Very suspicious page redirectory

  • Thread starter Thread starter Not_A_Guest
  • 14 comments
  • 1,247 views
Not_A_Guest

Not_A_Guest

Messages
1,824
United States
California
I clicked on the "Forums" tab at the top of the page. I arrived there for a split second, then I was immediately redirected through
http://www.theadgateway.com/script/...981&r=276966&ref=h&data=&subid=&new=1&dx===wD
to end up at a page that looked like this:
Obviously, I did not click on anything related to the page. But I know that GTPlanet is under good, sane ownership and would not allow possibly malicious ads like this. Right?
 

Attachments

  • Dwm 2014-07-29 16-24-54-58.jpg
    Dwm 2014-07-29 16-24-54-58.jpg
    105.4 KB · Views: 15
We're already looking into this. I had something similar last night and a full Malware/AV scan revealed nothing untoward on my end. Check your machine anyway, just to be safe.

I often get it at Imgur, particularly fake Java installers, but today I've also been autoredirected to theadgateway from Imgur, so it suggests one of the ads in the rotation for both sites is awry.
 
@Not_A_Guest, I see you're using AdBlock Plus. Do you have GTPlanet "whitelisted" to show ads here, or are you blocking them?
 
OK, thanks for the additional information. I have blocked 'theadgateway.com' and 'irfsoft.com' from running any ads through Google Adsense here, should that be the problem.

However, I don't think we can entirely rule out unrelated malware or a rouge browser plugin on your systems yet. As an administrator, @Famine is not shown any ad codes, and I have done a security audit of the site's source code itself and all looks normal. Definitely be on the lookout for anything suspicious on your machines over the next few days.
 
I got another one

24oor4i.png

My computer checked out again. This has only happened on GTP so far. I'll try browsing on my other computer too and see if it comes up.
 
Yes, I'm looking into it, but so far haven't found anything. If it was malware though I'd expect these things to pop up when I'm not on GTP (and perhaps more often). I followed your links and couldn't find any evidence of either program on my computer. Every time something like this comes up I kill the internet, then kill firefox, and scan everything. I've scanned with AV and also downloaded some anti malware stuff as well. They agree that all is clean. I will continue looking though.
 
Reset your web browser as it may have a plug in or hidden setting.

IE
Tools>Options>Advanced>Reset

Firefox
Help>Trouble Shooting Information>Reset Firefox.
 
Which software do you guys use for malware scanning?
Maybe your scanners just haven't picked it up.

Definitely do a scan with Malwarebytes'.
 
Exorcet
I got another one

24oor4i.png

My computer checked out again. This has only happened on GTP so far. I'll try browsing on my other computer too and see if it comes up.
Click to expand...
A Google search shows that "lpmxp" redirects are the result of malware on your computer, likely installed by a browser plugin. Take a look at this page for more information.
 
If this can only come from malware, then I guess I am infected. Thanks for the information. I had been using Webroot and Malwarebytes, but they failed to detect anything. A quick manual check didn't find anything unusual either. I forgot about Hitman though, and didn't try resetting my browser. I will try the provided suggestions. Thanks again.
 
Exorcet
If this can only come from malware, then I guess I am infected. Thanks for the information. I had been using Webroot and Malwarebytes, but they failed to detect anything. A quick manual check didn't find anything unusual either. I forgot about Hitman though, and didn't try resetting my browser. I will try the provided suggestions. Thanks again.
Click to expand...
Run a scan with AdwCleaner, it's a simple but pretty mighty tool.

EDIT: Just saw it's mentioned in the link above.
Can only recommend it.
 

Latest Posts

Back