MSE security warning

uuname

New Member
I get a security warning from MSE every time I visit the main page. The forums are fine, but news items also generate an alert.

The file name causing the problem is js[1].htm
 

webmaster

Troll Hunter
Staff member
Thanks for reporting. There is no js[1].htm loading on the main page. Screenshot? Can you see any other info with the alert?
 

uuname

New Member
  • Thread Starter Thread Starter
  • #3
Thanks for reporting. There is no js[1].htm loading on the main page. Screenshot? Can you see any other info with the alert?
Sadly not. MSE doesn't provide much to go on, other than mentioning something was detected. The threat is listed as VirTool:JS/Obfuscator.DC in the history section.

Encyclopedia entry: VirTool:JS/Obfuscator.DC - Learn more about malware - Microsoft Malware Protection Center

It even deletes the file from temporary internet files before I can get a look at it...
 

Bonza

Super Moderator
Staff member
Thanks for reporting. There is no js[1].htm loading on the main page. Screenshot? Can you see any other info with the alert?
Hey Webs, I'm getting a "Malware detected" warning message from Chrome when I hit DT pages now too. Doesn't give me any detail other than the generic Chrome landing page that says malware's been detected and advises the user to proceed at their own risk. Just FYI as I assume it's related to this.
 

OPSSG

Super Moderator
Staff member
Hey Webs, I'm getting a "Malware detected" warning message from Chrome when I hit DT pages now too. Doesn't give me any detail other than the generic Chrome landing page that says malware's been detected and advises the user to proceed at their own risk. Just FYI as I assume it's related to this.
Same problem here in Singapore (I'm also using Chrome). I am going to have to stop visiting our site until this issue is fixed.
 

OPSSG

Super Moderator
Staff member
Could you visit the homepage again and see if the alert comes up?
Yes, alert remains. See message below:-

Safe Browsing
Diagnostic page for defencetalk.com

What is the current listing status for defencetalk.com?
Site is listed as suspicious - visiting this web site may harm your computer.

What happened when Google visited this site?
Of the 23 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2012-06-04, and suspicious content was never found on this site within the past 90 days. This site was hosted on 2 network(s) including AS36351 (SOFTLAYER), AS25973 (GTT).

Has this site acted as an intermediary resulting in further distribution of malware?
Over the past 90 days, defencetalk.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?
No, this site has not hosted malicious software over the past 90 days.

How did this happen?
In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:
Return to the previous page.
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
 

webmaster

Troll Hunter
Staff member
I am not getting the alert... can someone confirm? Remember to CLEAR your browser cache so the server doesn't pull files from the CDN (content delivery network).
 

uuname

New Member
  • Thread Starter Thread Starter
  • #10
Still getting the warning from MSE, and I checked and can confirm that it's blocked by firefox as well.
 

webmaster

Troll Hunter
Staff member
Did you clear the cache?

Could you please clear cache again and check? Just cleaned up some more CDN URLs.
 

webmaster

Troll Hunter
Staff member
OK thanks. May want to try again later as I removed one more URL in question. Google/alert system will take few hours to clear our as I've submitted a review after clean up.
 

Bonza

Super Moderator
Staff member
OK thanks. May want to try again later as I removed one more URL in question. Google/alert system will take few hours to clear our as I've submitted a review after clean up.
Cleared cache and restarted browser, still getting a malware alert on the homepage. I'll try again in a few hours and get back to you. Cheers mate :)
 

RubiconNZ

The Wanderer
I've just checked in experiencing back after experiencing the same Chrome issues as Bonza and Mr C before but the site is now working as normal for me this time round and is no longer displaying the warning message.

Cheers
 

webmaster

Troll Hunter
Staff member
It seems to be cleared up on my end as well and now just waiting for Google to purge it out of its system (it has purged from some of its servers).
 
Top