Getting Google Malware Warning on Forums?

1. 73

   Cagsilposted 11 years ago

   Hey Staff,
   
   I just cleared my cache and ran my CCleaner to make sure my computer is fine and my virus protection(including spyware and other things) hasn't found anything on my system.
   
   However, I'm getting a warning from Google about entering one forum thread and it's only one forum thread.
   
   The thread below is the one doing it.
   http://hubpages.com/forum/topic/99881?p … ost2151989
   
   I've included a picture of the Warning as well.
   
   
   
   The warning says that planetsmilies.net are being flagged as malware on that thread. It also says that Google has reported to Planetsmilies.net about the problem.
   
   Actual message by Google:
   
   Warning Something's Not Right Here!
   
   Hubpages.com contains content from planetsmilies.net, a site known to distribute malware.
   Your computer might catch a virus if you visit this site.
   
   Google has found malicious software may be installed onto your computer if you proceed. If you visited this site in the past or you trust this site, it's possible that it has just recently been compromised by a hacker.
   
   You should not proceed, and perhaps try again tomorrow or go somewhere else. We have already notified planetsmilies.net that we found malware on the site.
   
   Now, this could be affecting individual people or it could be effecting traffic, or both.

   replyreport
   1. 68

      Terri Meredithposted 11 years agoin reply to this

      I'm getting the same thing.  I was at the site but a second ago and got the same thing.  Then I saw your posting and here I am.  Very strange!

      replyreport
   2. 75

      Quilligrapherposted 11 years agoin reply to this

      Thank you for the heads-up email, Cags.  I am looking into to it.

      replyreport
      1. 73

         Cagsilposted 11 years agoin reply to this

         You're welcome. It triggered my browser every time I open a forum thread where that smiley is.

         replyreport
   3. 77

      Anti-Valentineposted 11 years agoin reply to this

      First, what is the full title of that thread? Where is that warning coming from? Is it issued by HubPages, or Google, or what? It doesn't look like Google's one.

      replyreport
2. 73

   Cagsilposted 11 years ago

   Another thread has now informed me of the same thing.
   
   http://hubpages.com/forum/topic/100529

   replyreport
3. 95

   SmartAndFunposted 11 years ago

   Just one more way those crazy political forums are infecting HP! Are you getting any malware warnings on religious threads? If not, that is surely next!

   replyreport
   1. 73

      Cagsilposted 11 years agoin reply to this

      So far, no I am not.
      
      I have a feeling I have been able to identify the Smiley which is causing the problem, but it's never been a problem, up till now.

      replyreport
4. 73

   Cagsilposted 11 years ago

   And yes, this smiley is causing the warning to appear. I just verified it.

   replyreport
5. 73

   Cagsilposted 11 years ago

   http://hubpages.com/forum/topic/100668
   
   This thread is yet another which is getting the warning. I traveled to the hubber's profile who uses this smiley at the end of his posts and it is what is triggering the warning.

   replyreport
6. 73

   Cagsilposted 11 years ago

   http://hubpages.com/forum/topic/95750?page=2
   
   Again it is verified by accessing yet another forum thread where that Hubber leaves his mark(smiley).
   
   
   Edit: The hubber who is using it is http://quilligrapher.hubpages.com/
   
   For some odd reason Google is detecting it as Malware.

   replyreport
7. 88

   IzzyMposted 11 years ago

   Didn't see this Cags, or I wouldn't have started a new thread, but in following the link to here, and to the other thread you referenced here, I am getting repeat warnings.

   replyreport
   1. 73

      Cagsilposted 11 years agoin reply to this

      Izzy, your receiving those warnings because I have posted the smiley that is considered malware in this thread. So, when you enter this thread, you should get the warning.

      replyreport
      1. 77

         Anti-Valentineposted 11 years agoin reply to this

         I didn't get the warning. Maybe everything's sorted out now.

         replyreport
         1. 88

            IzzyMposted 11 years agoin reply to this

            No its not, I just re-visited this thread, and the warning appeared again.

            replyreport
            1. 77

               Anti-Valentineposted 11 years agoin reply to this

               Funny, I don't get it. Which browser do you use? Might have some relevance. Anti-virus software?

               replyreport
               1. 73

                  Cagsilposted 11 years agoin reply to this

                  I'm presently using Google Chrome. It might not be triggered if you're using another browser.
                  
                  But, that doesn't solve the problem for those who are using Google Chrome.

                  replyreport
8. 82

   snakeslaneposted 11 years ago

   I didn't get the warning either. IE

   replyreport
9. 88

   IzzyMposted 11 years ago

   I use Chrome too.

   replyreport
10. 77

    Anti-Valentineposted 11 years ago

    I use Firefox - the latest one (14.01).
    
    That's not to say that there hasn't been some sort of compromise. I checked the Google diagnostics page for planetsmilies . net and it says that malicious content was found recently. Likely hacked, if you read the part about "how did this happen?"
    
    It happens with sites that have widgets too. It's a good thing that HP doesn't allow the addition of third party widgets and so on to hubs.

    replyreport
11. 73

    Cagsilposted 11 years ago

    Well, that concludes that Internet Explorer and FireFox are not getting it.
    
    So, the problem is with Google Chrome, which is what I figured it was, considering the Warning itself is coming from Google.

    replyreport
    1. 71

       Matthew Meyerposted 11 years agoin reply to this

       Are you still getting the same warning in Chrome?
       I looked at the Hub and can't find the domain mentioned:
       
       Am I missing it?
       Can someone point me to the problematic post in the thread?

       replyreport
       1. 73

          Cagsilposted 11 years agoin reply to this

          Hey Matthew,
          
          Please use Google Chrome and then bring up this thread. I have posted the smiley which I found is causing the problem with Google Chrome.
          
          As I have just learned it is not happening with Internet Explorer or FireFox.
          
          And it's not a hub. It's here in the forums.

          replyreport
          1. 73

             Cagsilposted 11 years agoin reply to this

             And Yes, I am still getting it every time I bring up this thread. I posted the smiley and which hubber uses it.

             replyreport
          2. 71

             Matthew Meyerposted 11 years agoin reply to this

             I see the Forum thread to which you are referring, but I don't see the URL that Chrome is identifying as malware in the thread (planetsmilies dot net)
             
             I don't get a malware warning on the Forum in either Firefox nor Chrome.
             
             If I go to the URL directly I do get a message:
             http://safebrowsing.clients.google.com/ … ilies.net/

             replyreport
             1. 73

                Cagsilposted 11 years agoin reply to this

                Deleted
                1. 71

                   Matthew Meyerposted 11 years agoin reply to this

                   Thanks! Got it!
                   I removed the smiley from the affected Forum thread.
                   
                   The issue is with Google classifying the entire domain as malware.
                   I don't think you want to turn off malware detection in your browser.

                   replyreport
          3. 76

             jacharlessposted 11 years agoin reply to this

             Sounds like a hack.
             Normally, a packet/code is dropped to scrape/hijack user browser data and/or iframe ads that do the same, which, in my experience, is a diversion tactic, because the hack is trying to access vulnerable front end or server files. I mentioned yesterday seeing strange activity from yieldbuild, when running a site speed scan, then wham! site went offline. There is a possibility something got in through the back door. But, am not positive of that. Tis a pain to clean out too -going one potato two potato, to find the codes. Wordpress is infamous for this type of thing !!!
             
             James.

             replyreport
             1. 73

                Cagsilposted 11 years agoin reply to this

                Good to know James, but not actually helpful to me.

                replyreport
                1. 76

                   jacharlessposted 11 years agoin reply to this

                   It is helpful. go Mac and avoid the hack!   hehe.
                   You can try to use your Private Browsing option, to block the cookie.
                   HP will have to run their cleaner to see if there is an infection, sever side.
                   It won't necessarily hurt your computer but will collect data you probably do not want collected.

                   replyreport
                   1. 73

                      Cagsilposted 11 years agoin reply to this

                      I wouldn't buy a mac even if someone gave me the money to go buy it.
                      Understood.
                      Oh, okay.
                      I'm not sure what information it could possibly take. There's absolutely no real information on my computer, aside from my browser holding my passwords.

                      replyreport
                      1. 76

                         jacharlessposted 11 years agoin reply to this

                         Depends on the objective. That smiley face company might be attempting to extract user trending --meaning sites you visit within a specific time frame, or attempt to extract feed links and favorites. Some will even try to force hidden downloads or demand cookie/certificate acceptence, in order to drop these packages onto your machine. In turn, they sell this information to marketing companies around the world, for top dollar. That is the gist of spyware.
                         
                         Malware, on the other hand, tends to do more damage, as it can have hidden commands to override codes, extract or inject data into the system. A hack will often divert attention, like that smiley face icon or an iframe ad, that appears and disappears. While annoying the bjingas out of the people, they are dropping malicious code into the end of files who's permissions are not set high/vulnerable to read-write rules.

                         replyreport
                         1. 73

                            Cagsilposted 11 years agoin reply to this

                            Good to know.

                            replyreport
12. 73

    Cagsilposted 11 years ago

    Is it a setting on Chrome that needs to be changed?
    
    Or does this smiley need to be stopped from being used?

    replyreport
13. 73

    Cagsilposted 11 years ago

    But Matthew.
    
    This smiley is used by a Hubber and he leaves it as a signature for his posts. It's ALL over the forums.
    
    Aside from that, I posted it on the first page and I no longer have the power to delete the post, so it's something you are going to have to do from your end.

    replyreport