with no other explanation but just that someone/something tried to attack my computer BUT it ONLY happens when I come to West Seattle Blog. Anybody else have this happen? It's very strange. It doesn't happen every time I click on the link but it's happened at least 5 times in the past few weeks and it is only this site.
Just curious...
Keeps happening to me, too. And like you, only on this site. Thank goodness I renewed my Kaspersky Anti-Virus without a lapse. It seems to be thwarting each attempt.
it happened twice last night/early this a.m.; I reported it to WSB and provided details on the attacks. They said they would get their tech person working on it.
If you click on the Norton alert, it will give you details. Otherwise, you can find the info by opening Norton, clicking on Tasks and then on View Security History. The 'incidents' (and there will be many, the vast majority of which are 'info') are in chrono order. Scroll down until you find the High incident and click on it; the details will show in the panel to the right.
sam-c
Member Profile
we didn't get a message of an attack, but each time we opened the WSB page, a message would pop up saying something like "this is not a PDF /?!//"
hope that whatever it was didn't do what it was trying to do.
Hi all ...
first a friendly request that if you see something like this PLEASE call or text us, we have been out covering news for 3 1/2 hours and we will not always get a chance to look here.
whether you see a car crash or a virus warning, 206-293-6302, 24/7. it is never unmanned.
have not replicated this yet but still looking under rocks in the back end. there are sometimes "false positives" with these things and might be one of those, or might not. also certain browsers (it also helps to know which browser you use) are vulnerable to a variety of things circulating out there online (IE in particular ...) we use macs to work on the site and they are fairly resistant.
anyone with a screenshot, last time we were sleuthing something vaguely like this, that helped. editor@westseattleblog.com
thanks!
I've had 2 warnings..one last evening, one this morning...and it gives an IP address when I check on the details. Anyone else seeing an IP address?
oh, and using Google Chrome browser
I'm using firefox but my husband is using chrome. I'll have to check his computer to see if it happens.
maude
Member Profile
I've gotten the same thing Sam-C mentions, last night and again this morning. I didn't get the message when I just logged in.
miws
Member Profile
No problems here, with Chrome, using MS Security Essentials as my anti-virus.
Is this only happening to those using Norton AV?
Mike
Two things:
1. I checked with Google Safe Browsing again, which tests sites it catalogs, frequently. Just in case anyone is worried ... we continue to test clean.
http://www.google.com/safebrowsing/diagnostic?site=westseattleblog.com
2. That said, for anyone who sees this soon after I post it - will you try the home page again and see if the warning repeated? We had one video clip hosted via blip that seemed to be "hanging"; I put it after a jump so it wouldn't show on the home page. Wondering if that is the culprit (in which case, I'll drop blip). Thanks for your help.
using Firefox and Zone Alarm, which will usually block anything potentially harmful and also pop up to let you know. I have toggled back and forth between all the pages and am not getting anything "funny" here.
Sometimes those "alerts" are actually phising/hacking scams to get more info off your computer, and not Norton (or Windows) alerts at all. Before clicking on ANYTHING like that pops up on your PC, go to the Microsoft website and do a virus scan there on their "Safety and Security" page. Also close your browser (assuming you use IE) and try using Chrome or Firefox to access instead.
.
http://www.microsoft.com/security/pc-security/malware-removal.aspx
.
Good luck.
I got a malware alert this morning from AVG. Never happened before.
I continue to receive alerts from my antivirus/spy sweeper program (not Norton) when I access WSB that something is being quarantined. The first time it happened it said it was blocking malware. I am using IE.
anonyme...
so did i
Genesee Hill
Member Profile
You bet. I have had several warnings lately, as well. And I am not implying WSBlog related.
Sometimes, I feel like ditching the internet, cable TV, and just going back to a TV antenna, and the newspaper delivered on my doorstep.
After awhile this crap seems not worth it.
Zenguy
Member Profile
I have had one too, my first time and I have been on WSB for years and when clicking on the link it brought up something else I had never heard of.
It would be useful to know what link you clicked on Zenguy (and others), or if the warning came up simply by loading the main page.
Perhaps there's a malware link in one of the posts somewhere.
both times it happened when I was loading the WSB home page using IE8; here is the info I provided WSB in an e-mail sent at 0313 Sat am:
Risk Name: HTTP CrimePack Activity
Attacker URL: heyyyyyyyyyyman (dot) com (dot) cc / new / index (dot) php (spaces added to break up URL)
attacking computer: 193.105.210.43, 80
Source address: 193.105.210.43
I haven't had another attack in the three or four times I've accessed the home page since then and have never had a problem with any of the other WSB pages I've accessed.
Also, a few weeks ago, I was having trouble with IE8 alerting that the 'Share This' function after each story was trying to 'open a site in my Trusted Sites' list. I finally clicked on the 'Share This' icon and opted out and haven't had that problem since.
metrognome...that's exactly what I got...I can't remember what I was loading at the time :(
bsmomma
Member Profile
I had a security warning today on my laptop via MS Essentials. Said it was a Trojan. I was on the Blog ealier and all was well. Shut down, left for the day turned computer back on, hopped on my home page (Yahoo) and the Alert was there as well as something in my pop up blocker that I did not allow. I am completely computer illiterate and have no idea what browser I use. :)
Ace Tech Guy believes he found the problem and fixed it. No further problems should ensue for those who were seeing problems (and again, we ran a whole bunch of tests and checked with a whole bunch of people and it was by no means universal). But going back to what I said some hours ago - anything even suggesting a problem like that is something we take as seriously as a burning house or wailing fire-truck siren, so please either e-mail us (which metrog. kindly did this am) or call/text us, any time ... I try to look in on the forums as often as possible, knowing this may be the first place breaking news is posted, or something else just plain darn interesting :) and yet there are mornings like today when it's out of bed and off to the races immediately, something needs to be published, and coming here isn't the first priority in a case like that ... Thanks again!!!
dhg
Member Profile
This looks like a good place to post, as I work in the business, my experience with the latest crop of malware vs. antivirus products.
First, XP is too hackable. It is too well understood by the hacking community and it has no defenses. Windows 7 isn't hack-proof but it is a big step up because it doesn't allow access to the system files.
Second, antivirus software: I've seen many infected systems running versions of AVG, Avira and MS Security Essentials. The AV software is merrily green lighting the system all the while pop ups are making the pc useless. I think Kaspersky is about the best (at the moment, that is, these things change fast) but at the very least use Symantec. It's free for everyone on Comcast.
So heres a dumb (networking) question: shouldn't a good router via cable modem block these attempts to begin with? If its reaching the virus software on the computer, does it mean that the router is useless in preventing these types of attacks?
I don't have time for a long essay which will answer your question IW, but the short answer is no.
The most vicious malware uses social engineering to get you (or you grandma or your 13 year old) to click on either something they don't read or something that sounds innocent or mildly confusing. It then installs a dropper and opens up avenues for other nasties to enter. This will bypass firewalls, routers, AV programs (both commercial and free with equal ease)
Turn off applications in facebook, scan with malwarebytes antimalware and super-antispyware regularly and be prepared to reload your computer OS from disk or recover partition and back up any music, pics, docs and PST files you don't want to lose.
The big AV comnpanies, and os makers are losing the battle (to be fair, MS created the petri dish long before it started trying to fix it)and it is every computer user for himself these days.
I see infected machines with every AV version out there, updated and running. The commercial versions have no edge over the free except that they automatically update and run on schedule, which many users defeat by setting the run time to when the system is usually turned off.
Adobe has not released a version of reader or flash that was not immediately discovered to be vulnerable since 1997. adobe X has some interesting "sandbox" features but it is new.
BTW adobe reader 9 will not automatically (or through the "check for updates" menu) to adobe x.
http://download.cnet.com/Adobe-Reader-X/3000-10743_4-10000062.html
thanks for weighing in, Ken. I learned a few things from what you wrote here.
Ken, thanks also for weighing in, and those pieces of advice are good common sense. A lot of people try to be good users (as I try too) but somewhere we get tripped up. I hope the Facebook's out there also do a better job of securing their sites.
On a seperate note with regards to backups, do you find the Windows provided backup software sufficient when you want to reinstall the OS, or would you suggest another software tool? (We have the WD external drives and sw too.) Besides files, I have some older software applications I would hate to lose as I am not sure I still have the license authorizations floating around (MS programs we were given at college). I'd like to keep these somehow but not at the risk of OS performance, if possible.
thanks in advance, and for your other many helpful hints you post on WSB.
dhg
Member Profile
1. You can't have too many backups.
2. Having a backup file does not really mean it is fully readable and restorable.
3. Windows built in backup is not reliable and it depends on you first installing your OS, then restoring from backup.
Programs like Acronis Home and Farstone's Total Recovery Pro will let you crate a bootable cd that can find the USB backup and restore to the C: drive.
But if the purpose of wiping your machine is to get rid of the virus then you don't want that kind of backup.
If you restore the OS back to factory, you will have to re-install your programs. The backup will contain the programs but they won't run without also restoring the system registry, which means you are also restoring the virus.
Despite what others may say, I have had very good success with replacing free a/v software with a 30 trial of Kaspersky and letting it run for a few days. Some bugs take awhile and sometimes those root kits are in deep but Kaspersky has come through for me.
Regarding routers: The cheap home routers do not filter out viruses and malware. There are routers that will do this. The most affordable that I know of is the Sonicwall Total Security, which for $500 comes with a 1 year subscription. It does a pretty good job but it makes more sense for a business than a home pc.
There are free firewall solutions but they are not for everyone.
If you use unix/linux on a regular basis, converting your router to use DDWRT firmware on several models, will give you a full scale linux environment and a pre built SPI (statefull packet inspection) firewall... Which STILL will not protect you from what the firewall interprets as a user request for a file from a web page.
"DD-WRT has a packet filtering firewall, statefull firewall, NAT and proxy functionality."
http://www.dd-wrt.com/wiki/index.php/Firewall
I use iptables and scripts to drop all packets from 110 countries. This keeps my mail server from falling over in times of intense spam activity and blocks response from non US based command and control servers in case a (10 year old) user on my network clicks on an ad or a popup for a game cheat code.
An expanded essay with links, of free windows firewall programs and what they will and won't do.
http://www.techsupportalert.com/best-free-firewall.htm
ToddinWestwood
Member Profile
I think it got me. It wont let my McAfee av run at all, saying it's off line. Wont let me downlaod or even visit anti virus websites in Firefox or I.Ex. plus it keeps wanting to change my prefered browser to I.Ex. plus it has locked my system restore so I cannot use it.
Tried in safe mode too. Sad computer:(
You have a serious one I suspect. If you cannot afford a commercial repair shop, I can either fix it for you or talk you through the basics. But you should backup all the docs, music and pic you have on it.
Even if you take it to a shop, you should have your own backup of important files and mail (unless you use an online mail provider)and setting/bookmarks for your preferred browser.
If you don't have a backup drive or can't afford one, I can loan you one or give you one depending on how big a drive you need and what's currently in the "known good" pile.
call my google voice number : 8010fix or 206 801-0349
It rings all my phones so there might be some clicks and hesitation when I answer.
Also: I am once again working on an essay on backup strategies in the current era. I have to do research and test a few things before I finish it. I could write a damn book on the history of backup methods and strategies (many of which were M$ smoke and mirrors)and their enormous cost, unreliability and usability.
The current era is still complex to figure out the best option to choose but there are several actual reliable and inexpensive options.
Just keeping a copy of your pics, music and docs on an external drive is a cheap, manual and reliable strategy for most users. It will not recover your system for you but it makes the reload from scratch or the replace computer with new much more painless.
ToddinWestwood
Member Profile
Thanks Ken. I was going to buy a back up drive anyway, as I plan on digitizing a bunch of record lps again. I was also told i could use a disc to load some brand of a.v. program. I'll try that first.
thanks again for the offer,
Toddinwestwood
AVG Rescue CD Guide
http://www.avg.com/us-en/226386
You must log in to post.
All contents copyright 2012, A Drink of Water and a Story Interactive. Here's how to contact us.
No photo reuse without permission.
Entries and comments feeds. ^Top^
westseattleblog
West Seattle Blog
West Seattle Blog