I've removed the images that were alerting. Sometimes, inline linked and displayed images (also known as hot-linked) can come from sites that have been hacked or host malware. This will set off malware alerts because of the domains they are coming from - this doesn't mean the images themselves contain malware, although it's theoretically possible. Below, I'll try to explain the theory, after I cover the quoted posts.
I use
http://sucuri.net/ for checking whether websites contain (or may contain) malware, are hacked, etc. The images posted were from 2 sites, 0-48.ru and galac-patra.org. The results from sucuri show that McAffee is blacklisting the domains for possible malware, however McAffee shows the blacklisting status as "malware not identified". In addition, the following checks show the domains to be clean:
Google Safe Browsing
Norton Safe Web
Phish tank
Opera browser
Sucuri Malware Labs blacklist
Yandex (via Sophos)
ESET
It is possible that McAffee and Avast (mentioned by Panda and degraded being) are registering false positives, but it is also possible that the other checkers are registering false negatives, or have not picked the domains up for their lists yet.
If you're a "belt and suspenders" type of person,
https://www.virustotal.com/#url will also check multiple scanners for their assessments of a URL (website link).
At any rate, I've removed the images, while leaving the link to them (along with a warning), in case you want to see them for yourself.
Avast routinely reports malware at galac.patra, browse at your own risk.
Personally speaking, I would say "at your own risk" could pertain to browsing the ideas on the site, as much or more than any malware warnings. Malware is easier to remove than mal-ideas, as many of you know.
.
..
This came up yesterday and today on ESMB.
Today it came up on this thread. I had not clicked any links to
any other sites.
AVAST (security program)
MALICIOUS URL BLOCKED
URL: http://www.galac-patra.org/Image3.gif
Because the images are being pulled from another site, it is not ESMB that is causing the alert, but the sites that host the images. You don't have to click a link to receive content from another site; sites can include content from many other sites without visible links, as is happening with the images in this thread.
There is a post I made that may help to illuminate this, in this thread here:
http://www.forum.exscn.net/showthread.php?33619-Who-is-looking-over-your-shoulder-on-the-web
omg.... ESMB always brings up blocked Trojan Horses and other evil stuff. It's better when I use Opera. Once I get my desktop back and running, I'm guessing I'll probably throw this machine into Ubuntu mode (especially since Steam now loves them). Just not willing to do so until I know I have another mode of access if things get a bit wonky.
ESMB (the site itself) does not contain blocked evil stuff - it's the hot-linked images people include in their posts. Some forums forbid hot-linked images for several reasons (in no certain order):
a. The malware alerts that tend to come up from questionable outside sites
b. Lack of control over the image (the hosting site can replace the image with anything they want, and if the filename is the same, whatever they replace it with will show instead - this could mean replacing an image of David Miscavige with goatse or zippo kitty, or other disgusting images; or if the owner of the site decides to take the image down or remove the site entirely, you are left with no image to show)
c. It is bandwidth theft - using someone else's resources that they pay for, without authorization
d. Potential copyright issues
ESMB allows people to upload images and display them from ESMB's server. We have plenty of free disk space for the foreseeable future. If you want to upload images, and avoid all of the above repercussions of hot-linked images (except d, copyright issues), please do. It also means you can go to your image collection on ESMB and use the image on ESMB whenever you want, without having to hunt for the link elsewhere.
Maybe you can tell me ( if I can even make sense ).
I had my computer cleaned this week.
I also have a Toshiba Back -Up thingie. If I re-install it, will it be carrying the malware that was cleaned off my computer? or do I have to clean the back-up?
phenomanon
The backup will contain anything that was on your computer at the time it was backed up, as long as the backup was told to include it. Some backups only include your data (documents, pictures, etc.), while some are copies of the entire system (operating system, programs, settings, your data, etc.). I do not know what the Toshiba Back-Up Thingy does specifically, but if the backup is of the entire system and you restore the backup, it will be as if you never had the cleaning. If it is only of your data, you are probably safe. The best thing to do, though, would be to do another backup of the entire computer in a known clean state, and do a separate backup (or copy) of your own data. I regularly copy data I've produced off to another drive to make sure I have my own data backed up. The software can be reinstalled from scratch, whereas you cannot get your data back unless you have kept a copy somewhere.
Image malware theory
Several years ago, there were rumors that images could contain malware. The alerts were posted many places on the internet, but they may not all have been entirely accurate. From what I can gather, and anyone with contrary information is welcome to correct me with references, the problem was not with the images themselves, as much as with the programs that interpret (render - display or allow editing of) the images. Some of the programs failed to properly exclude erroneous instructions, and images could include hidden data (see
steganography if you want more information). The data could be in the form of instructions to the programs, and when the program tried to render the image, the hidden instructions would be executed by the program, instead of them being filtered out or producing an error. Most, if not all, of the software that renders images today has been written to exclude such erroneous code (or updated, in the case of older software).
The key to avoiding this type of thing happening is to make sure your software is up to date, or if you're using older software that is no longer supported with security updates, get some new stuff. If you're using a computer, you have the responsibility to keep yourself, as well as others, safe and protected by using updated and secure software. Even if this means a whole new computer, it is still your responsibility. Similar to driving a car with brake problems, when you can't find parts to replace the brakes, so you have to replace the car.
Thanks.
There's more over at Mike's blog. Mike and Tony O. will probably have more tomorrow as spies continue to report in. Although it wasn't live blogging, tonight's reports by spies (who now have official Scientology identification cards) took only an hour or so to hit the lunatic fringes of the Internet. 
