Comments for 「朱72」 shu72.com http://shu72.com the personal website of Sonya C. Wheeler Sun, 09 May 2010 17:53:56 +0200 hourly 1 Comment on Website bombardment and crack of 2009 by Sonya http://shu72.com/2010/02/10/website-bombardment-and-crack-of-2009/comment-page-1/#comment-12 Sonya Sun, 09 May 2010 17:53:56 +0000 http://shu72.com/?p=292#comment-12 I've never encountered what you have with rouge code attempting to install a virus that triggers a deliberate DoS attack or the en/decoded script trying to alter my Registry. With mine I didn't notice anything right away and my site didn't redirect me or show anything unusual with the links. From what I read from other peoples cases, usually these cracked codes try to insert an iframe, insert spam keywords, change the URL of the links causing a sites visitors to be lured to a malware site that will try to infect their computers. Your case sounds different from mine. You might also want to do a search on "Ninoplas Base64 Virus" that has been hitting some people recently. My hosting provider supplies <a href="http://www.analog.cx/" rel="nofollow">Analog</a> by default which only measures the usage and doesn't give the exact time when so-and-so IP tries to access my site so I don't have any precise IP addresses. All I have are general logs of site hits which were claiming to be from Google China Translation and other spiders/bots. Some of the IPs and/or spammers I think might actually have been anonymous proxies. I'm pretty sure my problem last year was due me having an old WordPress (v2.04) set up and not being upgraded/patched up to date which left vulnerability within the code; possibly a hole in the TinyMCE editor it was using. Also, maybe... If your site is on a shared hosting server someone else might have been infected and it might have traveled to you that way. I’ve never encountered what you have with rouge code attempting to install a virus that triggers a deliberate DoS attack or the en/decoded script trying to alter my Registry. With mine I didn’t notice anything right away and my site didn’t redirect me or show anything unusual with the links. From what I read from other peoples cases, usually these cracked codes try to insert an iframe, insert spam keywords, change the URL of the links causing a sites visitors to be lured to a malware site that will try to infect their computers. Your case sounds different from mine. You might also want to do a search on “Ninoplas Base64 Virus” that has been hitting some people recently.

My hosting provider supplies Analog by default which only measures the usage and doesn’t give the exact time when so-and-so IP tries to access my site so I don’t have any precise IP addresses. All I have are general logs of site hits which were claiming to be from Google China Translation and other spiders/bots. Some of the IPs and/or spammers I think might actually have been anonymous proxies.

I’m pretty sure my problem last year was due me having an old WordPress (v2.04) set up and not being upgraded/patched up to date which left vulnerability within the code; possibly a hole in the TinyMCE editor it was using.

Also, maybe… If your site is on a shared hosting server someone else might have been infected and it might have traveled to you that way.

]]> Comment on Website bombardment and crack of 2009 by Tom Koltai http://shu72.com/2010/02/10/website-bombardment-and-crack-of-2009/comment-page-1/#comment-11 Tom Koltai Fri, 07 May 2010 21:27:25 +0000 http://shu72.com/?p=292#comment-11 Please read my website entry today re similar crack and email me. I would like to compare IP numbers. Please read my website entry today re similar crack and email me. I would like to compare IP numbers.

]]> Comment on The “HP” in Hewlett-Packard printers should stand for “Hockey Puck” by Mar http://shu72.com/2003/09/13/hockey-puck-printers/comment-page-1/#comment-3 Mar Wed, 30 Nov -0001 00:00:00 +0000 http://shu72.com/2003/09/13/hockey-puck-printers/#comment-3 I had the same problem. Contacted HP in Ireland - Dublin and they were brilliant. Go to Control Panel and Printers. Look at the Properties of printer. Click on the various buttons, ie printing props etc. What happened in my case was that it was flashing printing but nothing else. No paper jam etc. So I went into somewhere on the menu as above and it showed a drop down menu that had a tick beside “pause printing”. Apparently everytime I clicked print, the jobs were queueing up. I clicked to delete these jobs and undeleted the pause and “bingo” away she went. Hope this helps I had the same problem. Contacted HP in Ireland – Dublin and they were brilliant.
Go to Control Panel and Printers.
Look at the Properties of printer. Click on the various buttons, ie printing props etc.
What happened in my case was that it was flashing printing but nothing else. No paper jam etc.
So I went into somewhere on the menu as above and it showed a drop down menu that had a tick beside “pause printing”.
Apparently everytime I clicked print, the jobs were queueing up. I clicked to delete these jobs and undeleted the pause and “bingo” away she went.
Hope this helps

]]> Comment on Browser Hijacking sucks by Dan http://shu72.com/2003/01/24/browser-hijacking-sucks/comment-page-1/#comment-2 Dan Wed, 30 Nov -0001 00:00:00 +0000 http://shu72.com/2003/01/24/browser-hijacking-sucks/#comment-2 I recently browsed google and yahoo for recipes, and the next time I went to google or yahoo home page for a search, I got a web page that I never visited. Now I am trying to find some help to rid this issue. Dan I recently browsed google and yahoo for recipes, and the next time I went to google or yahoo home page for a search, I got a web page that I never visited. Now I am trying to find some help to rid this issue.
Dan

]]>