Welcome to
Mod The Sims
Online: 1498
News:
Have an account? Sign in:
pass:
If you don't have an account, why not sign up now? It's free!
Other sites: SimsWiki
Reply  Replies: 23 (Who?), Viewed: 1949 times.
Search this Thread
Old 10th Oct 2017, 4:05 PM DefaultRedirect from MTS to malware pages #1
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 76
Thanks: 1083 in 29 Posts
7 Achievements


I've been getting this redirect to malware (Microsoft official page, locking your browser, call this number, etc). Always the chance I'm wrong and it's in my browser or elsewhere, but I'm pretty sure now it's happening when I'm on your pages. I don't know if this will be helpful, but this is what my history showed this time:

8:54 AM
Windows Official Support
risk-nu55.stream


8:54 AM
http://server1.worldclcktrckr.com/?...ip=97.92.69.123
server1.worldclcktrckr.com


8:54 AM
http://eu7bi.redirectvoluum.com/red...wPUNoYXJ0ZXIlMj
eu7bi.redirectvoluum.com


8:54 AM
http://intion-admilfs.com/520d1c52-...=*&G=buy&H=0.03
intion-admilfs.com


8:54 AM
http://bestdealsintheworldtoday.com...=*&G=buy&H=0.03
bestdealsintheworldtoday.com


8:54 AM
https://publisherhub.plaimedia.com/...d.myadsbro.com/
publisherhub.plaimedia.com


8:54 AM
https://volumtrk3.solidcpm.com/3318...3R%2Bf3F%2BFGc6
volumtrk3.solidcpm.com


8:53 AM
Mod The Sims - No Autonomous Shouting of Forbidden Words
modthesims.info


8:53 AM
Mod The Sims - Downloads -> Game Mods
modthesims.info

Apologies if it isn't you, but it doesn't seem to be happening unless I visit here. Thanks.
Old 10th Oct 2017, 7:52 PM #2
Inge Jones
One horse disagreer of the Apocalypse

Join Date: Sep 2004
Posts: 10,927
Thanks: 9007 in 18 Posts
20 Achievements


Was there any particular advert showing at the time?

"You can do refraction by raymarching through the depth buffer" (c. Reddeyfish 2017)
Old 11th Oct 2017, 12:22 AM #3
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 76
Thanks: 1083 in 29 Posts
7 Achievements


I'll try and keep an eye open and see if I can spot it, but it happens so fast, and I don't tend to look at the ads. It's been only about once a day, so it's not prevalent, and I've also been watching to see if it happens when I'm NOT on MTS. So far, nothing either way again since this morning.
Old 12th Oct 2017, 8:18 PM #4
Duine
Theorist

Join Date: Aug 2012
Posts: 2,050


I've been having this problem in all areas, from the home page, downloads, just reading stuff. I have two images from AVG but can't get them to post. One says connection is on tech-nk32.stream and it was infected by JS:Agent-EEA[Trj] The 2nd one says code-ny37.stream same info for infected. AVG picked up these 2, it happens so fast and I x out the browser before the rest could show up. I get these everyday lately and sometimes twice. Most often I'm reading, not even touching the mouse. Thanks for looking into this.

Thought I would mention in case it's useful, this only happens on MTS and I don't have other tabs open.

When you forgive, you heal. When you let go, you grow.
Old 13th Oct 2017, 4:29 PM #5
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 76
Thanks: 1083 in 29 Posts
7 Achievements


Been a couple of days since I've had any problems, now. Maybe posting here scared it off. As I said, it may not even have been your site, but at one point I had mts pulled up and was playing the sims, and the game slowed down so bad I went out to take a look. There were the fake microsoft alerts, and my history was filled with redirects. But doesn't mean it was your site...still could have been something attached to my browser. Just seemed ot be happening here.
Old 14th Oct 2017, 3:33 AM #6
hedgekat
Field Researcher

Join Date: Nov 2004
Posts: 380
Thanks: 6276 in 27 Posts
11 Achievements


I've had this happen to me three times in the last week. The first time, after my anti-virus gave an alarm, I got a popup wanting me to give my username and password. I X'd that off. Then a page came up from CenturyTel phone company wanting me to do a survey and promising a reward. I did the survey and looked at the rewards. They were for Garcinia Cambogia, a face cream seen on Dr. Oz, which is widely advertised on the internet under various names, and a coupld of others. All free except for S&H. I X'd that out too. Still had a locked browser but was able to close it with Task manager. The other two times I X'd everything that popped up as soon as the alarm went off, without noticing if any company or product was mentioned. The first two times I was browsing in TS2 downloads. Today I was in TS2 WCIF section, in the Chewbacca post and had followed a link given in the post: the first modthesims link. Hope this can help you locate the perpetrator and hope you can prosecute them.

Just checked my history. Says the page was bestdealsintheworldtoday.com
Old 14th Oct 2017, 4:06 AM #7
kiddypatches
Lab Assistant

Join Date: May 2014
Posts: 168


This happens to me all the time, too, on Android. I'll be browsing the downloads section, then boom, malware sites. Usually they direct me to a Facebook looking page saying "CONGRATULATIONS!" or something like that. It's really irritating.
Old 17th Oct 2017, 7:57 PM #8
Zellbean
Test Subject

Join Date: Jan 2016
Posts: 37


Having issues as well. Doesn't matter if I browse in Safari or Chrome on my MacBook, iPhone, or iPad. I almost always get redirected. It's incredibly annoying.
Old 17th Oct 2017, 9:50 PM #9
Ghost sdoj
Site Helper

Join Date: Jan 2006
Posts: 9,192
Thanks: 91 in 1 Posts
7 Achievements

View My Journal


For me it was the front page, but it just happened again. My AV blocked a redirect attempt to bestdealsintheworldtoday.com, but clicking on the pop-up to copy the IP it was going to be blocking for the next 60 seconds closed it.

I am Ghost. My husband is sidneydoj. I post, he downloads, and I wanted to keep my post count.
Group for Avatar Makers* Funny Stories *2016 Yearbook
Old 19th Oct 2017, 12:48 AM DefaultSame here it has happened twice. #10
Mendota
Field Researcher

Join Date: Nov 2004
Posts: 267


Quote:
Originally Posted by Ravynwolvf
I've been getting this redirect to malware (Microsoft official page, locking your browser, call this number, etc). Always the chance I'm wrong and it's in my browser or elsewhere, but I'm pretty sure now it's happening when I'm on your pages. I don't know if this will be helpful, but this is what my history showed this time:

8:54 AM
Windows Official Support
risk-nu55.stream


8:54 AM
http://server1.worldclcktrckr.com/?...ip=97.92.69.123
server1.worldclcktrckr.com


8:54 AM
http://eu7bi.redirectvoluum.com/red...wPUNoYXJ0ZXIlMj
eu7bi.redirectvoluum.com


8:54 AM
http://intion-admilfs.com/520d1c52-...=*&G=buy&H=0.03
intion-admilfs.com


8:54 AM
http://bestdealsintheworldtoday.com...=*&G=buy&H=0.03
bestdealsintheworldtoday.com


8:54 AM
https://publisherhub.plaimedia.com/...d.myadsbro.com/
publisherhub.plaimedia.com


8:54 AM
https://volumtrk3.solidcpm.com/3318...3R%2Bf3F%2BFGc6
volumtrk3.solidcpm.com


8:53 AM
Mod The Sims - No Autonomous Shouting of Forbidden Words
modthesims.info


8:53 AM
Mod The Sims - Downloads -> Game Mods
modthesims.info

Apologies if it isn't you, but it doesn't seem to be happening unless I visit here. Thanks.


Yes there is a bad ad somewhere. I haven't been able to pin point exactly where it occures because it seems to come out of nowhere.
Old 19th Oct 2017, 2:16 AM #11
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 76
Thanks: 1083 in 29 Posts
7 Achievements


Just got the same thing again. Hadn't been here for a couple of days, went straight to my bookmarked sims 4 downloads and got the "Official" Windows malware warning. Didn't see the ad, and know this may not be helpful, but this is what my history showed:


7:12 PM
Windows Official Support
issue-1math0.stream


7:12 PM
Windows Official Support
server1.revtrckrnow.com


7:12 PM
Windows Official Support
eu7bi.redirectvoluum.com


7:12 PM
Windows Official Support
intion-admilfs.com


7:12 PM
Windows Official Support
bestdealsintheworldtoday.com


7:12 PM
Windows Official Support
publisherhub.plaimedia.com


7:12 PM
Windows Official Support
volumtrk3.solidcpm.com


7:11 PM
Mod The Sims - Downloads
modthesims.info

Was on quite a few sites in the last few days before it happened here, so pretty sure now it's not my browser.
Old 20th Oct 2017, 5:00 PM #12
Duine
Theorist

Join Date: Aug 2012
Posts: 2,050


Just now I got switched to another problem. Originally I saw the word publisher or possibly publishing, the link is fast and seemed to change several times til it went to a voice alert about my pc. This is what AVG found

notice-op93.stream infected with JS:Agent-EAA[trj]

When you forgive, you heal. When you let go, you grow.
Old 22nd Oct 2017, 2:14 PM #13
Duine
Theorist

Join Date: Aug 2012
Posts: 2,050


Got redirected this morning while looking in a folder for certain files. It redirected to best deals for today, which then went to a microsoft page with nothing on it. This is the only site I have this problem, not that I do a lot on my pc.

When you forgive, you heal. When you let go, you grow.
Old 23rd Oct 2017, 2:41 PM #14
Ghost sdoj
Site Helper

Join Date: Jan 2006
Posts: 9,192
Thanks: 91 in 1 Posts
7 Achievements

View My Journal


I got redirected again this morning, from the front page. I tried to get a screen capture of the IP that my anti-virus was blocking, but it didn't work. Either I hit the wrong button or I was too slow, but my screen capture was blank.

I am Ghost. My husband is sidneydoj. I post, he downloads, and I wanted to keep my post count.
Group for Avatar Makers* Funny Stories *2016 Yearbook
Old 24th Oct 2017, 4:05 PM #15
Duine
Theorist

Join Date: Aug 2012
Posts: 2,050


This problem is everyday, at least once a day. What ever it is redirects to 2 or more links then to a fake microsoft page which then sets off warnings. This all happens without opening any new tabs, they're all on the MTS page I happen to be on at the moment, even pages with no ads on them. The only time I actually get any info is when I don't catch it in time before AVG pops up and says what it is. I don't have windows 10, I'm curious if this is aimed at non windows 10 users. I don't think this is the case since it only happens here.

When you forgive, you heal. When you let go, you grow.
Old 24th Oct 2017, 4:26 PM #16
Ghost sdoj
Site Helper

Join Date: Jan 2006
Posts: 9,192
Thanks: 91 in 1 Posts
7 Achievements

View My Journal


I'm also on Windows 8, primarily using Chrome. And again, it's only at MTS, although I've only had it happen from the front page. But I've never tried to download anything while this has been going on.

http://www.modthesims.info/showthread.php?t=601202 is the thread where I first mentioned that I had gotten a redirect, and it seems to be the same thing.

I am Ghost. My husband is sidneydoj. I post, he downloads, and I wanted to keep my post count.
Group for Avatar Makers* Funny Stories *2016 Yearbook
Old 24th Oct 2017, 9:58 PM #17
Ravynwolvf
Original Poster

Lab Assistant

Join Date: Dec 2004
Posts: 76
Thanks: 1083 in 29 Posts
7 Achievements


Getting kind of annoying, now. Came to your page, hit the link to go check out season harvests, and instantly ended up on the pc alert malware again. I greatly appreciate the fact that you guys remain free and understand the need for ads, but something should really be done to make sure you don't have THIS kind of ad.
Old 25th Oct 2017, 7:09 AM #18
Mordecai and Rigby
Bunned

Join Date: Mar 2013
Posts: 2,432
Thanks: 1 in 1 Posts
1 Achievements


I haven't gotten the advert but

2 weeks and nothing has been done about this?? Wtf

This account doesn't exist
Old 25th Oct 2017, 9:07 AM #19
simsample
Be like the 22nd elephant with heated value in space- Bark!



Join Date: Feb 2005
Posts: 18,654
Thanks: 8849 in 31 Posts
19 Achievements

View My Journal


Someone could have @ the admins so they would have seen this.

@Tashiketh
@Nysha
Old 25th Oct 2017, 11:26 AM #20
Nysha
Née whiterider



Join Date: Jul 2005
Posts: 19,719
Thanks: 42772 in 94 Posts
36 Achievements

View My Journal


We have seen this, but there's very little we can do without knowing which ads are involved. I have identified one and Tashiketh has reported it to the company to have it removed, which should help - but it's possible that there is more than one ad responsible, and we can't nobble the others without identifying them first.

What I lack in decorum, I make up for with an absence of tact.
Old 25th Oct 2017, 2:49 PM #21
Ghost sdoj
Site Helper

Join Date: Jan 2006
Posts: 9,192
Thanks: 91 in 1 Posts
7 Achievements

View My Journal


And it's really hard to spot which ad has redirected you when you're reading the page and all of a sudden it switches to another page...
Thank you for finding that one. I'm sorry that I was unable to give better data for you.

I am Ghost. My husband is sidneydoj. I post, he downloads, and I wanted to keep my post count.
Group for Avatar Makers* Funny Stories *2016 Yearbook
Old 28th Oct 2017, 9:30 AM #22
CaliBrat
Top Secret Researcher

Join Date: Nov 2006
Posts: 1,585
Thanks: 2367 in 21 Posts
20 Achievements


I've also had this happen a number of times. After comin here to post I saw it had already been reported and the issue in gettin it solved. So I said (to myself :P) that the next time it started to happen since it goes by so fast that instead of tryin to read the info I'd get a screenshot. So that's what I did just now when I had it happen again. The other times it happened I had it redirect me once and then again a 2nd time. This time however it only gave me 1 redirect, could his have been because I sorta froze it when I did the screen print (I use lightshot)?

Old 28th Oct 2017, 4:23 PM #23
Ghost sdoj
Site Helper

Join Date: Jan 2006
Posts: 9,192
Thanks: 91 in 1 Posts
7 Achievements

View My Journal


What they really need is the IP. Which can be awfully hard to get.

I am Ghost. My husband is sidneydoj. I post, he downloads, and I wanted to keep my post count.
Group for Avatar Makers* Funny Stories *2016 Yearbook
Old 28th Oct 2017, 4:30 PM #24
Duine
Theorist

Join Date: Aug 2012
Posts: 2,050


@Nysha If links will help, I just realized that bunch of them I got a little while ago are listed in history, I'll post them here. There were more with the same info, most seem to be the sport best ones. They all came from 2 different pages, none were from downloads as I was just browsing and reading. I never click ads on any site just to be safe. Is using ad blocks on MTS allowed? Also if putting links here is not a good idea, what is the best way to report what we find? I'm clueless about these kinds of things.

https://sportbestshop.com/lps/asvie...J8BARXODg%3D&c=

http://rolledsteelcuts.com/indexLPa...nljUQ,,&H=0.007

http://eu7bi.redirectvoluum.com/red...MN3zfxTP4Y&rm=D

http://intion-admilfs.com/853380f7-...nljUQ,,&H=0.007

https://engine.spotscenered.info/Re...sll7735zEsD_FA2

https://sportbestshop.com/lps/asvie...hesims.info&ci=

https://sportbestshop.com/lps/asvie...J8BARXODg%3D&c=

http://www.everifymatch.com/redirec...kEnuZtcCg&rm=DJ

http://track.blessbiz.online/774c2a...ng=EN&bannerid=[bannerid]&deviceid=&extid=1509198119041933104627990731072682

http://adexchangeperformance.com/sc...xDG6vTkr-K_w%2C

http://bestdealsintheworldtoday.com...=*&G=buy&H=0.03

When you forgive, you heal. When you let go, you grow.
Reply


Section jump:


Powered by MariaDB Some icons by http://dryicons.com.