Results 1 to 15 of 15

Thread: A warning from Google!

  1. #1
    BoaterDave
    Guest

    A warning from Google!

    Hi :)

    I went to this URL
    http://www.linkedin.com/ppl/webprofi...nk=vw_pprofile
    where there is the LinkedIn profile for Gregory Gooden. (The owner of
    Annex.com)

    Under 'Websites' I selected 'My Blog' and went to this URL
    http://www.luftmensch.com/ I then clicked on RanZ(Blog) ..........

    And received this:- "Warning: Visiting this site may harm your
    computer" (White font on a bright red banner). That was followed
    by .........

    "The website you are visiting appears to contain malware. Malware is
    malicious software that may harm your computer or otherwise operate
    without your consent. Your computer can be infected just by browsing
    to a site with malware, without any further action on your part.

    For detailed information about problems found on this site, visit
    Google Safe Browsing diagnostic page for 74.222.134.170"

    The IP number was a link which, when followed, provided this
    information:-

    "What is the current listing status for 74.222.134.0?
    This site is not currently listed as suspicious.

    Part of this site was listed for suspicious activity 1 time(s) over
    the past 90 days.

    What happened when Google visited this site?
    Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    resulted in malicious software being downloaded and installed without
    user consent. The last time Google visited this site was on
    2009-05-14, and the last time suspicious content was found on this
    site was on 2009-05-14.
    Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    exploit(s).

    This site was hosted on 1 network(s) including AS35908 (VPLSNET).

    Has this site acted as an intermediary resulting in further
    distribution of malware?
    Over the past 90 days, 74.222.134.0 did not appear to function as an
    intermediary for the infection of any sites.

    Has this site hosted malware?
    Yes, this site has hosted malicious software over the past 90 days. It
    infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    dollarandsense.net/.

    Next steps:
    Return to the previous page.
    If you are the owner of this web site, you can request a review of
    your site using Google Webmaster Tools. More information about the
    review process is available in Google's Webmaster Help Center.

    **************************

    There was a "Go Back" and an "Ignore warning" button. Selecting the
    latter, I ended up here http://www.luftmensch.com/wordpress/

    It seems a great site to own - you might even notice that there is a
    comment which I left there last July with regard to "A day at the
    zoo"!

    *** Googling 74.222.134.170 gives some interesting results! ***

    From what I can gather with my limited knowledge, 74.222.134.170 is
    located in California (http://www.geoiptool.com/en/?IP=74.222.134.170)

    I'm left wondering who might have wished to infect Mr Gooden's Blog
    pages ...... and if the same folk may have 'got at' the Annexcafe
    newsgroups too!

    --
    Dave

  2. #2
    ~BD~
    Guest

    Re: A warning from Google!

    BoaterDave wrote:
    > Hi :)
    >
    > I went to this URL
    > http://www.linkedin.com/ppl/webprofi...nk=vw_pprofile
    > where there is the LinkedIn profile for Gregory Gooden. (The owner of
    > Annex.com)
    >
    > Under 'Websites' I selected 'My Blog' and went to this URL
    > http://www.luftmensch.com/ I then clicked on RanZ(Blog) ..........
    >
    > And received this:- "Warning: Visiting this site may harm your
    > computer" (White font on a bright red banner). That was followed
    > by .........
    >
    > "The website you are visiting appears to contain malware. Malware is
    > malicious software that may harm your computer or otherwise operate
    > without your consent. Your computer can be infected just by browsing
    > to a site with malware, without any further action on your part.
    >
    > For detailed information about problems found on this site, visit
    > Google Safe Browsing diagnostic page for 74.222.134.170"
    >
    > The IP number was a link which, when followed, provided this
    > information:-
    >
    > "What is the current listing status for 74.222.134.0?
    > This site is not currently listed as suspicious.
    >
    > Part of this site was listed for suspicious activity 1 time(s) over
    > the past 90 days.
    >
    > What happened when Google visited this site?
    > Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    > resulted in malicious software being downloaded and installed without
    > user consent. The last time Google visited this site was on
    > 2009-05-14, and the last time suspicious content was found on this
    > site was on 2009-05-14.
    > Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    > exploit(s).
    >
    > This site was hosted on 1 network(s) including AS35908 (VPLSNET).
    >
    > Has this site acted as an intermediary resulting in further
    > distribution of malware?
    > Over the past 90 days, 74.222.134.0 did not appear to function as an
    > intermediary for the infection of any sites.
    >
    > Has this site hosted malware?
    > Yes, this site has hosted malicious software over the past 90 days. It
    > infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    > dollarandsense.net/.
    >
    > Next steps:
    > Return to the previous page.
    > If you are the owner of this web site, you can request a review of
    > your site using Google Webmaster Tools. More information about the
    > review process is available in Google's Webmaster Help Center.
    >
    > **************************
    >
    > There was a "Go Back" and an "Ignore warning" button. Selecting the
    > latter, I ended up here http://www.luftmensch.com/wordpress/
    >
    > It seems a great site to own - you might even notice that there is a
    > comment which I left there last July with regard to "A day at the
    > zoo"!
    >
    > *** Googling 74.222.134.170 gives some interesting results! ***
    >
    > From what I can gather with my limited knowledge, 74.222.134.170 is
    > located in California (http://www.geoiptool.com/en/?IP=74.222.134.170)
    >
    > I'm left wondering who might have wished to infect Mr Gooden's Blog
    > pages ...... and if the same folk may have 'got at' the Annexcafe
    > newsgroups too!
    >
    > --
    > Dave


    Mr Gooden responded to me by email and said .......

    "Normal people would see something like that google warning and inform
    the person affected (me) instead of posting it to alt.whatever... and
    then submit some surreptitious feedback form to me. Once I saw what you
    were talking about, I determined it to be an sql injection "iframe"
    within one of the posts I posted to my blog from another blog. Once I
    knew, post removed."

    Maybe that is why I cannot replicate that same Google warning now.

    Hmmm. But that doesn't explain why the blog site had hosted malware
    previously ..... *does* it?

    Stroking chin!

    --
    Dave

  3. #3
    David H. Lipman
    Guest

    Re: A warning from Google!

    From: "~BD~" <BoaterDave@hotmail.co.uk>

    | BoaterDave wrote:
    >> Hi :)


    >> I went to this URL
    >> http://www.linkedin.com/ppl/webprofi...uthToken=jNAa&
    >> authType=name&trk=ppro_viewmore&lnk=vw_pprofile
    >> where there is the LinkedIn profile for Gregory Gooden. (The owner of
    >> Annex.com)


    >> Under 'Websites' I selected 'My Blog' and went to this URL
    >> http://www.luftmensch.com/ I then clicked on RanZ(Blog) ..........


    >> And received this:- "Warning: Visiting this site may harm your
    >> computer" (White font on a bright red banner). That was followed
    >> by .........


    >> "The website you are visiting appears to contain malware. Malware is
    >> malicious software that may harm your computer or otherwise operate
    >> without your consent. Your computer can be infected just by browsing
    >> to a site with malware, without any further action on your part.


    >> For detailed information about problems found on this site, visit
    >> Google Safe Browsing diagnostic page for 74.222.134.170"


    >> The IP number was a link which, when followed, provided this
    >> information:-


    >> "What is the current listing status for 74.222.134.0?
    >> This site is not currently listed as suspicious.


    >> Part of this site was listed for suspicious activity 1 time(s) over
    >> the past 90 days.


    >> What happened when Google visited this site?
    >> Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    >> resulted in malicious software being downloaded and installed without
    >> user consent. The last time Google visited this site was on
    >> 2009-05-14, and the last time suspicious content was found on this
    >> site was on 2009-05-14.
    >> Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    >> exploit(s).


    >> This site was hosted on 1 network(s) including AS35908 (VPLSNET).


    >> Has this site acted as an intermediary resulting in further
    >> distribution of malware?
    >> Over the past 90 days, 74.222.134.0 did not appear to function as an
    >> intermediary for the infection of any sites.


    >> Has this site hosted malware?
    >> Yes, this site has hosted malicious software over the past 90 days. It
    >> infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    >> dollarandsense.net/.


    >> Next steps:
    >> Return to the previous page.
    >> If you are the owner of this web site, you can request a review of
    >> your site using Google Webmaster Tools. More information about the
    >> review process is available in Google's Webmaster Help Center.


    >> **************************


    >> There was a "Go Back" and an "Ignore warning" button. Selecting the
    >> latter, I ended up here http://www.luftmensch.com/wordpress/


    >> It seems a great site to own - you might even notice that there is a
    >> comment which I left there last July with regard to "A day at the
    >> zoo"!


    >> *** Googling 74.222.134.170 gives some interesting results! ***


    >> From what I can gather with my limited knowledge, 74.222.134.170 is
    >> located in California (http://www.geoiptool.com/en/?IP=74.222.134.170)


    >> I'm left wondering who might have wished to infect Mr Gooden's Blog
    >> pages ...... and if the same folk may have 'got at' the Annexcafe
    >> newsgroups too!


    >> --
    >> Dave


    | Mr Gooden responded to me by email and said .......

    | "Normal people would see something like that google warning and inform
    | the person affected (me) instead of posting it to alt.whatever... and
    | then submit some surreptitious feedback form to me. Once I saw what you
    | were talking about, I determined it to be an sql injection "iframe"
    | within one of the posts I posted to my blog from another blog. Once I
    | knew, post removed."

    | Maybe that is why I cannot replicate that same Google warning now.

    | Hmmm. But that doesn't explain why the blog site had hosted malware
    | previously ..... *does* it?

    | Stroking chin!

    | --
    | Dave

    Who said it was "hosting malware" ?

    Gooden wrote...
    "...determined it to be an sql injection "iframe" within one of the posts I posted to my
    blog..."

    That's not malware per se, that's a malicious script that was flagged.

    He also correctly pointed out...
    "Normal people would see something like that google warning and inform the person affected
    (me) instead of posting it to alt.... "

    Plaese STOP cross-posting between 'test' news groups and conversational news groups.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  4. #4
    ~BD~
    Guest

    Re: A warning from Google!

    David H. Lipman wrote:
    > From: "~BD~" <BoaterDave@hotmail.co.uk>
    >
    > | BoaterDave wrote:
    >>> Hi :)

    >
    >>> I went to this URL
    >>> http://www.linkedin.com/ppl/webprofi...uthToken=jNAa&
    >>> authType=name&trk=ppro_viewmore&lnk=vw_pprofile
    >>> where there is the LinkedIn profile for Gregory Gooden. (The owner of
    >>> Annex.com)

    >
    >>> Under 'Websites' I selected 'My Blog' and went to this URL
    >>> http://www.luftmensch.com/ I then clicked on RanZ(Blog) ..........

    >
    >>> And received this:- "Warning: Visiting this site may harm your
    >>> computer" (White font on a bright red banner). That was followed
    >>> by .........

    >
    >>> "The website you are visiting appears to contain malware. Malware is
    >>> malicious software that may harm your computer or otherwise operate
    >>> without your consent. Your computer can be infected just by browsing
    >>> to a site with malware, without any further action on your part.

    >
    >>> For detailed information about problems found on this site, visit
    >>> Google Safe Browsing diagnostic page for 74.222.134.170"

    >
    >>> The IP number was a link which, when followed, provided this
    >>> information:-

    >
    >>> "What is the current listing status for 74.222.134.0?
    >>> This site is not currently listed as suspicious.

    >
    >>> Part of this site was listed for suspicious activity 1 time(s) over
    >>> the past 90 days.

    >
    >>> What happened when Google visited this site?
    >>> Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    >>> resulted in malicious software being downloaded and installed without
    >>> user consent. The last time Google visited this site was on
    >>> 2009-05-14, and the last time suspicious content was found on this
    >>> site was on 2009-05-14.
    >>> Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    >>> exploit(s).

    >
    >>> This site was hosted on 1 network(s) including AS35908 (VPLSNET).

    >
    >>> Has this site acted as an intermediary resulting in further
    >>> distribution of malware?
    >>> Over the past 90 days, 74.222.134.0 did not appear to function as an
    >>> intermediary for the infection of any sites.

    >
    >>> Has this site hosted malware?
    >>> Yes, this site has hosted malicious software over the past 90 days. It
    >>> infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    >>> dollarandsense.net/.

    >
    >>> Next steps:
    >>> Return to the previous page.
    >>> If you are the owner of this web site, you can request a review of
    >>> your site using Google Webmaster Tools. More information about the
    >>> review process is available in Google's Webmaster Help Center.

    >
    >>> **************************

    >
    >>> There was a "Go Back" and an "Ignore warning" button. Selecting the
    >>> latter, I ended up here http://www.luftmensch.com/wordpress/

    >
    >>> It seems a great site to own - you might even notice that there is a
    >>> comment which I left there last July with regard to "A day at the
    >>> zoo"!

    >
    >>> *** Googling 74.222.134.170 gives some interesting results! ***

    >
    >>> From what I can gather with my limited knowledge, 74.222.134.170 is
    >>> located in California (http://www.geoiptool.com/en/?IP=74.222.134.170)

    >
    >>> I'm left wondering who might have wished to infect Mr Gooden's Blog
    >>> pages ...... and if the same folk may have 'got at' the Annexcafe
    >>> newsgroups too!

    >
    >>> --
    >>> Dave

    >
    > | Mr Gooden responded to me by email and said .......
    >
    > | "Normal people would see something like that google warning and inform
    > | the person affected (me) instead of posting it to alt.whatever... and
    > | then submit some surreptitious feedback form to me. Once I saw what you
    > | were talking about, I determined it to be an sql injection "iframe"
    > | within one of the posts I posted to my blog from another blog. Once I
    > | knew, post removed."
    >
    > | Maybe that is why I cannot replicate that same Google warning now.
    >
    > | Hmmm. But that doesn't explain why the blog site had hosted malware
    > | previously ..... *does* it?
    >
    > | Stroking chin!
    >
    > | --
    > | Dave
    >
    > Who said it was "hosting malware" ?



    *Google* said .....

    What happened when Google visited this site?
    Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    resulted in malicious software being downloaded and installed without
    user consent. The last time Google visited this site was on
    2009-05-14, and the last time suspicious content was found on this
    site was on 2009-05-14.
    Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    exploit(s).

    This site was hosted on 1 network(s) including AS35908 (VPLSNET).

    Has this site hosted malware?
    Yes, this site has hosted malicious software over the past 90 days. It
    infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    dollarandsense.net/.

    ******************

    Have I misunderstood something - or didn't you read what I'd posted?


    > Plaese STOP cross-posting between 'test' news groups and conversational news groups.



    David - you are *not* the Usenet police. I would like to know exactly
    *why* it bothers you that I choose to include that specific test group
    in some of my posts.

    If you explain your reasoning I *might* be more cooperative!

    Try me and see! ;)

    --
    Dave (BD)

  5. #5
    David H. Lipman
    Guest

    Re: A warning from Google!

    From: "~BD~" <BoaterDave@hotmail.co.uk>

    | David H. Lipman wrote:
    >> From: "~BD~" <BoaterDave@hotmail.co.uk>


    >> | BoaterDave wrote:
    >>>> Hi :)


    >>>> I went to this URL
    >>>> http://www.linkedin.com/ppl/webprofi...uthToken=jNAa&
    >>>> authType=name&trk=ppro_viewmore&lnk=vw_pprofile
    >>>> where there is the LinkedIn profile for Gregory Gooden. (The owner of
    >>>> Annex.com)


    >>>> Under 'Websites' I selected 'My Blog' and went to this URL
    >>>> http://www.luftmensch.com/ I then clicked on RanZ(Blog) ..........


    >>>> And received this:- "Warning: Visiting this site may harm your
    >>>> computer" (White font on a bright red banner). That was followed
    >>>> by .........


    >>>> "The website you are visiting appears to contain malware. Malware is
    >>>> malicious software that may harm your computer or otherwise operate
    >>>> without your consent. Your computer can be infected just by browsing
    >>>> to a site with malware, without any further action on your part.


    >>>> For detailed information about problems found on this site, visit
    >>>> Google Safe Browsing diagnostic page for 74.222.134.170"


    >>>> The IP number was a link which, when followed, provided this
    >>>> information:-


    >>>> "What is the current listing status for 74.222.134.0?
    >>>> This site is not currently listed as suspicious.


    >>>> Part of this site was listed for suspicious activity 1 time(s) over
    >>>> the past 90 days.


    >>>> What happened when Google visited this site?
    >>>> Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    >>>> resulted in malicious software being downloaded and installed without
    >>>> user consent. The last time Google visited this site was on
    >>>> 2009-05-14, and the last time suspicious content was found on this
    >>>> site was on 2009-05-14.
    >>>> Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    >>>> exploit(s).


    >>>> This site was hosted on 1 network(s) including AS35908 (VPLSNET).


    >>>> Has this site acted as an intermediary resulting in further
    >>>> distribution of malware?
    >>>> Over the past 90 days, 74.222.134.0 did not appear to function as an
    >>>> intermediary for the infection of any sites.


    >>>> Has this site hosted malware?
    >>>> Yes, this site has hosted malicious software over the past 90 days. It
    >>>> infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    >>>> dollarandsense.net/.


    >>>> Next steps:
    >>>> Return to the previous page.
    >>>> If you are the owner of this web site, you can request a review of
    >>>> your site using Google Webmaster Tools. More information about the
    >>>> review process is available in Google's Webmaster Help Center.


    >>>> **************************


    >>>> There was a "Go Back" and an "Ignore warning" button. Selecting the
    >>>> latter, I ended up here http://www.luftmensch.com/wordpress/


    >>>> It seems a great site to own - you might even notice that there is a
    >>>> comment which I left there last July with regard to "A day at the
    >>>> zoo"!


    >>>> *** Googling 74.222.134.170 gives some interesting results! ***


    >>>> From what I can gather with my limited knowledge, 74.222.134.170 is
    >>>> located in California (http://www.geoiptool.com/en/?IP=74.222.134.170)


    >>>> I'm left wondering who might have wished to infect Mr Gooden's Blog
    >>>> pages ...... and if the same folk may have 'got at' the Annexcafe
    >>>> newsgroups too!


    >>>> --
    >>>> Dave


    >> | Mr Gooden responded to me by email and said .......


    >> | "Normal people would see something like that google warning and inform
    >> | the person affected (me) instead of posting it to alt.whatever... and
    >> | then submit some surreptitious feedback form to me. Once I saw what you
    >> | were talking about, I determined it to be an sql injection "iframe"
    >> | within one of the posts I posted to my blog from another blog. Once I
    >> | knew, post removed."


    >> | Maybe that is why I cannot replicate that same Google warning now.


    >> | Hmmm. But that doesn't explain why the blog site had hosted malware
    >> | previously ..... *does* it?


    >> | Stroking chin!


    >> | --
    >> | Dave


    >> Who said it was "hosting malware" ?



    | *Google* said .....

    | What happened when Google visited this site?
    | Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    | resulted in malicious software being downloaded and installed without
    | user consent. The last time Google visited this site was on
    | 2009-05-14, and the last time suspicious content was found on this
    | site was on 2009-05-14.
    | Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    | exploit(s).

    | This site was hosted on 1 network(s) including AS35908 (VPLSNET).

    | Has this site hosted malware?
    | Yes, this site has hosted malicious software over the past 90 days. It
    | infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    | dollarandsense.net/.

    | ******************

    | Have I misunderstood something - or didn't you read what I'd posted?


    >> Plaese STOP cross-posting between 'test' news groups and conversational news groups.



    | David - you are *not* the Usenet police. I would like to know exactly
    | *why* it bothers you that I choose to include that specific test group
    | in some of my posts.

    | If you explain your reasoning I *might* be more cooperative!

    | Try me and see! ;)

    | --
    | Dave (BD)

    A. You misinterpreted both messages.

    B. 'Test' groups are for 'test' messages only and their subject matter are to be
    IGNORED. Leave discussions to discussion groups. You should *never* cross-post between
    a test group and a discussion group.


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  6. #6
    ~BD~
    Guest

    Re: A warning from Google!

    David H. Lipman wrote:
    > From: "~BD~" <BoaterDave@hotmail.co.uk>
    >
    > | David H. Lipman wrote:
    >>> From: "~BD~" <BoaterDave@hotmail.co.uk>

    >
    >>> | BoaterDave wrote:
    >>>>> Hi :)

    >
    >>>>> I went to this URL
    >>>>> http://www.linkedin.com/ppl/webprofi...uthToken=jNAa&
    >>>>> authType=name&trk=ppro_viewmore&lnk=vw_pprofile
    >>>>> where there is the LinkedIn profile for Gregory Gooden. (The ownerof
    >>>>> Annex.com)

    >
    >>>>> Under 'Websites' I selected 'My Blog' and went to this URL
    >>>>> http://www.luftmensch.com/ I then clicked on RanZ(Blog) ..........

    >
    >>>>> And received this:- "Warning: Visiting this site may harm your
    >>>>> computer" (White font on a bright red banner). That was followed
    >>>>> by .........

    >
    >>>>> "The website you are visiting appears to contain malware. Malware is
    >>>>> malicious software that may harm your computer or otherwise operate
    >>>>> without your consent. Your computer can be infected just by browsing
    >>>>> to a site with malware, without any further action on your part.

    >
    >>>>> For detailed information about problems found on this site, visit
    >>>>> Google Safe Browsing diagnostic page for 74.222.134.170"

    >
    >>>>> The IP number was a link which, when followed, provided this
    >>>>> information:-

    >
    >>>>> "What is the current listing status for 74.222.134.0?
    >>>>> This site is not currently listed as suspicious.

    >
    >>>>> Part of this site was listed for suspicious activity 1 time(s) over
    >>>>> the past 90 days.

    >
    >>>>> What happened when Google visited this site?
    >>>>> Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    >>>>> resulted in malicious software being downloaded and installed without
    >>>>> user consent. The last time Google visited this site was on
    >>>>> 2009-05-14, and the last time suspicious content was found on this
    >>>>> site was on 2009-05-14.
    >>>>> Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    >>>>> exploit(s).

    >
    >>>>> This site was hosted on 1 network(s) including AS35908 (VPLSNET).

    >
    >>>>> Has this site acted as an intermediary resulting in further
    >>>>> distribution of malware?
    >>>>> Over the past 90 days, 74.222.134.0 did not appear to function as an
    >>>>> intermediary for the infection of any sites.

    >
    >>>>> Has this site hosted malware?
    >>>>> Yes, this site has hosted malicious software over the past 90 days.It
    >>>>> infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    >>>>> dollarandsense.net/.

    >
    >>>>> Next steps:
    >>>>> Return to the previous page.
    >>>>> If you are the owner of this web site, you can request a review of
    >>>>> your site using Google Webmaster Tools. More information about the
    >>>>> review process is available in Google's Webmaster Help Center.

    >
    >>>>> **************************

    >
    >>>>> There was a "Go Back" and an "Ignore warning" button. Selecting the
    >>>>> latter, I ended up here http://www.luftmensch.com/wordpress/

    >
    >>>>> It seems a great site to own - you might even notice that there is a
    >>>>> comment which I left there last July with regard to "A day at the
    >>>>> zoo"!

    >
    >>>>> *** Googling 74.222.134.170 gives some interesting results! ***

    >
    >>>>> From what I can gather with my limited knowledge, 74.222.134.170 is
    >>>>> located in California (http://www.geoiptool.com/en/?IP=74.222.134.170)

    >
    >>>>> I'm left wondering who might have wished to infect Mr Gooden's Blog
    >>>>> pages ...... and if the same folk may have 'got at' the Annexcafe
    >>>>> newsgroups too!

    >
    >>>>> --
    >>>>> Dave

    >
    >>> | Mr Gooden responded to me by email and said .......

    >
    >>> | "Normal people would see something like that google warning and inform
    >>> | the person affected (me) instead of posting it to alt.whatever... and
    >>> | then submit some surreptitious feedback form to me. Once I saw whatyou
    >>> | were talking about, I determined it to be an sql injection "iframe"
    >>> | within one of the posts I posted to my blog from another blog. OnceI
    >>> | knew, post removed."

    >
    >>> | Maybe that is why I cannot replicate that same Google warning now.

    >
    >>> | Hmmm. But that doesn't explain why the blog site had hosted malware
    >>> | previously ..... *does* it?

    >
    >>> | Stroking chin!

    >
    >>> | --
    >>> | Dave

    >
    >>> Who said it was "hosting malware" ?

    >
    >
    > | *Google* said .....
    >
    > | What happened when Google visited this site?
    > | Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    > | resulted in malicious software being downloaded and installed without
    > | user consent. The last time Google visited this site was on
    > | 2009-05-14, and the last time suspicious content was found on this
    > | site was on 2009-05-14.
    > | Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    > | exploit(s).
    >
    > | This site was hosted on 1 network(s) including AS35908 (VPLSNET).
    >
    > | Has this site hosted malware?
    > | Yes, this site has hosted malicious software over the past 90 days. It
    > | infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    > | dollarandsense.net/.
    >
    > | ******************
    >
    > | Have I misunderstood something - or didn't you read what I'd posted?
    >
    >
    >>> Plaese STOP cross-posting between 'test' news groups and conversational news groups.

    >
    >
    > | David - you are *not* the Usenet police. I would like to know exactly
    > | *why* it bothers you that I choose to include that specific test group
    > | in some of my posts.
    >
    > | If you explain your reasoning I *might* be more cooperative!
    >
    > | Try me and see! ;)
    >
    > | --
    > | Dave (BD)
    >
    > A. You misinterpreted both messages.



    A very blasť answer. How can I ever learn if you chose not to explain
    how/why? As you sometimes say "drop me an email" if you don't wish to
    show your cards here.

    Are you telling me that 74.222.134.0 is *not* associated with Mr Gooden?
    If so, please tell me why you think this.


    > B. 'Test' groups are for 'test' messages only and their subject matter are to be
    > IGNORED. Leave discussions to discussion groups. You should *never* cross-post between
    > a test group and a discussion group.


    Again - you haven't said WHY! What difference does it make to you - or
    to anyone else?

    I do understand that what I do may be 'unconventional', and not what you
    have met before, but that doesn't make it *wrong* per se.

    --
    Dave (BD)


  7. #7
    David H. Lipman
    Guest

    Re: A warning from Google!

    From: "~BD~" <BoaterDave@hotmail.co.uk>


    >> A. You misinterpreted both messages.



    | A very blasť answer. How can I ever learn if you chose not to explain
    | how/why? As you sometimes say "drop me an email" if you don't wish to
    | show your cards here.

    | Are you telling me that 74.222.134.0 is *not* associated with Mr Gooden?
    | If so, please tell me why you think this.


    >> B. 'Test' groups are for 'test' messages only and their subject matter are to be
    >> IGNORED. Leave discussions to discussion groups. You should *never* cross-post
    >> between
    >> a test group and a discussion group.


    | Again - you haven't said WHY! What difference does it make to you - or
    | to anyone else?

    | I do understand that what I do may be 'unconventional', and not what you
    | have met before, but that doesn't make it *wrong* per se.

    | --
    | Dave (BD)

    [ luftmensch.com = 75.126.21.8 ] != 74.222.134.0


    OrgName: VPLS Inc. d/b/a Krypt Technologies
    OrgID: VPLSI
    Address: 1744 W. Katella Avenue.
    Address: Suite 200
    City: Orange
    StateProv: CA
    PostalCode: 92867
    Country: US

    ReferralServer: rwhois://rwhois.vpls.net:4321

    NetRange: 74.222.128.0 - 74.222.191.255
    CIDR: 74.222.128.0/18
    NetName: VPLSNET
    NetHandle: NET-74-222-128-0-1
    Parent: NET-74-0-0-0-0
    NetType: Direct Allocation
    NameServer: NS1.VPLS.NET
    NameServer: NS2.VPLS.NET
    Comment: For abuse please contact abuse@vpls.net no phone
    Comment: calls will be accepted!!
    RegDate: 2007-01-05
    Updated: 2007-06-25

    RAbuseHandle: KRYPT-ARIN
    RAbuseName: Krypt Keeper
    RAbusePhone: +1-714-993-9997
    RAbuseEmail: hostmaster@krypt.com

    As for... "...what I do may be 'unconventional'..."
    That's why you were booted from those forums and that's why you have been deemed a troll
    by many. I've given you a 2cnd chance, and that's why I'm not outright ignoring you, but
    I'm losing patience.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  8. #8
    Todd H.
    Guest

    Re: A warning from Google!

    ~BD~ <BoaterDave@hotmail.co.uk> writes:

    > Hmmm. But that doesn't explain why the blog site had hosted malware
    > previously ..... *does* it?



    Rotated banner ads can have malware. There's also a blog-takeover
    hack that's been recently announced at a security con (can't remember
    details), a cross site scripting issue taken advantage of by a blog
    commenter--lots of possible reasons that google may have flagged it as
    such.

    The web is a nutty place.

    --
    Todd H.
    http://www.toddh.net/

  9. #9
    Scarlett
    Guest

    Re: A warning from Google!

    David H. Lipman wrote:
    > From: "~BD~" <BoaterDave@hotmail.co.uk>
    >
    >> BoaterDave wrote:
    >>> Hi :)

    >
    >>> I went to this URL
    >>> http://www.linkedin.com/ppl/webprofi...uthToken=jNAa&
    >>> authType=name&trk=ppro_viewmore&lnk=vw_pprofile
    >>> where there is the LinkedIn profile for Gregory Gooden. (The owner
    >>> of Annex.com)

    >
    >>> Under 'Websites' I selected 'My Blog' and went to this URL
    >>> http://www.luftmensch.com/ I then clicked on RanZ(Blog)
    >>> ..........

    >
    >>> And received this:- "Warning: Visiting this site may harm your
    >>> computer" (White font on a bright red banner). That was followed
    >>> by .........

    >
    >>> "The website you are visiting appears to contain malware. Malware is
    >>> malicious software that may harm your computer or otherwise operate
    >>> without your consent. Your computer can be infected just by browsing
    >>> to a site with malware, without any further action on your part.

    >
    >>> For detailed information about problems found on this site, visit
    >>> Google Safe Browsing diagnostic page for 74.222.134.170"

    >
    >>> The IP number was a link which, when followed, provided this
    >>> information:-

    >
    >>> "What is the current listing status for 74.222.134.0?
    >>> This site is not currently listed as suspicious.

    >
    >>> Part of this site was listed for suspicious activity 1 time(s) over
    >>> the past 90 days.

    >
    >>> What happened when Google visited this site?
    >>> Of the 13 pages we tested on the site over the past 90 days, 0
    >>> page(s) resulted in malicious software being downloaded and
    >>> installed without user consent. The last time Google visited this
    >>> site was on 2009-05-14, and the last time suspicious content was
    >>> found on this site was on 2009-05-14.
    >>> Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    >>> exploit(s).

    >
    >>> This site was hosted on 1 network(s) including AS35908 (VPLSNET).

    >
    >>> Has this site acted as an intermediary resulting in further
    >>> distribution of malware?
    >>> Over the past 90 days, 74.222.134.0 did not appear to function as an
    >>> intermediary for the infection of any sites.

    >
    >>> Has this site hosted malware?
    >>> Yes, this site has hosted malicious software over the past 90 days.
    >>> It infected 6 domain(s), including blonging.com/,
    >>> myinvestorblog.com/, dollarandsense.net/.

    >
    >>> Next steps:
    >>> Return to the previous page.
    >>> If you are the owner of this web site, you can request a review of
    >>> your site using Google Webmaster Tools. More information about the
    >>> review process is available in Google's Webmaster Help Center.

    >
    >>> **************************

    >
    >>> There was a "Go Back" and an "Ignore warning" button. Selecting the
    >>> latter, I ended up here http://www.luftmensch.com/wordpress/

    >
    >>> It seems a great site to own - you might even notice that there is a
    >>> comment which I left there last July with regard to "A day at the
    >>> zoo"!

    >
    >>> *** Googling 74.222.134.170 gives some interesting results! ***

    >
    >>> From what I can gather with my limited knowledge, 74.222.134.170 is
    >>> located in California
    >>> (http://www.geoiptool.com/en/?IP=74.222.134.170)

    >
    >>> I'm left wondering who might have wished to infect Mr Gooden's Blog
    >>> pages ...... and if the same folk may have 'got at' the Annexcafe
    >>> newsgroups too!

    >
    >>> --
    >>> Dave

    >
    >> Mr Gooden responded to me by email and said .......

    >
    >> "Normal people would see something like that google warning and
    >> inform the person affected (me) instead of posting it to
    >> alt.whatever... and then submit some surreptitious feedback form to
    >> me. Once I saw what you were talking about, I determined it to be an
    >> sql injection "iframe" within one of the posts I posted to my blog
    >> from another blog. Once I knew, post removed."

    >
    >> Maybe that is why I cannot replicate that same Google warning now.

    >
    >> Hmmm. But that doesn't explain why the blog site had hosted malware
    >> previously ..... *does* it?

    >
    >> Stroking chin!

    >
    >> --
    >> Dave

    >
    > Who said it was "hosting malware" ?
    >
    > Gooden wrote...
    > "...determined it to be an sql injection "iframe" within one of the
    > posts I posted to my blog..."
    >
    > That's not malware per se, that's a malicious script that was flagged.
    >
    > He also correctly pointed out...
    > "Normal people would see something like that google warning and
    > inform the person affected (me) instead of posting it to alt.... "
    >
    > Plaese STOP cross-posting between 'test' news groups and
    > conversational news groups.


    Hi Dave your wasting your time ;-)

    Donna



  10. #10
    Scarlett
    Guest

    Re: A warning from Google!

    ~BD~ wrote:
    > David H. Lipman wrote:
    >> From: "~BD~" <BoaterDave@hotmail.co.uk>
    >>
    >>> BoaterDave wrote:
    >>>> Hi :)

    >>
    >>>> I went to this URL
    >>>> http://www.linkedin.com/ppl/webprofi...uthToken=jNAa&
    >>>> authType=name&trk=ppro_viewmore&lnk=vw_pprofile
    >>>> where there is the LinkedIn profile for Gregory Gooden. (The
    >>>> owner of Annex.com)

    >>
    >>>> Under 'Websites' I selected 'My Blog' and went to this URL
    >>>> http://www.luftmensch.com/ I then clicked on RanZ(Blog)
    >>>> ..........

    >>
    >>>> And received this:- "Warning: Visiting this site may harm your
    >>>> computer" (White font on a bright red banner). That was followed
    >>>> by .........

    >>
    >>>> "The website you are visiting appears to contain malware. Malware
    >>>> is malicious software that may harm your computer or otherwise
    >>>> operate without your consent. Your computer can be infected just
    >>>> by browsing to a site with malware, without any further action on
    >>>> your part.

    >>
    >>>> For detailed information about problems found on this site, visit
    >>>> Google Safe Browsing diagnostic page for 74.222.134.170"

    >>
    >>>> The IP number was a link which, when followed, provided this
    >>>> information:-

    >>
    >>>> "What is the current listing status for 74.222.134.0?
    >>>> This site is not currently listed as suspicious.

    >>
    >>>> Part of this site was listed for suspicious activity 1 time(s) over
    >>>> the past 90 days.

    >>
    >>>> What happened when Google visited this site?
    >>>> Of the 13 pages we tested on the site over the past 90 days, 0
    >>>> page(s) resulted in malicious software being downloaded and
    >>>> installed without user consent. The last time Google visited this
    >>>> site was on 2009-05-14, and the last time suspicious content was
    >>>> found on this site was on 2009-05-14.
    >>>> Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    >>>> exploit(s).

    >>
    >>>> This site was hosted on 1 network(s) including AS35908 (VPLSNET).

    >>
    >>>> Has this site acted as an intermediary resulting in further
    >>>> distribution of malware?
    >>>> Over the past 90 days, 74.222.134.0 did not appear to function as
    >>>> an intermediary for the infection of any sites.

    >>
    >>>> Has this site hosted malware?
    >>>> Yes, this site has hosted malicious software over the past 90
    >>>> days. It infected 6 domain(s), including blonging.com/,
    >>>> myinvestorblog.com/, dollarandsense.net/.

    >>
    >>>> Next steps:
    >>>> Return to the previous page.
    >>>> If you are the owner of this web site, you can request a review of
    >>>> your site using Google Webmaster Tools. More information about the
    >>>> review process is available in Google's Webmaster Help Center.

    >>
    >>>> **************************

    >>
    >>>> There was a "Go Back" and an "Ignore warning" button. Selecting
    >>>> the latter, I ended up here http://www.luftmensch.com/wordpress/

    >>
    >>>> It seems a great site to own - you might even notice that there is
    >>>> a comment which I left there last July with regard to "A day at the
    >>>> zoo"!

    >>
    >>>> *** Googling 74.222.134.170 gives some interesting results! ***

    >>
    >>>> From what I can gather with my limited knowledge, 74.222.134.170 is
    >>>> located in California
    >>>> (http://www.geoiptool.com/en/?IP=74.222.134.170)

    >>
    >>>> I'm left wondering who might have wished to infect Mr Gooden's Blog
    >>>> pages ...... and if the same folk may have 'got at' the Annexcafe
    >>>> newsgroups too!

    >>
    >>>> --
    >>>> Dave

    >>
    >>> Mr Gooden responded to me by email and said .......

    >>
    >>> "Normal people would see something like that google warning and
    >>> inform the person affected (me) instead of posting it to
    >>> alt.whatever... and then submit some surreptitious feedback form to
    >>> me. Once I saw what you were talking about, I determined it to be
    >>> an sql injection "iframe" within one of the posts I posted to my
    >>> blog from another blog. Once I knew, post removed."

    >>
    >>> Maybe that is why I cannot replicate that same Google warning now.

    >>
    >>> Hmmm. But that doesn't explain why the blog site had hosted malware
    >>> previously ..... *does* it?

    >>
    >>> Stroking chin!

    >>
    >>> --
    >>> Dave

    >>
    >> Who said it was "hosting malware" ?

    >
    >
    > *Google* said .....
    >
    > What happened when Google visited this site?
    > Of the 13 pages we tested on the site over the past 90 days, 0 page(s)
    > resulted in malicious software being downloaded and installed without
    > user consent. The last time Google visited this site was on
    > 2009-05-14, and the last time suspicious content was found on this
    > site was on 2009-05-14.
    > Malicious software includes 8 trojan(s), 6 scripting exploit(s), 4
    > exploit(s).
    >
    > This site was hosted on 1 network(s) including AS35908 (VPLSNET).
    >
    > Has this site hosted malware?
    > Yes, this site has hosted malicious software over the past 90 days. It
    > infected 6 domain(s), including blonging.com/, myinvestorblog.com/,
    > dollarandsense.net/.
    >
    > ******************
    >
    > Have I misunderstood something - or didn't you read what I'd posted?
    >
    >
    >> Plaese STOP cross-posting between 'test' news groups and
    >> conversational news groups.

    >
    >
    > David - you are *not* the Usenet police. I would like to know exactly
    > *why* it bothers you that I choose to include that specific test group
    > in some of my posts.
    >
    > If you explain your reasoning I *might* be more cooperative!
    >
    > Try me and see! ;)


    Ok what part of "0 page(s)
    resulted in malicious software being downloaded and installed without
    user consent."

    Don't you understand...0 = none



  11. #11
    Todd H.
    Guest

    Re: A warning from Google!

    ~BD~ <BoaterDave@hotmail.co.uk> writes:

    >> B. 'Test' groups are for 'test' messages only and their subject
    >> matter are to be IGNORED. Leave discussions to discussion groups.
    >> You should *never* cross-post between a test group and a discussion
    >> group.

    >
    > Again - you haven't said WHY! What difference does it make to you - or
    > to anyone else?


    BoaterDave,

    I have been polite to you in the past and given you a wide berth of
    newbieness.

    But, seriously, you're begging for flamage unless you pull your head
    out of your ass on some of these discussions.

    Mr Lipman correctly states usenet netiquette regarding test
    newsgroups.

    > I do understand that what I do may be 'unconventional', and not what
    > you have met before, but that doesn't make it *wrong* per se.


    No, it's wrong to cross post between test and regular nesgroups,
    period. Test groups are for testing. It's not something you'll
    find in an RFC. It's common sense.


    --
    Todd H.
    http://www.toddh.net/

  12. #12
    ~BD~
    Guest

    Re: A warning from Google!

    Todd H. wrote:
    > ~BD~ <BoaterDave@hotmail.co.uk> writes:
    >
    >>> B. 'Test' groups are for 'test' messages only and their subject
    >>> matter are to be IGNORED. Leave discussions to discussion groups.
    >>> You should *never* cross-post between a test group and a discussion
    >>> group.

    >> Again - you haven't said WHY! What difference does it make to you - or
    >> to anyone else?

    >
    > BoaterDave,
    >
    > I have been polite to you in the past and given you a wide berth of
    > newbieness.
    >
    > But, seriously, you're begging for flamage unless you pull your head
    > out of your ass on some of these discussions.
    >
    > Mr Lipman correctly states usenet netiquette regarding test
    > newsgroups.
    >
    >> I do understand that what I do may be 'unconventional', and not what
    >> you have met before, but that doesn't make it *wrong* per se.

    >
    > No, it's wrong to cross post between test and regular nesgroups,
    > period. Test groups are for testing. It's not something you'll
    > find in an RFC. It's common sense.
    >
    >


    Hello Todd

    I have appreciated your attitude and thank you for being polite.

    Have you taken time out to go to the 'microsoft.public.test.here' group
    and read any of the conversations which I have enjoyed with, in
    particular, Andrew Taylor and Peter Foldes?

    Regardless, I thank you for your advice and look forward to watching the
    video clips of your rabbits when you get round to posting them on YouTube!

    Have a great weekend! :)

    --
    Dave

  13. #13
    Tim Jackson
    Guest

    Re: A warning from Google!

    ~BD~ wrote:
    > David H. Lipman wrote:
    >> From: "~BD~" <BoaterDave@hotmail.co.uk>
    >>
    >> B. 'Test' groups are for 'test' messages only and their subject
    >> matter are to be IGNORED. Leave discussions to discussion groups.
    >> You should *never* cross-post between a test group and a discussion
    >> group.

    >
    > Again - you haven't said WHY! What difference does it make to you - or
    > to anyone else?
    >
    > I do understand that what I do may be 'unconventional', and not what you
    > have met before, but that doesn't make it *wrong* per se.
    >
    > --
    > Dave (BD)
    >


    Mostly because it's RUDE!

    Newsgroups have a topic for a reason. It is so that users can identify
    what to expect to find in it without having to read all the posts.

    We need netiquette to make the system work. If everyone goes around
    co-opting newsgroups as their own private chat-room and disregarding the
    stated topics then we have anarchy, and you will quickly find all groups
    taken over and rendered useless by spammers.

    As it stands if people make a nuisance of themselves by making off-topic
    posts, we can complain to their ISP and get them stopped. If there was
    no such thing as a group topic, we would not have that power.

    You are clearly technically well in breach of that etiquette. It has to
    be flexible, but you are stretching people's tolerance.

    Basically, original posts to a newsgroup should be a question or a
    timely announcement of new information and should be within the group's
    topic. Replies should be pertinent to the original post or previous
    replies, although they may drift somewhat from the group topic.
    Anything else is in breach.


    Tim Jackson

  14. #14
    David H. Lipman
    Guest

    Re: A warning from Google!

    From: "Scarlett" <Scarlett@dodgit.com>

    >> Who said it was "hosting malware" ?


    >> Gooden wrote...
    >> "...determined it to be an sql injection "iframe" within one of the
    >> posts I posted to my blog..."


    >> That's not malware per se, that's a malicious script that was flagged.


    >> He also correctly pointed out...
    >> "Normal people would see something like that google warning and
    >> inform the person affected (me) instead of posting it to alt.... "


    >> Plaese STOP cross-posting between 'test' news groups and
    >> conversational news groups.


    | Hi Dave your wasting your time ;-)

    | Donna

    OK :-)


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  15. #15
    DGB
    Guest

    Re: A warning from Google!

    Todd H. wrote:
    > ~BD~ <BoaterDave@hotmail.co.uk> writes:
    >
    >> Hmmm. But that doesn't explain why the blog site had hosted malware
    >> previously ..... *does* it?

    >
    >
    > Rotated banner ads can have malware. There's also a blog-takeover
    > hack that's been recently announced at a security con (can't remember
    > details), a cross site scripting issue taken advantage of by a blog
    > commenter--lots of possible reasons that google may have flagged it as
    > such.
    >
    > The web is a nutty place.
    >



    I most certainly agree with your last point, Todd!

    Thanks for the information.

    David Lipman is trying to tell me something but I am still confused. I
    thought the IP address mentioned related to Mr Gooden but it seems this
    may not be so.

    --
    Dave

Similar Threads

  1. Google cutting 200 jobs
    By Sava700 in forum General Discussion Board
    Replies: 3
    Last Post: 03-27-09, 08:24 PM
  2. my cable modem dissconnects all the time?
    By cableguy2k7 in forum General Broadband Forum
    Replies: 9
    Last Post: 08-01-08, 08:30 PM
  3. Cox Cable problem
    By ltwally in forum General Broadband Forum
    Replies: 1
    Last Post: 07-28-08, 02:21 AM
  4. Trouble with Cox Cable
    By ltwally in forum General Broadband Forum
    Replies: 17
    Last Post: 07-08-08, 03:25 AM
  5. new cable modem connection problems?
    By cableguy2k7 in forum General Broadband Forum
    Replies: 18
    Last Post: 07-18-07, 10:26 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •