Got a note from a member of a forum hosted on my dedicated server today - he said that the result of a search for "glastarnet" takes him to a fake site that tries to install anti-virus software. (Glastarnet.org is my site.)
I tried it from my PC and my Mac and sure enough, clicking on the very legitimate-looking link redirects me to scanner-promain.com where it attempts to install stuff but is blocked by my anti-virus software.
The odd thing is that Google's cache is ok. Even hovering over the link shows the correct address in the status bar in Firefox, but clicking it redirects me to scanner-promain.com/2009/9/freescan.php?aid=880147
So now I'm puzzled. Is Google's db infected with this fake redirect?
The attack originates from scanner-promain.com (84.16.252.73, 80)
Any guidance on what, if anything I can do about this would be appreciated.
Thanks!