Has anybody else had a problem with spyware anti-virus being installed? I kept getting a java window pop up everytime I came to the forum and then it would close everything and come up with the anti-virus software crap. I know it is from the forum because I tested it on 2 pc's and it happened to both as soon as I loaded okctalk. I was able to use norton to get rid of it but I can not go to the foorum with out it trying to do the java thing.

That didn't happen to me, but something else would everytime I'd come to Okctalk. Everytime I came here the page would automatically scroll down to the bottom. Whenever I'd open a new page, again, it would scroll me down to the bottom of the page. Very annoying. So happy it stopped. Oh yeah, this started happeneing about 2 days ago, and just today it stopped.

I'm having both of those issues - the virus thing only part of the time.

I'm having both of those issues - the virus thing only part of the time.

Ditto for me. Thank goodness for Norton.

Now both issues seem to have stopped. Did someone do something?

On my home computer it is happening but not at work. The only issue that I have had at work was that it has detected a trojan that trying to install itself and was blocked by my anti-virus. This is a bit more than disconcerting.

You guys all need to stop watching so much porn while you're posting on here! jk

I got the virus too, had to just do a system restore..it keeps coming back though. I could stand to lose thousands and thousands of urban photos and renderings I've been stashing. It unsuccessfully attempted to cause problems on the cp I use at work, too. Not cool.

I noticed it yesterday at home when my browser would automatically redirect me right back to google after I tried to open the www.okctalk.com page.

My browser at work directed a pop-up that told me there was a virus trying to install, and named the .exe extension.

I'm posting from my iPhone now. Doesn't seem to have the same effect (I hope).

I got the virus too, had to just do a system restore..it keeps coming back though. I could stand to lose thousands and thousands of urban photos and renderings I've been stashing. It unsuccessfully attempted to cause problems on the cp I use at work, too. Not cool.

You can't get rid of it using a system restore. part of the virus checks to see if the registry entries are removed and if they are, it will re-install them. Norton was able to fix it (actually prevent it).

If you don't have Norton here are the manual steps to remove it. Just click on the Remove tab when the page loads. It will probably take you a while to do all the steps.

Trojan.Zefarch | Symantec (http://www.symantec.com/security_response/writeup.jsp?docid=2009-012801-2706-99)

I got the virus too, had to just do a system restore..it keeps coming back though. I could stand to lose thousands and thousands of urban photos and renderings I've been stashing. It unsuccessfully attempted to cause problems on the cp I use at work, too. Not cool.

You can't get rid of it using a system restore. Part of the virus checks to see if the registry entries are removed and if they are, it will re-install them. Norton was able to fix it (actually prevent it).

If you don't have Norton here are the manual steps to remove it. Just click on the Remove tab when the page loads. It will probably take you a while to do all the steps.

Trojan.Zefarch | Symantec (http://www.symantec.com/security_response/writeup.jsp?docid=2009-012801-2706-99)

As I said in the other thread, yesterday I logged in & my anti-virus caught a trojan & vaulted it. Today here at work I haven't had an issue like that but almost every time I've gone to the site, my IE has crashed & had to recover itself.

Okay, apparently the "virus" thing was listening to what I said because now I'm getting that pop up box asking me to run some virus scan. When I hit "no," it just pops back up, and I have to close the browser.

Did someone hack the place? hmmmm.

From what you are describing sounds like a Trojan I had to deal with on a friend's computer awhile back. Definitely something going on with the ad provider Pete is using for this. Easiest thing to do, block all ads.

I'm blissfully ignorant of this problem, because I'm using a Mac and have never had any virus, unwanted spyware, worms, or any other such thing. I can't believe people still subject themselves to Windows (and Norton is far from foolproof).

I'm blissfully ignorant of this problem, because I'm using a Mac and have never had any virus, unwanted spyware, worms, or any other such thing. I can't believe people still subject themselves to Windows (and Norton is far from foolproof).

Agreed 100%. I stopped buying Windows computers a long time ago. Not worth my hassle. I work in IT and am forced to deal with it at work...not gonna subject myself to that at home too.

I did some reading online and apparently a number of vBulletin sites have been attacked..

It is a virus attack, via VBSEO (not VB directly).

There was a Security Bulletin on the VBSEO site with release to fix: "A potentially serious security vulnerability has necessitated the release of vBSEO 3.3.2. All customers are urged to upgrade immediately to vBSEO 3.3.2. This hole effects all versions prior to 3.3.2. If left un-patched, your system could become compromised."

Pete, you watching?

I did some reading online and apparently a number of vBulletin sites have been attacked..

It is a virus attack, via VBSEO (not VB directly).

There was a Security Bulletin on the VBSEO site with release to fix: "A potentially serious security vulnerability has necessitated the release of vBSEO 3.3.2. All customers are urged to upgrade immediately to vBSEO 3.3.2. This hole effects all versions prior to 3.3.2. If left un-patched, your system could become compromised."

Pete, you watching?

Nice find. Which means this site probably won't get patched for a couple months. /sigh

Nice find. Which means this site probably won't get patched for a couple months. /sigh

True. Pete comes on here, make a post or two regarding the Devon Tower and then leaves. He doesn't even care about the posts in here and most likely wouldn't do anything until someone replaces him.

I'm blissfully ignorant of this problem, because I'm using a Mac and have never had any virus, unwanted spyware, worms, or any other such thing. I can't believe people still subject themselves to Windows (and Norton is far from foolproof).

LOL - just wait until more than a few hundred people are using Macs. Do you know why most people are bitten by sharks in 3 feet of water? Because that is where the people are. Do you know why most viruses target Windows? Because that is where the users are. Macs aren't any more secure, there just aren't enough users for a hacker to target. Besides, no one is doing anything important on a Mac anyhow so that kind of takes some of the fun out of hacking it.

This site has a virus.

And now I'm getting the JAVA pop-up.

True. Pete comes on here, make a post or two regarding the Devon Tower and then leaves. He doesn't even care about the posts in here and most likely wouldn't do anything until someone replaces him.

I'm on here virtually every day conducting admin duties that you never see. I've also poured thousands of my own money in this site so people like you can access it for free.



We're aware of the problem and working on it. Hope to have it fixed soon.

Sorry for the trouble.

Just did a quick scan of the posts and I have a question. Are those experiencing problems on a Mac or PC? Am using Macs at home/work and haven't had any of the problems described.

I am on a PC, have Kaspersky's Internet security system and when I come here, my virus protection sends me a box that says there was a trojan virus, but it stopped it.

Just did a quick scan of the posts and I have a question. Are those experiencing problems on a Mac or PC? Am using Macs at home/work and haven't had any of the problems described.

both..

I get get a warning about .exe's and java .jar files attempting to execute on windows machines and warnings about the .jar files on linux and mac machines..

I'm on here virtually every day conducting admin duties that you never see. I've also poured thousands of my own money in this site so people like you can access it for free.



We're aware of the problem and working on it. Hope to have it fixed soon.

Sorry for the trouble.

A response! :ohno:

It would help if you set up a PayPal mod for the forum and have a PayPal account set up to connect it all together. Make it really visible. From there, people can donate anytime and as much as they like. Not that hard. It adds up if most of us pay 5 bux a month. :-)

Thanks for fixing the issue. It went away.

A response! :ohno:

It would help if you set up a PayPal mod for the forum and have a PayPal account set up to connect it all together. Make it really visible. From there, people can donate anytime and as much as they like. Not that hard. It adds up if most of us pay 5 bux a month. :-)

Thanks for fixing the issue. It went away.
Your lack of gratitude is appalling. Why don't you create and manage your own forum if you have all the answers?

No, it's still happening. I'll start up the Firefox, come to the website, the plug-in loader bar will drop, I'll 'x' it off and it shuts down Firefox. I load Firefox again, and the site is good to go... And yes, at least the page doesn't drop down to the bottom anymore!

Problem still here.

Loading from:
http://cikegi.in/x/?src=PsyImported&id=dogma&o=o

Hmm... no problems here.

We haven't fixed it yet.

Hopefully later today.

Other sites are having the same problem.
Strange new forum issue - Page 3 - Puppy & Dog Forums (http://www.dogforums.com/16-suggestions-feedback/79021-strange-new-forum-issue-3.html)

Maybe this will shed some light on what is happening.
http://support.clean-mx.de/clean-mx/viruses.php?domain=cikegi.in&submit=query

Your lack of gratitude is appalling.

Well said, MadMonk.

@Pete: I appreciate the time & money you've invested into okctalk.com. I enjoy the boards and have found them to be a very useful tool as well in my local business dealings. If I'm not mistaken, there's already a way to contribute money, by purchasing a particular type of membership? If you could explain how, I'd like to contribute.

My work computer has a beefier security system on it so the only trouble I'm having is with IE crashing. My home computer is the one actively chirping at me about trojan's, and last night a bogus security scanner kept popping up. I'll spend some time this evening trying to figure out what it is & how to get rid of it. Will just check from work to see if the boards are working properly again, so I don't risk my home computer again :)

I was just posting on the HeyMartha forum and it disappeared -the screen said that Internet Explorer modified the page to prevent cross-site posting. Now I can't get the Martha to come back. ???? Does anyone know what that means? Could it have something to do with has been happening over here? What is cross-site posting?

I was just posting on the HeyMartha forum and it disappeared -the screen said that Internet Explorer modified the page to prevent cross-site posting. Now I can't get the Martha to come back. ???? Does anyone know what that means? Could it have something to do with has been happening over here? What is cross-site posting?
Cross-site scripting - Wikipedia, the free encyclopedia (http://en.wikipedia.org/wiki/Cross-site_scripting)

Those of you running browsers that allow it might want to look into some third-party security enhancements. For example, Firefox users can install add-ons such as Adblock Plus (https://addons.mozilla.org/en-US/firefox/addon/1865/) and NoScript (https://addons.mozilla.org/en-US/firefox/addon/722/).

Oh my! I have no idea what that said! I think I'd better turn this thing off 'til HJ comes home from work. Thanks!

Its just the federal government spyware malfuctioning. LOL

Your lack of gratitude is appalling. Why don't you create and manage your own forum if you have all the answers?

The cost associated with operating a high traffic forum is a bit inflated if you aren't willing to manage and operate it yourself. I have a feeling the most of the costs Pete is wasting is on a 3rd party hosting company who is taking him to town on bandwidth usage. Granted they may be locked into a contract or simply don't have the time/energy to manage a server to host the site.

Still no issues here with Chrome, so it is likely exploiting something in a few of the browsers. If you keep having the issue, until the fix is deployed, utilize one of the browsers that aren't being impacted.

I'm not usually this harsh, but THUNDER, you should politely leave the site and never come back after that little outburst. Selfish. Thoughtless.

This thing is getting really annoying. I can't keep the freaking forum up withouth it doing something crazy.

I'm not open to using another browser, and i'm not going to diable javascripts because then other sites don't work.

I feel the pain about supporting a site for free and spending your own time and money...I've been doing the same for almost a decade now....but you still have to make the thing work. And if your hosting company finds out that your site contains a virus or malware like this, eventually they will shut you down until you can prove it's clean.

Webroot Antivirus with Spysweeper catches the url and blocks it.

omitted

I feel the pain about supporting a site for free and spending your own time and money...I've been doing the same for almost a decade now....but you still have to make the thing work. And if your hosting company finds out that your site contains a virus or malware like this, eventually they will shut you down until you can prove it's clean.
When you pay for managed forum hosting (as is the case here), you don't have to fix it yourself and they don't shut down your site unless it's severely impacting the performance of their other customers' sites. Presumably he has an open ticket with URLJet and they're working on it. Since support and this type of admin work are the reason most people choose to pay significantly more for managed hosting, I hope that the hosting company gives him his money's worth and fixes it well and quickly.

I'm blissfully ignorant of this problem, because I'm using a Mac and have never had any virus, unwanted spyware, worms, or any other such thing. I can't believe people still subject themselves to Windows (and Norton is far from foolproof).
Don't get too cocky. Your "iPC" isn't bulletproof, just below the radar of most of the exploit writers. You still need to keep it updated and patched.

About the security content of Security Update 2010-004 / Mac OS X v10.6.4 (http://support.apple.com/kb/HT4188)

I've never had an exploit get to my PC, but that doesn't mean I can forget about security updates.

People that think that Linux and Mac are somehow not vulnerable are very sadly mistaken. The fact is, Windows is proven to actually be just as, if not more, secure than the other platforms. The problem is that because Windows so much more prolific, it has more people trying to kill it. That DOES NOT equate to Linux and Mac being more secure...their time will shortly come.

Just because you didn't hit a mine in a minefield, doesn't mean the mines aren't there.

Just spent the last hour removing "Antivirus Securite Suite" from my computer after it loaded from this site. I just had to add my "me2."

If your PC has a registered copy of Windows you can download Miscosoft Security Essentials (http://www.microsoft.com/security_essentials/) for no charge. Between that program and the built in security features of IE-8, the most inconvenience I've experienced due to the bugs on OKC Talk has been the bottom jumping thing.

The bottom line IMO is that if your computer was compromised b/c of the bugs on here, you ought to take that as a warning to upgrade your security before you have real computer problems.

For whatever reason my rig has not been effected but, I will have my wife (The Guru) check it out. I never even log-out. Guess I better start doing that.

If your PC has a registered copy of Windows you can download Miscosoft Security Essentials (http://www.microsoft.com/security_essentials/) for no charge. Between that program and the built in security features of IE-8, the most inconvenience I've experienced due to the bugs on OKC Talk has been the bottom jumping thing.

The bottom line IMO is that if your computer was compromised b/c of the bugs on here, you ought to take that as a warning to upgrade your security before you have real computer problems.


Excellent advice. But, I am running Microsoft Security, AVG antivirus, and Firefox. All up to date. The only thing that I wasn't running is realtime malware blocker, as I have never seen the need. I have one now, and BTW, it just blocked a trojan.dropper from installing off this site. I am very computer savvy, and have NEVER been hit with a virus, trojan horse, or malware until now.

Point is, something on this site has been compromised and is attempting to serve a trojan dropper to everyone who visits, and it has been happening for several days. While I didn't have a malware blocker that would have stopped it (my bad) the site admins should have found the problem by now and fixed it.

I use Returnil, an instant System Restore Imaging program that is always clean on reboot. It returns your system to a "perfect state" at boot. So, yeah, I got the trojan - but I did a reboot and I was back to my perfect state. The program is like Deep Freeze if some of you are familiar with that.

I'm surprised URLJet has not fixed this yet.

Edit: I just noticed the site is still running vBadvanced CMPS v3.0.1 .... the latest update in the Version 3 series is v3.2.2. That was updated (many times) with security patches. Is URLJet responsible for updating the VBulletin and its add-ons? Bad practice going on here.

Another IMPORTANT edit: OKCTalk is still running the actual vBulletin platform at version 3.7.4. I can understand wanting to maybe wait to upgrade to the vB4 versions, but the version of vBulletin running now is a year and a half old. The fact this attack was successful against such an old version, without all the security fixes, should be no surprise. It's too bad so many had to suffer for lack of basic maintenance. From my understanding of certain posts, Pete is paying good money for maintenence of his forum that he is NOT getting. Whoever is responsible should get these updates and do it immediately. Take the site offline and fix this. Too many without a high-level of security knowledge are getting burned badly.

Just curious - those of you getting affected by this, are you using Windows XP or are you on Windows 7? I've got multiple PCs that I access this site on and none have been affected. I even tried to get a problem on an old PC that I upgraded to 7, but I've been unable to duplicate any problems mentioned here.

Windows 7 here.

It's actually going to be more browser-specific than what version of Windows. Then, browsers are all setup differently with various settings for security allowances. Javascript is the culprit in most instances, with the Internet Explorer BHO being another, ActiveX, on and on it goes. Some browsers are set by users or system admins to block JS/AX/BHO, some just one, some even stricter blocking flash and other things that make systems vulnerable. So, while the site itself is infected, it is being used as a rogue distributor by re-directions, dropping of one of the above, either/or, some or all.

Without seeing the exact malware being executed, I can't know for sure, but there's a possibility that all users of Firefox and Opera (and anybody not using Windows) have been safe. Meaning, it could be an attack using only the vulnerabilities of Internet Explorer, especially version 7 and (God forbid) version 6. IE 8 could also be vulnerable if it's still being run with unpatched default settings.

But I know this, had all vBulletin security fixes (and the fixes for vB's related add-ons) been applied, it is highly unlikely this would have happened.

Just curious - those of you getting affected by this, are you using Windows XP or are you on Windows 7? I've got multiple PCs that I access this site on and none have been affected. I even tried to get a problem on an old PC that I upgraded to 7, but I've been unable to duplicate any problems mentioned here. I am computer stupid but, no problems. Stupid is Bliss I quess.

I am computer stupid but, no problems. Stupid is Bliss I quess.I thought it was fixed, but the virus just tried loading again. I don't like visiting this site while it is having problems. I will try again next week.

So much for not heeding warnings. I just had to remove a half dozen trojan files on my work pc. I'm running xp pro, avg, firefox. Had to run malwarebytes in safe mode to kill it. This is posted from my iPhone. See ya later.

The issues are still happening with me. Don't know if that's news or not. Don't mean to complain as I'm thankful enough for this forum.

I'm still getting a warning every time I come in this site. I love posting here and reading all the posts, but I don't want to get a virus. What is the process of fixing the problem from your end?

Ya my Kasperskys goes crazy when im on this site.

block 91.188.59.55 is easiest solution.

How about an update, Pete, Martin, or someone on where things stand? I'm still turning of JavaScript in Firefox which gives a quick fix but I'd just as soon stop doing that if and when a green lite can be given here.