ifcode listed as harmful by google

[SubDevo]

Ok everyone knows about the Proboards Code Index @ iFCode.com right?

www.google.com/search?hl=en&safe=off&q=proboards+ifcode.com&aq=f&aqi=&aql=&oq=&gs_rfai=
Now it is listed as malicious by google! (3 days ago)
"This site may harm your computer"

Pretty dang funny, since they are GOOGLE's Ads on that page!
Since, PBS's mantra is "Ads can't install anything"... I guess this could be considered proof?

SubDevo

[Charles Stover]

Of the 1 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-06-07, and the last time suspicious content was found on this site was on 2010-06-07.

Malicious software is hosted on 1 domain(s), including love-only.co.cc/.

It doesn't say that it was through an advertisement. And I think it would be weird that Google, which knows that that site is malicious, would allow it on their Google Ads service. Except, to my knowledge, Google Ads don't allow their users to use flash or JS functionality. They either use plain text or an image, both of which are safe against malicious software (at least, I think images are). Perhaps iFCode added another ad service? Or some other external framework - for ads or not?

EDIT:
They don't even allow that site on their search results, so I have a hard time believing they allow it in ads.

[SubDevo]

It doesn't say that it was through an advertisement.

Fair enough. There could have been something else installed, but for what purpose?
I'm assuming that the code is the same as it has been there for quite some time.
I have been using that list for a couple years now.

And I think it would be weird that Google, which knows that that site is malicious, would allow it on their Google Ads service.

One would think that they wouldn't allow it. But the almighty dollar, causes one to not pay so close attention...

Except, to my knowledge, Google Ads don't allow their users to use flash or JS functionality. They either use plain text or an image, both of which are safe against malicious software (at least, I think images are).

PB uses google ad services. I, almost exclusively, see flash Ads on PB sites. You don't?
There are always a lot of new posts in "Report Problem Advertisements". Some, of course, can be attributed to the end user's PC already infected with something. But, there are legitimate concerns with the new PB ad system. I, personally have been infected once from a PB ad and it was on PBS itself.
Funny how we never had these issues, until PB decided to "expand" their ad revenue possibilities. I digress...

Perhaps iFCode added another ad service? Or some other external framework - for ads or not?

I viewed all scripts within FF>Web Developer plugin>Information>View Javascript.
I only saw google's Ad services on that page. Of course, they call other ad services (like doubleclick).
But, I could have overlooked something...

Some of the results:
(I remove a "t" from http in the following to disable)

htp://pagead2.googlesyndication.com/pagead/show_ads.js

htp://pagead2.googlesyndication.com/pagead/expansion_embed.js

htp://googleads.g.doubleclick.net/pagead/test_domain.js
google_protectAndRun("ads_core.google_render_ad", google_handleError, google_render_ad);

htp://www.google-analytics.com/ga.js

<!--
google_ad_client = "pub-3185435617129830";
//728x90, created 23/01/08
google_ad_slot = "2332658801";
google_ad_width = 728;
google_ad_height = 90;
//-->

htp://s0.2mdn.net/879366/flashwrite_1_2.js

htp://209.85.48.10/html/dRev3.js
/* Copyright 2010 - Driving Revenue Inc. v4.0.9 b02-urlencode

Regards,
SubDevo

[Michael]

The domain is pretty big, it could be another thing on the domain. Google do allow Flash adverts (Charles), but I don't think this is down to adverts... It wouldn't be.

[victory1]

I love that site and just tried to use it and received the Google warning. Hopefully it will be in the safe list again soon.

[dude]

Jun 12, 2010 4:31:25 GMT -8 Michael said:

The domain is pretty big, it could be another thing on the domain. Google do allow Flash adverts (Charles), but I don't think this is down to adverts... It wouldn't be.

On the main ifcode.com page there's a hidden iframe for another site that's blocked by google so that's probably where the issue is.

[SubDevo]

Are you referring to this?
<iframe style="display: none; width: 0px; height: 0px;" src="http://z9.invisionfree.com/iFusion/index.php?showtopic=2014"></iframe>

Yea, it's hidden, but src seems benign...

LMAO PBS is censoring invision-free! Makes sense.
Oh well. IE loads iFcode without a hickup. It's FF, that decided to stop me in my tracks!

[Kami]

Jun 13, 2010 6:36:34 GMT -8 SubDevo said:

LMAO PBS is censoring invision-free! Makes sense.

only because there was a huge influx of spam from IF forums a couple years back.

[dude]

Jun 13, 2010 6:36:34 GMT -8 SubDevo said:

Are you referring to this?
<iframe style="display: none; width: 0px; height: 0px;" src="http://z9.somewhere else.com/iFusion/index.php?showtopic=2014"></iframe>

Yea, it's hidden, but src seems benign...

LMAO PBS is censoring invision-free! Makes sense.
Oh well. IE loads iFcode without a hickup. It's FF, that decided to stop me in my tracks!

No it was a different address in the iframe before. Some dodgy .co.cc url - when I googled the url it seemed to further suggest that it was spreading malware and moments later I'd been had. Seemed to use java to work its way in but it wasn't too hard to fix with a system restore. Chrome did try to warn me to be fair.

[Charles Stover]

That some dodgy .co.cc URL is the malware URL, according to Chrome. Chrome blocks IFCode too, not just FF.