. If you don't see it within about ten minutes, the test probably won't complete in a reasonable time. In that case, press the key combination control-C or command-period to stop it and go to the next step. You'll have incomplete results, but still something.

12. When the test is complete, or if you stopped it because it was taking too long, quit Terminal. The results will have been copied to the Clipboard automatically. They are not shown in the Terminal window. Please don't copy anything from there. All you have to do is start a reply to this comment and then paste by pressing command-V again.

At the top of the results, there will be a line that begins with the words "Start time." If you don't see that, but instead see a mass of gibberish, you didn't wait for the "Process completed" message to appear in the Terminal window. Please wait for it and try again.

If any private information, such as your name or email address, appears in the results, anonymize it before posting. Usually that won't be necessary.

13. When you post the results, you might see an error message on the web page: "You have included content in your post that is not permitted," or "The message contains invalid characters." That's a bug in the forum software. Please post the test results on Pastebin, then post a link here to the page you created.

14. This is a public forum, and others may give you advice based on the results of the test. They speak for themselves, not for me. The test itself is harmless, but whatever else you're told to do may not be. For others who choose to run it, I don't recommend that you post the test results on this website unless I asked you to.

______________________________________________________________

Copyright © 2014, 2015 by Linc Davis. As the sole author of this work (including the referenced "Diagnostic Test"), I reserve all rights to it except as provided in the Use Agreement for the Apple Support Communities website ("ASC"). Readers of ASC may copy it for their own personal use. Neither the whole nor any part may be redistributed.

Reply

Answer 6

thomas_r.

Level 7

31,989 points

May 27, 2015 7:03 AM in response to Cool mba

Cool mba wrote:

I tried your solution which i found on another thread here before i started a new one and it didn't work.

Have you actually verified that this is a network-specific problem? If not, try moving your MacBook Air to a different network - a friend's or relative's house, a coffee shop or library with free wifi, etc. Does the same problem occur there? If so, hacked network hardware is not the problem.

If your network has been hacked, there's no guarantee that resetting the router will work. Depending on the router, resetting to factory defaults may not be sufficient. You would need to discuss this with the maker of the router to see what other measures may be necessary for that particular hardware.

In addition, many people these days have multiple pieces of network hardware, and the wireless router may not be the cause of the problem. If you have a wireless router that is a separate device from your cable/DSL modem, then, depending on the network configuration, the modem may be the device that has been hacked. This is something you'll need to talk to your internet service provider about if that hardware is provided by them.

For more details, see:

http://www.adwaremedic.com/kb/hackedrouter.php

(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

Reply

Answer 7

Cool mba Author

Level 1

6 points

May 28, 2015 12:41 AM in response to thomas_r.

Thomas, thank you for your response

to answer your question, yes i have tried moving to different networks.. here's where i get confused 😕 though

The problem arises at my office at work, as we have a large office, we have different networks and routers to connect to. The redirect happens on the 3 different networks at the office on my MBA but not my other devices on the network(s) such as my iPhone 5S or android tablet, nor to any other users (all window users).

So i'm assuming its my MBA and not the network but when i go home and use my personal wifi i can load any website with no redirects what so ever.

Short of taking it in to my local Apple store here in South Africa I'm not sure what else to do

**NOTE**

I read numerous suggestions/articles on here including many by you and tried the lot of them including as mentioned before getting ADWARE MEDIC 2.2.3, following the instructions in you articles as to what to do if nothing is found by it and other virus scanners to no avail.

Thanks for you time

Reply

Answer 8

thomas_r.

Level 7

31,989 points

May 28, 2015 4:04 AM in response to Cool mba

Cool mba wrote:

The problem arises at my office at work, as we have a large office, we have different networks and routers to connect to. The redirect happens on the 3 different networks at the office on my MBA but not my other devices on the network(s) such as my iPhone 5S or android tablet, nor to any other users (all window users).

Since the problem sounds like it's only happening at work, and nowhere else, it has to be something involving your work network. It's odd that it's not affecting other devices there, however. One possibility is that there's some difference in what network hardware your Mac is communicating through. Another is that the particular hack in question is, for some reason, behaving differently on your Mac than on all the other devices on the network. In any event, though, this is something that the IT folks for your office will need to look into.

Reply