UKBouldering.com
technical => computers, technology and the internet => Topic started by: clm on April 12, 2005, 10:10:15 pm
-
i keep getting a pop up but omnly when i visit this site. it is a box entitled MS internet explorer saying do you want to download free soft ware and giving me the option of yes and nothing else. seems to be associated with a download box for some movie software. only happens with this site and freezes up the windows until i click yes. is it this site or is it my computer?
-
I'm getting it too and its fucking annoying. :evil:
-
im getting the same thing, only on the front page. but over and over bout 10 times.
getting on my tits
-
I get this as well, its annoying
-
Looking into it now people...
-
Am getting it too
-
As far as I can see, it only happens in Internet Explorer - is anyone getting it using Firefox?
-
I get it too. I changed some of the activeX settings on my tinternet explorer security and its OK now. We all know IE blows, but some of us are stuck with it at work.
-
I've found the problem - somehow, some code had been inserted into the forum configuration database which caused the software to pull in some .php code from a malicious site.
I have removed the offending code from the database (It was nothing too serious but was annoying adware)
Unfortunately, if you have already been infected, it's probably dropped some files onto your PC.
* I have done the following and the problem has gone away *
i) Exit IE
ii) Empty your temporary internet files (in C:\windows\documents and settings\*your user name*\local settings\
- There is a particular file, starting with name "ireg32" that will be infected.
iii) To be certain, run a full virus scan using a good, up to date virus scanner like Norton Antivirus (it should pick up a virus in a file with a name starting with 2ireg32" - NB it may not be able to automatically fix this problem.
iv) Stop using Internet Explorer !
- I know I've said this many times, but running IE on your computer is a huge security risk - use Firefox instead. As Dave says, I know lots of you have to use it at work, but don't use it at home.
btw Dave, what Active X settings did you change?
If you require more information, which may be pertinent to your setup (most of it didn't apply to mine), please look at this page (http://securityresponse.symantec.com/avcenter/venc/data/trojan.domcom.html).
-
Didn't get it this time I entered site.
-
i don't get it. la la la.
but i am using bad/angry firefox...
-
Cool, I think it's sorted now, but also make sure to check your PC for the infected file.
Thanks for bringing this up though CLM, I would never have noticed it otherwise.
-
can't remember exactly what i changed, but went into the custom settings on the internet security zone and switched summert from "disable" to "prompt" (everything else was already set to enable or prompt as part of the default meduim security setting), the thinking being i could get to choose what was going on and shit.
-
Its gone. WooHoo
-
anyone else getting redirected to http://www.cashtoolbar.net/reg.php?ref=2351 a few seconds after ukb loads?
-
yes, its f*ing annoying
-
Yep, just started happening since i got back from lunch.
-
i think someone is twisting our shit.
-
me too.
-
its now telling me there are no posts in the bouldering forum!!?!?!
-
The no posts thing is an intermittent problem and nothing to do with the cashtoolbar.net one.
Ok, I've just re-tested in IE and checked the database and all is well.
Have you gone through all the steps I outlined in my earlier post? If you haven't, then it's going to keep happening because it places infected files on your PC. I've sorted the server end, but you've got to clean your own PC at your end.
-
The no posts thing is an intermittent problem and nothing to do with the cashtoolbar.net one.
Ok, I've just re-tested in IE and checked the database and all is well.
Have you gone through all the steps I outlined in my earlier post? If you haven't, then it's going to keep happening because it places infected files on your PC. I've sorted the server end, but you've got to clean your own PC at your end.
Yes, I only use firefox anyway.
I checked anyway and i had no spyware or viruses.
-
Which page is affected? I'm using firefox and the main forum and the portal page aren't having problems.
-
http://www.ukbouldering.com/board/
It would reload after a few seconds to cashtoolbar.cunts
Although curiously its not doing it anymore ie last 15 mins
-
curiously
i saw this word and immediately twirled my 'tache.
the plot thickens...
-
have you written anything remotely serious today cofe? Or let alone that, done any work?
-
no. no.
no. no. no. no.
no. no. no. no.
no. no there's no limit.
-
It looks like this problem may have re-occurred. This is exremely annoying.
Really, this pre-modded version of phpbb has been a bit of a nighmare and I'm now considering going back to a standard install of the latest version of phpbb. I was going to hold out until the release of phpBB Olympus but this has been once again delayed.
Unfortunately if I choose this route, many of the nice "extras" will be lost (eg sub-forums) but I think that this is preferable to having people getting infected with dodgy spyware.
-
Apparently there's a major security problem with phpbb 2.0.10. Could you upgrade to 2.0.12?
http://www.phpbb2.de/portal.php?topic_id=25058
But apparently there's a major security problem with 2.0.12 as well:
http://www.phpbb.com/phpBB/viewtopic.php?t=267563
-
Thanks Jon - I checked phpbb2 earlier but couldn't find anything :oops:
I'm tempted to go back to a vanilla install anyway because this one runs like a pig. I'll have to test it out first so will take a few days.
-
btw, phpbb2.de isn't the real phpbb - it's a pre-hacked version - the real version is at phpbb.com and is already at 2.0.13.
-
or even 2.0.14
-
pedant :lol:
I might upgrade to php 5 at the same time....
-
pedant :lol:
I might upgrade to php 5 at the same time....
is everybody having the same problems with running phpbb2?
-
i dont understand all these numbers.
re my original problem (which has randomly fixed itself). do youn think by clicking yes when it asked me if i wanted software it actually started to download shit onto my machine or just gave me the next pop up?
had to click yes to unfreeze explorer.
-
is everybody having the same problems with running phpbb2?
These problems come and go - phpbb is the most popular forum software so it's going to have a lot of attacks against it.
Really, the problem lies with IE anyway - it's the IFRAME exploit in IE that causes all these problems, if you use Firefox this doesn't happen.
-
i dont understand all these numbers.
re my original problem (which has randomly fixed itself). do youn think by clicking yes when it asked me if i wanted software it actually started to download shit onto my machine or just gave me the next pop up?
had to click yes to unfreeze explorer.
It might have downloaded something - run a full virus/adware check.
If you get the same problem again, just go to the task manager and kill IE.