Okay, something weird keeps happening every time I try to go on NG with Internet Explorer. When I go on NG, the page will load, then I'll get redirected to some fake "security" site, www1DOTsimple-protectionnnDOTrrDOTnu, at which point, my browser will be reduced to a fake warning that my computer may be infected with malicious software.

When this first happened, I thought I had managed to get a malware infection from the millions of porn sites I visit each day. However, running the program Rkill didn't stop any malware processes nor did malwarebytes find any malicious files. In addition, my own manual search didn't find any suspicious files (files with random strings for names, no description attached).

Now before I had even finished with the above, I started experimenting to see if I could catch the program in action. So I opened up Internet Explorer (not getting the same problem out of Firefox, which is why I'm here now), and started going to random sites, including the ones that would be the most likely to give me trouble. But the only site that I was getting redirected from is Newgrounds. I don't get that effect from any other site I've tested.

At this point, I do not think a virus infection on my computer is causing this. I think there's an issue with NG's server. I'm 90% sure.

What do you guys think?

Yeah, that happened to me too. Scared the crap outta me, because I had just gotten rid of a rather nasty virus.

At 2/12/11 12:41 AM, Angiki wrote: Yeah, that happened to me too. Scared the crap outta me, because I had just gotten rid of a rather nasty virus.

Okay, so I'm not the only one experiencing this. Now I'm positive there's an issue with their server.

No? This hasn't happened to me.

I use Internet Explorer.

Get FireFox.

At 2/12/11 12:44 AM, Cericon wrote: Get FireFox.

Using it right now.

Also, found an alternate name for the website:

safe-antivirsentinelDOTrrDOTnu

Got two names, time to do some research.

^mostly idiots. (not you OP, the fools who say the problem is necessarily with your browser)

Yes, the problem is with YOUR machine. If it isn't your browser being hijacked, whatever malware infected your machine has made changes to your host file. I would suggest you use another machine to research how to rid yourself of the issue with the aid of google. It'll be good for you to learn that stuff.

Your virus software may have already removed the virus, or it may not be able to. Hard to tell you really.

Good luck.

ya it happened to me too. It appears to only affecting the home page. What ever you do, dont download the file. its a trap! ill go warn others

I seriously doubt it is NG's servers. It is either your browser or a virus on your computer.

I got this virus before. It locked me completely out of my computer. It's not NG's fault anywho. If you want to save your ass do a system restore by going to Start and searching restore and then clicking system restore. Choose a date that's like a week before the present day and click restore. It takes about 10 minutes to half an hour to reinstall. When you get your computer back download a good antivirus. I for example have kaspersky. Get it to run a full computer scan and don't interrupt it. Hope I could help. This is what I did when it happened to me. But no it's not NG's fault, you have a virus mate.

At 2/12/11 12:48 AM, Evark wrote: ^mostly idiots. (not you OP, the fools who say the problem is necessarily with your browser)

Yes, the problem is with YOUR machine. If it isn't your browser being hijacked, whatever malware infected your machine has made changes to your host file. I would suggest you use another machine to research how to rid yourself of the issue with the aid of google. It'll be good for you to learn that stuff.

Your virus software may have already removed the virus, or it may not be able to. Hard to tell you really.

Good luck.

That's the think though. So far, 2 other people have reported the same problem as myself (although the fact that it happened in the first place is enough to make me shudder, even if it's not my machine, since it could have put something on my machine.)

I'll definitely look into the hosts file thing though.

hmmm whatever it was, it seems to be gone now.

At 2/12/11 12:53 AM, blackattackbitch wrote: That's the think though. So far, 2 other people have reported the same problem as myself (although the fact that it happened in the first place is enough to make me shudder, even if it's not my machine, since it could have put something on my machine.)

Yes. It happens to people. Kinda like how everyone gets sick at the same time, viruses with similar symptoms tend to spread through machines at the same time. It's not NG, because I'm not running antivirus right now and I have no trouble.

I'll definitely look into the hosts file thing though.

Yes. Make sure you remove whatever program made the change as well. I think booting in safe mode and running a virus scan may do it, but again I don't know the severity of the infection you have.

At 2/12/11 12:55 AM, Evark wrote:

At 2/12/11 12:53 AM, blackattackbitch wrote: That's the think though. So far, 2 other people have reported the same problem as myself (although the fact that it happened in the first place is enough to make me shudder, even if it's not my machine, since it could have put something on my machine.)

Yes. It happens to people. Kinda like how everyone gets sick at the same time, viruses with similar symptoms tend to spread through machines at the same time. It's not NG, because I'm not running antivirus right now and I have no trouble.

I'll definitely look into the hosts file thing though.

Yes. Make sure you remove whatever program made the change as well. I think booting in safe mode and running a virus scan may do it, but again I don't know the severity of the infection you have.

From my past experiences it seemed to be a rouge anti virus software, well, one that epicly fails. Most of the time, rouge anti viruses automaticlly download itself on to your computer and blocks all internet webpages and keeps bugging you to "buy" it. The one that hit newgrounds must of been the newgrounds sever because only the newgrounds homepage was affected while every other internet website worked fine. Also i checked my files and scanned. Nothing was detected.

Okay, now this is getting really fucking weird. I now have a good amount of evidence for both of my suggestions.

For those who were saying they had the same symptoms as myself: If you open internet explorer and go on taskmanager, do you see two internet explorers running at the same time? And if you can see the command line for it, does one come attached with the words SCODEF and CREDAT?

Because if it does, you're probably suffering from the same thing I am.

Once I figure out what the hell those words mean and verify that its malicious (more than likely), than I can figure out what the hell to do about it. I'll probably end up doing a system restore.

It happened to me but I am using my phone so no worries.

At 2/12/11 01:15 AM, blackattackbitch wrote: Okay, now this is getting really fucking weird. I now have a good amount of evidence for both of my suggestions.

For those who were saying they had the same symptoms as myself: If you open internet explorer and go on taskmanager, do you see two internet explorers running at the same time? And if you can see the command line for it, does one come attached with the words SCODEF and CREDAT?

Actually, nevermind. That just references the tabs utility. Scared the fuck out of me when I first noticed it though.

Back to square 1.

Now here's an interesting finding: I did not get that problem when I increased Internet Explorer's security settings to high, but as soon as I dropped it back down, the problem came right back. If I can figure out exactly what security setting is having an effect, I can pin down the problem once and for all.

no not to me

Never happened to me mate.

Nothing like that has happened to me. Even tested it out with internet explorer. it's probably you. Lets see if you can pinpoint it like you said.

Just my luck. I ended up finding 2 infected files after doing another scan with Malwarebytes, restarting my computer because of it, and I'm still getting the same issue.

Fuck it, I'll worry about it tomorrow, if it's still going on, I should be able to solve it then. For now, I'm letting my virus scanner run one more time. Since I know security settings will affect it, I can test it out tomorrow and see what happens.

I...never got anything like that. It said servers were down for maintenance a while ago today, though.

Didn't happen to me. It must be a virus!

Wow this seems like a really bad problem if something can hack into newgrounds sites on your web browser and re direct it to
*reads internet explorer*
Oh nevermind.

fmsmediaDOTnet.

I have no idea what's on this site, but when I blocked it, the popup problems ended.

I discovered this site by launching each script in NG 1 at a time. This site would load around the time that the ads loaded, and if I remember right, one of the ads was connected to it. When I added it to IE's list of restricted sites, then tried loading the page again, I didn't experience that problem anymore.

A side effect is that it may disable one of the banner ads on the NG pages, so I'm still not completely sure whether it's a problem on my side or not. I'll find out tomorrow.

YOUR ANTI VIRUS WAS FUCKED BY THE VIRUS. Same thing happened to me about 6 months ago, it fucked my malwarebytes with a sharp rock, so when it tried to scan it wouldn't pick jack shit up. Your out of luck with system restore too, it only works right in the moment the virus is installing, you have to be quick. If you don't then the virus installs and blocks it. I dodged a virus quickly doing that. Go dowload CCleaner to a flash drive, copy it to your computer, and make it wipe your drive, that should set it so it's as if your installing your computer for the first time.

I've had viruses like this before, they really suck. they block your actions so you can't do some things, bug you to pay for a worse virus infection, and the only way to get rid of it to is google the exact name of the virus and find one of those rare "step by step" sites that will tell you exactly how to rid yourself of the problem.

OR you can use something like "wipedrive" by white canyon, that will reset your hard drive back to 100% factory clean.

but then again, if you are super duper fucked you don't have a bugger all hard drive virus you could have a much worse BIOS/RAM virus, that you can't get rid of. Period. I really wish I was kidding, but my dad got an email virus (he is retarded and opens things from people he doesn't know, or that have blatently no subject) and got a ram boot virus that no matter what he did, (he even bought a new fucking hard drive) and he STILL had the virus.

Yep, that was happening with me. I think it's Internet Explorer, because today is the day I finally decided to say FUCK IT and download Google Chrome.

So much faster.

did some tests and it is NG some how everytime i enter this site i keep getting redirected to a site called safeboy or something it one of those fake anti virus spamware i hope tom and the others know about it and do some looking into it but seeing as how its not affecting some ppl it may be the browser still its worth a look