That’s what happened to me too but I thought it was just my computer. Guess not. 
Guys, when you have a virus message or any error that looks like it may be virus or malware-related, always:
-
STOP what you are doing
-
write down the error
-
if you are using broadband, hit the “standby” button on top of the modem to go offline. If your PC has been compromised, this will prevent it from being remote controlled or used for anything nefarious.
Then you’ll need to do a virus scan with whatever program you’re using. Most will have an option for a quick scan, do that, and then run a full scan that night. If the quick scan is clean, you can go back online, but do a full scan that night just to be sure.
Here’s the why: some viruses trash out the hard drive, but the data is sometimes recoverable, if you know what caused the damage.
Just offering a few pointers to try to help keep your online experiences positive.
–James
Something is going around. This just happened to one of the more important alternative financial websites www.financialsense.com
Question - who is your hosting provider? GoDaddy? Google?
Casey
Dreamhost
Rich is helping (Yay!) and is confident this board is not infected. It’s on a private server.
It’s good to know that C & F is not currently infected by a virus. However, since a number of hosting providers recently have been infected by a new trojan virus that embeds itself in the codes of the subscribing websites, it is not unreasonable to think that there is a good possibility that we might encounter this again, no matter where we happen to be on the internet.
Thanks to James for his helpful comments about how to deal with this from the point of view of the individual user. Let’s see. I have to remember to wear my armor when I go into battle, or something like that. Right, James?
I have to remember to wear my armor when I go into battle, or something like that. Right, James?
That’s pretty much the idea, yes.
At absolute minimum, using a Windows system, you should have a current antivirus package, and at least once a week update its definitions. Run a firewall–the Windows firewall in XP (at least SP2) or Vista is fine.
Much better is to have both antivirus and software firewall, and also have a hardware firewall offering stateful packet inspection (newer routers will already have this), and have an anti-malware package such as Windows Defender (mediocre-good) or Spybot Search and Destroy (much better). If you’re going to be doing much web surfing at all, you really need these, especially the hardware firewall.
I want to mention the hardware firewall again as lots of folks don’t understand why they need a router if they are only going to have one computer that goes on the internet. A hardware firewall makes your network pretty much invisible to hackers. It’s not 100%, but it protects you from everything except very dedicated, non-trivial attempts to access your system. This is a level of protection far past what any software firewall can provide.
–James
James has it right, in terms of hardware firewall versus software firewall.
I’ve been using a (brand name) Netgear router, which also includes a hardware firewall.
Hardware firewall, way to go!
Norton has this report:
General Info
Web Site Location United States of America
Norton Safe Web has analyzed chiffandfipple.com for safety and security problems. Below is a sample of the threats that were found.
Threat Report
Total threats found: 12
Drive-By Downloads (what’s this?)
Threats found: 12
Here is a sample:
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-December2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\G1Q9SRO7\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-January05/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cfSeptember2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-JUNE2004/index.htm
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\GZKDIZWD\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-MARCH2005/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-december2004/
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\W96RIBA9\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/cf-May2004/index.htm
Threat Name: Suspicious.MH690
File name: C:\Documents and Settings\user\Local Settings\Temporary Internet Files\Content.IE5\MH25YLE5\e_x_e_ld[1].exe
Signature (MD5): 4b703a5ee34434d65e7aac685195ac27
Location: http://www.chiffandfipple.com/march2006/
Threat Name: Direct link to Suspicious.MH690
Location: http://www.chiffandfipple.com/webissues.html
Direct link to: http://www.chiffandfipple.com/whistlehaiku/
Location: http://www.chiffandfipple.com/
BTW, I haven’t had any trouble, lately, in getting to C&F.
c/o Mac OSX
I have a question, James, if you don’t mind. I have a Belkin Wireless G router that I purchased about 18 months ago when my wife got her laptop. My desktop computer feeds out of the router, but it is a direct connection. I don’t see anything on the packaging box about the presence of a firewall with the router, so I assume that there isn’t one. My wife also complains about the downloads being really slow. She has Vista Home Basic OS using Windows IE. In order to speed up her downloads and provide the protection of a hard firewall, can you recommend a replacement router that is not too expensive but would fill our needs for greater security and increased speed?
Doug, you don’t say a model number, but I looked at the least expensive Belkin G router on Newegg, the F5D7230-4, which sells for about $30. This router does have a stateful firewall and also offers the option of a DMZ (which I don’t recommend you ever use). The rest of this is written assuming that this is the router you have; if it’s not, please post your model number, and I’ll see what I can find out for you.
The router includes a 4-port switch, both your computer and her computer should be connected each to their own switch port on the back of the router. If you’ve wired it another way then that would be why you are slow, assuming you both use wired connections.
If she is using wireless and you are using a wired connection, her downloads are going to be limited to a 54 mbps pipe; hers will be slower than yours. The only way to change that is to move to a class-N wireless router and adapter, which will increase the size of that pipe to 270 mbps.
One thing to check is to make sure that her wireless network adapter is also class g or better (which would be class n). If she’s using class a, she will be slow–the solution here is to get her a class G adapter.
For a small home network, the router you have should be fine.
However, for the best router I’ve found, a can enthusiastically recommend the Linksys WRT600N (or WRT610N, its replacement model, which is prettier). I have a 600N and it’s a very capable and seriously fast piece of equipment.
I hope this helps.
–James
Rich Lafferty is my personal hero.
Back up.
Hello Mr. Dale W., I noticed you are missing some of the images from the front page. You can visit, The WayBack Machine website, http://www.archive.org/index.php, and retrieve older versions (archives) of your website incase you cannot get the images off of the back up that you might have.
Your pal, Double T.
Sam and Joanie are victims of the economic crisis and a massive round of layoffs at ChiffCo. But they both collected their $1 million retention bonuses on their way out the door, and they’re doing fine. Jill assures us that she can handle the customer service load by herself and keep on smiling.
Sigh All of the good ones always get away. Alas, what will us geeky wacky lonely male whistlers do for eye candy? Sniff, sob
the internet is your friend.
fake it 
Maybe the two lovely customer service reps could be replaced by lovely, less expensive interns or outsource the work to some lovely helpers with names like Indira or Aruna.
My latest Norton report on C&F:
Threat Report
Total threats found: 11
Ah well .. one down, 11 to go.
What is your service provider doing?
I had a similar problem on my own website a few months ago - the service provider involved went broke within 2 months of the incident.
The rich tip is that you had better get a new providor before all the main commercial clients of your current provodor jump ship and they no longer have the capacity to retain their technical staff - ergo fixing the problem.
If history is any guide I estimate you do not have long before the whole thing collapses and C&F will be forced to go “Phoenix” at great expense and loss of continuity - how are your backups?
Hi James
You have forgotten to ask the most pertinent questions - what is the nominal speed of Doug’s broadband? and what is the contention ratio - the trouble might lie within the purview of the connection rather than the router.
Another possibility is that there is interference within the house reducing the signal strength where the laptop is situated and a repeater might be more appropriate than a new router.
David
I posted this below in one of the threads, but htought I’d post it here too, just for FYI.
It looks like my site was hit possibly by the same folks who hit this one a few weeks back, they took me (all 7 of my websites) down twice in two days. I believe they may have got in through a wordpress exploit on one of the other sites. I’m not convinced of this though because on the same day as my initial hack, I got an email from from my webhost stating that they were moving my account (with all 7 sites) to a new server due to “instability” - hmmmm, instability my ass, their server got hacked and they don’t have the balls to admit it if you ask me.
It is interesting that Dale and I share the same webhost, the same webhost that in 2007, had 3500 people have root accounts hacked when the webhost somehow failed to encrypt their account passwords - one guy had several hundred websites in his account that got hacked.
The bit of code they tried to insert into pages merely broke the php code, so I think no real harm done to anyone.
At any rate I have plugged the holes, and rebuilt the sites and sql databases from clean backups, changed all passwords, deleted all infected files, and switched to sftp.
uilleannforum.com is now back up and running
Jeff