# Mac OS X - Safari redirecting on one site



## Pearlite (Jan 11, 2011)

I have a Mac OS X and use Safari as my Browser all the time. For some reason, it started to redirect me when I click a certain link, and no matter what variation of the link I use, or even if I click on the site's domain name, it will not take me to the site, but to somewhere else called 'dreambox webcontrol'. Does anyone know how to change this?:


----------



## Headrush (Feb 9, 2005)

Are you able to post the link that does this?

It could be the site you are on or the link you want to go to has been compromised and the issue isn't on your system.


----------



## Pearlite (Jan 11, 2011)

Hi Headrush: Yes, I can post the link. It was any link associated with World-Mysteries, such as; http://blog.world-mysteries.com/ , plus its domain name. I tried everything I could think of to get into the site, and there was no way. I kept being sent to one of two pages: either 'No Such Source' No File Found', or 'dreambox Webcontrol'. I had just visited the site the night before - no problem, but when I went to go back the next day, that's what I got.

Because nothing else had been affected at all, I thought they had cut me off their subscriber list - for whatever reason, but as I thought about it, the fact that nothing else at all was affected, and that I was being rerouted to something weird, it made me think somebody tried to do something. I therefore ran my MacKeeper Security Scan, and it picked up two 'TJ' s - whatever they are. Then a friend of mine suggested I try Firefox, my second browser, and when I did, it was able to get through. However, when I tried Safari again - no go. So I went back to my MacKeeper, and did a 'clean up', and it was after that, Safari was able to get through. It therefore, leaves me thinking, somebody did try something, but I'm not expert.

When I got through to World Mysteries, I used the same links that would not work before, and they all worked. So I must say, it has me wondering.


----------



## Headrush (Feb 9, 2005)

Seems odd you are having multiples sites constantly doing things to your system.

I have no idea what "TJs" means in MacKeeper Security scan, so hard to really know what was the original problem or how to avoid in the future.


----------



## Pearlite (Jan 11, 2011)

Hi Headrush. One was script problem, and the other it said was an 'agent' - both were isolated as 'infections', that had piggybacked downloads from a scenic photo company, and one from a Hubble Telescope picture download. In any case, when it cleaned them up and out, Safari was able to get through to the site. If it had nothing to do with those infections, I find it very weird that the site of World Mysteries was the only one affected, and when the 'infections' were cleaned out, it worked.


----------



## MacMan1211 (Jan 21, 2013)

Just had a similar issue with Safari... The below worked for me:

Open Finder > Go > Hold ALT/Option > Select Library > Caches > Move all contents of Folder into trash (Not the Cache folder itself)

Next...

Open Finder > Go > Hold ALT/Option > Select Library > Preferences > comm.apple.safari.plist (Move File to Trash)

Next...

Open Finder > Go > Hold ALT/Option > Select Library > Saved Application State > comm.apple.safari.savedstate (Move entire FOLDER into Trash)

Next...

Reset Safari

Next...

Reset Computer

Next...

Try the link(s) again and you should be all set.


----------



## Pearlite (Jan 11, 2011)

Hi MacMan1211. Thank you for your interest in my problem. I did find a way to clear it up by using MacKeeper, as I stated, and haven't had a problem since. However, in the interest of looking at other options, what do you mean by 'Set Library'? Do you mean hold down the alt-option and click onto Library? I like to know exactly what I'm doing, as not being a 'geek', if something goes wrong or goes places I don't understand, I don't have a way of fixing it, and I'd rather not screw up my computer for the next 2 days until I find an answer from someone who does know. 
Just to make sure, you did get that MacKeeper found two security breaches in my computer, and when it cleaned them out, the browser worked fine? I would find that pretty weird if they had nothing to do with me being redirected.
But in any case, just let me understand what your process does, and what problem it is addressing, and then I might have an idea where to go if something goes 'wrong' after I've completed this process. Thanks.


----------



## Headrush (Feb 9, 2005)

What he means is that in Finder, under the Go menu, there are some items you can quickly open to. (Documents, Desktop, Downloads, etc)

Normally, the hidden Library folder for the current user is not displayed. When you hold the Option key it WILL appear in that menu and you can select it. Finder will then open a window for that location.

I would recommend *against* deleting those files unless it was a last resort.

You problem clearly sounds liked a DNS redirection issue, which is a common malware thing.
The fact the MacKeeper found malware backs up that reasoning also.

If you hadn't already solved the issue, a couple terminal commands later we would have found the DNS issue.


----------



## Pearlite (Jan 11, 2011)

Hi Headrush. Thank you, I did not follow through the procedure for the reasons I mentioned. I just like to be safe instead of creating problems for myself for which I have no answers. I need my computer to operate, and sure don't need to waste days of my time trying to figure things out that I did. By 'malware', I assume you mean that someone did put something in my computer? It was not only strange to me that the security scan cleaned issues out and then the browser worked, but also that the problem came right after visiting World Mysteries. The site itself I've been in and out of numerous times, but since I do post opinions there, it's possible that I touched somebody's nerve. That was the last place I went before the problem occurred. I know these things don't necessarily have to appear as suddenly as they get into a computer, but it doesn't take long once they're in, so I remain suspicious.


----------



## Pearlite (Jan 11, 2011)

Headrush - Sorry, I forgot to ask you a question - was in a hurry last night. What are those files that Macman said I should try deleting? And why wouldn't you delete them?


----------



## Headrush (Feb 9, 2005)

The preference file holds all your settings for Safari and the Cache folder holds previously downloaded parts to web sites.
All web browsers save these to speed up web surfing as we genreally visit the same web sites over and over.

Deleting them wouldn't be disastrous, but it's an overly broad way of fixing a problem.

For one, you might fix the problem, but never find out what might have be the exact problem. (which I think is important)

Second, when you delete preferences, you could be reverting a lot of settings that were changed back to default values.
When diagnosing a problem, this introduces so many changes that can make things harder to narrow down.
The third reason not to delete is your problem didn't sound like a problem with a corrupted cache file or corrupted preference file and sounded like a more common DNS issue.


----------



## Pearlite (Jan 11, 2011)

Hi Headrush. So if I understand correctly, deleting the Cache would be like deleting the 'memory' of where you've been - which I agree, would be deleting the part that might have held the problem. But from what you're saying, a 'common' DNS issue, isn't anything to do with someone getting into my computer? What is this common DNS issue?


----------



## Headrush (Feb 9, 2005)

Pearlite said:


> But from what you're saying, a 'common' DNS issue, isn't anything to do with someone getting into my computer? What is this common DNS issue?


Exactly the opposite, DNS issues are common things that malware (viruses if you prefer), do alter.
Basically they change IP addresses to point to a different web site.

For example: if you typed www.google.com it would go to their web site (The infected one), instead of the real IP address for google.


----------



## Pearlite (Jan 11, 2011)

Hi Headrush. Okay, thank you. It takes me awhile to get this stuff. You know the website they sent me to was 'Dreambot Webcontrol'. Whatever that is.? In any case, thanks again for your help, I do appreciate it.


----------

