WhiteCoat

Web Site Blocking

Some time yesterday morning, EP Monthly was labeled by Google as a site that could be spreading malicious software to its visitors. Those who visit this site may get a message something like that contained below. From what I can tell, it seems to happen more often with Mozilla Firefox than it does with Internet Explorer. I haven’t been able to recreate the problem with Opera’s browser, either.

Thanks to everyone for e-mailing me about the problems.

All I can say is that our programmer is on the case looking to resolve the issue as quickly as possible. As you can tell from this link, sometimes hidden code can be difficult to detect.

To be safe, please make sure that all of your antivirus programs are up to date. If you don’t have an antivirus product installed on your computer and you use Microsoft Windows, Comodo and AVG both make excellent FREE antivirus suites. In addition, Microsoft put out a slew of security releases yesterday. Please use Windows Update in your start menu to protect yourself.
Trouble with your browser? Try a different one such as Firefox, Opera, Maxathon, or SeaMonkey.

We’ll get things back to normal as soon as possible.

Oh, and if you people at Caremark, JCAHO or Press Ganey are behind this, you’re going to have to do a little better than this to shut me down.

13 Responses to “Web Site Blocking”

  1. Marc says:

    Here’s what Google’s warning page says:

    Safe Browsing Diagnostic page for epmonthly.com

    What is the current listing status for epmonthly.com?
    Site is listed as suspicious – visiting this web site may harm your computer.

    Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

    What happened when Google visited this site?
    Of the 19 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-10-12, and the last time suspicious content was found on this site was on 2010-10-11.
    Malicious software includes 2 exploit(s). Successful infection resulted in an average of 1 new process(es) on the target machine.

    Malicious software is hosted on 1 domain(s), including ploztex.com/.

    This site was hosted on 1 network(s) including AS46373 (CONCENTUSNET).

    Has this site acted as an intermediary resulting in further distribution of malware?
    Over the past 90 days, epmonthly.com did not appear to function as an intermediary for the infection of any sites.

    Has this site hosted malware?
    No, this site has not hosted malicious software over the past 90 days.

    How did this happen?
    In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

    Next steps:
    Return to the previous page.
    If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google’s Webmaster Help Center.

  2. The various black-listings of legitimate pages often result from advertisements. Sometimes sites sign up for a “class” of advertisements, and a provider may deliver malware in those advertisements.

  3. ER Doc says:

    It is picked up by google chrome as well

  4. k says:

    No problems on a BlackBerry with JavaScript disabled.

  5. NPOdyssey says:

    I just got a pop-up asking if I wanted to allow changes to my computer.

  6. Mama On A Budget says:

    Yesterday and today, when I’ve come here, my computer has tried to open a .pdf file. When I refuse, I get a pop-up that says:

    Java Virtual Machine Launcher
    Unable to access jarfile \\buinhart.com\smb\sport.avi

    Don’t know if that helps, but there you go. I’m Windows 7 Ultimate running Firefox 3.6.10

    • Mama On A Budget says:

      I tried again today without issue.

      • Mama On A Budget says:

        Looks like it back again, though. Just tried now, and I got a pdf trying to open as well as Java. I stopped it and got:

        Unable to access jarfile \\wliontreh.com\smb\sex.avi

  7. BinkRN says:

    My Norton’s blocked it, said it is a virus.

    I tried to do a screen shot to send to you, but I did it wrong and then closed the page.

    Hopefully you get it fixed without too much trouble.

  8. BinkRN says:

    Oh, P.S.- I do use Chrome, and once in awhile IE.

  9. ThomasS says:

    Sometimes a virus writer manages to sneak his malware installer into an otherwise upstanding and normal advertising feed. Sometimes they actually hack your server and modify it to distribute their attack code. Either way you need to make sure that the problem is fixed, and then go about asking google to take another look.

    A few of the other sites I read got hit by the ad feed problem recently, but got it fixed in a day or two. Wish I could give you more information on what exactly they had to do. Mostly yell at the advertising provider and then google I would expect.

  10. CardioNP says:

    I can access fine today at work via IE. At home the past couple days on Safari I got the malware warning.

  11. Anonymous says:

    This happens quite a bit to some of the reputable websites I visit. They have so many ad providers that one of them gets blocked for either hosting malware or linking to sites that contain malware. Some sites end up having to completely switch ad providers just to get off google’s blacklist.

    I rarely ever get these warnings though since my firewall (and PeerBlock) filters out ad/malware hosts before Firefox processes them, thus not triggering the warning. I never click ads anyways so not like any sites are losing revenue from me.

Leave a Reply


one + = 10

Popular Authors

  • Greg Henry
  • Rick Bukata
  • Mark Plaster
  • Kevin Klauer
  • Jesse Pines
  • David Newman
  • Rich Levitan
  • Ghazala Sharieff
  • Nicholas Genes
  • Jeannette Wolfe
  • William Sullivan
  • Michael Silverman

Subscribe to EPM