myfilestore redirect / hijack - Page 2 - diyAudio
Go Back   Home > Forums > Site > Forum Problems

Forum Problems If there is a forum related problem please leave a message here so an Admin will see it.

Please consider donating to help us continue to serve you.

Ads on/off / Custom Title / More PMs / More album space / Advanced printing & mass image saving
Reply
 
Thread Tools Search this Thread
Old 17th April 2013, 02:01 PM   #11
diyAudio Member
 
Join Date: Jan 2005
Location: Østfold
I get it on google, really annoying.
__________________
Note to myself: Never again use fingers to check if there still is voltage left in a capacitor...
  Reply With Quote
Old 17th April 2013, 02:50 PM   #12
diyAudio Member
 
Join Date: Jun 2011
Getting it off google searches with Chrome here. Hitting refresh (CTRL+R) always brings up the proper page.
  Reply With Quote
Old 17th April 2013, 03:10 PM   #13
GM is offline GM  United States
diyAudio Member
 
GM's Avatar
 
Join Date: Jun 2003
Location: Chamblee, Ga.
Is this related? For the last couple of days I've been getting this AVAST 'trojan' blocked pop-up every time I click on a DIYaudio forum thread update email link to open it in a new CHROME tab:

URL: diyAudio - Smilies...
Process: C:\Documents and Settings\GM\Local Setti...
Infection: HTML:RedirDL-inf [Trj]

GM
__________________
Loud is Beautiful if it's Clean! As always though, the usual disclaimers apply to this post's contents.
  Reply With Quote
Old 17th April 2013, 04:25 PM   #14
diyAudio Member
 
Join Date: Mar 2005
Location: Bakersfield Ca
It is an issue with the forum hopefully the moderators will pick this up

Bill

Wed 25th May '11, 5:13pm

See also http://articles.digitalpoint.com/con...ze-vBulletin-4





Use YUI 2.82 (or 2.9.x)
vBulletin 4.x currently ships with an outdated version of Yahoo User Interface (version 2.7.0). You can simply replace 2.7.0 with 2.9.x without any problems (2.8.x has a number of bug fixes, and so does 2.9.x).

The easiest way to do this is to go to Settings -> Options -> Server Settings and Optimization Options and make sure your Use Remote YUI setting is set to use Yahoo or Google remote hosting. Then edit your includes/class_core.php file and change this line:



PHP Code:

define('YUI_VERSION', '2.7.0'); // define the YUI version we bundle



to this:



PHP Code:

define('YUI_VERSION', '2.8.2'); // define the YUI version we bundle
  Reply With Quote
Old 17th April 2013, 04:52 PM   #15
fakeout is offline fakeout  Canada
diyAudio Member
 
fakeout's Avatar
 
Join Date: Feb 2012
My website is redirected to myfilestore.com - vBulletin Community Forum

I don't know if this helps but there are some links to the same forum on this issue.
__________________
Feeling Good by David Burns
  Reply With Quote
Old 18th April 2013, 03:35 PM   #16
diyAudio Member
 
Join Date: Mar 2006
Location: New Jersey
I'm assuming (hoping) this exploit is local to the diyaudio site, and not a redirect that loads things on to the local computer. I say that because once I saw it happen on my PC I tried it from my Android tablet and the same thing happened, which kind of suggests it's not getting driven from the local device (fingers crossed).

I also ran Antimalwarebytes, S&D, and Microsoft Essentials in regular and Safe mode and nothing was found on my PC. The last thing I did was try to access some known anti-virus sites like Kapersky and Symantec from Google and Yahoo. I could access them okay. The locally invasive form of this exploit (based on what I've seen), once installed will also keep the user from accessing sites like this, or from running programs like AMWB and S&D.

Could others who've seen this to try and run scans on ther own machines to see if anything got installed?
  Reply With Quote
Old 18th April 2013, 04:15 PM   #17
qusp is offline qusp  Australia
diyAudio Member
 
qusp's Avatar
 
Join Date: Oct 2009
Location: Brisbane, Australia
I just got hijacked and redirected to a site that said the file or resource did not exist, with a further popup in front and behind it, sorry I didnt take more note of the content, as I closed it and the popup behind it straight away. I was clicking on a google link to a thread here. I clicked again after closing the windows and it linked me fine. i'm on Mac OS Lion using firefox.
  Reply With Quote
Old 18th April 2013, 06:30 PM   #18
Mooly is offline Mooly  United Kingdom
diyAudio Moderator
 
Mooly's Avatar
 
Join Date: Sep 2007
Nobody (to my knowledge) has reported anything malicious being forced onto their PC from this re-direct.

I tried Kaspersky too, and also scans with MSE that I use and all were clean.
__________________
-------------------------------------------------------
Installing and using LTspice. From beginner to advanced.
  Reply With Quote
Old 18th April 2013, 06:57 PM   #19
Jason is offline Jason  Australia
:)
diyAudio Administrator
 
Jason's Avatar
 
Join Date: Oct 2000
Location: Melbourne
Blog Entries: 1
Sorry for the slow update on this, it hasn't been simple to resolve and we're taking some extra measures to ensure the best result. In the meantime, you might like to add "myfilestore.com 127.0.0.1" to your hosts file (you can follow the example here for Windows but but replace myfilestore.com with the ebay.com which is used in the example).
  Reply With Quote
Old 18th April 2013, 09:33 PM   #20
Jason is offline Jason  Australia
:)
diyAudio Administrator
 
Jason's Avatar
 
Join Date: Oct 2000
Location: Melbourne
Blog Entries: 1
The bug has been squashed. Thanks Chris719 for the link. According to that site thousands of vBulletin websites have been affected by this in the last few days.

My apologies that this was not fixed quicker. The problem was reported just as I was getting on a 12 hour flight, my connecting train that was meant to have wifi didn't (iCE), and the internet sim card I got refuses to tether (Ortel).

Today after seeing that the malware links weren't in the HTML source I assumed this was going to be worse than it was (think "Darkleech", which has consumed 20,000 websites recently) and blew several hours with forensics, web server recompiles and hatch battening that weren't necessary at all.
  Reply With Quote

Reply


Hide this!Advertise here!
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
browser hijack repair recommendations PeteMcK Everything Else 14 9th January 2009 03:05 PM
They HiJack your Browser! lineup The Lounge 2 20th February 2007 11:12 AM


New To Site? Need Help?

All times are GMT. The time now is 10:47 PM.


vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
Copyright ©1999-2014 diyAudio

Content Relevant URLs by vBSEO 3.3.2