# Reported Attack Site!



## Davenlr

Google is reporting DBSTALK and all pages on it as a malicious attack site when I try to access it.
Have no idea what this is all about.


----------



## armophob

Davenlr said:


> Google is reporting DBSTALK and all pages on it as a malicious attack site when I try to access it.
> Have no idea what this is all about.


Same thing just happened here. Had to uncheck the "block reported attack sites" box in Firefox just to get back here.


----------



## armophob

I am guessing from the lack of activity, everyone got kicked by it.


----------



## Mariah2014

Same thing here as well. I wonder if the advertising from some of the advertising networks may be the reason for it.


----------



## Davenlr

I checked the "Why is this site being blocked" box, and it reported (0) attacks found on the last check, and did not list any reasons whatsoever. I just unblocked it. I runs Malwarebytes and a real time virus checker, so Im not overly concerned.


----------



## Mariah2014

I noticed that too, but I bet the ads are why someone or someones did. Satellite guys has the same warning right now too.


Davenlr said:


> I checked the "Why is this site being blocked" box, and it reported (0) attacks found on the last check, and did not list any reasons whatsoever. I just unblocked it. I runs Malwarebytes and a real time virus checker, so Im not overly concerned.


----------



## armophob

I just PM'ed Chris to see if the Mod's are aware of it


----------



## Mariah2014

I want believe he is based on he has been viewing this thread too. Based on the info from the other site. One of the ad servers is likely to blame.
This is what they figured out.



> The issue appears to be a nationwide issue for those serving ads from OpenX.





armophob said:


> I just PM'ed Chris to see if the Mod's are aware of it


----------



## Stuart Sweet

Thanks all who reported this. We will look at it.


----------



## Drucifer

Just got it too.


----------



## Lord Vader

Ditto.

Damn Jedi trick, I'll bet.


----------



## MysteryMan

Same here. And they say Google is your friend. :sure:


----------



## MysteryMan

mshaw2715 said:


> I noticed that too, but I bet the ads are why someone or someones did. Satellite guys has the same warning right now too.


I'm not experiencing the issue with SatelliteGuys when using Google, only with DBSTALK.


----------



## hdtvfan0001

Wonder if it's a browser thing....because no such messages with IE9 or Chrome here.

Or it might have something to do with an add-in for DBSTalk.com's VBulletin. :shrug:


----------



## MysteryMan

Google Diagnostic Page reports the following for www.dbstalk.com "Of the 149 pages tested on the site over the past 90 days, 36 page (s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-23, and the last time suspicious content was found on this site was on 2012-12-23. This site was hosted on 1 network (s) including AS30496 (COLO4)".


----------



## hdtvfan0001

MysteryMan said:


> *Google Diagnostic Page *reports the following for www.dbstalk.com "Of the 149 pages tested on the site over the past 90 days, 36 page (s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-23, and the last time suspicious content was found on this site was on 2012-12-23. This site was hosted on 1 network (s) including AS30496 (COLO4)".


One would think that would surface when using Chrome....but it hasn't. :shrug:


----------



## smiddy

hdtvfan0001 said:


> One would think that would surface when using Chrome....but it hasn't. :shrug:


On my version of Chrome it does.


----------



## hdtvfan0001

smiddy said:


> On my version of Chrome it does.


I'm running Chrome Version 23.0.1271.97 on my PC...so signs of anything here.


----------



## MysteryMan

hdtvfan0001 said:


> One would think that would surface when using Chrome....but it hasn't. :shrug:


I'm running Google Chrome version 23.0.1271.97, same as you.


----------



## smiddy

Version 23.0.1271.97 m here...


----------



## MysteryMan

smiddy said:


> Version 23.0.1271.97 m here...


Is a puzzlement. Some users running the same version of Google Chrome (23.0.1271.97) experiencing the issue while others do not.


----------



## klang

I got the warning using Firefox 17.0.1


----------



## hdtvfan0001

MysteryMan said:


> Is a puzzlement. Some users running the same version of Google Chrome (23.0.1271.97) experiencing the issue while others do not.


Agree.

Maybe we're looking in the wrong place.


----------



## smiddy




----------



## jimmie57

I run IE9 and Norton Internet Security and I did not get any message of a problem.

Edit: I just used Firefox to come here and it gave me this. I bolded some of the text.

Safe Browsing
Diagnostic page for www.dbstalk.com

What is the current listing status for www.dbstalk.com?

Site is listed as suspicious - visiting this web site may harm your computer.

* Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.*

What happened when Google visited this site?

* Of the 149 pages we tested on the site over the past 90 days, 36 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-23, and the last time suspicious content was found on this site was on 2012-12-23.*

This site was hosted on 1 network(s) including AS30496 (COLO4).

Has this site acted as an intermediary resulting in further distribution of malware?

* Over the past 90 days, www.dbstalk.com did not appear to function as an intermediary for the infection of any sites.*

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.


----------



## SayWhat?

MysteryMan said:


> Is a puzzlement. Some users running the same version of Google Chrome (23.0.1271.97) experiencing the issue while others do not.


Some use proper blocking utilities, others don't.

Giggly is hardly any kind of security authority and is likely falsely flagging an ad of some kind. It may be OK as a search engine, but should not be trusted beyond that.


----------



## Steve

SayWhat? said:


> Giggly is hardly any kind of security authority and is likely falsely flagging an ad of some kind. It may be OK as a search engine, but should not be trusted beyond that.


I'd be surprised if Google's attorneys would allow them to flag a site like this without concrete evidence of malware. That said, Google probably has a spider that clicks on every link, and I agree the culprit is likely one or more of the advertising links on the site.


----------



## David Bott

Hi All...

I do not see any issue currently with the site itself and the main protection providers is not reporting any issue. 

I am also thinking it came from an ad. Seeing that Google Adsense is suppose to fileter any such ads, I have left that one on. However we also run OpenX Marketplace which I have turned off at this time. 

However, seeing it s "flagged" for some unknown reason, it might stay flagged for X amount of time before the flag is cleared. I can see no way to clear it.

So, well, we shall see.

Looking over the report from Google, it is not site wide as only 36 pages were reported today. So I am more and more guessing an ad. I have gone to some of the pages reported in my Google Webmaster Tools area that said are bad and can find nothing on the pages themselves or in any links etc.

Thanks


----------



## David Bott

I have now submitted a request for Google to review the site to rescan the content in hopes to clear the message. So we shall see what happens.

Sure, this time of year of all times. Augh!


----------



## SayWhat?

Steve said:


> I'd be surprised if Google's attorneys would allow them to flag a site like this without concrete evidence of malware.


Ummmm, OK :sure:


----------



## CopyCat

Firefox 17.0.1


----------



## David Bott

Right...As Mentioned...I have asked Google to re-scan us as the issue came from an AD and the provider has been removed. Now we need to wait for them to rescan and verify we are good.

THEIR IS NOTHING WRONG with the site itself and I have already removed the OpenX Marketplace that let the ad through. So we are just now waiting for Google to rescan.

Thanks


----------



## Mark Holtz

David Bott said:


> THEIR IS NOTHING WRONG with the site itself and I have already removed the OpenX Marketplace that let the ad through. So we are just now waiting for Google to rescan.


Like this.


----------



## phrelin

I guess I should have said something last night. Norton kept locking up the page load because of the ad site generating repeated popup messages about the "malware." It's not a problem this morning.


----------



## carlsbad_bolt_fan

Got the same thing too, using FF 17.0.1. Knew it had to be a mistake.

Thanks to the site admins/owners for looking into this. Can't be easy to do this time of year.


----------



## makaiguy

David Bott said:


> Right...As Mentioned...I have asked Google to re-scan us as the issue came from an AD and the provider has been removed. Now we need to wait for them to rescan and verify we are good.
> 
> THEIR IS NOTHING WRONG with the site itself and I have already removed the OpenX Marketplace that let the ad through. So we are just now waiting for Google to rescan.
> 
> Thanks


I just got the warning when coming to the site - and this appears to be after you've removed access to that ad site.

We were hit with something similar on the vBulletin board I administer. I was able to clear the problem and get Google to unlist us.

I'll PM you with what we found.


----------



## armophob

klang said:


> I got the warning using Firefox 17.0.1


Ditto


----------



## AntAltMike

armophob said:


> Same thing just happened here. Had to uncheck the "block reported attack sites" box in Firefox just to get back here.


I'll bite. Where can I find a, "block reported attack site" box in Firefox to uncheck.

Could I instead click, "Ignore this warning" in the lower right corner of the warning message window?


----------



## armophob

AntAltMike said:


> I'll bite. Where can I find a, "block reported attack site" box in Firefox to uncheck.
> 
> Could I instead click, "Ignore this warning" in the lower right corner of the warning message window?


tools>options>security


----------



## MikeW

AVG reports it as JAVA Script Obfuscation.
http://www.avgthreatlabs.com/webthreats/info/javascript-obfuscation/


----------



## David Bott

It can take up to 24 hours to clear. So even though I have removed the ad server for now that seemed to be making for the issue, we now need to wait for Google. 

Fix, Report Fixed, wait for Google to check and then hopefully clear it.


----------



## David Bott

MikeW said:


> AVG reports it as JAVA Script Obfuscation.
> http://www.avgthreatlabs.com/webthreats/info/javascript-obfuscation/


I see nothing like that. If they can report what...I can look further...but otherwise, I do not see any such thing.

Thanks


----------



## KyL416

AntAltMike said:


> I'll bite. Where can I find a, "block reported attack site" box in Firefox to uncheck.
> 
> Could I instead click, "Ignore this warning" in the lower right corner of the warning message window?


Ignore this warning should be fine now. It was something with OpenX's ad platform which has a long history of being exploited, since David said he disabled it, DBSTalk and all of its remaining ads are safe to view. It just takes awhile for Google to completely remove it from their list. However, that doesn't mean every other site who uses OpenX or was compromised some other way did the same.

Now if you have decent virus/malware protection, and you or anyone else who uses your computer know not to click random things that popup, know that web popups that appear to be one of your folders saying it detected a virus is fake, and know to pay attention to the url in the address bar before logging into any site, you can also disable the entire feature under Preferences -> Security -> "Block reported attack sites".


----------



## David Bott

A scan from sucuri.net shows we should be clear...So I think we now need for Google to get it out of their reporting.

Google also now reports it is clean. So, well, we need to wait it seems.


----------



## Laxguy

Thanks, David.

Any theory on why some got this warning and others (such as myself) did not? Could ad blocker be the distinguishing feature?


----------



## MikeW

I am not seeing any errors at this time. This was the object that was blocked about 30 minutes ago. Hope it helps....

Exploit JavaScript Obfuscation (type 1958);

"my-liben-days.com/phpwebalbum/img/static.php?access=619&entry=874&thumbs=38&demo=827&form=504&board=628"

"Object was blocked";"12/24/2012


----------



## Phil T

Looks like it is clear now. Safari was showing the popup all morning.


----------



## jimmie57

MikeW said:


> I am not seeing any errors at this time. This was the object that was blocked about 30 minutes ago. Hope it helps....
> 
> Exploit JavaScript Obfuscation (type 1958);
> 
> "my-liben-days.com/phpwebalbum/img/static.php?access=619&entry=874&thumbs=38&demo=827&form=504&board=628"
> 
> "Object was blocked";"12/24/2012


The thing I got is similar but changed up a little bit. Norton blocked this at 11:55 am cst.

my-liben-days.com/icons/static.php?rsscss=629&thumbs=38&other=105&documents=17&counter=675

It states that this is the web site that it came from, if this helps any.
5.199.171.149, 80


----------



## armophob

Phil T said:


> Looks like it is clear now. Safari was showing the popup all morning.


Not clear here.


----------



## RasputinAXP

Clean now.


----------



## armophob

RasputinAXP said:


> Clean now.


on what browser? not on Firefox.


----------



## David Bott

You may be getting the data from different parts of the country based on how you are connected and where. Google, and the services that use them, are all over the place. So, where your browser checks for the database, it might not have yet got the update on that server. I am clear in FF and Chrome now and I was not 15 mins ago.

Take care all..thanks for the help in the reporting. Sorry it happened. Just wish I would have found out sooner. 

Take care, keep safe, I am off to see family.


----------



## armophob

AT&T firefox Florida, still a problem


----------



## MysteryMan

Google Chrome is back.


----------



## RasputinAXP

sorry. Chrome, Jersey.


----------



## B_H

Avast security just said I was trying to download a virus, using Internet Explorer 9.


----------



## ThomasM

Interesting thread.

For a change I've had no problem with my Google Chrome Browser accessing DBSTALK.COM today despite previous issues (see other thread-this forum).

Perhaps the issue is fixed??


----------



## armophob

ThomasM said:


> Perhaps the issue is fixed??


nope' just tried it


----------



## Mark Holtz

No longer occurring on both Firefox and Chrome at my end.


----------



## sbl

Firefox just blocked it for me.

Safe Browsing
Diagnostic page for www.dbstalk.com

What is the current listing status for www.dbstalk.com?

This site is not currently listed as suspicious.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 337 pages we tested on the site over the past 90 days, 38 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-24, and the last time suspicious content was found on this site was on 2012-12-24.

Malicious software is hosted on 1 domain(s), including vuweather.org/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including journaldugeek.com/.

This site was hosted on 1 network(s) including AS30496 (COLO4).

More information at http://www.stopbadware.org/firefox?...lk.com/forumdisplay.php?s=&daysprune=-1&f=194


----------



## Draconis

I just happened to me using Firefox 17.0.1


----------



## Steve

[strike]No more warnings here in NY, ATM. Chrome 24.x here.[/strike]

I spoke too soon. It's back here as well.


----------



## lwilli201

Mozilla Firefox. Got warning at 9.33 PM CT.


----------



## shaun-ohio

just got it again, on google chrome


----------



## Mark Holtz

Same here.


----------



## FlyingDiver

Same here. Safari on OS X 10.8.


----------



## Nighthawk68

Just got it on IE 9 here just a few minutes ago.


----------



## spartanstew

Had it this morning, didn't have it this afternoon, and now had it again just now (all on Chrome).


----------



## chevyguy559

spartanstew said:


> Had it this morning, didn't have it this afternoon, and now had it again just now (all on Chrome).


Same for me, using Chrome as well


----------



## fluffybear

I have been seeing the warning for the better part of the day.

Chrome Version 24.0.1312.45 beta
MAC OS/X 10.8.2


----------



## phrelin

I'm continuing to get the warning if I shut down Firefox, restart and come back to the site. No big deal, it just hasn't been cleared through the systems yet.


----------



## armophob

phrelin said:


> I'm continuing to get the warning if I shut down Firefox, restart and come back to the site. No big deal, it just hasn't been cleared through the systems yet.


Don't do all that.
check and then uncheck
"block reported attack site" 
tools>options>security and then refresh


----------



## SomeRandomIdiot

The trojan is real and Google as well as the other Browsers are correct. The site is still sending out the trojan which is why the site has been reblocked by Chrome.

If you bypassed it, you might have a real problem on your system.

This virus is a variant of the Java/Exploit.Agent.NEB trojan. If your virus program did not detect it, time to get a better virus program such as eset and get rid of Norton and McAfee that miss stuff like this. 

The trojan is coming from penetraterarest.com in Kazakhsta.

The java file is called FojZQA.jar

The exact address that dbstalk is telling your browser to download from is:

"http://penetraterarest.pro/rFR2v50SAgq0PhnF17Xcs0WuLw0utMZ0VCGd0sjOW0P6130GGLL0mEtv10X6e0TtHo17Kj901GbG05BY5/FojZQA.jar"

The Site Owners should DISABLE all Ads until this gets straightened out.

If they disable the Ads and the trojan remains, it has root on the DBStalk Server.

But again, what do I know.....I'm only SomeRandomIdiot.

Happy Holidays!


----------



## SomeRandomIdiot

Forgot to mention the size of the trojan that is being sent dbstalk users is 16,117 bytes.


----------



## SomeRandomIdiot

appears the trojan is now being distributed by 2 different sites as shown below:

Advisory provided by	
Safe Browsing
Diagnostic page for dbstalk.com

What is the current listing status for dbstalk.com?
Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?
Of the 532 pages we tested on the site over the past 90 days, 62 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-24, and the last time suspicious content was found on this site was on 2012-12-24.
Malicious software is hosted on 2 domain(s), including vuweather.org/, penetraterarest.pro/.

2 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including journaldugeek.com/, openx.net/.

This site was hosted on 1 network(s) including AS30496 (COLO4).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, dbstalk.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:
Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.


----------



## Davenlr

I just scanned my computer with MSE and Malwarebytes, and found nothing. I do run adblock on Firefox, so perhaps it blocks the offending ads in the first place.


----------



## Drucifer

Just got it again.


----------



## Lord Vader

Just got it now. 

The Force is strong on this one.


----------



## MysteryMan

Same here. Google Chrome is again warning that visiting this website may harm your computer.


----------



## pfred

SomeRandomIdiot said:


> The trojan is real and Google as well as the other Browsers are correct. The site is still sending out the trojan which is why the site has been reblocked by Chrome.
> 
> If you bypassed it, you might have a real problem on your system.
> 
> This virus is a variant of the Java/Exploit.Agent.NEB trojan. If your virus program did not detect it, time to get a better virus program such as eset and get rid of Norton and McAfee that miss stuff like this.
> 
> The trojan is coming from penetraterarest.com in Kazakhsta.
> 
> The java file is called FojZQA.jar
> 
> The exact address that dbstalk is telling your browser to download from is:
> 
> "http://penetraterarest.pro/rFR2v50SAgq0PhnF17Xcs0WuLw0utMZ0VCGd0sjOW0P6130GGLL0mEtv10X6e0TtHo17Kj901GbG05BY5/FojZQA.jar"
> 
> The Site Owners should DISABLE all Ads until this gets straightened out.
> 
> If they disable the Ads and the trojan remains, it has root on the DBStalk Server.
> 
> But again, what do I know.....I'm only SomeRandomIdiot.
> 
> Happy Holidays!


I got this message too, just now. 
Come on dbstalk, fix this!


----------



## wingrider01

Not getting it on dbstalk, but did get it on trend micro when I tried to access my account on directv. Spent about an hour on the phone with trend micro's support people, they are looking into it. IE9 here


----------



## Billzebub

I got the Java attack caught by norton antivirus


----------



## klang

Got the attack warning again with Firefox 17.0.1 running on Mac OS X 10.7.5 . I too am running Adblock Plus. I'm running an extra Sophos scan but I don't really expect to find anything.


----------



## David Bott

It seems that google not only added it for DBSTalk, the main site, but also the ad server. So I needed to added the ad servers URL into my webmaster account and then tell Google to also scan that. That is because is sees the OpenX code that calls the ads on our page.

So I now have requested Google to again scan DBSTalk to show it is safe as well as the ad server. All because OpenX let in bad ads. 

Augh! Just ticks me off.


----------



## Mark Holtz

We made the Bott angry. And on Christmas, no less. Is this a sign of the Robott Apocalypse?


----------



## David Bott

It also seems that Google flagged OpenX itself, thus even more of an issue.

Augh!


----------



## RasputinAXP

Alerting again this morning. Chrome, Jersey, the usuals.


----------



## David Bott

RasputinAXP said:


> Alerting again this morning. Chrome, Jersey, the usuals.


Yes, already reported and on it as mentioned above.

Thanks


----------



## RasputinAXP

David Bott said:


> Yes, already reported and on it as mentioned above.
> 
> Thanks


I noticed that you said you asked them to scan OpenX again. It wouldn't be the first time an ad-serving site has been infected.


----------



## David Bott

*PLEASE NOTE WE ARE AWARE THAT THE BLOCK IS HAPPENING AGAIN AFTER IT WAS CLEARED.

I HAVE RECHECKED THE SITE AND THE SITE ITSELF HAS NO ISSUES. IT WAS AN AD THAT WAS SENT DOWN BY OPENX WHICH IS A PROVIDER OF ADS. OPENX HAD ASSURED US THE PROBLEM WAS HANDLED, SURELY IT WAS NOT.

"It is my understanding that the situation has been handled. Thanks for the email."

OPENX MARKETPLACE HAS BEEN TUNRED OFF.

WE HAVE RESUBMITTED TO GOOGLE TO RE-VERIFY THE SITE AS WELL AS OUR AD SERVER.

WE ARE NOW AGAIN NEED TO WAIT FOR THIS TO OCCURE.

THANK YOU ALL. AND I AM SORRY I NEED TO RUN ADS AT ALL.*


----------



## Scott Kocourek

David Bott said:


> *PLEASE NOTE WE ARE AWARE THAT THE BLOCK IS HAPPENING AGAIN AFTER IT WAS CLEARED.
> 
> I HAVE RECHECKED THE SITE AND THE SITE ITSELF HAS NO ISSUES. IT WAS AN AD THAT WAS SENT DOWN BY OPENX WHICH IS A PROVIDER OF ADS. OPENX HAD ASSURED US THE PROBLEM WAS HANDLED, SURELY IT WAS NOT.
> 
> "It is my understanding that the situation has been handled. Thanks for the email."
> 
> OPENX MARKETPLACE HAS BEEN TUNRED OFF.
> 
> WE HAVE RESUBMITTED TO GOOGLE TO RE-VERIFY THE SITE AS WELL AS OUR AD SERVER.
> 
> WE ARE NOW AGAIN NEED TO WAIT FOR THIS TO OCCURE.
> 
> THANK YOU ALL. AND I AM SORRY I NEED TO RUN ADS AT ALL.*


Sorry you have to deal with this on Christmas David.

Merry Christmas to you and your family.


----------



## mitchflorida

This is very scary. I am on Internet Explorer now, but Google Chrome is having a fit.

What sort of malware is being installed?


----------



## SayWhat?

I find it hard to believe that so many people have gotten suckered by (and so wound up over) what is most likely a false positive.


----------



## David Bott

mitchflorida said:


> This is very scary. I am on Internet Explorer now, but Google Chrome is having a fit.
> 
> What sort of malware is being installed?


NONE is being INSTALLED as mentioned. It was inside an ad that might or might not show. But seeing it did show while google was indexing a page, then it flags the entire site. It has NO IDEA it was in an ad. So it says the site has an issue overall...which it does not and the provider has been turned off.

So now we wait, again, for google to clear it.


----------



## TBlazer07

I get no warnings until I hit REPLY to a message. Then it kicks me out.


----------



## MysteryMan

Think's the name of the thread should be changed to "How the Grinch, aka Google stole Christmas".


----------



## SomeRandomIdiot

David Bott said:


> NONE is being INSTALLED as mentioned. It was inside an ad that might or might not show. But seeing it did show while google was indexing a page, then it flags the entire site. It has NO IDEA it was in an ad. So it says the site has an issue overall...which it does not and the provider has been turned off.
> 
> So now we wait, again, for google to clear it.


Hate to tell you this, but as you can check on the database, I did not try to log in over the past 2 days until late last night

The site tried to install the trojan at that time (which I can document with screen shots), 10 hours after you said the site was cleared in post #44.

I left very detailed info overnight that you decided to delete and now most users do not know they have been infected. Your site. Your perogative.

However, as noted in the post, you should turn off all ads temporarily until this is cleared up.


----------



## SomeRandomIdiot

Davenlr said:


> I just scanned my computer with MSE and Malwarebytes, and found nothing. I do run adblock on Firefox, so perhaps it blocks the offending ads in the first place.


MSE recently failed a major AV Test certification so I wouldn't feel great using that right now.

http://www.tomshardware.com/news/Mi...-Malware-Certification-Bitdefender,19452.html

http://securitywatch.pcmag.com/none/305401-microsoft-fails-av-test-certification

http://www.dslreports.com/forum/r27771235-MSE-fails-AV-Test-loses-certification~start=20

http://news.cnet.com/8300-5_3-0.html?keyword=av-test


----------



## David Bott

SomeRandomIdiot said:


> Hate to tell you this, but as you can check on the database, I did not try to log in over the past 2 days until late last night
> 
> The site tried to install the trojan at that time (which I can document with screen shots), 10 hours after you said the site was cleared in post #44.
> 
> I left very detailed info overnight that you decided to delete and now most users do not know they have been infected. Your site. Your perogative.
> 
> However, as noted in the post, you should turn off all ads temporarily until this is cleared up.


First off you post was NOT delated... It is right where you post it...:nono2:

http://www.dbstalk.com/showpost.php?p=3150663&postcount=75

As CLEARLY mentioned. The issue was from OPENX MARKETPLACE and thus was the issue created by an ad they served. Even OpenX, as I also posted, said they were aware of the issue and it has been resolved. We guess what...it clearly was not or they had another outbreak and was not aware.

As mentioned above, OPENX MARKETPLACE, the place the bad ad came from, has been turned OFF at this point all together. I have also alerted them of the issue as other sites also have.

That is that at this point. All I can do now it wait for google to recheck the site to see if it sees any issue and removes the notice.


----------



## TheRatPatrol

I'm using Safari on my iPad, haven't had any issues.


----------



## johnnytex

It is definitely not fixed. Same problem here every time I restart Firefox 17.0.1.


----------



## FlyingDiver

johnnytex said:


> It is definitely not fixed. Same problem here every time I restart Firefox 17.0.1.


That doesn't mean the problem isn't fixed (on the dbstalk.com end). It means that Google hasn't updated their info yet.


----------



## SayWhat?

David Bott said:


> We guess what...it clearly was not or they had another outbreak and was not aware.


Or there wasn't a problem to begin with. I've seen this kind of thing pop-up on known good sites and programs due to an innocuous code bit that the flagging site either didn't recognize or couldn't understand or had seen similar bits in malware.

Once one flagging site sinks into something, it's spread to other flagging sites and you end up with a bunch of people chasing shadows.


----------



## Phil T

Looks like Safari is OK again for me.


----------



## David Bott

What I have done at this point...

I just removed our ad server from being used all together. So no OpenX running at all and (Not the server software or the OpenX Marketplace).

Google Adsense code was put into the site raw. (No ad server to insert it.)

Google was contacted about the the issue. Waiting for the site to clear to be OK.

Ran scans of the site and server...nothing found. (Did this just in case even though I knew it was from a ad.) Had 3 other sites run scans of this site. Nothing found.

Contacted OpenX again in regards to the issue.

We were NOT the only site that had this issue by a long shot. Even talked with Scott and he also has the same issue with the same outcomes. 

I will run this way for a few days just so OpenX has time to check their ads and fix etc.

Understand, this is not something anyone would want to happen. What makes it worse for us is that it came in via a third party that should be scanning their ads before sent. A such, we look like the bad site and we surely are not.

Not only has this cost us new visitors, made worse based on the time of the year, but now greatly affects the sites income for operation. 

All in all, thats the scoop as of this time. (1:27PM ET 12/25)


----------



## klang

Thanks for your hard work on this holiday.


----------



## Davenlr

David Bott said:


> Not only has this cost us new visitors, made worse based on the time of the year, but now greatly affects the sites income for operation.


Well, it would not hurt those folks who live on here and have not so far joined the club, to pony up for a subscription. I am sure that would help. Sorry about your troubles, but hope you have a Merry Christmas.


----------



## Mark Holtz

Does this mean we can send OPENX MARKETPLACE all of our unwanted fruitcake?


----------



## David Bott

Davenlr said:


> Well, it would not hurt those folks who live on here and have not so far joined the club, to pony up for a subscription. I am sure that would help. Sorry about your troubles, but hope you have a Merry Christmas.


Ah great! Now I am going to have someone say that I personally did this just to drive club subscriptions! 

LOL Ho Ho Ho.


----------



## lwilli201

Firefox. Still getting warning and adds are still showing.


----------



## RasputinAXP

All clear here. Sorry you have to deal with this.


----------



## Stewart Vernon

David Bott said:


> Google Adsense code was put into the site raw. (No ad server to insert it.)
> 
> Google was contacted about the the issue. Waiting for the site to clear to be OK.


Am I misreading something here... or...

Google can flag your Website so that people can't reach it due to a "warning" about viruses.

The flagging came as a result of a third-party ad server/code not run by Google.

If you use Google's ad code, they will scan you clean and allow access to the Web site again?

Oversimplifying... but am I reading that chain correctly? Seems like a conflict of interest happening there with Google.


----------



## mitchflorida

Chrome appears to be all clear now.


----------



## David Bott

lwilli201 said:


> Firefox. Still getting warning and adds are still showing.


Hummm...I am sorry, but I will not touch this one. :nono2:


----------



## David Bott

Stewart Vernon said:


> Am I misreading something here... or...
> 
> Google can flag your Website so that people can't reach it due to a "warning" about viruses.
> 
> The flagging came as a result of a third-party ad server/code not run by Google.
> 
> If you use Google's ad code, they will scan you clean and allow access to the Web site again?
> 
> Oversimplifying... but am I reading that chain correctly? Seems like a conflict of interest happening there with Google.


"If you use Google's ad code, they will scan you clean and allow access to the Web site again?"

They will scan regardless. They are doing nothing wrong. The issue still came from an ad from another party...Google just detected it as being on the site.

I removed OpenX just to get things cleared and hope they will be able to fix their issue.


----------



## armophob

lwilli201 said:


> Firefox. Still getting warning and adds are still showing.


I am clear here on Firefox.
I had to clear my cache and cookies first though.
Then I could go back to checking the block box.


----------



## armophob

Kind of an elaborate ruse to drive up club subscriptions David.
Even NPR just holds pledge drives.


----------



## armophob

oops, I spoke too soon.
It is back again on Firefox


----------



## lwilli201

David Bott said:


> Hummm...I am sorry, but I will not touch this one. :nono2:


Cleared my history in Firefox and the warnings have not returned. I am getting the adds. Should I be getting adds since the add server has been shut down?


----------



## David Bott

armophob said:


> Kind of an elaborate ruse to drive up club subscriptions David.
> Even NPR just holds pledge drives.


Ding Ding Ding we have a winner. See post 109.


----------



## David Bott

lwilli201 said:


> Cleared my history in Firefox and the warnings have not returned. I am getting the adds. Should I be getting adds since the add server has been shut down?


AS it stats in post 105...

"Google Adsense code was put into the site raw. "

So yes, you will see ads that are being served via Google and not by our dedicated ad server.


----------



## lwilli201

David Bott said:


> AS it stats in post 105...
> 
> "Google Adsense code was put into the site raw. "
> 
> So yes, you will see ads that are being served via Google and not by our dedicated ad server.


Understand :righton:.


----------



## SayWhat?

The ads are adds, not part of the core site.


----------



## AntAltMike

David Bott said:


> Ah great! Now I am going to have someone say that I personally did this just to drive club subscriptions!


I suspect that AOL does something like that. Every once on a while, when I am browsing via the AOL desktop, it starts running slow as sin and then I get notices to buy or subscribe to AOL's service to speed up my computer...but I find I can just as readily restore my speed by using Internet Explorer or Firefox.


----------



## SomeRandomIdiot

Stewart Vernon said:


> Am I misreading something here... or...
> 
> Google can flag your Website so that people can't reach it due to a "warning" about viruses.
> 
> The flagging came as a result of a third-party ad server/code not run by Google.
> 
> If you use Google's ad code, they will scan you clean and allow access to the Web site again?
> 
> Oversimplifying... but am I reading that chain correctly? Seems like a conflict of interest happening there with Google.


Not really.

With Google Chrome or Safari, it blocks the site and tells you why.

It then gives you several options, to click and find out exactly why the site is being blocked - or to continue on at your own risk.

As the trojan was being delivered to dbstalk userswithout their knowledge (was only stopped if their Virus Software stopped it), Google and Safari were correct in what they did.

Yes, it was from an ad, but virtually every virus/trojan uses intermediate sites to spread the bug. In this case, dbstalk.com was the intermediate site.

Does not matter if it comes from an ad or an infected web server, if a site is sending out a bug, it gets flagged - for good reason.

see this link:

http://safebrowsing.clients.google....www.dbstalk.com/&client=googlechrome&hl=en-US

Furthermore, this is not the first issue for the openx ad service in the past 90 days: Malicious software includes 110 exploit(s), 46 trojan(s), 3 scripting exploit(s).

Yes, its a pain in the a...for David and timing sucks - but such is the glorious life of a site owner


----------



## armophob

The bigger you get, the harder they wish you to fall.

Might be time to step it up a notch security wise.


----------



## David Bott

armophob said:


> The bigger you get, the harder they wish you to fall.
> 
> Might be time to step it up a notch security wise.


It was NOT us. It was the ad provider and we can not control the ads to that degree. We were NOT the only site affected by a long shot.

Augh


----------



## David Bott

I did happen to get a flight off today of my X650 Quad. Here is the video of our neighborhood on Christmas Day with this quick 300 foot flight.

Merry Christmas!

[YOUTUBEHD]dlZe6-e1Yb8[/YOUTUBEHD]


----------



## dserban

I got this on Safari but not on Chrome.


----------



## hdtvfan0001

David Bott said:


> I did happen to get a flight off today of my X650 Quad. Here is the video of our neighborhood on Christmas Day with this quick 300 foot flight.
> 
> Merry Christmas!
> 
> [YOUTUBEHD]dlZe6-e1Yb8[/YOUTUBEHD]


David...that is one of the coolest videos I have seen in a very long time.

Now if you can just move to a warmer climate.


----------



## Scott Kocourek

David Bott said:


> I did happen to get a flight off today of my X650 Quad. Here is the video of our neighborhood on Christmas Day with this quick 300 foot flight.
> 
> Merry Christmas!
> 
> [YOUTUBEHD]dlZe6-e1Yb8[/YOUTUBEHD]


That is awesome!! I can't believe how stable it is.


----------



## Davenlr

That was awesome. Merry Christmas to you as well.


----------



## David Bott

Here our other videos I have done in our travels...

http://www.youtube.com/user/David350Z/videos


----------



## hdtvfan0001

David Bott said:


> Here our other videos I have done in our travels...
> 
> http://www.youtube.com/user/David350Z/videos


WOW! More good video!

How long did it take you to master that level of steady control, and what kind of video device did you use?


----------



## David Bott

I fly a drone.

http://roadtreking.com/an-rver-with-his-own-personal-drone/

He got some of the info wrong in the news coverage video. I can fly 3/4 of a mile away and that one costs about $4K. (he says $3K and 1/4 mile.)


----------



## armophob

very cool, I knew it was coming, I just did not think the FAA would allow it, how do I start?


----------



## dpeters11

"Davenlr" said:


> Well, it would not hurt those folks who live on here and have not so far joined the club, to pony up for a subscription. I am sure that would help. Sorry about your troubles, but hope you have a Merry Christmas.


It would be nice for more to pay. This is the only site that I do that. I actually felt a little guilty buying the two year subscription which saves some money, but then figured that was one less credit card fee 

But this kind of issue does pop up more often than it should. Sites like this need ads, but the ad networks need to be more careful about the ads they sell. There are times where it's a no win situation.


----------



## David Bott

Not allowed for commercial use. (Aka...you can not shoot video or photos and charge for them for commercial gain.) They currently are classified like a RC airplane so you have do have FAA rules.

FAA is currently trying to draft new rules however for the use of the air space. 

How do you start...spend $$$. And then spend more $$$ when you crash. Like all other such hobbies.


----------



## PokerJoker

6:25 PM PST - still getting the blocking message - Firefox 17.0.1.


----------



## David Bott

PokerJoker said:


> 6:25 PM PST - still getting the blocking message - Firefox 17.0.1.


Suggest trying to clear your cache as maybe that would be the issue as some others have reported.


----------



## Mariah2014

Actually did that and it cleared it for one time. The next time I visited again after that, I got the same message again. It only temporarily fixed it.


David Bott said:


> Suggest trying to clear your cache as maybe that would be the issue as some others have reported.


----------



## David Bott

My guess then is that the server you get for your check feed from has not yet been updated.


----------



## Mariah2014

Some of the pages are still flagged this morning and others are not.


David Bott said:


> My guess then is that the server you get for your check feed from has not yet been updated.


----------



## David Bott

I have no way in Google at this time to ask for them to check the site as it reports that the site is fine. So, it does not offer me an option to check the site to be removed from the list. (Though I do agree it shows me 17 pages it thinks has issues but no way to clear them.)

This is really upsetting to say the least.


----------



## JACKIEGAGA

I didn't have any problems today using Chrome Version 23.0.1271.97 m


----------



## bnwrx

My 2 cents....For me the site works with Chrome,IE(posting this thru Chrome), but Firefox 17.01 still flagging the site.....

Yesterday Firefox would "sometimes" put me thru other times not....


----------



## David Bott

Sounds like Firefox needs to be cleared. (Just going on what others have said.)


----------



## MysteryMan

JACKIEGAGA said:


> I didn't have any problems today using Chrome Version 23.0.1271.97 m


Same here.


----------



## MysteryMan

David Bott said:


> I did happen to get a flight off today of my X650 Quad. Here is the video of our neighborhood on Christmas Day with this quick 300 foot flight.
> 
> Merry Christmas!
> 
> [YOUTUBEHD]dlZe6-e1Yb8[/YOUTUBEHD]


Great video. Thanks for sharing.


----------



## trh

I've been primarily using Safari, but just checked with FireFox (17.0.1) and IE (9.0.8112.16421) and I haven't had any problems.


----------



## armophob

David Bott said:


> Sounds like Firefox needs to be cleared. (Just going on what others have said.)


That worked once for me, but not any longer. I clear the cache and dump the cookies and it might work for a moment. Then it comes back.


----------



## David Bott

Sorry, but really not sure how I can help further. Guess you need to still wait for the server that provides the data to you to be updated.


----------



## armophob

David Bott said:


> Sorry, but really not sure how I can help further. Guess you need to still wait for the server that provides the data to you to be updated.


It is definitely a Firefox thing. I opened DBS up in IE and did not have anymore issues.
I cleared the cache and cookies and then checked the clear everything on exit before closing Firefox. That cleared all the history and registers and I seem to be up and working again with the block attack sites box checked.


----------



## Laxguy

David Bott said:


> I did happen to get a flight off today of my X650 Quad. Here is the video of our neighborhood on Christmas Day with this quick 300 foot flight.
> 
> Merry Christmas!


That is awesome beyond words. And thanks for posting the video. 
I want one!!!!
How bout a pic of the actual bird and controller? {Please!}

And a Happy New Year!


----------



## litzdog911

No problems with Chrome this morning.


----------



## onan38

bnwrx said:


> My 2 cents....For me the site works with Chrome,IE(posting this thru Chrome), but Firefox 17.01 still flagging the site.....
> 
> Yesterday Firefox would "sometimes" put me thru other times not....


+1 I have cleared cache and sometime firefox flag's the site sometimes it won't. Like everyone else Chrome and IE ok.


----------



## armophob

onan38 said:


> +1 I have cleared cache and sometime firefox flag's the site sometimes it won't. Like everyone else Chrome and IE ok.


try clearing your history as well

Seemed to work for me.


----------



## David Bott

Laxguy said:


> That is awesome beyond words. And thanks for posting the video.
> I want one!!!!
> How bout a pic of the actual bird and controller? {Please!}
> 
> And a Happy New Year!


Hi...










First Flight...(You will see I am much less stable.)

http://www.outsideourbubble.com/x650-quadcoptor-arrived-first-flight-footage

FPV Flying...(First Person View long distance flying.)

http://www.outsideourbubble.com/first-fpv-flight-with-x650

First Crash...

http://www.outsideourbubble.com/first-x650-crash-oops

Hope this helps.


----------



## billsharpe

Working fine with Firefox here. And it was working fine a couple days ago. I took Christmas Eve and Christmas off on the computer.


----------



## lipcrkr

I am using Chrome and Firefox and as of now everything is fine. I primarily use Chrome but the interesting thing is DBSTalk would be OK and then i would go back a couple of hours later and get the Malaware message. I have Malaware and i scanned the last couple of days and it was fine. Hopefully everything gets back to normal.


----------



## Lord Vader

Still happening here. Using FF and have cleared cache and history.


----------



## plasmacat

It is still blocked on Firefox - my default browser. It comes up OK on Chrome and IE.


----------



## texasbrit

I cleared everything on Firefox and was OK last night, but today the attack site message is back


----------



## MysteryMan

texasbrit said:


> I cleared everything on Firefox and was OK last night, but today the attack site message is back


Kind of like a gift that keeps on giving. :sure:


----------



## bnwrx

texasbrit said:


> I cleared everything on Firefox and was OK last night, but today the attack site message is back





MysteryMan said:


> Kind of like a gift that keeps on giving. :sure:


Same for me today....Late yesterday and last night was OK with Firefox, now today site is blocked again. Using Chrome to post this....


----------



## joed32

SomeRandomIdiot said:


> The trojan is real and Google as well as the other Browsers are correct. The site is still sending out the trojan which is why the site has been reblocked by Chrome.
> 
> If you bypassed it, you might have a real problem on your system.
> 
> This virus is a variant of the Java/Exploit.Agent.NEB trojan. If your virus program did not detect it, time to get a better virus program such as eset and get rid of Norton and McAfee that miss stuff like this.
> 
> The trojan is coming from penetraterarest.com in Kazakhsta.
> 
> The java file is called FojZQA.jar
> 
> The exact address that dbstalk is telling your browser to download from is:
> 
> "http://penetraterarest.pro/rFR2v50SAgq0PhnF17Xcs0WuLw0utMZ0VCGd0sjOW0P6130GGLL0mEtv10X6e0TtHo17Kj901GbG05BY5/FojZQA.jar"
> 
> The Site Owners should DISABLE all Ads until this gets straightened out.
> 
> If they disable the Ads and the trojan remains, it has root on the DBStalk Server.
> 
> But again, what do I know.....I'm only SomeRandomIdiot.
> 
> Happy Holidays!


McAfee did catch it.


----------



## bnwrx

I can clear the block in FF and it will allow "for a while", but then the block message re-appears. With Chrome I am able to go to site with no warnings. Some here suggest all is OK, but I wonder why FF tries to block usage of the site...?

This is beyond my realm of understanding, but I do trust the folks here who are much more knowledgeable about this than I.


----------



## Cholly

bnwrx said:


> I can clear the block in FF and it will allow "for a while", but then the block message re-appears. With Chrome I am able to go to site with no warnings. Some here suggest all is OK, but I wonder why FF tries to block usage of the site...?
> 
> This is beyond my realm of understanding, but I do trust the folks here who are much more knowledgeable about this than I.


Same here in NC, with FF 17.0.1 -- Have not had a problem when using Chrome.


----------



## plasmacat

I got in with Firefox but then when I tried to go to Dish discussion it blocked it again and blocked when I tried to go back to this page. I am typing this from Chrome which is OK.


----------



## David Bott

For those using FireFox and see the issue...does it give you any links or anything to check on the site. More or less I am looking to see if I need to somehow submit a check for FireFox to check the site or something as I did with Google. I am not sure what FireFox uses to check on a sites status.

I have using FF moving all around the site, on a MacBook, and have not seen any issue. So, looking for help to see of their is anything more I can go.

Google still shows the site as clear.


----------



## bnwrx

David Bott said:


> For those using FireFox and see the issue...does it give you any links or anything to check on the site. More or less I am looking to see if I need to somehow submit a check for FireFox to check the site or something as I did with Google. I am not sure what FireFox uses to check on a sites status.
> 
> I have using FF moving all around the site, on a MacBook, and have not seen any issue. So, looking for help to see of their is anything more I can go.
> 
> Google still shows the site as clear.


Here is a screen shot if that helps....


----------



## David Bott

Sorry to say not at all. Maybe look under "Why was this page blocked". I am trying to find where I may need to go to try to get it cleared for FireFox.

Thanks


----------



## bnwrx

David Bott said:


> Sorry to say not at all. *Maybe look under "Why was this page blocked". * I am trying to find where I may need to go to try to get it cleared for FireFox.
> 
> Thanks


Here is what that brings up: http://safebrowsing.clients.google..../newreply.php?do=newreply&noquote=1&p=3151400


----------



## armophob

texasbrit said:


> I cleared everything on Firefox and was OK last night, but today the attack site message is back


Yep, same here.
I have checked the clear everything when I shut down Firefox as a quick fix.
But there has to still be something it keeps seeing.


----------



## Laxguy

armophob said:


> Yep, same here.
> I have checked the clear everything when I shut down Firefox as a quick fix.
> But there has to still be something it keeps seeing.


Could it not be there's something FF isn't letting go of? Have you given it a deep cleaning?


----------



## David Bott

Well that links shows...

"What is the current listing status for www.dbstalk.com?
This site is not currently listed as suspicious."

...So I really am not sure why FF is doing it. Are you maybe running some 3rd party blocker or something? (Note...Not saying not to do that...just a thought just in case it might be something like that.)

This has been very upsetting that OpenX Marketplace does not check their ads.


----------



## jimmie57

I do not get the page anymore on my FF.
I have mine set to clear cookies and history each time it closes.


----------



## Stewart Vernon

What version of Firefox? I'm running 18, which may still be in beta since I often run Firefox betas.


----------



## jimmie57

FF version 17.0.1


----------



## Drucifer

texasbrit said:


> I cleared everything on Firefox and was OK last night, but today the attack site message is back


Same scenario here. Cleared everything. But if I reboot my PC, the warning returns the next time I visit the forum. I'm running FF v17.01.


----------



## armophob

Drucifer said:


> Same scenario here. Cleared everything. But if I reboot my PC, the warning returns the next time I visit the forum. I'm running FF v17.01.


Still having to uncheck the block box with FF v17.01

This is the explanation;

What is the current listing status for www.dbstalk.com?

This site is not currently listed as suspicious.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 491 pages we tested on the site over the past 90 days, 46 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-26, and the last time suspicious content was found on this site was on 2012-12-25.

Malicious software includes 1 trojan(s), 1 exploit(s). Successful infection resulted in an average of 3 new process(es) on the target machine.

Malicious software is hosted on 5 domain(s), including consumesenhanced.pro/, penetraterarest.pro/, vuweather.org/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including journaldugeek.com/.

This site was hosted on 1 network(s) including AS30496 (COLO4).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, www.dbstalk.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.


----------



## texasbrit

v17.0.1 here. If I clear the Firefox cache and then open dbstalk, everything is OK. Then if I close FF and reopen, and open dbstalk, I get the warning message every time. Basically FF is unusable with dbstalk...
IE works OK.....


----------



## klang

texasbrit said:


> v17.0.1 here. If I clear the Firefox cache and then open dbstalk, everything is OK. Then if I close FF and reopen, and open dbstalk, I get the warning message every time. Basically FF is unusable with dbstalk...


I'm seeing the same thing on my iMac at home. The same version of FF, 17.0.1, on Windows 7 at work has never seen the warning. 

The site still works fine after dismissing the warning.


----------



## veryoldschool

Not sure what's still going on here, but I'm still intermittently getting:









On this forum

Clicking on it sends me to:
http://safebrowsing.clients.google....ww.dbstalk.com/showthread.php?t=211464&page=5

Which has this:

Safe Browsing
Diagnostic page for www.dbstalk.com

What is the current listing status for www.dbstalk.com?

This site is not currently listed as suspicious.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 491 pages we tested on the site over the past 90 days, 46 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-26, and the last time suspicious content was found on this site was on 2012-12-25.

Malicious software includes 1 trojan(s), 1 exploit(s). Successful infection resulted in an average of 3 new process(es) on the target machine.

Malicious software is hosted on 5 domain(s), including consumesenhanced.pro/, penetraterarest.pro/, vuweather.org/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including journaldugeek.com/.

This site was hosted on 1 network(s) including AS30496 (COLO4).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, www.dbstalk.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.

I use FF, and this seems to happen the first time I come to DBSTalk for the past few days.


----------



## David Bott

Almost now sounds like a FF issue as it clearly states that it is clear. I am running MAckBook Pro FF 15.1 and Chrome and Safari and I have not seen the issue after it was cleared by Goole.

Please note...I am currently in bed with 103 temp for the last 2 days. So, well, I really can't do much more on this as currently nor would I know what else I could do. I have had the site scanned 3 different sites, and nothing. Why FF 17.1 is saying it has an issue, I am not sure.

Thank you.


----------



## veryoldschool

David Bott said:


> Almost now sounds like a FF issue as it clearly states that it is clear. I am running MAckBook Pro FF 15.1 and Chrome and Safari and I have not seen the issue after it was cleared by Goole.
> 
> Please note...I am currently in bed with 103 temp for the last 2 days. So, well, I really can't do much more on this as currently nor would I know what else I could do. I have had the site scanned 3 different sites, and nothing. Why FF 17.1 is saying it has an issue, I am not sure.
> 
> Thank you.


Get well soon
Chrome didn't give this message, and even with FF, it's intermittent for the past couple of days, so I'd give it only a nuisance rating.

I posted the text to show it has been cleared.


----------



## armophob

David Bott said:


> Please note...I am currently in bed with 103 temp for the last 2 days.


Flying sorties in the freezing cold without a hat or a muffler, I am not surprised.


----------



## Laxguy

Take care, David. Get well soon! You need to be out making more videos skywise!


----------



## David Bott

BTW...we were not alone. It actually turns out the installs of OPENX were have an opening. Meaning OpenX has a open hole that that can not seem to find.

http://forum.openx.org/index.php?showtopic=503520006

Seeing I have removed OpenX from the site a few days ago, we are good. But I surely will be checking the databases and also maybe looking for new software.


----------



## Scott Kocourek

David Bott said:


> Almost now sounds like a FF issue as it clearly states that it is clear. I am running MAckBook Pro FF 15.1 and Chrome and Safari and I have not seen the issue after it was cleared by Goole.
> 
> Please note...I am currently in bed with 103 temp for the last 2 days. So, well, I really can't do much more on this as currently nor would I know what else I could do. I have had the site scanned 3 different sites, and nothing. Why FF 17.1 is saying it has an issue, I am not sure.
> 
> Thank you.


Hope you feel better! Nothing worse than being sick and stuck in bed.


----------



## veryoldschool

Scott Kocourek said:


> Nothing worse than being sick and stuck in bed.


I can think of a few, but they would be for another thread. :lol:


----------



## David Bott

Update from bed...

Scott is having the same issue with FF users on his site and reports this...

"As you might be aware of there is a bug in Firefox which reports sites as possibly being bad after they are removed from the warning list. I talked (emailed) with the Stop Malicious software guys and they say they are aware of the issue and Firefox is working on fixing the issue. They however don’t have an ETA on a fix, which means people will get random popups warning your site could be bad even though its safe."

So a thanks to Scott for sharing this info as I really have not contacted them on it needless to say.

Augh again!


----------



## Stewart Vernon

That's what I was thinking... since I have not seen this problem running Firefox 18... whatever beta version it is on at this point.

So I'm guessing whatever the original problem with OpenX that is now gone by removing/disabling it... Firefox 17 is having a problem resetting itself with the new data... but Firefox 18 seems to be behaving.

For what it's worth... since I missed the initial problem, before David addressed it... I actually have not seen that warning redirect once. So it would appear whatever is funky with Firefox 17 has been addressed in Firefox 18 beta.


----------



## veryoldschool

Stewart Vernon said:


> That's what I was thinking... since I have not seen this problem running Firefox 18... whatever beta version it is on at this point.
> 
> So I'm guessing whatever the original problem with OpenX that is now gone by removing/disabling it... Firefox 17 is having a problem resetting itself with the new data... but Firefox 18 seems to be behaving.
> 
> For what it's worth... since I missed the initial problem, before David addressed it... I actually have not seen that warning redirect once. So it would appear whatever is funky with Firefox 17 has been addressed in Firefox 18 beta.


I'm sure what is leftover is a FF issue, but back on 12-23-2012, 08:34 PM PST even Chrome would give the error.


----------



## longrider

Just a note with the comments on Firefox versions, I am om Firefox 18 and just got the warning again after several clear days. About does not tell me which beta I am on but i think it is beta 3


----------



## Laxguy

It might be a time saver to use another browser for DBSTalk for a while.....


----------



## armophob

Laxguy said:


> It might be a time saver to use another browser for DBSTalk for a while.....


Yes, even after unchecking the box to get on today, DBStalk locked up my firefox and then my computer.
I hate to use it, but it looks like IE is going to be my DBS dedicated browser for the near future.


----------



## David Bott

Chrome is your friend over IE. IMHO. You say it locked up FireFox and then your computer. To me that reads you have other issues as it seems FF is the issue as the site should not lock your computer. (Or even FF) IMHO.


----------



## hdtvfan0001

David Bott said:


> Chrome is your friend over IE. IMHO. You say it locked up FireFox and then your computer. To me that reads you have other issues as it seems FF is the issue as the site should not lock your computer. (Or even FF) IMHO.


You're probably right David.

But both IE and Chrome work here fine 99.9% of the time on all sites.

FireFox - that one's had issues for a long time on numerous sites. It seems it simply is not kept as current as other browsers.

Hope you got some rest and are recouperating.


----------



## jimmie57

I got this again, just now using FF 17.0.1. I do not get this using IE9.
It appears to list who is causing the problems. Maybe I just did not notice them before.

What is the current listing status for www.dbstalk.com?

This site is not currently listed as suspicious.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 583 pages we tested on the site over the past 90 days, 46 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-12-28, and the last time suspicious content was found on this site was on 2012-12-25.

Malicious software includes 1 trojan(s), 1 exploit(s). Successful infection resulted in an average of 3 new process(es) on the target machine.

* Malicious software is hosted on 5 domain(s), including consumesenhanced.pro/, penetraterarest.pro/, vuweather.org/.*

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including journaldugeek.com/.

This site was hosted on 1 network(s) including AS30496 (COLO4).


----------



## David Bott

Thanks...but we are kind of past that. 

Please Note...It first states...*"This site is not currently listed as suspicious."*

They are reporting what the BAD domains are that were found in the code that were hosting the code. (The ad code in this case.)

It also stated..."The last time Google visited this site was on *2012-12-28*, and* the last time suspicious content was found* on this site was on *2012-12-25*." Which is when I got to work on fixing it.

At this point...FF is giving false positives as also seemed to have been noted.

Thanks


----------



## armophob

David Bott said:


> Chrome is your friend over IE. IMHO. You say it locked up FireFox and then your computer. To me that reads you have other issues as it seems FF is the issue as the site should not lock your computer. (Or even FF) IMHO.


It is definitely a FF issue. I will have to try Chrome. IE keeps logging me off DBS even after checking the remember me box.


----------



## phrelin

I'm too invested in using FF to deal with this. So I just unchecked the box:








I'll wait a week a recheck it. I can only remember getting blocked a very few times.


----------



## James Long

phrelin said:


> I'm too invested in using FF to deal with this. So I just unchecked the box:
> 
> 
> 
> 
> 
> 
> 
> 
> I'll wait a week a recheck it. I can only remember getting blocked a very few times.


Odd ... I have FF (17.0.1), I have that box checked and have not seen a problem.


----------



## armophob

James Long said:


> Odd ... I have FF (17.0.1), I have that box checked and have not seen a problem.


Could it be a setting somewhere else, or is it our providers servers interacting.
I am AT&T


----------



## Stewart Vernon

I still haven't seen any issues, running Firefox 18 beta... but since it is a beta, I can't be sure if my experience is common.


----------



## je4755

I have FF 17.0.1 (via Comcast) and get the warning repeatedly. As a result, I solely am using Chrome to view the site.


----------



## DodgerKing

I am still getting these warnings every day, even after clearing all cookies and history. 

Satelliteguys had the same issue but it has sense been resolved.


----------



## dorfd1

Stewart Vernon said:


> I still haven't seen any issues, running Firefox 18 beta... but since it is a beta, I can't be sure if my experience is common.


I use the nightly builds of firefox and have not had an issue with accessing dbstalk. I do not get warnings at all about dbstalk being a reported attack page.


----------



## makaiguy

dorfd1 said:


> I use the nightly builds of firefox and have not had an issue with accessing dbstalk. I do not get warnings at all about dbstalk being a reported attack page.


See Mozilla bug 820283. Firefox 17 apparently is not updating its internal cache of the reported site list properly when a site drops off the Google list. This is reported to be fixed in Firefox 18, due to be released in a week or so.

Meanwhile, users of Firefox 17 can force Firefox to check the current list at Google every time, instead of relying on cached data, as follows:

Enter _about:config_ in the Address/URL bar.
Press the big button to bypass the warning (if you haven't turned this off already).
Enter _*confirm*_ in the Filter bar to limit display to just options containing 'confirm'.
Double-click on _*urlclassifier.confirm-age*_ and change the value to 0.


----------



## Mark Holtz

According to https://wiki.mozilla.org/Releases , the next release is scheduled for the week of January 6th. This was pushed back one week because the six week release cycle ended up on New Years Day.


----------



## CopyCat

Stewart Vernon said:


> I still haven't seen any issues, running Firefox 18 beta... but since it is a beta, I can't be sure if my experience is common.


I am also running Firefox 18 beta and have not had a problem, let's hope they roll it out this week.


----------



## David Bott

makaiguy said:


> See Mozilla bug 820283. Firefox 17 apparently is not updating its internal cache of the reported site list properly when a site drops off the Google list. This is reported to be fixed in Firefox 18, due to be released in a week or so.
> 
> Meanwhile, users of Firefox 17 can force Firefox to check the current list at Google every time, instead of relying on cached data, as follows:
> 
> Enter _about:config_ in the Address/URL bar.
> Press the big button to bypass the warning (if you haven't turned this off already).
> Enter _*confirm*_ in the Filter bar to limit display to just options containing 'confirm'.
> Double-click on _*urlclassifier.confirm-age*_ and change the value to 0.


Great post. Thank you for coming up with this one.  I was starting to think their are more to it again. Glad their is not.

Side Nite...Still in bed. Turns out I have viral bronchitis. So my temp keeps going from normal to 103 and in between. This has not been fun.

Thanks for all the help guys.


----------



## armophob

makaiguy said:


> Enter _about:config_ in the Address/URL bar.
> Press the big button to bypass the warning (if you haven't turned this off already).
> Enter _*confirm*_ in the Filter bar to limit display to just options containing 'confirm'.
> Double-click on _*urlclassifier.confirm-age*_ and change the value to 0.


Done and done, thanks!


----------



## James Long

makaiguy said:


> See Mozilla bug 820283. Firefox 17 apparently is not updating its internal cache of the reported site list properly when a site drops off the Google list.


That makes sense. My "urlclassifier.confirm-age" is set at 2700 but I did not visit DBSTalk when the site was actually on the naughty list. So apparently it did not enter my cache.


----------



## Lord Vader

FWIW, this attack warning would pop up several times a day when I clicked on a link taking me to a subscribed thread. However, everything has been just fine the last couple days or so (crossing my fingers).

This is on FF, my default browser, BTW.


----------



## carlsbad_bolt_fan

Haven't seen it all week...until today. Running FF 17.0.1.


----------



## armophob

carlsbad_bolt_fan said:


> Haven't seen it all week...until today. Running FF 17.0.1.


Do the steps in makaiguy's post #210

Works like a charm


----------



## 3HaloODST

Still getting the warnings on Firefox 17.0.1 on all machines.

I'll try the cache fix.


----------



## Mark Holtz

Firefox 18 is now available for download, and you can force an update as well.


----------



## 3HaloODST

Thanks for the heads up. Think updating to FF 18 did the trick.


----------



## armophob

David Bott said:


> Hi...


I have a question.
If your drone is attacked by a swarm of bees, which direction do you fly it?
Towards or away from yourself?

http://cbs12.com/news/top-stories/s...-mall-demolition-report-4518.shtml?hpt=us_bn8


----------



## Laxguy

The proper procedure is to direct it over a body of water, go to 100 feet, then make like a pelican bombing for fish.....

NO, DAVE, DON'T!! Just kidding


----------



## Drucifer

I'm now getting an occasional popup ad for I believe is a poker site. Closed that and it's follow by a huge popup, similar to the one in the first post in this thread, but this one states FF is out of date and needs to be upgraded.

Only problem, my FF is current and McAfee warns me going forward is dangerous.


----------



## David Bott

Hi...

Sorry, but this is not is not running anything for popup or pop under. I would suspect you picked something up somewhere.


----------



## Drucifer

David Bott said:


> Hi...
> 
> Sorry, but this is not is not running anything for popup or pop under. I would suspect you picked something up somewhere.


It only appears when I first visit DBStalk Forum site.


----------



## armophob

Drucifer said:


> It only appears when I first visit DBStalk Forum site.


I am running FF18 now and have not had any DBStalk issues since.


----------



## David Bott

Sorry Drew....Really, not running such ads. (I personally do not think they are good for a community type site.) I really think that you may have something happening I am sorry to say.


----------



## armophob

David Bott said:


> Sorry Drew....Really, not running such ads. (I personally do not think they are good for a community type site.) I really think that you may have something happening I am sorry to say.


There is something to this.
I am now getting Norton warnings of blocking "Web attack: Mass injection 5" every time I open or refresh a DBS website window.


----------



## raott

Haven't had warnings in awhile but just got a warning using Chrome. Safari didn't give me the same warning.


----------



## armophob

Here is the report


----------



## jimmie57

armophob said:


> Here is the report


I am using Norton Internet Security running IE9 and I am gettin the same message every time I change screens on the Forum website and not getting it any where else.


----------



## raott

"raott" said:


> Haven't had warnings in awhile but just got a warning using Chrome. Safari didn't give me the same warning.


I should add, the warning I got was on barely week old iMac. I seriously doubt it has anything to do on my end.


----------



## trh

I just got the attached warning from Google Chrome. First time it has popped up for me.


----------



## onan38

Just got this warning on Firefox 18.0.1. have came to the site 3 times today and no problem until now.

Safe Browsing
Diagnostic page for www.dbstalk.com

What is the current listing status for www.dbstalk.com?

This site is not currently listed as suspicious.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 602 pages we tested on the site over the past 90 days, 46 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-01-29, and the last time suspicious content was found on this site was on 2012-12-25.

Malicious software includes 1 trojan(s), 1 exploit(s). Successful infection resulted in an average of 3 new process(es) on the target machine.

Malicious software is hosted on 5 domain(s), including consumesenhanced.pro/, penetraterarest.pro/, vuweather.org/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including journaldugeek.com/.

This site was hosted on 1 network(s) including AS30496 (COLO4).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, www.dbstalk.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

Next steps:

Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.


----------



## spartanstew

trh said:


> I just got the attached warning from Google Chrome. First time it has popped up for me.


Ditto.


----------



## Mariah2014

Trojan horse virus is activlly being sent out from one of the ad servers. When I bypassed the warning I was warned that my antivirus had to block something. I got the same message from it before the block messages started reappearing on this site too. It has been going on for a little while today.


----------



## armophob

And there it is. Back to the Attack site warning page.
Have to turn off the blocking in FF18 to get back in.


----------



## armophob

Drucifer said:


> It only appears when I first visit DBStalk Forum site.


My apologies, you were the first to see it. They are taking advantage of the lack of attention due to the football game for sure.


----------



## TBlazer07

It's baaaack!


----------



## Mariah2014

Here is a pick of what antivirus program had to say about it.


----------



## David Bott

Guys....So sorry about this.

I have turned off the OpenX bid system which seems to have the "issue". As you can see, Google reports that the site itself is fine, thus it is from OpenX. 

AUGH!!!!!

As mentioned, I have tuned off that as as an ad provider. (Again.)

But their is nothing I can do to CLEAR the message as Google says that their is no issue with the site. Thus I have no option to ask it to check the site again and clear it. 

"Malware
Google has not detected any malware on this site."


----------



## armophob

David Bott said:


> As mentioned, I have tuned off that as as an ad provider. (Again.)


Well that has stopped the Norton pop-up window.
Looks like Firefox18 is going to have the same troubles shaking it as 17 did.


----------



## David Bott

We are not alone. It seems other sites are reporting it.

At this time the only ads on the site are Google Adsense ads. This will surely hurt.

So I wish to take this time to personally thank Kurt of *BLUE JEANS CABLE* for their continued direct support. Please help us by support them if you need cables. (yeah, I know you have cables.)

Or click any Amazon ad before you go to Amazon to buy anything. Even if it is not what the ad has.  (Yeah, I am that shallow now. LOL)


----------



## David Bott

Well seeing I have removed the OpenX ads again at 11:22PM ET...lets see if it now just needs some time to clear out of some caches somewhere. I am not seeing any OPENX ads and only Adsense, Amazon, and the local house ads that I put in.

So...Now lets just see if it clears at some point. 

It just hurts to think that visitors to this site think we are the bad guys or something the way the message comes across. But I am glad you are being protected, you have to as you know.

If for some reason it does not, I will need to drop this ad server itself all together and find another way. OpenX seems to be having some real issues these days it seems.


----------



## armophob

If you have Firefox, don't bother trying to clear your local cookies and caches, it does not help.


----------



## Lord Vader

Back for me, too, after a several week absence.


----------



## Mark Holtz

Oh no not again


----------



## armophob

Yep, right on the heels of the NY Times hacking article.
One day someone very clever will shut down everything for a week.
I suspect that person will not be American.


----------



## acostapimps

I'm getting a warning message that this site may harm my computer from Google and a link to stopbadware.org, but only accessing it from google to main DBSTalk site, I'm using safari browser on Ipad, but using bookmarks to the general forum area is fine. hope it gets fix soon.


----------



## MysteryMan

I signed on using Internet Explorer. The Google warning is still in effect.


----------



## David Bott

Just came back on-line...Cleared browser caches, and at this time I do not see the browser report. I am in Up State NY. 

Not showing for me in Chrome, FF, or Safari.

Looking at my Google Webmaster tools, it also does not report that the site has any issues that it has detected. So it seems to again be a waiting game for some.


----------



## dpeters11

David Bott said:


> We are not alone. It seems other sites are reporting it.
> 
> At this time the only ads on the site are Google Adsense ads. This will surely hurt.
> 
> So I wish to take this time to personally thank Kurt of *BLUE JEANS CABLE* for their continued direct support. Please help us by support them if you need cables. (yeah, I know you have cables.)
> 
> Or click any Amazon ad before you go to Amazon to buy anything. Even if it is not what the ad has.  (Yeah, I am that shallow now. LOL)


Maybe we need a big club membership drive as well


----------



## boukengreen

i got hit with it once last night but wasn't hit this morning when i logged in using FF 18


----------



## armophob

All clear here


----------



## acostapimps

Works here also in Illinois, thanks to the DBSTalk Team.


----------



## dorfd1

I have never received an attack warning message. I use the 64 bit firefox nightly builds.


----------



## David Bott

BTW...

It was a widespread error:

http://www.zdnet.com/netseer-suffers-hack-triggers-google-malware-warnings-7000010776/

http://www.insidebayarea.com/breaki...ing-citing-netseer-blocks-google-chrome-users


----------



## Drucifer

I did some googling on TitanPoker and it's a malware popup. 

I only get it when I come here. So far I have run Spybot, Ad-Aware & MS Malicious Software Removal Tool (Quick Scan) It's in the beginning of doing the long scan. 

I also looked at a few sites that promise to rid my computer of it, but they all appear to be suspicious to me - I don't want to go from the pan to the fire.

Any suggestion?


----------



## armophob

Drucifer said:


> I did some googling on TitanPoker and it's a malware popup.
> 
> I only get it when I come here. So far I have run Spybot, Ad-Aware & MS Malicious Software Removal Tool (Quick Scan) It's in the beginning of doing the long scan.
> 
> I also looked at a few sites that promise to rid my computer of it, but they all appear to be suspicious to me - I don't want to go from the pan to the fire.
> 
> Any suggestion?


Besides my Symantec, I go with Spybot and Ad-Aware every time. I run them over and over sometimes just in case. They have found things in the past on the second or third try.

If you are using Firefox, I would suggest exporting your bookmarks and do a full uninstall and then reinstall it after deleting your profiles in c:/documents and settings/.../Modzilla


----------



## TBlazer07

Still getting it here.


----------



## David Bott

TBlazer07 said:


> Still getting it here.


Try clearing cache maybe? I have had no other reports and still not currently running OpenX ads. Going to give it a few more days off.


----------



## Stewart Vernon

Still never saw the issue here... but did see it last night (and today) on tvshowsondvd.com so I guess they caught the same "bug" from Google.


----------



## David Bott

Hi All...

As of 1:00PM ET on Friday 2/8 I turned back on the OpenX ads...please let me know if you see any issues.

Thank you.


----------



## TBlazer07

David Bott said:


> Hi All...
> 
> As of 1:00PM ET on Friday 2/8 I turned back on the OpenX ads...please let me know if you see any issues.
> 
> Thank you.


Just logged in and got the ATTACK SITE message. Didn't get it earlier this morning.


----------



## David Bott

Thanks...I have not seen any other reports, nor does Google tell me that their is an issue detected with the site. So at this time I will keep them running.

I am guessing you pulled maybe a cached page or something. 

But keeping an eye on it.


----------



## Drucifer

TBlazer07 said:


> Just logged in and got the ATTACK SITE message. Didn't get it earlier this morning.


Yeah, it is weird. You would figure it would pop up on your first visit to the site, but it acts randomly.


----------



## TBlazer07

David Bott said:


> Thanks...I have not seen any other reports, nor does Google tell me that their is an issue detected with the site. So at this time I will keep them running.
> 
> I am guessing you pulled maybe a cached page or something.
> 
> But keeping an eye on it.


Just got it again 2 minutes ago. Firefox 17.x


----------



## KyL416

TBlazer07 said:


> Just got it again 2 minutes ago. Firefox 17.x


Firefox 17 is the one with the bug that never removes sites from the blacklist, upgrade to Firefox 18 or do the workaround here:
http://www.dbstalk.com/showpost.php?p=3154239&postcount=210


----------



## TBlazer07

KyL416 said:


> Firefox 17 is the one with the bug that never removes sites from the blacklist, upgrade to Firefox 18 or do the workaround here:
> http://www.dbstalk.com/showpost.php?p=3154239&postcount=210


Thanks ... just upgraded to 18.x, hopefully that will fix it.


----------



## dpeters11

It does seem other sites are having problems, or were yesterday.
http://www.theverge.com/2013/2/9/3971766/major-websites-hit-with-malware-warning


----------



## David Bott

Yes, I had to again turn off OpenX here as again it was allowing the detection to take place. Augh.


----------



## RACJ2

Not sure why this just started today for me and others had this warning for months. I tried clearing all my browser history, but the site advisor is still showing red. Its not hurting anything, just wondering why it happened today and I can't get it to go away?


----------



## Drucifer

RACJ2 said:


> Not sure why this just started today for me and others had this warning for months. I tried clearing all my browser history, but the site advisor is still showing red. Its not hurting anything, just wondering why it happened today and I can't get it to go away?


Have that too.


----------



## fleckrj

My company's firewall started blocking the site today for being malicious.


----------



## Drucifer

RACJ2 said:


> Not sure why this just started today for me and others had this warning for months. I tried clearing all my browser history, but the site advisor is still showing red. Its not hurting anything, just wondering why it happened today and I can't get it to go away?





Drucifer said:


> Have that too.


Today the McAfee is Gray. Should be Green. At least it is not Red


----------



## dettxw

fleckrj said:


> My company's firewall started blocking the site today for being malicious.


My large (>170K employees) employer is also blocking DBSTalk now as McAfee flags it as malicious.

Since the mobile stays in the vehicle during the work day I no longer have access to DBSTalk during a typical day.

There are a number of us on here who are affected

I also have to use my tablet at home until I do something about McAfee (Company-provided) on my laptop.


----------



## fleckrj

dettxw said:


> My large (>170K employees) employer is also blocking DBSTalk now as McAfee flags it as malicious.
> 
> Since the mobile stays in the vehicle during the work day I no longer have access to DBSTalk during a typical day.
> 
> There are a number of us on here who are affected
> 
> I also have to use my tablet at home until I do something about McAfee (Company-provided) on my laptop.


It is fixed today.


----------



## dettxw

fleckrj said:


> It is fixed today.


Yep, it's back. 
Wonder what's different?


----------



## makaiguy

Unless you are seeing a notice from your own software on your computer saying it has intercepted and blocked malware that was being downloaded to your computer at that very instant, most such blocking notices are based on a list of sites with known (or maybe just reported) malware downloading histories.

Just as a site cannot be placed on such a list before malware from the site gets detected/reported, sites don't drop off such lists instantly, either.


----------

