I see that some browsers have marked our forum as having malware? I'm not sure why, but our server techs are taking a look.

Tom

i think it's because of the plethora of banner ads for spa covers, cougar life, and korean or russian mail order brides that blanket the site. i'm not the only one who gets those, right?

Yes, you are.

It sounds like several VB forums have been hacked. Although I don't see any immediate signs that our forum was hacked, I may be missing something so we're being cautious and checking it out.

This is what I see on Firefox. It seems like it's clean, but still getting the warning. Scan is still running on our servers.


What is the current listing status for tsptalk.com/mb?
Site is listed as suspicious - visiting this web site may harm your computer.

What happened when Google visited this site?
Of the 22 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2013-08-28, and suspicious content was never found on this site within the past 90 days.This site was hosted on 1 network(s) including AS27257 (WEBAIR-INTERNET).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, tsptalk.com/mb did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

i think it's because of the plethora of banner ads for spa covers, cougar life, and korean or russian mail order brides that blanket the site. i'm not the only one who gets those, right?

FYI I get those ads also. Latin American Cupid, Asian Brides.........

Pg. isn't fully loadIng

My messages on firefox say that it is because of OTHER DOMAINS on the same server that are infected.

I saw the list of the infected domain names, but I moved on and did not screen capture it- sorry.

Pg. isn't fully loadIng

I'm having the same problem.

Whoa, same for me what happened?

this all started when valkyrie posted that anti-money-magic manifesto about treasury using tsp assets to offset debt ceiling chicanery and ben bernanke's massive float.

i think greg long and the tsp board are onto us. showing who's boss is all. this too shall pass. the uber rich get bored easily. just nsa flexing its muscles, nothing to see here folks.

Lookin' a little better, we are on the mend.:D

this all started when valkyrie posted that anti-money-magic manifesto about treasury using tsp assets to offset debt ceiling chicanery and ben bernanke's massive float.

i think greg long and the tsp board are onto us. showing who's boss is all. this too shall pass. the uber rich get bored easily. just nsa flexing its muscles, nothing to see here folks.

These are not the droids we are looking for. Move along.

I saw what James saw. It may be some suspicious websites that are also using my hosting company.

I deleted one suspicious file on our site but I have the my server techs looking into the areas outside of TSP Talk which may be having problems.

I have heard several other forums were hacked recently and really had issues. So far I don't see anything like they have (like creating addition administrative account and taking control of their site, etc.)

Anyway, we're working on it. Thanks for your patience.

Tom

I can get to the Message Board using IE but am blocked with FireFox which is monitored by McAfee. Here is what I see.
25229

OK, apparently, TSPTALK is hosted on the same network as some really seedy sites......

Yeah, it's a big operation and they've always been great to work with, but they're out of NY so... :)

The hosting company found 1 suspicious file that had nothing to do with the forum, but maybe it was hiding there? Not sure. Anyway, they claim there are no issues on our forum or on the server at all now. I am having Google run another review of the site. Could take a couple hours, or longer. Not sure.

I disabled McAfee in FireFox but am still blocked now using IE?

Is there a message that says something like, click here to advance at your own risk?

Yes, It is a warning. Under IE, Firefox, cand Chrome it allows you to continue to the site.

I uninstalled Firefox and installed WaterFox 64 bit, no blocking notice now.

I uninstalled Firefox and installed WaterFox 64 bit, no blocking notice now.
OPPS!!! WaterFox got me in one time now I'm getting the same notice that will not let me into the message board? I'm gonna wait and let the big boys fix it.

At some point this afternoon, I will update the software to the next upgrade version. I have avoided this because I tried it once before and it blogs.

On with WaterFox, disabled security settings to Block Attacked Sites.:eek:

I saw what James saw. It may be some suspicious websites that are also using my hosting company.

...

Hey- there were some pretty "seedy" sounding domain names....but I figured --maybe --Tom you had started some new topless premium services that undressed our TSP accounts that I wasn't yet aware of. :-)

I did a lot of cleaning up and turned the forum on again.

I am turning off the plugins for now. These are programs that have been added to the original software (including the list of latest posts, etc.). I want to see if anything happens. Assuming all goes well, I'll get everything back to normal by Monday morning.

Thank Tom for doing what you do.:D

It's not the way I planned on spending my Friday. :)

Google's webmaster tools shows the code that is "suspicious". It turns out to be a very benign button that takes you to the top of a page when clicked on. Strange.

The folks who wrote the forum software had this response:



It is no more malicious than brushing your teeth in the morning.

Just waiting on Google to review it again. Hours? Days? Weeks? More? Who knows?

Wow, what a PAIN in the 25234:cool:

I cannot log in to the premium page using iPad and safari.

PO

thanks tom for putting the top 20 stats utility back to active, and for the live buttons on the header below the main logo.

man, that must have been a scary exercise for the must-control-all-potential-vulnerabilities-that's-it-ethel-unpug-the-compter-thingy-from-the-wall types. all skeered they caught a disease and maybe were pregnant but never got screwed. that don't make no sense.

I cannot log in to the premium page using iPad and safari.

PO

suhweeet dude! did you finally make the switch to an all glass no buttons pinch zoom portable network computing device? now if we could just get you to ditch the apple techno-hippie icult addiction, that outfit is like digital crack for some.

Same result using ie8. No login screen.

PO

Same result using ie8. No login screen.

PO
Is there an option to clear the cache? Otherwise, I may have to reset your PW. I don't think it;s related to this "malware" since it's outside the forum.

Email or PM me if you need help, if you would. Thanks

It's not the way I planned on spending my Friday. :)

Google's webmaster tools shows the code that is "suspicious". It turns out to be a very benign button that takes you to the top of a page when clicked on. Strange.

The folks who wrote the forum software had this response:



Just waiting on Google to review it again. Hours? Days? Weeks? More? Who knows?

Thanks for posting the all-clear notice on the home page, Tom. been checking all day, kept coming up with danger danger Will Robinson all day til now, still now, but I opted to ignore after seeing your all-clear. I figured it was something like that, but better safe than sorry.

That's my analysis anyway, unless Google has it wrong?

Not sure what's going on. Just watched the movie, "Now You See It", so I don't know what's real or what to believe. :)

Same result using ie8. No login screen.

PO
Found it. My problem, not yours. All set now. Thanks!!

That's my analysis anyway, unless Google has it wrong?

Not sure what's going on. Just watched the movie, "Now You See It", so I don't know what's real or what to believe. :)
Looks like Google reviewed again and took the warning down. As I suspected... No malware. Yea!

Found it. My problem, not yours. All set now. Thanks!!

Thank You

Good to see the site back up and running. Thanks for all your hard work, Tom. :)

Looks like Google reviewed again and took the warning down. As I suspected... No malware. Yea!

It's official...


http://www.tsptalk.com/images/mb/091713a.gif


Who knows how many folks will never come back because of this false alarm? :notrust:

We regulars will, like local bar clientele. 252392523825240

Good to see the site back up and running. Thanks for all your hard work, Tom. :)
Ditto for out here.....