Site is coming up as Unsafe. This just started.





Total threats on this site:
41




General Info
Web Site Location http://safeweb.norton.com/images/flags/us.gif United States of America

Norton Safe Web has analyzed dual-boxing.com for safety and security problems. Below is a sample of the threats that were found.
http://safeweb.norton.com/thumb/?url=dual-boxing.com


Threat Report

Total threats found: 41

http://safeweb.norton.com/images/icons/small-whitebg_sphere/small-whitebg-red.png?1275989646 Drive-By Downloads (what's this?) (http://safeweb.norton.com/safety#brexp) Threats found: 41
Here is a sample:
Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/forumdisplay.php?f=14

Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/forumdisplay.php?f=14&daysprune=-1&order=asc&sort=postusername

Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/forumdisplay.php?f=14&daysprune=-1&order=desc&sort=voteavg

Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/showthread.php?p=289534

Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/showthread.php?p=290328

Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/login.php?a=pwd&u=32010&i=e6df9bc02b388066b4430773cc81369fde2f0c4b

Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/login.php?do=login

Threat Name: MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/forumdisplay.php?f=14&sort=voteavg&order=desc&daysprune=-1&page=101

Threat Name: Direct link to MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/forumdisplay.php?f=14&daysprune=-1&order=desc&sort=voteavg

Threat Name: Direct link to MSIE Attribute Handler Code Exec (http://www.symantec.com/avcenter/attack_sigs/s50255.html) Location: http://www.dual-boxing.com/forumdisplay.php?f=14

confirmed, i'm getting the same error from my norton, and sent a msg to svper via pm

Kaspersky stagged it too:

http://img708.imageshack.us/img708/6738/capturerws.jpg

lolinternetexplorer

lolinternetexplorer

worst browser period.

opera > firefox > X

It's cause you are using Internet Exploder!

worst browser period.

opera > firefox > X

NSS Lab tests would disagree...

I'm using IE and gtting absolutely no warnings....

Svper's in my browser, loggin' my keyZ?

I use Firefox

Thanks for the reports, I'm looking into it now.

Norton is refusing to verify I am the site owner despite putting they meta tag AND uploading their special file.


Not much I can do if they won't verify me.

I fixed a couple things. I'm still unable to verify I'm the site owner (at least to Norton I am) I scanned some of those URLs with http://www.avg.com.au/resources/web-page-scanner/ and AVG is saying there are no exploits. I'm unsure if AVG is scanning for the same thing Norton was, I'm unable to get Norton to rescan. I wasn't able to find a Kapersky scanning tool. I've been up for about 28 hours so I may just be missing something.

go to sleep man

I think you can see why I dont have Norton or any anti viris running on my computer.

Just back up every week or so if you get infected you have a good copy.

I think you can see why I dont have Norton or any anti viris running on my computer.

Just back up every week or so if you get infected you have a good copy.

http://media.giantbomb.com/uploads/1/19353/937202-facepalm_implied_super.jpg

You just gotta know when you got infected =p. It's not to bad if your keeping all the copies, but if your rolling through tapes your bound to overwrite something with a infected copy ;).

Any idea super why this would start happening just out of the blue like this? I've had Norton since January and never had this issue before, all of a sudden several folks are getting the warnings?

Update plz! Ahm scurred ta braowze the site foar feer of mah keez!

Any idea super why this would start happening just out of the blue like this? I've had Norton since January and never had this issue before, all of a sudden several folks are getting the warnings?

Update plz! Ahm scurred ta braowze the site foar feer of mah keez!


From what I've read about the exploits Norton was reporting, they're only going to affect you if you're using IE 6 / IE 7. Otherwise you're fine. Obviously it's still bad to have the exploits open, which is what I'm currently working on.

I think you can see why I dont have Norton or any anti viris running on my computer.

Just back up every week or so if you get infected you have a good copy.

detection and backups are two separate things.
- the antivirus will help you detect (and clean if possible) that something is wrong
- the backups will help you restore after any damage happened


if you only have an anti-virus and no backup, you will lose stuff if a virus goes through the AV checks.
if you only have a backup system, you could be losing stuff as we speak, without knowing. or you could be hosting an army of trojans etc.
For all you know, your backups could be infected. As was mentioned above, if you didn't keep all your backups, chances are you won't be able to find one not infected

Best is to have both. But in any case AV > Backup.

NSS Lab tests would disagree...

Funny. No security test on these sites ever mentions adblock or noscript addons, which I would guess would bump firefox (and chrome?) up to something like 99%.

51 threats now

Movin up in the world DB!

Funny. No security test on these sites ever mentions adblock or noscript addons, which I would guess would bump firefox (and chrome?) up to something like 99%.

I don't think you understand the meaning of "addon"....

Svper is trying to keylog us!
CHANGE YOUR PWs NAO!
Mine is buttermuffin... for the next 3 seconds.

I have win7 you don't just go to some site and it infects your computer if you keep updates up to date. You have to open an email attachment, which I never do, or agree to run a program that does an install in the administrator mode.

You can't log onto DB and infect a win7 machine on the sly. You have to agree to something, and be in admin, before you can run any programe that changes the registry. Thats just how it works now days.

Ya if you go to some porn site and they tell you downloard their viewer and you click yes to install the viewer on your computer well yur toast. Anytime you go to a site that is questionable and anything pops up that asks your permission to do anything you hit ctrl/alt/del and shut down the computer with the on/off switch, that stops anything dead right there.

Just use common sense and keep things up to date. You don't need Norton at all.

Ya its best not to overwrite your backups for sure (keep like 4 months or so).

And for the 10th time you can find out what starts with

http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

and you shut off all remote services, your computer is no use to a hacker if he cant communicate with it ....... and if you shut down all remote services well he can't.

Anyone who can get through all what I said and still infect your win7 computer would be going after government computers and not your or my "gee I can hack this dudes wow account" computers.




Whatever if you are in love with Norton go for it and keep using up 20-30percent of your cpu all the time.

do you ever see flash content on websites?

Safari on the ipad brings up the site and then closes back to the icon screen... the iphone Safari loads but has Not found at the bottom... in what looks like it should be an add.. and one at the top... been happening for last 2 days or so...
Was handy reading the forums etc to learn on the way to and from work.

Firefox at home isn't having any probs tho.

51 threats now

Movin up in the world DB!


And the shitty thing is, I've done everything I know to do to fix this issue, and norton finds MORE? wtf? I'll be the first to admit, I'm not a black hat expert. Norton *STILL* refuses to recognize me as the site owner. I'm waiting on "manual" site verification so I can contest the issues in the site dispute. Not much more I can do until then.

We're planning on migrating to Vb 4.0.x soon. So either we'll be off this code base or Norton will get off their asses and allow me to dispute / figure out wtf is triggering their alarms pretty soon.

I get "not safe 51 threats" too. I use Norton and I.E. (save your comments... don't care), but I've been with this forum off and on for two years now and nothings ever happened. I'm not worried about this site. I'm a little concerned that about Norton though. Not because Sam says so, Sam doesn't live my life, but because it just seems a bit sketchy to me. The really bad thing is.... if you click on the "Site Owner? Click Here" link, it takes you to a page that lists recent unsafe sites. So now this site is on a "Latest Threats" list. This is broadcast to other Norton subscribers, and that is why the Norton subscribers are all getting the same amount threats. That's fucked up. We know it's not unsafe, or we wouldn't be here.

I'll send an email to them Svper, maybe that will help.

COming up on Firefox now /AVG virus.
Safe Browsing Diagnostic page for dual-boxing.com What is the current listing status for dual-boxing.com? Site is listed as suspicious - visiting this web site may harm your computer. What happened when Google visited this site? Of the 3 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-01, and suspicious content was never found on this site within the past 90 days. This site was hosted on 1 network(s) including AS15244 (ADDD2NET). Has this site acted as an intermediary resulting in further distribution of malware? Over the past 90 days, dual-boxing.com did not appear to function as an intermediary for the infection of any sites. Has this site hosted malware? No, this site has not hosted malicious software over the past 90 days. How did this happen? In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message. Next steps: * Return to the previous page. * If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center. But everytime I hit a link here, I get Firefoxes Warning in red. Super, is there anything new here at all, A program or something that might be being Flagged, that someone linked to? I wish ya the best in this man. It's a tough one. Stephen

COming up on Firefox now /AVG virus. But everytime I hit a link here, I get Firefoxes Warning in red. Super, is there anything new here at all, A program or something that might be being Flagged, that someone linked to? I wish ya the best in this man. It's a tough one. Stephen


http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://dual-boxing.com/

Safe Browsing

Diagnostic page for dual-boxing.com

What is the current listing status for dual-boxing.com?

Site is listed as suspicious - visiting this web site may harm your computer.
What happened when Google visited this site?

Of the 3 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-01, and suspicious content was never found on this site within the past 90 days.This site was hosted on 1 network(s) including AS15244 (ADDD2NET) (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=AS:15244).
Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, dual-boxing.com did not appear to function as an intermediary for the infection of any sites.
Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.
How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.
Next steps:


Return to the previous page. (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://www.dual-boxing.com/#)
If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools (http://www.google.com/webmasters/tools/). More information about the review process is available in Google's Webmaster Help Center (http://www.google.com/support/webmasters/bin/answer.py?answer=45432).



Dual-boxing.com is NOT infected. It's because OTHER SITES ON OUR HOST (vps.lunarpages.com) ARE INFECTED.

http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=AS:15244


Safe Browsing

Diagnostic page for AS15244 (ADDD2NET)

What happened when Google visited sites hosted on this network?

Of the 32989 site(s) we tested on this network over the past 90 days, 2251 site(s), including, for example, subjam.org/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=subjam.org/), heattrak.com/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=heattrak.com/), buenapetito.net/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=buenapetito.net/), served content that resulted in malicious software being downloaded and installed without user consent.
The last time Google tested a site on this network was on 2010-08-20, and the last time suspicious content was found was on 2010-08-20.
Has this network hosted sites acting as intermediaries for further malware distribution?

Over the past 90 days, we found 76 site(s) on this network, including, for example, jocp.net/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=jocp.net/), iranbar.org/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=iranbar.org/), nextinsight.net/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=nextinsight.net/), that appeared to function as intermediaries for the infection of 211 other site(s) including, for example, nextinsight.biz/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=nextinsight.biz/), ghavamin.mihanblog.com/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=ghavamin.mihanblog.com/), tb01.net/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=tb01.net/).
Has this network hosted sites that have distributed malware?

Yes, this network has hosted sites that have distributed malicious software in the past 90 days. We found 163 site(s), including, for example, pss.co.ir/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=pss.co.ir/), greensny.com/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=greensny.com/), celshadeartists.com/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=celshadeartists.com/), that infected 1248 other site(s), including, for example, nawainwe.com/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=nawainwe.com/), badago.com/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=badago.com/), dental-ijsselmond.nl/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=dental-ijsselmond.nl/).
Next steps:


Return to the previous page. (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=http://dual-boxing.com/)

Well, that makes sense to me then. I know I had never got so much as a sniffle from here. Then again, Ad block and no script user as well. I just wish FF would allow you to add exceptions to the block list thing. Stephen makes note to self to use /code and not /quote on lists like that.

This site is coming up as unsafe for me too.

Firefox, NoScript.
Kaspersky Internet Security.

I found that google safe site thing interesting. Thx Svpr

Ok. here's the deal from where I am currently.

There was a large number of sites we share a host with that ARE infected with malware which is causing Firefox/Google to show us as "suspicious". We had some vulnerabilities exposed due to a bug in Vb. The hole has been closed. The only people that were in any danger of infection were those running unpatched versions of Internet Explorer 6.x or 7.x. According to Norton Safeweb these exploits were targeting those versions explicitly. Firefox / any other browsers wouldn't have been affected.

I'm currently waiting on Google to rescan the site to ensure we're no longer "suspicious". It's just a matter of time. I've removed the issues we had and rescanned with their googlebot fetching lab and confirmed everything coming down codewise is intended. Unless they find something new, the site is currently safe to use/browse with any browser you'd like.

Please no "lol @ IE" discussion here. If you have any legitimate comments or concerns please feel free to post here or PM me directly.

Edit: you'd only even be exposed to the issue if you were viewing the site logged out. If you were logged in, you would have never been exposed to the issue.

Its good to hear that it will be fixed.

Now firefox is totally blocking the site. I had to disable it to post here. I get the huge red page of an attack site and it redirects, if I ignore the warning it repops after every thread/post and I cant log in because it resets. I disabled it to post this. ;(




What happened when Google visited this site?
Of the 6 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-20, and the last time suspicious content was found on this site was on 2010-08-20.
Malicious software includes 4 trojan(s), 4 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine.
Malicious software is hosted on 1 domain(s), including zgsj.net/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=zgsj.net/).
This site was hosted on 1 network(s) including AS15244 (ADDD2NET) (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=AS:15244).

Its good to hear that it will be fixed.

Now firefox is totally blocking the site. I had to disable it to post here. I get the huge red page of an attack site and it redirects, if I ignore the warning it repops after every thread/post and I cant log in because it resets. I disabled it to post this. ;(




What happened when Google visited this site?
Of the 6 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-20, and the last time suspicious content was found on this site was on 2010-08-20.
Malicious software includes 4 trojan(s), 4 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine.
Malicious software is hosted on 1 domain(s), including zgsj.net/ (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=zgsj.net/).
This site was hosted on 1 network(s) including AS15244 (ADDD2NET) (http://safebrowsing.clients.google.com/safebrowsing/diagnostic?client=Firefox&hl=en-US&site=AS:15244).


yep yep. I've also requested that our hosting co scan out folders with whatever AV they're using just to be safe.

Just got that frightening warning like everyone else I guess. Thanks for these reassuring explanations. Hope that gets all resolved soon. People are getting very suspicious/cautious when it comes to security because of all these wow accounts hacks that keep happening all the time, so the sooner google refreshes the list the better :)

I use these guys as my host:

http://www.ixwebhosting.com/index.php/v2/pages.dspmain

I had that VB thing also but they (vb and my host) fixed it all up.

Below is the report I received as well, it's making it nearly impossible to surf the site, I'm using Firefox and the report comes from google. I know I have seen components of this post but this is the full post I received. Safe Browsing Diagnostic page for dual-boxing.com What is the current listing status for dual-boxing.com? Site is listed as suspicious - visiting this web site may harm your computer. Part of this site was listed for suspicious activity 1 time(s) over the past 90 days. What happened when Google visited this site? Of the 14 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-20, and the last time suspicious content was found on this site was on 2010-08-20. Malicious software includes 4 trojan(s), 4 exploit(s). Successful infection resulted in an average of 2 new process(es) on the target machine. Malicious software is hosted on 1 domain(s), including zgsj.net/. This site was hosted on 1 network(s) including AS15244 (ADDD2NET). Has this site acted as an intermediary resulting in further distribution of malware? Over the past 90 days, dual-boxing.com did not appear to function as an intermediary for the infection of any sites. Has this site hosted malware? No, this site has not hosted malicious software over the past 90 days. How did this happen? In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Decided to see how it goes here. Logged into site, No Red Screen Of Wrathful Doom. I'm gonna venture a guess, they something got fixed on Googles end.

Stephen

same, since this morning i used to have big red screens of doom earlier (using FF), now i don't get any alert anymore.

Safari is working fine for the site again! Yay

wewt, we can browse again without having to click an ignore warning for each new page.

/cheer

I feel the zen / harmony of the site has returned... hell, I'm glad it's working with Firefox again. Oddly enough I never had any issues with Chrome but the filtering on Firefox was coming from Google. Things that make you go hmmmm.

Looks like Google finally rescanned us and as expected, we came up clean!

Norton still shows us at 51 vulnerabilities because they still haven't rescanned us.

Whoever has Kapersky or knows the URL for them to scan a site let me know what they're showing for us if you can get them to do a new scan.

All hail master of fixing interwebz! :)

Have Kasperky, but the site is not coming up as unsafe anymore.

Have Kasperky, but the site is not coming up as unsafe anymore.

Same, no more notices.

I have win7 you don't just go to some site and it infects your computer if you keep updates up to date. You have to open an email attachment, which I never do, or agree to run a program that does an install in the administrator mode.

You can't log onto DB and infect a win7 machine on the sly. You have to agree to something, and be in admin, before you can run any programe that changes the registry. Thats just how it works now days.

Ya if you go to some porn site and they tell you downloard their viewer and you click yes to install the viewer on your computer well yur toast. Anytime you go to a site that is questionable and anything pops up that asks your permission to do anything you hit ctrl/alt/del and shut down the computer with the on/off switch, that stops anything dead right there.

Just use common sense and keep things up to date. You don't need Norton at all.

Ya its best not to overwrite your backups for sure (keep like 4 months or so).

And for the 10th time you can find out what starts with

http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

and you shut off all remote services, your computer is no use to a hacker if he cant communicate with it ....... and if you shut down all remote services well he can't.

Anyone who can get through all what I said and still infect your win7 computer would be going after government computers and not your or my "gee I can hack this dudes wow account" computers.




Whatever if you are in love with Norton go for it and keep using up 20-30percent of your cpu all the time.

Once again you demonstrate your colossal lack of understand on a subject by, of course, pretending to be an expert! Maybe you should stick to guides on how to bed hookers and leave the technical stuff to those with a clue.

Please, anybody reading this, don't listen to this "advice" unless you are a fan of being infected. All you need to do to be infected is visit a site with malicious code in place, unless you take measures to protect yourself. Even then there are no guarantees, but it's the best we've got. (btw, not implying d-b is/was infected, just bristling at the above stupidity - this is the kind of shit that people listen to and pay for later).

If you choose not to take said precautions because they are inconvenient, I can certainly understand that - but don't be fooled that the threats don't exist as long as you don't press the install button on the latest virus.

Still flagging with Symantec

http://safeweb.norton.com/report/show?url=dual-boxing.com

Still flagging with Symantec

http://safeweb.norton.com/report/show?url=dual-boxing.com

Aye

Stupid norton. Only problem is I gave this site out to someone who wanted to find out more info about boxing and it came up flagged and then they kept accusing me of trying to send them to a site that will give them a keylogger. This nub even said he was going to report me. ;(

I've still not been able to get any kind of response from Norton, so.... yeah. if they don't want to talk to me and they're too ignorant to simply refresh their site scan, why should anyone be trusting them?

Edit: apparently they've fixed / changed the site verfication settings in the "site dispute" So now it is actually working, but their verification is still broken. I've uploaded the file they want and I've added the meta tag they wanted. Supposedly someone should be getting back to me about manually verifying I'm the site operator and then I can request a rescan. I think it's nothing short of fear mongering that they don't even place a date on the last scan (or rescan to double check what they're reporting).

Just an update since someone posted about this in another forum, Norton STILL has not contacted me about rescanning the site. So who knows what's going on at their end.