# Noted Problems with this recent attack



## wareagle (Nov 18, 2008)

Unfortunately we have obviously been hit. The HMEM admin team is working on correcting the problem.

This thread has been set up to list the noted issues with the site. If you notice something wrong, please post it here so the admin team can have one spot to look for issues. Your help in this matter is greatly appreciated. *Please keep this thread to the point and leave the "Go get 'ems" for elsewhere.*

What we have noted so far:

1) Spam on the top Home page
2) Avitars not showing on some members
3) Wierd text showing up in posts
4) Uploaded images not showing


If you see or know of other issues related to this attack, please note them here.


----------



## Maryak (Nov 18, 2008)

W/E,

Re avatars, not only is mine not showing, but it will not let me reload it in my profile. I will try another and see if it accepts that one.

In my case it won't accept any form of picture or link  

Best Regards
Bob


----------



## GailInNM (Nov 18, 2008)

The same home page spam also shows up on top of the "Members list" and the "Show unread" and "Show replies" from the profile box.


----------



## Maryak (Nov 18, 2008)

W/E 

When I previewed my last 3cc post the first word was null.

Did not show when I posted the message.

Shows again when I previewed this message.

Best Regards and Good Luck
Bob


----------



## jack404 (Nov 19, 2008)

G'day i hate to add to your worries but heres what i have been seeing

this goes back ( i've looked ) to your web hoster

there are a number of machines under remote control who seem to be scanning other machines ( us, we users)

heres my log file

327	11/18/2008 13:27:00	Port Scan	Minor	Incoming	UDP	65.254.52.108	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:25:46	11/18/2008 13:25:58	
328	11/18/2008 13:27:42	Port Scan	Minor	Incoming	UDP	65.254.52.105	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:26:27	11/18/2008 13:26:40	
329	11/18/2008 13:28:07	Port Scan	Minor	Incoming	UDP	65.254.52.110	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:26:50	11/18/2008 13:27:03	
330	11/18/2008 13:28:28	Port Scan	Minor	Incoming	UDP	65.254.52.107	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:27:11	11/18/2008 13:27:23	
331	11/18/2008 13:28:49	Port Scan	Minor	Incoming	UDP	65.254.52.111	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:27:32	11/18/2008 13:27:44	
332	11/18/2008 13:29:10	Port Scan	Minor	Incoming	UDP	65.254.52.106	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:27:55	11/18/2008 13:28:07	
333	11/18/2008 13:38:46	Port Scan	Minor	Incoming	UDP	65.254.52.111	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:37:32	11/18/2008 13:37:44	
334	11/18/2008 13:39:12	Port Scan	Minor	Incoming	UDP	65.254.52.106	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:37:56	11/18/2008 13:38:08	
335	11/18/2008 13:40:14	Port Scan	Minor	Incoming	UDP	65.254.52.108	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:39:01	11/18/2008 13:39:13	
336	11/18/2008 13:41:00	Port Scan	Minor	Incoming	UDP	65.254.52.105	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:39:43	11/18/2008 13:39:55	
337	11/18/2008 13:41:20	Port Scan	Minor	Incoming	UDP	65.254.52.110	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:40:04	11/18/2008 13:40:16	
338	11/18/2008 13:41:41	Port Scan	Minor	Incoming	UDP	65.254.52.107	06-00-20-00-06-00	203.194.7.153	00-00-06-00-00-00		John	STRATOS	Normal	2	11/18/2008 13:40:25	11/18/2008 13:40:37	
339	11/18/2008 16:37:56	Port Scan	Minor	Incoming	UDP	65.254.52.107	07-00-20-00-07-00	203.194.16.178	00-00-07-00-00-00		John	STRATOS	Normal	2	11/18/2008 16:36:40	11/18/2008 16:36:51	
340	11/18/2008 16:38:17	Port Scan	Minor	Incoming	UDP	65.254.52.111	07-00-20-00-07-00	203.194.16.178	00-00-07-00-00-00		John	STRATOS	Normal	2	11/18/2008 16:37:00	11/18/2008 16:37:12	
341	11/18/2008 16:38:37	Port Scan	Minor	Incoming	UDP	65.254.52.106	07-00-20-00-07-00	203.194.16.178	00-00-07-00-00-00		John	STRATOS	Normal	2	11/18/2008 16:37:24	11/18/2008 16:37:36	
342	11/18/2008 16:38:58	Port Scan	Minor	Incoming	UDP	65.254.52.108	07-00-20-00-07-00	203.194.16.178	00-00-07-00-00-00		John	STRATOS	Normal	2	11/18/2008 16:37:43	11/18/2008 16:37:55	
343	11/18/2008 16:41:06	Port Scan	Minor	Incoming	UDP	65.254.52.105	07-00-20-00-07-00	203.194.16.178	00-00-07-00-00-00		John	STRATOS	Normal	2	11/18/2008 16:39:52	11/18/2008 16:40:04	
344	11/18/2008 16:41:32	Port Scan	Minor	Incoming	UDP	65.254.52.110	07-00-20-00-07-00	203.194.16.178	00-00-07-00-00-00		John	STRATOS	Normal	2	11/18/2008 16:40:17	11/18/2008 16:40:29	
345	11/19/2008 17:29:25	Port Scan	Minor	Incoming	UDP	65.254.52.110	02-00-20-00-02-00	203.194.10.39	00-00-02-00-00-00		John	STRATOS	Normal	2	11/19/2008 17:28:10	11/19/2008 17:28:22	
346	11/19/2008 17:29:51	Port Scan	Minor	Incoming	UDP	65.254.52.107	02-00-20-00-02-00	203.194.10.39	00-00-02-00-00-00		John	STRATOS	Normal	2	11/19/2008 17:28:34	11/19/2008 17:28:46	
347	11/19/2008 17:30:11	Port Scan	Minor	Incoming	UDP	65.254.52.111	02-00-20-00-02-00	203.194.10.39	00-00-02-00-00-00		John	STRATOS	Normal	2	11/19/2008 17:28:56	11/19/2008 17:29:08	
348	11/19/2008 17:30:32	Port Scan	Minor	Incoming	UDP	65.254.52.106	02-00-20-00-02-00	203.194.10.39	00-00-02-00-00-00		John	STRATOS	Normal	2	11/19/2008 17:29:19	11/19/2008 17:29:31	
349	11/19/2008 17:30:53	Port Scan	Minor	Incoming	UDP	65.254.52.108	02-00-20-00-02-00	203.194.10.39	00-00-02-00-00-00		John	STRATOS	Normal	2	11/19/2008 17:29:39	11/19/2008 17:29:51	
350	11/19/2008 17:31:19	Port Scan	Minor	Incoming	UDP	65.254.52.105	02-00-20-00-02-00	203.194.10.39	00-00-02-00-00-00		John	STRATOS	Normal	2	11/19/2008 17:30:03	11/19/2008 17:30:15	


looks like its started yesterday my time a bit after lunchtime or your early morning in the USA

it seeems there is a Admin machine thats been back doored and it has administrative access to a number of other machines and these are now looking for other victims 

hope this helps sort out your drama's

jack


----------



## Cedge (Nov 19, 2008)

Jack
I run a pretty tightly guarded system for being non commercial. I happened to notice my firewall caught and blocked an attempt to intrude on my computer last evening too. I've run a deep scan with three different spyware/ trojan suites and nothing shows up as being amiss. Not a 100% thing, but at least a bit of confidence was gained from the exercise.

Wareagle...
This attack has something to do with the forum database and probably the config.php file along with a couple of others from what I've read, this evening on the net. The symptoms it's generating all revolve around calls being made to the database... IE. Unread posts, New replies, member list and the one i just found that is really strange.

I just went to send you a PM and typed W in the "to:" box. Up popped a very long string of code for "drug adverts" right there in the little "to" box. Right at the very end of the string was your user name. I typed R into the BCC box and the same thing happened, but with Rake60 at the end. For each letter I tried, it gave the code string and a username with the corresponding fist letter. 

If you begin by typing an *" *before the letter, the code string doesn't appear and you can type in the user's name. 

I also just noticed while previewing this post, here is indeed a "null" placed in front of the first word. Here is a cut and paste from the preview....nullJack

Steve


----------



## compound driver 2 (Nov 19, 2008)

I logged on to my buisness web site before looking at this site, found the problem on here went awy for half hour then checked my buisness site agin and found my site was down.
Dont know if tehres a connection..

P/s now cant preview posts


----------



## jack404 (Nov 19, 2008)

Cedge just did a double check and yep

every attack was at the SQL ports i run a SQL server here, if you have a decent firewall,  its blocked

but the hosted machines would have a "link" of some kind that most folks dont have and i'll bet thats how it got to HMEM the machines scanning me are the admin workstations from my looking without pushing too much 
( dont want to be busted myself for back hacking)

heres my trace lookup results

OrgName:  Global Net Access, LLC 
OrgID:   GNAL-2
Address:  1100 White St SW
City:    Atlanta
StateProv: GA
PostalCode: 30310
Country:  US

ReferralServer: rwhois://rwhois.gnax.net:4321

NetRange:  65.254.32.0 - 65.254.63.255 
CIDR:    65.254.32.0/19 
OriginAS:  AS3595, AS16626
NetName:  GNAXNET
NetHandle: NET-65-254-32-0-1
Parent:   NET-65-0-0-0-0
NetType:  Direct Allocation
NameServer: DNS1.GNAX.NET
NameServer: DNS2.GNAX.NET
NameServer: NS1.GNAX.NET
NameServer: NS2.GNAX.NET
Comment:  ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
Comment:  ********************************************
Comment:  Reassignment information for this block is
Comment:  available at rwhois.gnax.net port 4321
Comment:  ********************************************
RegDate:  2003-12-29
Updated:  2007-06-01

RAbuseHandle: ABUSE745-ARIN
RAbuseName:  GNAX ABUSE 
RAbusePhone: +1-404-230-9150
RAbuseEmail: [email protected] 

RNOCHandle: ENGIN7-ARIN
RNOCName:  GNAX ENGINEERING 
RNOCPhone: +1-404-230-9150
RNOCEmail: [email protected] 

RTechHandle: ENGIN7-ARIN
RTechName:  GNAX ENGINEERING 
RTechPhone: +1-404-230-9150
RTechEmail: [email protected] 

OrgAbuseHandle: ABUSE745-ARIN
OrgAbuseName:  GNAX ABUSE 
OrgAbusePhone: +1-404-230-9150
OrgAbuseEmail: [email protected]

OrgNOCHandle: ENGIN7-ARIN
OrgNOCName:  GNAX ENGINEERING 
OrgNOCPhone: +1-404-230-9150
OrgNOCEmail: [email protected]

OrgTechHandle: ENGIN7-ARIN
OrgTechName:  GNAX ENGINEERING 
OrgTechPhone: +1-404-230-9150
OrgTechEmail: [email protected]

# ARIN WHOIS database, last updated 2008-11-18 19:10


this is part of the back trace data  the rest i had better not post but if the admins what it PM me

hope this helps 

jack


----------



## Cedge (Nov 19, 2008)

Jack 
Nice trace, but I'd nearly bet you my left testicle it's just a zombied machine. The hacker found an open port and slipped through under the fence. He was long gone without any footprints by the time you ran that whois.

Steve


----------



## jack404 (Nov 19, 2008)

Cedge 

no bet 

its a bot for sure on 6 machines 

65.254.52.105
65.254.52.106
65.254.52.107
65.254.52.108  

65.254.52.110 
65.254.52.111 

IF ( no comments) you monitored the infected machines doing the scans you'll also get a small TCP packet every now and again going back to the bot master which is probably another backdoored machine but with more access than these, but i cant as that would be illegal ( non US scanning US is a no no)

what ever the result, the hoster (Gnax) needs to clean house to prevent this again otherwise it will come back

i'm only worrying about HMEM but the Gnax machines have to be fixed before HMEM is safe


----------



## jimmybondi (Nov 19, 2008)

hi,

my english is not good enough to understand all - but maybe a solution inside:

http://www.simplemachines.org/community/index.php?topic=273816.0

Frank


----------



## rake60 (Nov 19, 2008)

I've been working on this for 2 days now.
There has been some progress, but not enough to make it go away.

I need to sleep for a couple of hours here.
I'll get back on it as soon as possible!

Rick


----------



## GailInNM (Nov 19, 2008)

In the downloads and uploads section:

I have been unable to open anything except for a simple jpg file.
The PDF's all report as damaged.
The Word document on drill sizes now contains a treatise on drugs.

Many of these are ones that I have opened in the past.

Gail in NM,USA


----------



## wareagle (Nov 19, 2008)

The more I dig the more I find....   

To all: Thanks for passing along your observations and information!!


----------



## Cedge (Nov 19, 2008)

Gail
Sounds like the same information that's being seen popping up in the PM addressee box. I checked the downloads and the same thing here. Acrobat reports the file has been corrupted and can't be displayed. Don't think I'd trust any of the files very much, at the moment anyway. 

Hang in there. 
Steve


----------



## BobWarfield (Nov 19, 2008)

Seems clear the hackers are continuing to find more they can taint. I'd be careful about downloading any file from the site until it can be verified as virus free. Need to run full virus scans on all the downloadable files and probably the images too.

At some point you'll have to ask yourself whether to take the site down for a little while and try to restore an earlier clean version. I don't know what sort of backups are available or whether they may be clean or not. Changing passwords at the moment may not help at all. They could very well have changed the code so any password changes simply get sent to the hackers and they now have the new password.

The makers of this software ought to be able to provide some help, and it would be in their best interests to do so.

It's been a nasty business!

Best,

BW


----------



## mklotz (Nov 19, 2008)

I just now (11/19 1010 PST) uploaded a new post to the "Tips and Tricks" forum and almost immediately thereafter AVG detected a Trojan Horse attempt on my system.

Don't know if it's related but it sure seems suspicious.


----------



## compound driver 2 (Nov 19, 2008)

Just browsing here my AVG is going off and Spybot search and destroy is having a field day. im outa here for the forseable future.
Good luck guys


----------



## Maryak (Nov 19, 2008)

Admins,

Sorry to add to our woes, the "Insert quote" does not work when trying to use it in the reply area. It [email protected]#$es me off when all I am capable of doing is adding to the problems and not the solutions.

Hang in there guys.

Best Regards
Bob


----------



## CrewCab (Nov 19, 2008)

Well, this machine has been logged in for most of the day and I've run both AV and Spyware programs several times, plus they are always running in the background .......... anyway ............  I have not found any problems, let's not get paranoid guys.

CC


----------



## CrewCab (Nov 19, 2008)

Maryak  said:
			
		

> Admins,
> 
> Sorry to add to our woes, the "Insert quote" does not work when trying to use it in the reply area. It [email protected]#$es me off when all I am capable of doing is adding to the problems and not the solutions.
> 
> ...



It's working here Bob ............... ??? 

CC


----------



## wareagle (Nov 19, 2008)

Bob, thanks! I've been looing at this until I think my head is going to spin off of my shoulders!! 

There a lot of problems with the site software. From what I have been seeing throughout the day, it is intermittent issues. Sometimes my avitar displays, and other times it doesn't. Likely the same is happening to the other things as well.


----------



## Maryak (Nov 19, 2008)

Agreed CC,

I have run a thorough scan (Avast), and a full scan of Adaware and nothing to report on my local machine.

Best Regards
Bob


----------



## biometrics (Nov 19, 2008)

If you visit just this URL:

http://www.homemodelenginemachinist.com

without referencing the PHP modules... like this:

http://www.homemodelenginemachinist.com/index.php

the hack isn't working and the phoney advertisements don't show, and everything appears as it should until you visit the pages like "unread posts" or the "HOME" link. 

I think that indicates that the hack is on the Forum database side of your operation... 

Best of luck.

-John


----------



## wareagle (Nov 20, 2008)

To all of our members:

Thank you for your patience while we have been sorting out the extent of the recent hacker attack. A great amount of progress has been made in getting things back to normal, but there is atill a long way to go. The forum should be operating somewhat normally now, though there may still be some issues here and there. Those will be dealt with as soon as possible.


----------



## PTsideshow (Nov 20, 2008)

Thanks for all your work! :bow: :bow: :bow:


----------



## b.lindsey (Nov 20, 2008)

Things seem pretty much back to normal this morning. I can only imagine all the tedious work you guys had to do!!! Thank you, thank you, thank you!!!

Bill


----------



## rake60 (Nov 20, 2008)

I add *MY Thank You* to the people who are working to get HMEM back on it's feet!

Their efforts are *GREATLY APPRECIATED!*

Rick


----------



## dparker (Nov 20, 2008)

To All Moderators: THANK YOU!!! Even I was surprised how depressed I became when this site was hacked. I am very glad to see that things have been repaired and I can sit here and open the site up the first thing in the morning, along with several times during the day, to read the new posts.
Thank You from the bottom of my rebuilt heart!
don


----------



## max corrigan (Nov 20, 2008)

Thanks to all concerned for sorting this problem out, everything seems back to normal now!
 Thanks again 
Regards Max...........


----------



## kustomkb (Nov 20, 2008)

Thanks for all your efforts!  :bow: I'm not a big contributer but I check in several times a day. Cant get enough!


----------



## spuddevans (Nov 20, 2008)

Well done you techy type guys, it's great to see this place back to normal. ( or as normal as it can get!!! ;D ;D ;D )


----------



## Cliff (Nov 20, 2008)

Couldn't log on to site for two days kept coming up with some junk about hotel reservations. starting to into withdrawals great site Cliff.


----------



## jack404 (Nov 20, 2008)

I say 3 Cheers for the poor, hard workin Admins!!!

issues like this are a PITA in more ways than most can count

many sites dont have full time admins and some do and still they dont get these kind of issues sorted in the ammount of time this has been

and i guess you folks also have day jobs and families you have been neglecting to get it sorted

so again i say 3 cheers to the folks , wish i was closer to send you all some home brew to relax with

thank you for all your hard work and worry

it is appreciated very much

jack


----------



## biometrics (Nov 20, 2008)

BRAVO !!!! Good Job.


----------



## Paolo (Nov 20, 2008)

THANKS Admin...!!! :bow: :bow: :bow: :bow: :bow:
Cheers Paolo


----------



## dsquire (Nov 20, 2008)

To all administrators and moderators :bow: :bow: :bow:

I would like to thank you all for taking whatever time you have away from family, work and whatever else got put on the back burner, to make the repairs to HMEM to get it up and running the way it was intended. While I don't make many posts to the board, I do read all the posts made by others. In reading these post I find that I learn something new everyday. Sometimes a post will provide a link that will take you to another site that you never knew existed and you can literally spend days just poking around the site.

I think we all take things for granted sometimes. When the site goes down or has problems we realize how much we miss it and it gives us a wake up call. I believe most of us have experienced this in the past couple of days.

To this I say, thank you for the site, thank you for the hard work put in moderating the site, and thank you for keeping the spamers and other idiot's at bay so that we may continue to enjoy the site.

Thank you :bow:

Don


----------



## wareagle (Nov 20, 2008)

Guys,

Seeing the replys here make it all worth it! Thank you all very much on behalf of everyone working on the issues that we have faced over the past couple of days.

 :bow: :bow: :bow:


----------



## Brass_Machine (Nov 20, 2008)

Our admins rock 
	

	
	
		
		

		
			





nuff said!

Eric


----------



## jimmybondi (Nov 20, 2008)

> Our admins rock



a well cooled beer on them

Frank


----------



## ChooChooMike (Nov 20, 2008)

Hey, how about sending in some donations to support the site ? I know it's a labor of love for the owner folks, but I'm sure they'd appreciate some pizza/beer $

How about it owner dudes ? Is there a PayPal addy we can use to toss some coin yer way ??

Mike


----------



## GailInNM (Nov 20, 2008)

Wareagle,
Thanks to you and all others who sorted this out. I know that it's was not nearly as much fun as building toys.
Gail in NM,USA


----------



## Cedge (Nov 20, 2008)

Proud of you guys. A bit of searching shows there are a LOT of sites that got hit, many of which won't be able to do the magic you have. Great guns to all who worked at it.

Steve


----------



## wareagle (Nov 20, 2008)

ChooChooMike  said:
			
		

> Hey, how about sending in some donations to support the site ? I know it's a labor of love for the owner folks, but I'm sure they'd appreciate some pizza/beer $
> 
> How about it owner dudes ? Is there a PayPal addy we can use to toss some coin yer way ??
> 
> Mike



Mike, that is a very generous offer. However, I will decline. Take that money, but some stock, throw some tooling to it, and share a picture of it. That is reward enough for me!!

Steve and Gail, your comments are much appreciated. I do believe we will be one of the first to have this problem completely licked. The "support" from SMF is basically band aids at this point. I don't think they realize the extent of the attack.

We're all over it!!


----------



## Maryak (Nov 20, 2008)

Our Administrative team.

"THEY ARE THE BEST of THE BEST" 
	

	
	
		
		

		
			




















Guys, we moderators are not administrators of our site and like everybody else we offered our best suggestions and watched our top guys show us why they are the TOP GUYS.

Best Regards
Bob :bow: :bow:


----------



## Brass_Machine (Nov 21, 2008)

Cliff  said:
			
		

> Couldn't log on to site for two days kept coming up with some junk about hotel reservations. starting to into withdrawals great site Cliff.



It's like crack cocaine... unfortunately my supply had been laced and cut with some junk! Glad the supply is clean now!

Eric

 :big: :big: :big: :big: :big: :big: :big: :big: :big:


----------



## Stilldrillin (Nov 21, 2008)

Hi all,
I`ve been lurking here for several months now.

BUT, the very weekend I pluck up courage to join in..... 
This happens! :-\

Made me wonder...... Is it me?? ???

It`s nice to be here at last.....


----------



## wareagle (Nov 21, 2008)

Stilldrillin, welcome to HMEM! We are glad you are here and that you have left the ranks of lurker! Feel free to join in anytime!

And as far as you bringing in the spam ads, I can say with almost 100% certainty that you did not. Unless you are a member of what appears to be every forum running this software!!!   Oh yeah, and also a hacker.   It's a big mess, no doubt!


----------



## rake60 (Nov 21, 2008)

Hey!
Send ME the money!
I need more BEER!!! :big:

_*Now, REALLY!*_
HMEM was created to be a free public site.
It will remain just that!
The bills for keeping it online won't be due for another 12 months.

I DO appreciate ALL of the offers I have received for the financial support here!
Times are tough these days. 
Use that money to take your in laws out for dinner some night.
It won't kill you and it certainly wouldn't hurt the home front attitudes. 

We all have things we can effect. It is up to US to do that!

I am NOT a religious man, but the serenity prayer adopted by AA gets to me. 

It starts out like this:

_*"God grant me the serenity to accept the things I cannot change; the courage to change 
the things I can; and wisdom to know the difference." 
*_
It's not about money.
It's about a dream....

Rick


----------



## wareagle (Nov 22, 2008)

Another update:

Throughout this ordeal, we have been trying to keep the members informed as to what has been happening behind the scenes regarding the hacker attack. Hopefully that effort has given all a little comfort!

A milestone has been reached! We are well on the way of having the site software squeaky clean. There remains much to be done, but the HMEM team is working diligently to complete the process. The scale of this attack is enormous. There are a great number of forums that have the same issues that we had, and I am afraid that many more are out there that we simple don't know about. It is a shame!!

A couple of things you may notice is the speed of the site increasing slightly. As we haul out the trash, there is less that has to be done to bring you the pages of this forum. We are aware of a few issue that are happening at this time, mainly with avatars. In the next couple of days when some other tasks are completed, I will set up a squawk thread for you to list any issues that you may be having. In the meantime, please pardon the glitches and just know we are working as fast as we can to finish this up.

Thank you,
W/E


----------



## Philjoe5 (Nov 23, 2008)

WE,
Just a note to let you know I can now download and view all jpeg's attached to posts. ;D ;D Something I hadn't been able to do for a few months. I didn't change anything on my end as I have been away for the past several days.

Cheers,
Phil


----------



## kvom (Nov 24, 2008)

I am noticing that some of the later replies to threads seem to be for other threads. Example: last two replies to Poweder Keg's cannon thread.


----------



## ksouers (Nov 24, 2008)

kvom,
PM sent.


----------



## CrewCab (Nov 24, 2008)

Philjoe5  said:
			
		

> I can now download and view all jpeg's attached to posts. ;D ;D Something I hadn't been able to do for a few months.



That does seem relevent Phil, thanks .............. strange ............. but very relevent, to be honest I'm lost when it comes to programing these days but no doubt our technical guru's will pick up on this 8)

CC


----------



## ksouers (Nov 24, 2008)

CC,
It's really quite simple...

11001010001010000101011100100100010010001111001010001001010001010001001000100100101100010110101010100010010010100010


----------



## ksouers (Nov 24, 2008)

Phil,
That's interesting. Could you elaborate a bit?
Do you recall when you started having problems? Could you see avatars before?
Was it with all pictures or just certain ones?

I know it may be difficult to to remember the details, but anything you can recall may be useful.

Thanks,
Kevin


----------



## CrewCab (Nov 24, 2008)

Thanks Kevin  ......... I will comply understand 

btw .............. I think you dropped a zero 18 from the right ;D

CC


----------



## ksouers (Nov 24, 2008)

CrewCab  said:
			
		

> Thanks Kevin  ......... I will comply understand
> 
> btw .............. I think you dropped a zero 18 from the right ;D
> 
> CC



This one, "0"?


----------



## ksouers (Nov 28, 2008)

OK, looks like we have a solution for the avatar issue. If you have noticed problems with avatars you might try clearing out your cache. All web browsers store data locally on your machine so that it loads faster. For you dial-up guys, this usually means much faster than if it had to reload everything from the server.

For Internet Explorer:
Open a browser window, click on "tools" on the menu bar. A window will pop up. In the middle of the window will be a catagory called "Browsing History", and a button labeled "Delete...". Click on Delete, another window will open, you now have the option to delete one of 5 categories of files, or towards the bottom is a button to "Delete all". Click it and answer "yes".

Firefox:
Open a browser window, click on "tools" on the menu bar. Select "Clear Private Data" from the menu. A window will pop up with several options. Click the check box for Cache, the third item. Then click on "Clear Private Data Now".

Your cache should now be cleared and hopefully no more problems.

Please report any problems you may still be having to this thread.

Thank You,

Kevin


----------



## Maryak (Nov 28, 2008)

Kevin,

I use Firefox and my V3 is a little different,

Click on tools - options - advanced, in offline storage is a clear cache button, click on this and the cache will be cleared.

I tried your suggestion and when I hit clear private data - It did - no mention of cache or other options in clear private data.

Do I have something funny with my browser ???

Best Regards
Bob


----------



## ksouers (Nov 28, 2008)

Bob,
I offer my apologies. 
I didn't realize there would be differences in Firefox, I'm also using 3.0.
Quite strange.

Thanks,
Kevin


----------



## Maryak (Nov 28, 2008)

Kevin,

Apologies are not needed, I am just curious why there is a difference. I have my options set to clear private data when exiting the browser. Oh and I don't have auto update on, just the advise option.

Just Checked, my download is the English US version 3.0.1 rv 1.9.0.1 so maybe there's another area for the difference.

Best Regards
Bob


----------



## mnewsholme (Dec 13, 2008)

not sure if this is a problem caused by the site problems or a change made in the aftermath. Before the attack I could click on the show unread posts since last visit link and get a page with all the unread posts. I could go into a post and read it then use the back arrow browser button to got back to the previous page. the post I had just read would now not appear in the list. This made it easy to see what I had and had not read. Now when I go back the posts Ive read are remaining in the list. Not a massive problem just wondering whats changed?

Cheers

Matt


----------

