There's no widespread discussion on the net about malware on Flightsim.com so it leaves kinda mixed feelings. Some people over at Flightsim.com's forums have also noticed it:http://www.flightsim.com/vbfs/showthrea ... t-Detected (possibly malware contaminated link, use your own discretion)
(It can be safe but I take no responsibility for opening it.)
The funny thing is, if I copypaste it to URL, I can read it. If I clicked the link on Google search to the very same thread on the forum, and clicking it got me blocked by AVG. I guess it's a link scanner feature to only interrupt links and redirects, and thus I get past it by doing it manually. Don't know how dangerous exploits they have but there's not many Opera browsers on some leaked stats.
I have no doubt Nels scans the distributable packs himself, and doesn't add malware to them himself either but the exploits can hide in iframes, banners, etc.
If you make contact with Nels you could refer him to this:http://blog.trendmicro.com/now-exploiti ... rsion-2-5/
I don't really know if AVG scans any content from the page that is to be loaded or if it runs on blocklist basis (either up-to-date blocklist, or outdated one) but it gets blocked by AVG. If it's a known problem that has been dealt with, Nels might need to get into contact with Grisoft to get his site from the blacklist. Not all of his pages are on it, though. Only download pages (the part when it would ask to log-in) and forum. So it's the log-in part only, front page and list of packages aren't affected.
It's not the first time this has happened. In Avsim forum is a mention on 2002 being blocked by Lavasoft (and today, since August, it's been Grisoft and Avast). Back then, it was a malicious advertisement frame used for spying instead of advertising. (I know tracking cookies are everywhere but I've never had any antivirus alert pop up to block me from accessing site that has tracking cookies.)
EDIT1: And suddenly... it works again without blocking. Even from clicking Google links. I wonder what that was... maybe it was a malicious banner that changes over time ...or something else. Then again, it's just the blocking. There's still some fishy content.
For example this spam:http:[BREAKING MY LINK]//www.flightsim.com/op-ed/download-free-malware-removal-software.php (Definitely fishy!)
Note: all links (even user profiles!) point to a place where SUPPOSEDLY you can get Malwarebytes (a legit anti-malware as far as I know) from a third-party server. With all likelyhood, the download is something completely different.
These spams are available to Google and they're hosted on Flightsim.com, under "op-ed" directory. From what I see Nels has a serious trouble with hackers. That site is swarming everything shady. It's not necessarily to be accessed through the main page (may be that it's only available through direct links or though Google) but there's still definite malware infestation.
EDIT2: Did a full scan on drive C: and found 10 trojan horses in my Java directory. Phoenix Exploit Kit (along with most other modern exploits) uses Java and PDF since browsers themselves are more secure than these plug-ins are... I can't verify for certain how long they've been on my hard drive and whether they came from Flightsim.com