I keep getting this attack. It happened a week or so ago and now its happening again. It started yesterday. I thought others would have reported this. But I see no one else has reported this again.

I've gotten it a couple of times, also, and I've only gotten it from THIS website!

Yes I am only having issue's here on this forum. I guess they do not care.

Got this message 3x during this EAA website browsing session.

What browser are you guys using? I haven't gotten any warnings here for quite a while. I am wondering if it is specific to a certain browser - I am running firefox with no issues.

(Although I should mention that I was forced to uninstall flash a couple weeks ago due to issues I was having on one of the local news websites)

Getting it currently using Explorer with Norton antivirus.

I'm using Firefox. Norton is blocking the attack. And again, it ONLY comes when I bring up this web site. Here's the info:

IPS Alert Name: Web Attack: Exploit Toolkit Website 67
Attacking Computer: st.anthonybryanauthor.com (192.232.219.90. 80)
Attacker URL: st.anthonybryanauthor.com/k?tstmp=1088453408
Source Address: st.anthonybryanauthor.com (192.232.219.90)
Traffic Description: TCP, www-http

Network traffic from st.anthonybryanauthor.com/k?tstmp=1088453408 matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME5\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE.

I've reported this to the EAA IT Dept.

Sounds to me like it is selective. Possibly based on cookies from another site people have been on? I just updated my antivirus & I am still not getting any warnings.

This issue should be fixed now! Please let me know if it comes up again. :)

This issue should be fixed now! Please let me know if it comes up again. :)

Yep. Just now. Same as before.

this issue should be fixed now! Please let me know if it comes up again. :)

still getting it this morning. Nothing's changed.

I'll look into this again. Are you using a specific browser?

I'll look into this again. Are you using a specific browser?


See my post #7 yesterday

See my post #7 yesterday

I have double checked with our IT team and relayed the information from your post yesterday. Our site seems to be clean of any viruses. Their response is below for your reference.


"I'd be more inclined to think it something on his personal machine as the only listing I find for the ip or website is in his post #51669
and in checking the very last line below this should give the answer for them to fix it
" The attack was resulted from \DEVICE\HARDDISKVOLUME5\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE. "


Website to help problem solve:

http://www.bleepingcomputer.com/forums/t/580927/help-me-fix-my-computerremove-virus/

I'm hoping this helps!

I'll look into this again. Are you using a specific browser?

IE7 with Norton. Still getting the message tonight. I follow a half dozen v-bulletin boards and this problem is unique to the EAA forum.

I'm not sure who did what, but it appears to be gone this morning. I've done nothing on my end, but I'm not getting the attack warning now. Whether your folks did anything or not, thanks for giving it some attention and working to protect us. Appreciate the good work you folks do!
Bob

I'm not sure who did what, but it appears to be gone this morning. I've done nothing on my end, but I'm not getting the attack warning now. Whether your folks did anything or not, thanks for giving it some attention and working to protect us. Appreciate the good work you folks do!
Bob

Glad to hear it! :)