Hi,
The last time StopBadware reviewed your site, we did find evidence of an infection. Have you submitted a new review request (to StopBadware or to Google) since then?
Your current StopBadware Clearinghouse listing has more info on what was found:
http://www.stopbadware.org/reports/container?reportname=http://tiaw.org/
I also recommend you take a look at BadwareBusters member beckerist’s excellent set of tips for people with flagged websites and be sure you’ve done everything there:
http://badwarebusters.org/main/itemview/1283
If you’re pretty sure you have indeed found & cleaned everything and have submitted a new review request recently, then it may just be a matter of waiting a bit for the new review to be processed for the warning to come down.
Hello,
A very nice canned response.
Let me be clear. We have cleared the site and did so quite a while ago. Your system continues to reference old information.
The only page your system references is clear of the items you’ve listed.
Do you have specific pages that we can reveiw with malicious code or links to the sites referenced or not?
We’ve been patiently working and waiting on your system and that of Google and find no evidence of the malware your system claims.
What IS happening is that your system is damaging the reputation of both our customer and that of our firm.
We’d like proof – send us pages on the TIAW.ORG site that clearly demonstrates your claims. If the code is there – we will clear it and request another review.
Otherwise – we’ve waited long enough and expect manual intervention at this point.
How about it? Proof that we can see or lose the warning.
Dear APS Internet,
My friend :-), this is a site run by volunteers, we all take a little time from our daily schedules to help out each other. Erica is an extremely good admin.
I did a scan of your site, using my toolchain.
Jaal Scan ID # 34511-789 output
More info: http://www.jaalcheck.com/cgi-bin/phony.cgi?T2=mvoyo.com&B2=Check!
Possible malicious code is located at line 498 of
"http://tiaw.org/articles/article-3541.htm"
+
—Attack Site: mvoyo.com/1.js : match found
—Attack Site: locale48.com/b.js : match found
Hope this helps.
Dr. Anirban Banerjee,
Jaal LLC, Riverside, CA.
http://www.jaalcheck.com
I responded via email but – please accept the notion that what you’ve found and what is listed by the Google folks do not match.
While the mvoyo.com code was present, it has now been removed.
The code that Google claims is not present on the site – and has not been present for quite some time. Hence the notion that an error exists.
While we appreciate all the effort and voluteer for various initiatives ourselves we are also sensitive to the notion that an error of this nature can do more harm than good when clear, concise information is missing or omitted.
As demonstrated – when given correct information the fragment of code was removed. However, the error on Google persists Any suggestions?
And thank you for the scan of the site. Most appreciated.
As I know Anirban, I do not expect him to rely on the testing of Google. And looking at the Google pages, it has been some time since they last visited the site, so I will bet the scan was done just prior to posting the message above.
Which proves that there is indeed a problem with the pages. It might not be something that is evident on the page itself – i.e. your source might not show the code found, but if you incorporate sources outside tiaw.org, then you are responsible for these sites as well. The source of the problem may lie outside.
Or in worst case, it’s a server infection, which affect every and all sites hosted on the server, in which case you would not be able to identify the cause. I beleive, from the whois records, that the domain is hosted on a shared server, in which case the problem could most certianly be hidden from you.
Even if you, due to the recent scan, removed the code presented to you by Anirban, doesn’t that prove to you that a block of the site is still preferable rather than infecting even more visitors?
The best, imho, to check the site, is to request Google to scan the site again, and then start the identification process all over again, until the site is clean – even if you cannot see the problem directly.
Here at Badwarebusters we use the Google results as a guide, but we do not say they cannot make mistakes. If you think there’s a mistake, we will try to see if we can find out what went wrong or if the mistake is indeed a problem that you somehow couldn’t identify. – Meanwhile, until everyone is sure there is no problem, it seems in both the public and your best interest to keep the site under some kind of lock.
If and when the site is cleared, Google is usually very quickly resetting the status and allows the site to get back into the normal search scope without warnings.
Kent
Hi,
Often, Google doesn’t show every last instance of infection on their Diagnostic page or in the Webmaster Tools console, so if you clean up just what is shown there, that doesn’t necessarily mean there are no more infections on a site. Have you tried logging in to Google Webmaster Tools as a verified site owner? Usually that is the quickest way to initiate a review, and then if the site does not pass the review there will be a refreshed list of URLs with issues.
In website hacks, quite often more than just one page is compromised, and often pages are compromised in multiple ways. The URLs listed in Webmaster Tools and the exploits pointed to in a StopBadware review are intended as pointers to the website owner in seeing what remains to be cleaned, not as a comprehensive list of all infections on a site.
Also, to be clear, every time Google scans a site they scan fresh – they aren’t just looking at old acrhives of the site. And when we at StopBadware test a site, we also test the version of the site that is live at the time of the test.
We know this process can be frustrating, and that it can be hard to find information as a website owner. That’s part of why StopBadware hosts a forum like BadwareBusters, to help connect internet users and website owners with folks who can help out.
Erica
