Showing results for 
Search instead for 
Did you mean: 
Level 7


I have Antivirus Plus. I would provide detailed version information but the About page will not let me copy and paste.

I also have the current version of the WeatherBug desktop. I have had it installed for many months.

For the past few days, starting about September 5, McAfee has been blocking suspicious connections from/by WeatherBug. I get the message from McAffee spontaneously. A sample of the popup is at the bottom of this.

Today when I executed WeatherBug it said I do not have a connection. It did however eventually work.

I am not sure if the problem is with McAfee, WeatherBug or malicious software associated with WeatherBug. I am not getting the problem from other web sites and I do use the internet extensively.

At the moment I am not prevented from doing anything; everything works with only minor inconvenience. If there is a bug somewhere in either McAfee or WeatherBug then I probably will prefer to leave it for them to figure out. If there is actual malicious software then I should try to diagnose it.

What additional information should I provide here? I probably do not need a detailed procedure describing where to find the information but a little help will be appreciated.


0 Kudos
2 Replies
Level 18

Re: Weatherbug

Sucuri finds no problems on the site but it shows the following scripts are present on the site :

Those look like scripts associated with third-party advertising, and any external input to the web page won't be under Weatherbug's control. Sneaking malware in through this route is relatively easy and I heard about one such case only yesterday. It's difficult to pin it down because the poisoned input only appears at random intervals in order to make it harder to detect exactly where it's coming from. Selling and re-selling advertising space on webpages is a major industry behind the scenes. I looked into it briefly and I was amazed at the complexity of that industry.

One thing worth noting is that the IP Address on the screenshot is not the address for Weatherbug, which is; the other one is an Amazon cloud server, which tells us very little. It could be this is where the advertising is coming from but doesn't say who it is.

Edit - McAfee TrustedSource flags that Amazon server as Red (High Risk). There are many domains on that server and VirusTotal is reporting multiple problems with a number of those domains.

Level 7

Re: Weatherbug

Thank you, Hayton. That helps me and I think it will help others. So at least McAfee is doing properly what it is supposed to do.

0 Kudos