Welcome to
Mod The Sims
Online: 1424
News:
Have an account? Sign in:
pass:
If you don't have an account, why not sign up now? It's free!
Other sites: SimsWiki
Reply  Replies: 10 (Who?), Viewed: 448 times.
Search this Thread
Old 10th Oct 2017, 3:05 PM DefaultRedirect from MTS to malware pages #1
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 75
Thanks: 1062 in 28 Posts
7 Achievements


I've been getting this redirect to malware (Microsoft official page, locking your browser, call this number, etc). Always the chance I'm wrong and it's in my browser or elsewhere, but I'm pretty sure now it's happening when I'm on your pages. I don't know if this will be helpful, but this is what my history showed this time:

8:54 AM
Windows Official Support
risk-nu55.stream


8:54 AM
http://server1.worldclcktrckr.com/?...ip=97.92.69.123
server1.worldclcktrckr.com


8:54 AM
http://eu7bi.redirectvoluum.com/red...wPUNoYXJ0ZXIlMj
eu7bi.redirectvoluum.com


8:54 AM
http://intion-admilfs.com/520d1c52-...=*&G=buy&H=0.03
intion-admilfs.com


8:54 AM
http://bestdealsintheworldtoday.com...=*&G=buy&H=0.03
bestdealsintheworldtoday.com


8:54 AM
https://publisherhub.plaimedia.com/...d.myadsbro.com/
publisherhub.plaimedia.com


8:54 AM
https://volumtrk3.solidcpm.com/3318...3R%2Bf3F%2BFGc6
volumtrk3.solidcpm.com


8:53 AM
Mod The Sims - No Autonomous Shouting of Forbidden Words
modthesims.info


8:53 AM
Mod The Sims - Downloads -> Game Mods
modthesims.info

Apologies if it isn't you, but it doesn't seem to be happening unless I visit here. Thanks.
Old 10th Oct 2017, 6:52 PM #2
Inge Jones
One horse disagreer of the Apocalypse

Join Date: Sep 2004
Posts: 10,898
Thanks: 8988 in 18 Posts
20 Achievements


Was there any particular advert showing at the time?

"You can do refraction by raymarching through the depth buffer" (c. Reddeyfish 2017)
Old 10th Oct 2017, 11:22 PM #3
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 75
Thanks: 1062 in 28 Posts
7 Achievements


I'll try and keep an eye open and see if I can spot it, but it happens so fast, and I don't tend to look at the ads. It's been only about once a day, so it's not prevalent, and I've also been watching to see if it happens when I'm NOT on MTS. So far, nothing either way again since this morning.
Old 12th Oct 2017, 7:18 PM #4
Duine
Top Secret Researcher

Join Date: Aug 2012
Posts: 1,988


I've been having this problem in all areas, from the home page, downloads, just reading stuff. I have two images from AVG but can't get them to post. One says connection is on tech-nk32.stream and it was infected by JS:Agent-EEA[Trj] The 2nd one says code-ny37.stream same info for infected. AVG picked up these 2, it happens so fast and I x out the browser before the rest could show up. I get these everyday lately and sometimes twice. Most often I'm reading, not even touching the mouse. Thanks for looking into this.

Thought I would mention in case it's useful, this only happens on MTS and I don't have other tabs open.

When you forgive, you heal. When you let go, you grow.
Old 13th Oct 2017, 3:29 PM #5
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 75
Thanks: 1062 in 28 Posts
7 Achievements


Been a couple of days since I've had any problems, now. Maybe posting here scared it off. As I said, it may not even have been your site, but at one point I had mts pulled up and was playing the sims, and the game slowed down so bad I went out to take a look. There were the fake microsoft alerts, and my history was filled with redirects. But doesn't mean it was your site...still could have been something attached to my browser. Just seemed ot be happening here.
Old 14th Oct 2017, 2:33 AM #6
hedgekat
Field Researcher

Join Date: Nov 2004
Posts: 358
Thanks: 6236 in 27 Posts
11 Achievements


I've had this happen to me three times in the last week. The first time, after my anti-virus gave an alarm, I got a popup wanting me to give my username and password. I X'd that off. Then a page came up from CenturyTel phone company wanting me to do a survey and promising a reward. I did the survey and looked at the rewards. They were for Garcinia Cambogia, a face cream seen on Dr. Oz, which is widely advertised on the internet under various names, and a coupld of others. All free except for S&H. I X'd that out too. Still had a locked browser but was able to close it with Task manager. The other two times I X'd everything that popped up as soon as the alarm went off, without noticing if any company or product was mentioned. The first two times I was browsing in TS2 downloads. Today I was in TS2 WCIF section, in the Chewbacca post and had followed a link given in the post: the first modthesims link. Hope this can help you locate the perpetrator and hope you can prosecute them.

Just checked my history. Says the page was bestdealsintheworldtoday.com
Old 14th Oct 2017, 3:06 AM #7
kiddypatches
Lab Assistant

Join Date: May 2014
Posts: 131


This happens to me all the time, too, on Android. I'll be browsing the downloads section, then boom, malware sites. Usually they direct me to a Facebook looking page saying "CONGRATULATIONS!" or something like that. It's really irritating.
Old 17th Oct 2017, 6:57 PM #8
Zellbean
Test Subject

Join Date: Jan 2016
Posts: 30


Having issues as well. Doesn't matter if I browse in Safari or Chrome on my MacBook, iPhone, or iPad. I almost always get redirected. It's incredibly annoying.
Old 17th Oct 2017, 8:50 PM #9
Ghost sdoj
Site Helper

Join Date: Jan 2006
Posts: 9,081
Thanks: 91 in 1 Posts
7 Achievements

View My Journal


For me it was the front page, but it just happened again. My AV blocked a redirect attempt to bestdealsintheworldtoday.com, but clicking on the pop-up to copy the IP it was going to be blocking for the next 60 seconds closed it.

I am Ghost. My husband is sidneydoj. I post, he downloads, and I wanted to keep my post count.
Group for Avatar Makers* Funny Stories *2016 Yearbook
Old Yesterday, 11:48 PM DefaultSame here it has happened twice. #10
Mendota
Field Researcher

Join Date: Nov 2004
Posts: 250


Quote:
Originally Posted by Ravynwolvf
I've been getting this redirect to malware (Microsoft official page, locking your browser, call this number, etc). Always the chance I'm wrong and it's in my browser or elsewhere, but I'm pretty sure now it's happening when I'm on your pages. I don't know if this will be helpful, but this is what my history showed this time:

8:54 AM
Windows Official Support
risk-nu55.stream


8:54 AM
http://server1.worldclcktrckr.com/?...ip=97.92.69.123
server1.worldclcktrckr.com


8:54 AM
http://eu7bi.redirectvoluum.com/red...wPUNoYXJ0ZXIlMj
eu7bi.redirectvoluum.com


8:54 AM
http://intion-admilfs.com/520d1c52-...=*&G=buy&H=0.03
intion-admilfs.com


8:54 AM
http://bestdealsintheworldtoday.com...=*&G=buy&H=0.03
bestdealsintheworldtoday.com


8:54 AM
https://publisherhub.plaimedia.com/...d.myadsbro.com/
publisherhub.plaimedia.com


8:54 AM
https://volumtrk3.solidcpm.com/3318...3R%2Bf3F%2BFGc6
volumtrk3.solidcpm.com


8:53 AM
Mod The Sims - No Autonomous Shouting of Forbidden Words
modthesims.info


8:53 AM
Mod The Sims - Downloads -> Game Mods
modthesims.info

Apologies if it isn't you, but it doesn't seem to be happening unless I visit here. Thanks.


Yes there is a bad ad somewhere. I haven't been able to pin point exactly where it occures because it seems to come out of nowhere.
Old Today, 1:16 AM #11
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 75
Thanks: 1062 in 28 Posts
7 Achievements


Just got the same thing again. Hadn't been here for a couple of days, went straight to my bookmarked sims 4 downloads and got the "Official" Windows malware warning. Didn't see the ad, and know this may not be helpful, but this is what my history showed:


7:12 PM
Windows Official Support
issue-1math0.stream


7:12 PM
Windows Official Support
server1.revtrckrnow.com


7:12 PM
Windows Official Support
eu7bi.redirectvoluum.com


7:12 PM
Windows Official Support
intion-admilfs.com


7:12 PM
Windows Official Support
bestdealsintheworldtoday.com


7:12 PM
Windows Official Support
publisherhub.plaimedia.com


7:12 PM
Windows Official Support
volumtrk3.solidcpm.com


7:11 PM
Mod The Sims - Downloads
modthesims.info

Was on quite a few sites in the last few days before it happened here, so pretty sure now it's not my browser.
Reply


Section jump:


Powered by MariaDB Some icons by http://dryicons.com.