TRAINS Forum Computer Virus?

TRAINS Forum Computer Virus?

Since the radical TRAINS Forum group change to a new format, the TRAINS Forums has acted absolutely weirdly.

Has the TRAINS Forums unwittingly or deliberately infected the computers of site visitors?

How else would one explain posting screen alterations?

For those interested, K.P. protects his computer with Deep Freeze by Faronics, at last look, a simple and cheep $45 protective tool.

KP - put up a screenshot of what you’re reporting, and comment more specifically on the anomalies.

A virus? I don’t know, the way my lap-top’s set up if there’s something questionable in the site I’m visiting I get an immediate warning to exit, and I haven’t seen it here.

I will say that the new (improved?) site has to navigated carefully, it seems you can’t zip thru the menu selections as you did before without some problems. I’m getting used to it.

KP did have a problem which locked up only trains sites. Was unable to access any but a system restore previous to the problem fixed the problem.

K.P. ( and Overmod) Strange that you should mention it…Yesterday after a session on the FORUM, and a short looksee on Drudge Report…My Computer was locked up by a screen- and a statement saying I needed to call an ‘800’ number. I immediately turned my machine off, and cut the power.

When my wife sat down to use it the same screen came back…Long and short of it, she called the 800 #, and gave the Indian/Pakastani(/) who answeresd both barrels… Made her feel good. ! She then turned it off at the switch, and we let the machine sit overnght…She turned it back on this morning…Apparently, now all is well…San Malware Bytes and Avast Virus Programs…Seems to be ok now ?

That was the first time we have had a problem like that…Sure hope it does not happen again.

I use Avast Internet Security and those built into Windows 7, and have not had problems with any of the forums – Model Railroader, Trains, Trains Magazine, or Garden Railways other than those caused by the ‘improved’ software.

Get Calm Aant Virus (clamav). It is the best that I have found and it is FREE. just google it and download and install the program. They update their databases daily to keep current.i

irus

I use three layers of protection. First is a premier AVAST, although their free version works very well. Second is free…MalWareBytes. Needs to be updated manually every time you activate it, but it does a good job ferreting out the nasties.

Last layer, also in a freeware version, but there is a paid subscription for the version with more bells and whistles, including auto-udate, is CryptoPrevent. This runs in the background and prevents third party software from encrypting/suffixing any of your files. You won’t get that dreaded “FBI has locked your computer…pay us $300 and we’ll send you a key.”

BTW, I have had no problems on this site whatsoever.

I have seen the forum pages come up where the formatting seems to have been lost… the normal 2 columns of postings on the left, and my username (and links to “Manage Profile”, “Setup”, etc.) and the text box to subscribe to the free email newsletter, on the right… all appear in one long left justified column, and the individual postings are not contained in seperate shaded bounding boxes. Embedded in it all are some of the oddball textual HTTP commands showing instead of the computer interpreting them to do the formatting.

When that happens, I refresh the page and it usually then comes back with the correct format.

I don’t see that as a “Virus” doing nasty things, I see it as the internet is so bogged down with SPAM and D.O.S. attacks, as well as the number of people that are streaming videos such that data gets lost in the general buffoonery and that manifests as squirrelly displays. I tend to blame my ISP for most of the slowness I experience and the lost data, but it could be happening almost anywhere on the “Internet” itself.

If you get a screen that trys to get you to call a phone number, then you have managed to get to a site that probably has been hacked to redirect you to a Malware site. I fear that calling the 800 number only managed to get a BIG CHARGE added to your phone bill. 800 numbers can also be hacked to redirect you to a long distance number that you will be charged for using. Unloading on the idiot that answers only get that person to smile as you are PAYING THEM for the priviledge of teaching them new 4-letter words. I suspect that after you get your phone bill a couple of months from now with the $10 to $100 charge you can probably get it removed if you complain long and loudly enough to the phone company, but your refusal to pay may be reported to the credit reporting agencies and removing THAT will be the next item on your agenda. Best of lu

I concur with much of the advice given: you NEED to be proactive with malware scanning, and it’s unlikely that just a reboot has ‘cured’ much of anything.

Be sure to start with a known ‘restore point’ in the machine – ideally, one made at a time you had all your software and applications configured properly, but before any known malware activity. Go into ‘add and remove programs’ (or whatever it’s called in your version of Windows) and get rid of any toolbar or ‘utility’ programs you don’t want or remember. Even if it has a familiar or famous name. It can be astounding how slow even a modern computer can become when it’s processing each keystroke through 50 or more layers of software…

Go into your browser and prune out all the cookies you don’t want, including anything with ‘ad’, ‘doubleclick’ or ‘checkm8’, or ‘media’ in its name. (If you can find an online list of tracking sites – use it as a reference!)

Then start actively ‘cleaning’ with the Piriform CCleaner – note that this has two separate sections that you should run, one for files and one for the registry. Download it directly from Piriform, not from FileHippo or some other download source. You’ll probably have to run the registry tool a number of times (make a backup each time) until no more issues are identified.

When you are done with this, find and run the Malwarebytes Anti-Malware tool. (This may take a while to run.)

And when that is done, install the Avast! antiviru

Overmod (10-4):

As you requested … The composition screen and buttons for the first post:

The buttons afterward:

Obviously, one can’t post efficiently with photos or insertions without the buttons for them!

Take care,

K.P.

KP, I think it’s just our nasty little IT gremlins fouling up some more.

I still have those flat, grey, crudely-drawn mystery-meat buttons for link, image, and video in my bar (this is Firefox 32.0.3 on a Mac running 10.9.5) … it’s just that two of the three of them don’t work right.

I think the failure with link insertion is related to the ‘Target’ dropdown, which doesn’t even really need to be there when inline insertion of a clickable URL is almost certainly the principal use.

The image tool works nicely – although I’m too lazy to figure out where the ‘image description’ is supposed to display…

Larry Morgan's portrait of 'Old Rivets'

And this is what happens when you use the ‘insert/edit video’ tool on a YouTube video with an ‘embed’ code:

And here is the image tool with the same video as above, using the share URL:

([sarc]Hear the crickets chirping instead of steam locomotives?[/sarc])

Hopefully since the IT people have done all that work for so many weeks they can re-enable the spam-in-a-can functionality that supposedly still exists in the Web site code, and fix this. But I want them to fix the problem they’ve introduced with posts displaying in the wrong order first!

II have many layers of protection, the more you have tha better it is. I have three firewalls, anti spam and anti intrusion protection, security enhanced linux an aniti spoofing program and clam anti virus which I keep automatically updated daily. \

Twice, I have watched while someone tried to hack my system. I laughed while they tried to hit their head against the perverbial “granite wall”. I back tracked them and told my ISP’ security department what the real netework address was for them. NO system is entirely secure, BUT you can make it very hard for people to get into your system.

A note to Angela might be appropriate. The Descending order is in advanced settings which appear not to be working. Another post sent me there and changing settings did not help. For example I already had newest to oldest setting but it is not working as such. Changed other settings and found no change.

If you suspect that your Windows system is infected, any cleanup is best performed from a standalone (self booting) rescue CD. A good list to start with is here: https://www.raymond.cc/blog/13-antivirus-rescue-cds-software-compared-in-search-for-the-best-rescue-disk/ Also look at this page under Rescue Media: http://www.techsupportalert.com/content/probably-best-free-security-list-world.htm?page=25%252C22,2&order=title&sort=asc

As reported in another topic, I can simulate the above ‘missing buttons’ symptom Only when using the Internet Explorer browser.

I only have access to version 11 under Win7, so someone else may not have the exact same experience. The new forum theme does not seem quite bug free yet so IE11 might work in the future. In the meantime, Firefox works fine for my purposes.

Makes no difference if its Win7 or 8.1 - With IE11 the buttons and the Insert tool disappear.

@BaltACD, thanks for your report with using IE on Win 8.1. I just decided to fire up old IE 8 on WinXP for a ‘laugh’. So far, just saw an error message that probably indicates some incompatibility with the forum web page. Not unexpected, since Microsoft has a shameful and notorious history of not keeping IE up to date with actual W3 standards.

UPDATE: Don’t know whether to laugh, cry or curse. The Insert buttons do Not disappear when using IE 8 !! Here’s an Insert Link test:

http://cs.trains.com/trn/f/742/t/229021.aspx

Oh well, that didn’t work, just like other browsers so far.

Not sure if this tip is buried in the above advice. but I strongly recommend that you do your regular computer work logged in as a standard (limited) user, not an administrator.

Too many OEMs and computer dealers who should know better do not set up two accounts, one of each type. Windows UAC defaults seem a little too permissive but I’m not sure what to recommend here yet.

At any rate, unvetted third party ‘pop up’ ads should not have access to sensitive parts of the system. If you suspect that your regular account is comprimised, log in as administrator and migrate to a new ‘regular’ user … after performing the malware cleanup recommended above.

Knock wood, but I’ve never been hit with a virus even with Adblock turned off on legitimate sites like trains.com.

I’ve been having troubles ever since we done got “upgraded”…inability to post replies, edit comments, post pictures, when I do manage to get a reply window to open it scrunches the entire reply into one incomprehensible mash of a text block. And it’s entirely due to the screwed up messed up “upgrade” I am so sick and tired of it that I am having thoughts about whether its worth continuing to participate. It’s not just here but also over on MR and eventually the whole site will get “upgraded” :frowning: