Jump to content

Redirect w/ multiple PCs/browsers, on our wired network


GoHybrid

Recommended Posts

Got an issue that I'm hoping all you smart folks can help with here. Went to a marketing website (www.smartboxwebmarketing.com) two days ago, it worked fine. Tried to go back to it yesterday to check some info, and got redirected to www.yougotrickrolled.com. But apparently the problem is not with them, it's with us.

Outside of our office (from three different home PCs AND my phone), the marketing site comes up just fine. But on our office network, on any office computer, on different OS's, using any browser, we get redirected to that same rickrolled site. Pulling in the live URL to the marketing site into a code editor gives me this:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<html><head>

<title>302 Found</title>

</head><body>

<h1>Found</h1>

<p>The document has moved <a href="http://www.yougotrickrolled.com">here</a>.</p>

</body></html>

So there IS clearly a redirect going on, but it's only on our network. And just for that site only.

I was reading about the Google redirect virus, but we get this even when we manually type the url of the marketing site directly into our browser, so I'm thinking it's not that. Could it be, since it's on every PC on the network, a problem with the router?

Kind of befuddled here. I've added the www.yougotrickrolled.com URL to my windows hosts file, which has blocked it from coming up on any browser, but that's just a bandaid, it's not getting rid of whatever is causing the redirect in the first place.

Have already run spybot, and Avira and not finding anything amiss there.

The info on this forum was really helpful when two of our PCs got hit with one of those Rogue "antivirus" viruses several months back, so thought I'd come back here and see if anyone had any ideas about what is going on with the network now. Any thoughts or suggestions?

Thank you!

~ Karen ~

Link to post
Share on other sites

As your statement seems to indicate that this is a business please contact corporate support and they will assist you with this.

I do not know if you are using Malwarebytes or not, but if you are this is what you should do.

Please send an email to corporate-support@malwarebytes.org

Also make sure you have malwarebytes.org and salesforce.com in your Safe Sender list in email.

In order to assist you better please provide the following information when contacting them.

Cleverbridge Order Reference Number:

Organization name:

Approved Contact name:

If you no longer have access to the order number you can contact Cleverbridge to obtain information about your order.

Cleverbridge customer service

Thank you

Link to post
Share on other sites

I actually signed up for this forum and asked the question as an individual, with my own personal home PC/email information, just to try and help out my boss. I'm sure you have your policies regarding personal vs business accounts, but as a "mom & pop" shop that consists of all of 4 people, one of whom is only part time, and another who frequently works from home, we barely fall under the category of "corporate". My personal network at home is more extensive than what we have here in our office.

So yes, I did write in on behalf of a business, but one that would easily just fall through the cracks of "corporate support" (I don't even know who/what a Cleverbridge is, much less have an order reference number for them). So any assistance that could be provided here would be greatly appreciated. :)

Thank you.

~ Karen ~

Link to post
Share on other sites

I understand that you have signed up using your own personal information and that's fine.

Malwarebytes being used in any business needs corporate licensing even it it is on one computer or thousands of computers. The fact that its a business requires it. The consumer version is for home users only.

Please send an email to corporate-support@malwarebytes.org and they will help you with your issue and get you licensed correctly.

Link to post
Share on other sites

I understand that you have signed up using your own personal information and that's fine.

Malwarebytes being used in any business needs corporate licensing even it it is on one computer or thousands of computers. The fact that its a business requires it. The consumer version is for home users only.

Please send an email to corporate-support@malwarebytes.org and they will help you with your issue and get you licensed correctly.

Firefox, from what I can gather, this has nothing to do with MBAM. She is simply looking for help to resolve a problem.

My guess is that someone has either tampered with your router or dns server. If it's something you can fix locally then that would be best. If the problem exists between your network and the site then you could manually point host file to the IP of marketing site.

Link to post
Share on other sites

  • Root Admin

Hello Karen,

We can assist you in scanning for an infection but it's also quite possible as rgabbard says that maybe your router has been hacked.

I would first try doing a Factory Reset of the router and see if that corrects the issue. Make sure you review any custom settings and save them or print them out before doing the reset so that you can put back valid customizations if needed.

Normally most small home based routers can be factory reset by inserting a small pin into a small hole in the back of the router for 5 to 10 seconds.

Then if it does work don't forget to set a good admin password on the router.

Link to post
Share on other sites

>>> Firefox, from what I can gather, this has nothing to do with MBAM. She is simply looking for help to resolve a problem.

Thank you. That's exactly right. :) We just happened across this forum when we googled for help with those rogue viruses earlier this year, and thanks to the clear how-to info we read here, got rid of them fairly easily via the free version of Malwarebytes. So this was the first place I thought to come back to when we started having issues with this redirect problem.

Hello Karen,

We can assist you in scanning for an infection but it's also quite possible as rgabbard says that maybe your router has been hacked.

I would first try doing a Factory Reset of the router and see if that corrects the issue. Make sure you review any custom settings and save them or print them out before doing the reset so that you can put back valid customizations if needed.

Normally most small home based routers can be factory reset by inserting a small pin into a small hole in the back of the router for 5 to 10 seconds.

Then if it does work don't forget to set a good admin password on the router.

So it might be the router then. I was wondering, since it was on all PCs on the network, if that was the case. I'll double check with my boss to see if there are any custom settings on the router to make note of and see if doing the factory reset fixes the problem. We just upgraded from DSL to cable last month, so was I've been wondering if something that was done when they installed the new hardware might have had anything to do with it as well.

Thanks for the suggestions, really appreciate it. I'll give it a go and see if that works.

~ Karen ~

Link to post
Share on other sites

I am sorry if I misunderstood, as in my first post I did mention that I was not sure if you were using Malwarebytes or not.

Are you using the router to assign IP numbers to all workstations via the DHCP feature? Or do you guys have a file server that controls your DNS and DHCP? If you use a server, it could be possible that the DNS Server is the issue. If you have no server it will point to the router.

What Model Router are you using?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.