Malicious web threat
 

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
11/22/2013 7:40:30 AM,High,An intrusion attempt by blomzysod.in.ua was blocked.,Blocked,No Action Required,Web Attack: Malicious Exploit Kit Website,No Action Required,No Action Required,"blomzysod.in.ua (94.242.216.6, 80)",blomzysod.in.ua/zt3nujb/?2,"JMSEWINGROOM13 (192.168.0.2, 50098)",94.242.216.6 (94.242.216.6),"TCP, www-http"
Network traffic from <b>blomzysod.in.ua/zt3nujb/?2</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.
================================================== ====================

I just copied this from Norton. It appears EVERY time I sign into the Quilting Board. Does anyone else get this? How can I prevent this from happening other than letting Norton find it every day.

Have you tried this: To stop being notified for this type of traffic, in the Actions panel, clickStop Notifying Me.

And the "Actions panel" would be found where?

What Norton product do you have?

I have not received this web virus, however, everyday when I login to the QB, my "Kapersky" virus protection comes on. It always tells me that it is blocking a malicious URL. It does not stay on long enough for me to read it in its entirety. When it shows again, I attempt to finish reading it where I left off. I was told a few months ago by "Kapersky" that someone is trying to hack into my computer and for another fee, besides the one I pay them annually, they will be able to take care of it. I cannot afford to do this and why should I pay for this when I have the protection from them already. Needless to say, my computer has been acting up a lot lately. Several days ago, I tried to login and when I did, it bought me to a page that said that I did not have the tools to view private messages. I was hesitant to follow the directions on this page because I did not know if this was legit or not. Also, every time I go into the QB and the first page comes up. There is always a large white mailing envelope on the screen that says "Urgent Messages". When I click on the envelope I am directed to the same screen about not having the tools to view private messages. I have reported this to Patrice and also to Contact and Information Procedures in detail. I am waiting to hear something. Incidentally, I just got my laptop out of the shop about a month ago. It had viruses and they cleaned it up. I was told by the guy at Best Buy that when the computer leaves their shop it is cleaned up. However, when you get it home and connect to your network, it just gets infected with viruses again. Its a vicious cycle. Sometimes I just feel like giving up the computer, its such a nuciance. I know this is misspelled but I don't have time to check the spelling. Good luck with your problem. Lucy

By the way, if anyone is familiar with the problem I am having above, please let me know. Thanks , Lucy

Luce, before you click on anything, hover the mouse over the place where it says 'click here' and then look below in the lower left hand corner of your web browser, just above where your start button is (on firefox or chrome, it is on the other side over the date/time on IE) it will display the URL address of where that link is going.

So when you see something like that big envelope and you hover over it, before clicking, you should see in that url address that pops up something like http://www.quiltingboard.com/.... if it does not say that, it is a spam or something taking you to a virus loader.

Hackers and thieves will try to mask their links so that it looks like the website you are on, always the easiest way is to see the url address it is trying to take you to.

Malicious web threat
 

Carolyn, thanks for the tip. I did what you suggested and sure enough it was not the QB address. From now on I will not click on anything unless I do what you advised. Thanks again, Lucy

Carolyn - So if it does not say QB... it is a spam or something taking you to a virus loader then how do I delete that? Thanks, I'm getting tired of that message. I appreciate your help,

The computer guy who works on my computer tells me the best virus protection out there is the free protection offered by Microsoft. We've used Norton's (got a huge virus that locked up the entire computer), Kaspersky (got viruses that affected how it was used by changing my programs constantly), and AVG (lots and lots of problems). I'm about ready to listen to him and try what he says. It's for sure the ones we've paid big bucks for have not done the job. I'm very careful about what I open and download as well, but nothing is foolproof.

I get this all the time....

As I mentioned in my post yesterday, I have the Kapersky virus. I have never had Norton. I am sorry that you are having so much trouble with viruses. Lately, I have had so much trouble with this notice that keeps coming up saying: (Critcal) you need to update your security you are missing the free tool for protecting your computer. I really don't know what they are referring to. It might be a virus, that's why I'm not clicking on it. Hope we both get our problems resolved soon. Lucy

Hi, what exactly do you get all the time? Is it the problem I have regarding the message: Critical, you need to update your security, you are missing the free tool for protecting your computer? If not, what? Thanks, Lucy

My question was to the person who started the thread, who said she has Norton.

The message you are getting (Critical)"free tool" is "scareware" and it will put rogue security on your computer if you click on it.

Hmm for some reason, I can't get link to post...I'll try to post in another entry.

http://www.microsoft.com/security/pc...rus-rogue.aspx

Ok, there is the link.

You dont delete a link a page, just dont follow the link. go to another page on QB or refresh to get the ad to change. QB does not have popups for messages and such. If you get it, it is spam.

I get the same message from Kapersky EVERY time I log onto the quilting board. It has to be something the quilting board software is doing. This is the only site where I get it. I have the highest level of protection and it is updated.

Microsoft Defender should be turned on if you are using Microsoft IE (Internet Explorer) It is free. Using Google Chrome (which is a free browser) instead of IE will give you less hacks and malware.

You can use AVG free to protect either. If AVG is not finding your issue you can use "house-call" at TrendMicro. It takes a while to find the free version, and it takes a while to load the first time you install it, but it will find trojans and other malware that AVG or Norton might not find. As far as McAfee -- I have found it to be a big system hog and found it actually is so proprietary that I could barely use my PC when it was loaded.

I hava a Mac, but have Windows XP installed in addition to Safari, Mac's product. I have to have an anti-virus for each of these operating systems. For Windows XP I use Security Essentials, which is free, and it has found viruses. I have had it for years. For the Mac, Safari I use Sophos. They are both very efficient. I get Kim Komando's newsletters and am always seeing tips for security, including how to check that your on WiFi is protected. Through her newsletter is where I downloaded the free Sophos. I retired from an IT shop, and co-workers suggested Security Essentials for Windows.

I have avast!, so I ignore the pop-ups you're talking about. However, I WOULD like to erase it - keep it from popping up. How do I do that, other than taking it to my tech guy?

There are many different systems connecting when you connect to anything via the internet. For example when you connect to the quilting board, you have your system, the server where the quilting board lives and the servers where all the ads that are the page live. Your anti-virus software only protects your computer not the others. What they do is stop things from coming into your computer and doing stuff (that is what a virus does) What they can not do is stop what the other systems are doing. You can not stop the ads from showing up nor can you stop what they show.

Now the quilting board (if their service allows) may be able to go to an ad free site, however generally that "benefit" is paid for by the community. Any free service, like the quilting board, is paid for by the ads. :) just like commercials on television. Using the same analogy, if you want ad free you will end up with something like paid channels. Also, the service that hosts (provides the physical space for the software) may not have the ability to do an ad free. Depends on how they set up their software.

The best defense is a decent anti virus software, being aware that "bad" guys exploit all things online, and being cautious what you click on. Remember the safest car on the road is still dangerous if you dont drive safely. Always check the URL address of where you are going to ensure it is the right place. And be aware how your anti-virus tells you something is wrong, so that those "your machine is infected" pop up doesnt trick you into clicking it.

Lastly, Some browsers provide a "turn off pop ups" option. Each browser is different but somewhere is an "options" or "customize" button you can use to find the "turn off pop ups".

I DO have 'turn off pop-ups turned on. That's why I'm mystified about this!

i use trend micro and its pretty good. havent had any problems since i got and have had now for 2 years.