Thanks for letting me know. I'd rather hear about the occasional false positive than not find out if the site really is hacked.
That being said, I've just spent several hours checking everything out and I can't find any evidence of a hack or malware.
We have quite a lot of security measures in place and our (fairly expensive and security conscious) web host backs up everything and scans for viruses daily.
On top of that, we have another third party service that does daily backups, scans for viruses, and emails me a daily report listing any files that have been changed between backups.
I check that report almost every day and recently only jpg and sgf files have been created or modified on the server, which has been when we've added a new article or video.
I've scanned our files again, reviewed all the changes for the last couple of months and also done some manual checking of high value files and logs, and I can't find anything suspicious.
Which antivirus software are you using? And are you locked out of the whole site, or just specific pages? Does the software give an explanation of what it thinks is the problem?
Is anyone else seeing this problem with their antivirus software?
According to all these guys, the site is clean:
http://safebrowsing.clients.google.com/ ... meguru.comhttp://safeweb.norton.com/report/show?u ... meguru.comhttp://sitecheck.sucuri.net/results/gogameguru.comhttp://www.yandex.com/infected?url=goga ... om&l10n=enhttp://www.avgthreatlabs.com/sitereport ... avg.com.auAlso, there's nothing on PhishTank:
http://www.phishtank.com/And McAfee and TrendMicro hadn't scanned our site when I went and checked.
http://www.siteadvisor.com/sites/gogameguru.comhttp://global.sitesafety.trendmicro.com/Here are some possible theories:
The site really is hacked, but we don't know yet. If anyone is seeing a message about a problem, please let me know which antivirus software you're using and what it says is a problem and what specifically it's saying.
Websites these days are made up of various components from other sites (e.g. Facebook 'Like' buttons and so on). Maybe one of those sites has been hacked, but that seems unlikely. One time our mailing list provider had a false positive and people got a warning when they tried to subscribe to the newsletter for about a day.
One other thing I can think of is that there's a very small amount of obfuscated javascript on the Baduk TV Live page:
http://gogameguru.com/baduk-tv-live/ - which is only visible to logged in subscribers. It's not really necessary, it's just there to frustrate script kiddies who want to try to jack the live stream. It might be raising an eyebrow with your virus checker, because malware is sometimes obfuscated too. I can remove it if it's causing an issue, so please let me know. This seems more plausible to me.
Maybe something could have happened with an IP address being flagged as malicious because of another site that uses the same CDN as us?
The only other thing I can think of is that someone has reported the site maliciously, which happened once before and it turned out that someone out there just didn't like us
. This is also possible.
