November 4, 2010

Technical advice sought.

A reader emails:
Internet Explorer is blocking my access to your blog as a virus threat. That is, I've been warned, and can click through if I want to (against their recommendation), but they cite
This website has been reported to contain the following threats:
  • Malicious software threat: This site contains links to viruses or other software programs that can reveal personal information stored or typed on your computer to malicious persons.
Any ideas?

39 comments:

chickelit said...

A while back you had a Chinese character spammer who had multiple links. Just mousing over them without clicking was enough to make a normally curious browser like me shudder in revulsion.

Could it also be that that person's IE settings didn't like some of your new advertising?

Johanna Lapp said...

False positive from overly sensitive filters on IE. I let my AVG AntiVirus firewall such threats and disable Microsoft's ham-handed filters.

I'd trust McAfee, Ad-Aware, Spybot Search and Destroy, F-prot or even Norton against Microsoft's junk.

RFTR said...

It's probably because of code in your sidebar ads.

http://www.google.com/support/forum/p/AdSense/thread?tid=649780f952842d76&hl=en

Col Mustard said...

I've been using Vipre Premium for about six months. Much less intrusive than MS, Norton or McAfee. I like it. No problems with Althouse.

Anonymous said...

Install Firefox (you can alternate between both, although IE is a comparative nightmare).

JAL said...

Well I don't get warnings, but I have picked up several browser hijackers in recent months.

Driving me crazy (neither AVG, Malware, Spybot nor Microsoft Security have picked them up on my 2 computers).

I don't game, or go weird places (Instapundit? Althouse? The Anchoress? My local paper??)

So who knows.... Don't complain about the warnings. The real thing is a royal PITA.

MadisonMan said...

Don't use Internet Explorer.

Seriously.

Bender said...

I got that warning today over at the Victor David Hanson post at Pajamas Media. I'm guessing it wasn't that site itself, but one of the ads.

EnigmatiCore said...

It happens occasionally to blogspot blogs. It'll rectify itself in short order. Not sure if it a Microsoft thing, or a Google thing, or a thing with one of the banner ads or what, but I've seen it happen before and it stops in a day or so.

I suspect a Google thing because it is always a Blogspot one that it happens with.

Irene said...

A Madison problem?

Unknown said...

Agree with MadMan, IE has been hacked to pieces and I got very badly nailed with Firefox.

Short of switching to Linux, try Safari or Google Chrome (warning - steep learning curve) for browsing. I've been using Kaspersky as my AV for a couple of months and it catches stuff, but you can configure it to get you where you want.

WV "skiblum" Jewish guy in snow.

I'm Full of Soup said...

IE has been A-OK for me. [Knocks wood.]

BJM said...

I'v run Webroot for about 6 years. It's effective but not intrusive and the hureistics are pretty good; it quickly learns your browsing pattern.

I never use IE and Firefox is becoming a humongus kludge, so I'm running Chrome. Cool UI, but it can be a memory/CPU hog if you run a lot of tabs and extensions.

JAL said...

I just have to hold my nose on google, though it does perform best as a search engine.

Their no evil thing sucks with the China deal and miniscule lack of American celebration in its cutesy logos for special days.

And y'all want me to use Chrome?

I think I'll try Safari, if it's an IE problem (I thought 8 was supposed to be better. Sigh.)

Anonymous said...

"Well I don't get warnings, but I have picked up several browser hijackers in recent months."

Me too. Must be the new line of attack.

I use Firefox and get a bunch of new viruses every time I use IE even for a minute. Last big attack cost me $200 at the Geek Squad.

Fred4Pres said...

Opinions here are so powerful, so it triggers the virus filters.

Or it is some totally unrelated geek reason.

Fred4Pres said...

We are all blogging whores and diseased as a result.

And I do not care.

BJM said...

@JAL

Safari? No thanks, I don't want to work on Stevie's farm.

Google has so many hooks online you can't avoid them and the smug asshats running it now will get their comeuppance, arrogance always does.

kimsch said...

There were issues with Blogrolling that caused those warnings. Blogrolling will be ceasing to exist on the 20th IIRC. If you have a Blogrolling Blogroll, you need to get rid of it and its code.

wv: twebri

dick said...

I get that occasionally on your website, The Anchoress, Bizzy Blog and Instapundit. Since I tried firefox, Chrome and Opera and got the same thing on all 3 I am guessing it must be one of the ads that is causing the problem. Since I use Linux and these browsers, I usually click right on through when it is a reputable blog. I even do that for yours (LOL). If I had gotten the problem with one of the browsers only then I would think it was the browser. Since I am getting it on all 3 then I have to assume it is either the ads or blogger that is the culprit.

Amexpat said...

Using IE, I was getting an annoying warning messages here and at other websites, including my local library where there are no ads. Switching to Firefox solved the problem.

John said...

My real estate company webmaster sent us a warning today that the same thing was happening to our site. It appears Microsoft updated IE 8 and that caused the problem. I use Firefox and ad block plus and have no issues.

DaveW said...

I also get it occasionally, I got it yesterday matter of fact when I clicked through to comment on a thread. It's triggering something in my Norton Security Suite.

But Althouse isn't the only place I get it, I also see it on a couple other blogs - I've seen it on Ace for example. It's just a pop up that warns the site is associated with past problems, it doesn't trigger an alarm that there actually IS a problem.

It's gotten pretty annoying in its frequency lately, to the point where I was digging around in the software a couple days ago trying to figure out how to turn that pop-up off.

Ignorance is Bliss said...

It's the new Meme-filters. Your site is infected with malicious ideas.

Ned said...

Using a Mac with Firefox and Adblock plus...never a problem...seriously,never.

Moose said...

"Internet Explorer 8 malware filtering problem hits users across the Web"

http://www.zdnet.com/blog/microsoft/internet-explorer-8-malware-filtering-problem-hits-users-across-the-web/7884?tag=mantle_skin;content

AllenS said...

I have AVG virus protection. When you put up Bloggingheads stuff, it makes my CPU usage go way up. As soon as I leave the main page, and go to the comments, things quiet down. I think that it's the size of the Bloogingheads videos that is causing it.

Bart Hall (Kansas, USA) said...

I'm using AVIRA, which is both free and relatively robust. For example, it nails all the known keystroke loggers.

Running Firefox for years and still find it quite adequate. I didn't realise how good its AdBlock was until I turned it off for comparison. Oh, my!

Remember, too, that most viruses out there are Microsoft exploiters, particularly IE, and most especially if you use Outlook for anything.

MInTheGap said...

I'm betting that it's actually a browser working correctly. About a few months back I tried to go to one my self-hosted blogs and got the same message. What I found out was that the site had been hacked so that there was foreign attack code in the footer.

So my guess is that blogger was hacked or maybe something that you had running on your template, such that google and IE were reporting your site as a source of attack code.

That you did nothing to fix it and it went away means that it was probably something outside of your control and whomever was responsible to fix it did.

That being said, there's no problem using any of the latest versions of any browser. Even IE (which I've never used primarily) is great in version 8/9. Firefox, Chrome and Safari-- even Opera-- all have different strengths and weaknesses. Always make sure you're running the latest.

-- From a professional in the software engineering field.

Dust Bunny Queen said...

I use Kaspersky (highly recommend) and do not have any issues with your site.

However, when you have an excessivly heavy visual day: lots of photos and videos, it may take a little longer for the site to load completely.

Michael Haz said...

I use Firefox 4.0, Beta 6. I picked up some malicious software from your blog a few months back. It automatically redirected my browser to another site.

I downloaded and used a script blocker, and later did a thorough cleaning of my hard drive and registry.

Tibore said...
This comment has been removed by the author.
Tibore said...

Better screenshot of the error; this one is bigger and shows the exact same error your reader got:

Screenshot

--------

Word Verification: dedli. My God... the malicious software isn't just dangerous, it's dedli... ;)

Tibore said...

Oh, I'm sorry. Scroll down.

Tibore said...

Whoa! Where'd my big post with all the links and instructions go???

Tibore said...

One more try. BTW, my original post went in twice by mistake; that's why you see one under my name saying "removed by the author". Yes, I double pumped and removed one, but the other went away as well and I didn't touch it. Professor, if you're removing the post on purpose, you can go ahead and say so, but I'm a bit surprised that it's disappearing since it's just technical information on what Microsoft's SmartScreen is.

If Blogger is removing it, though... well, it might be all the links. I'll give reposting a shot anyway:

Tibore said...

People, I'm sorry I'm late to this. The error "This website has been reported to contain the following threats" is Internet Explorer's "SmartScreen" service kicking in. The warning message people were seeing was probably this:

Link to screenshot.

A writeup on how SmartScreen works can be found here: Link

This is a Microsoft technology for it's own browser, so non-Internet Explorer users will not see this. One possible solution is simply to use Firefox, Chrome, or some alternate browser.

For people who must use Internet Explorer, there is a workaround, and a permanent solution.

Workaround:
Click the "More Information" link on the warning page. One of the links is for the user to disregard the warning and continue to the website anyway.

Permanent Solution - add the blog's URL to the Trusted Sites list. In Internet Explorer 8 (and IE7 is close enough):
1. In Internet Explorer, go to Tools -> Internet Options -> Security tab.
2. Highlight "Trusted Sites", then click the "Sites" button.
3. In the text field, enter the url (in this blog's case, http://althouse.blogspot.com/... if you comment, it also helps to enter http://www.blogger.com/ so you don't get all sorts of mixed content dialogue boxes) then click the "Add" button. Uncheck the "Require server verification (https:) for all sites in this zone", then click the "Close" button, then the "OK" button.

This will put this blog in the Trusted sites for IE and whitelist it from SmartScreen's warning.

Is there a risk to doing this? Yes, if Blogger is ever compromised, then this will lower security in Internet Explorer. But to be honest, that's a very small risk, and it's one that holds true for just about any website.

These warning messages tend to go away as the offending element of the page does. Normally, when an otherwise legit site gets it, it's either been compromised (not common, but not unheard of) or has an advertisement with a bad component to it that's been reported to Microsoft. Again, see the writeup on how this works that I linked up above for more info. For legit sites, this warning tends to go away after a while, but it does depend on the situation, and whether the offending element is removed/goes away or not.

JAL said...

Whatever it was Tibore, it never showed up.

Tibore said...

Yeah, all it was were links to Microsoft's "SmarScreen" pages (which described exactly what was happening; the error is a SmartScreen warning) as well as a screenshot. It also had links to steps on how to add URL's to Internet Explorer's "Trusted Sites", because that is how to whitelist sites you know are good.

The rest of the post was a short commentary on how this was probably something in one of those side advertisements setting SmartScreen off, as well as the obligatory note that Firefox and Chrome were not affected, since SmartScreen is an Internet Explorer feature.

In hindsight, I'll bet the reason it kept disappearing were all those links I put into it. I bet the Blogger.com software axed all of that. Should've thought of that before. For anyone who wants to know how to solve the problem in IE itself, just Google for how to add URLs to "Trusted Sites" and follow those directions for this blog.