- This topic has 35 replies, 11 voices, and was last updated 13 years, 7 months ago by
.
-
Posts
-
-
-
-
I too am running Microsoft security essentials and it is detecting and removing the problem from the home page. Security essentials seems to work quite well on this computer running 7 but can't seem to find anything ( at least before it's too late) at the shop on XP. There I'm running Panda cloud antivirus and Malware bytes anti-malware and only use Firefox or Chrome. I've been targeted there so many times I can't count, and I suspect it's because my company is incorporated. I've heard that's becoming more common, and the attacks are coming mostly from China.
-
-
-
-
I am aware of this problem, having troubles fixing it/locating the problem. If any of you have details please post here. I do no believe it is doing anything other then attempting to redirect. Probably hidden in a IFRAME, but not able locate it.
I do have a security firm looking into it too, sorry guys, doing the best that I can.
CTOA - Founder
-
Malware Bytes log report from last night (I don't know what it means, hope it helps)-
15:55:17 Owner MESSAGE Protection started successfully
15:55:22 Owner MESSAGE IP Protection started successfully
19:43:57 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54748, Process: iexplore.exe)
19:44:21 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54784, Process: iexplore.exe)
19:44:21 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54785, Process: iexplore.exe)
19:46:22 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54816, Process: iexplore.exe)
19:46:22 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54817, Process: iexplore.exe)
19:46:22 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54818, Process: iexplore.exe)
19:46:22 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54819, Process: iexplore.exe)
19:46:30 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54825, Process: iexplore.exe)
19:46:30 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54826, Process: iexplore.exe)
19:47:10 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54836, Process: iexplore.exe)
19:47:18 Owner IP-BLOCK 95.163.66.209 (Type: outgoing, Port: 54843, Process: iexplore.exe) -
-
The security firm informed me that have found and removed the problem. However, they ask to please verify that. If anyone is still getting any warning on the CTOA website please post it here as soon as possible.
Again, effective 2:24pm central standard time on Oct. 10, 2011 the issue is believed to have been removed.
CTOA - Founder
-
Just got this at 1:04 PDT from AVG:
The page you are trying to access has been identified as a known exploit, phishing, or social engineering web site and therefore has been blocked for your safety. Without protection, such as that in the AVG Security Toolbar and AVG, your computer is at risk of being compromised, corrupted or having your identity stolen. Please follow one of the suggestions below to continue.URL: kiranaytli.345.pl/iframe.php?id=2b8325qvzjut0iv8b87u9nlxnan0kpc
Name: Blackhole Exploit Kit (type 2060)Account deleted.
-
Is it possible that the page was not refreshed from your last visit to the site? I cleared out all cookies too on my end and closed out my browser then tried and didn't see anything, but again, it has been a strange problem that doesn't show itself up every single time.
Also, I have only had the problem with my IE8 not with Firefox.
CTOA - Founder
-
Biggerten, that message is telling you that your system it trying to send data to an IP in Moscow. I would say that you have a problem.
And Microsoft wonders why the popularity of Windows keep dropping off.
Those corporate breakins, the law enforcement agencies in the south east and BART (Bay Area Rapid Transit) that were broken into were all Windows based. In all fairness the bargain hosts no matter what they use have very lacking security.
I don't see any of the problems reported by others but again I don't use Windows so a Windows root kit has no effect.
-
-
Bob, at my desk I have two computers
that I can switch via KVM. One runs pclinux OS. The other is an
iMac. When I got the iMac I loaded parallels on it an sucked a
whole Windows machine contenst including operating system inside the
Mac. I could then run Windows inside the Mac if I needed to. It
actually runs better and faster than on its own. However, I have not
fired up the Windows side of things in a long while as I simply have
not needed it for anything. I do run Mac scan on the Mac every couple
of days. All it ever finds are not problems other than advertisers
tracking cookies which it deletes.On my netbook and notebook I use
Ubuntu. That works very well.I use my cell phone as a hotspot all
the time with my netbook. It works great.I used many operating systems including
Windows for years. But with Windows I came to the conclusion that
they are never going to get the issues solved. With each new version
they seem to reintroduce security problems that they already solved
in the past versions. Rather than fix the security issues they
release a malicious software removal tool. I think a better approach
would be to address the problem of how the malicious software got on
the computer in the first place. For me enough was enough.–>
-
-
-
Larry,
When I say “Windows box” I am talking about a cheap desk top computer i.e. two computers.
My guiding principle today is KISS. In the past I have use System Commander to create two DOS disks, one for online use and one for offline use but later found out that all I had to do was delete one file and both DOS disks could be seen. Today I use a notebook with Ubuntu ( w/o Wine) for online activity and a desktop with Windows that I only go to trusted sites for security. My feeling is that you trust only hardware with Windows, not software. And since you did not ask, I am not a fan of “CLOUD” computing.
-
That's smart. Cloud computing is the biggest risk to security known to man. On my new smart phone there is an application called backup tool that backs up my data in the cloud. It does not tell me where exactly it is being backed up, who has access to it or anything else. There is no way I will use it.
-
-
-
-
-
-
-
Sorry guys, again, please post as much detail about what warnings you may still be getting.
Be sure you have cleared your browser history and cookies too just in case the website was cached and that is causing the issue to still appear.
Anyone got ideas, I am alwasy open to them. I do however have a tech firm searching for and trying to fix any issues. They have done well in the past, and I have trust in them currently too!
It is a company called http://www.wewatchyourwebsite.com/ for those that also may have ever had issues with a site you have hosted somewhere.
CTOA - Founder
-
Tomorrow you should be able to download the newest version of Ubuntu, 11.10. Its free, uses firefox and can dual boot with Windows.
-
-
-
It's strange and a little disturbing that I've never had my AV software say a peep about this site. Both at home and at work (different operating systems, different browsers and different AV software). I'm not at all saying it's not there but quite the opposite. It seems to be getting through unnoticed! What is the effect of this virus?
-
-
-
-
I believe we have cleaned up the issues. If anything shows up please post it or email me about it a.s.a.p.
The site has been checked and rechecked and additional security measures to prevent sql interjecions etc.. have been implemented on the site server.
Some of these security issues may cause other issues, but I have not noticed them yet.
I do the best I can..hope everyone understands!
CTOA - Founder
-
-
- You must be logged in to reply to this topic.