Devlin Posted January 10, 2013 Share Posted January 10, 2013 I had posted this sometime back when I first joined that I kept getting redirected to some AD site...I usually just post via my TAB and tried to access the site this morning using Firefox, I got redirected again. Thanks! Sent from my SCH-I800 using Tapatalk 2 Quote Link to comment Share on other sites More sharing options...
DevilMinder Posted January 10, 2013 Share Posted January 10, 2013 I get some random shortname redirection website now and then. I can't figure it out. What site did you end up at? Quote Link to comment Share on other sites More sharing options...
Devlin Posted January 10, 2013 Author Share Posted January 10, 2013 I just tried it again after seeing your post and now out isn't redirecting! Was taking me to some short url site with an online AD saying you are about to unlock content which of course locks you into advertisement sites. Sent from my SCH-I800 using Tapatalk 2 Quote Link to comment Share on other sites More sharing options...
StarDew Posted January 10, 2013 Share Posted January 10, 2013 I had similar a while back. Turned out to be malware. Run your malware software in "safe mode" and then see if are okay. May want to do a restore point before you start. I could only find the critter running in safe mode. Quote Link to comment Share on other sites More sharing options...
Devlin Posted January 11, 2013 Author Share Posted January 11, 2013 (edited) I run multiple malware apps below and all come up clean...not sure why it happens on occasion. The account I have setup for this computer is managed via group policy on my network with no admin rights too.<br /><br />Malwarebytes<br />AdAware<br />AVG (anti virus)<br /> Edited January 11, 2013 by Devlin Quote Link to comment Share on other sites More sharing options...
DevilMinder Posted January 11, 2013 Share Posted January 11, 2013 Same here, I know my PC is clean, and it seems like you hit the same site I do Devlin. I thought it was a random bug, but now its obviously something deeper. I am going to copy the text next time to narrow this down. Thanks for letting me know Quote Link to comment Share on other sites More sharing options...
Devlin Posted January 11, 2013 Author Share Posted January 11, 2013 Np at all...I might turn on firebug for my browser and see what it picks up in debug mode...will let you know what I find and email you the output log. Sent from my SCH-I800 using Tapatalk 2 Quote Link to comment Share on other sites More sharing options...
RowdyFan42 Posted January 11, 2013 Share Posted January 11, 2013 Could it have something to do with one of the ads? Supposedly the advertisers aren't allowed to pull tricks like this, but sometimes they embed something in their ads that open up pop-up windows or redirect pages or things like that. Np at all...I might turn on firebug for my browser and see what it picks up in debug mode...will let you know what I find and email you the output log. Sent from my SCH-I800 using Tapatalk 2 That's a good idea. I'll turn on Firebug too and see what comes up. Quote Link to comment Share on other sites More sharing options...
DevilMinder Posted January 11, 2013 Share Posted January 11, 2013 strangely enough it happened the two times I was being lazy and just googled NJDevs, the google search page sent me to the weird shortname thing. Quote Link to comment Share on other sites More sharing options...
StarDew Posted January 11, 2013 Share Posted January 11, 2013 I run multiple malware apps below and all come up clean...not sure why it happens on occasion. The account I have setup for this computer is managed via group policy on my network with no admin rights too.<br /><br />Malwarebytes<br />AdAware<br />AVG (anti virus)<br /> I suggested running in Safe Mode. I must now assume that you did. I don't trust AdAware and am close to dumping AVG. I use Malwarebyte and a few others. Good luck. **backs out of thread** Quote Link to comment Share on other sites More sharing options...
Devlin Posted January 11, 2013 Author Share Posted January 11, 2013 Yep...I ran in safe mode. I use firebug for game development and going to trace what those AD redirect scripts are doing behind the scene. Sent from my SCH-I800 using Tapatalk 2 Quote Link to comment Share on other sites More sharing options...
RowdyFan42 Posted January 12, 2013 Share Posted January 12, 2013 strangely enough it happened the two times I was being lazy and just googled NJDevs, the google search page sent me to the weird shortname thing. Yeah, I can reproduce that. It's happened with each of the four browsers I have installed (Firefox, Chrome, Safari, IE), but only the first time I've tried it. It sets a cookie that supposedly prevents the redirection from happening every time you come in. (I suppose I should say it happens every time you arrive via Google without the cookie, not just the first time.) And so far it looks like it's only when coming in from Google; I tried hitting the site directly with an empty cache and no cookies and there was no redirection. And BTW, it's not just Google, it's Bing too, as I just tried it there. But it's weird that it only happens when you visit the site from a search engine and not if you type in the URL. Quote Link to comment Share on other sites More sharing options...
RowdyFan42 Posted January 12, 2013 Share Posted January 12, 2013 Okay, make a liar out of me. I thought maybe it was something in the skin itself, so I went in to the admin panel and changed the theme to the IPB default. Cleared out my cookies and cache, went back to Google, clicked on the NJDevs link, no redirection with Ol' Blue Eyes. Progress, methinks. Switched the skin back to the color changer theme, wash, rinse, and repeat. Lo and behold, no redirection again! So... I think it's fixed? Both times I changed the default theme, the admin panel wrote out fresh copies of all the skin files to the server, so I'm thinking that if there was a problem, it was only with the files that had been there and it went away when the rebuild overwrote everything. Keep your eyes open, though, we'll see if this pops up again. Quote Link to comment Share on other sites More sharing options...
Devlin Posted January 13, 2013 Author Share Posted January 13, 2013 So... I think it's fixed? Both times I changed the default theme, the admin panel wrote out fresh copies of all the skin files to the server, so I'm thinking that if there was a problem, it was only with the files that had been there and it went away when the rebuild overwrote everything. Keep your eyes open So far so good! Sent from my SCH-I800 using Tapatalk 2 Quote Link to comment Share on other sites More sharing options...
Devilsfan118 Posted January 13, 2013 Share Posted January 13, 2013 (edited) Just saw this thread and wanted to chime in, I just got sent to that random spammy website from google. The URL, for what it's worth, was: (CLICK AT YOUR OWN RISK, potential unclean site) http://url4short.info/a7b7f6f1 I know this computer is 100% clean, so it's not a virus on my end or something like that. Edited January 13, 2013 by Devilsfan118 Quote Link to comment Share on other sites More sharing options...
DevilMinder Posted January 13, 2013 Share Posted January 13, 2013 That is the site I hit as well. Quote Link to comment Share on other sites More sharing options...
DevilMinder Posted January 13, 2013 Share Posted January 13, 2013 Jeez, this hijack is apparently widespread. Looking into it now Quote Link to comment Share on other sites More sharing options...
DevilMinder Posted January 13, 2013 Share Posted January 13, 2013 Okay, I did the official "Fix" from the forum people. Can everyone google "NJdevs" and see if it happens still Quote Link to comment Share on other sites More sharing options...
StarDew Posted January 13, 2013 Share Posted January 13, 2013 No redirect from Google. I don't really use Google except for alerts. I use a less sofisticated non tracking search engine. So it ended up being a form of malware. I hate that kind that doesn't show up in scans. Sometimes when I get messed up I do a sysptem restore to before the event and don't care if I lose anything as long as my machine is clean again. Quote Link to comment Share on other sites More sharing options...
DevilMinder Posted January 13, 2013 Share Posted January 13, 2013 Its a server side malware, apparently uses a database injection nothing the end user can do to stop it. Quote Link to comment Share on other sites More sharing options...
StarDew Posted January 15, 2013 Share Posted January 15, 2013 Yikes! Glad I only use bookmarks to get to my favorite sites. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.