Our site eslpod.com is being blocked (in Safari Mac only, for some reason) by Google with the standard warning about malware. But the site listed isn’t ours – it’s something called traff.transcontinental-service.org . Google diagnostics checks out clean on our site – no malware. I searched the StopBadware clearinghouse and, again, nothing shows for our site. My host Rackspace says it doesn’t looked like we’ve been hacked, so I’m stumped. Any ideas?
If you are getting a warning on one or more of the pages of your site in browsers such as Chrome, Firefox or Safari and your site is not (yet) flagged by Google it is probably a cross-site warning. If browsers such as Chrome detect code on your page (scripts, iframes) that load content from or redirect to a flagged site the browser will throw up a warning. The warning will not identify your site it will identify the site that is hosting the malware that is being loaded on your page. SEE:
http://oliverfisher.blogspot.com/2009/01/cross-site-warnings.html
Once you have removed all links/iframes/scripts, etc. to to any blacklisted sites the warning should go away.
in the page
http://www.eslpod.com/website/index.php
there is some obfuscated script that starts out
<h4·id="Fl"·style=“display:none;”>%64%6f%63%75
this block of code is a hack. Check all pages that you are getting a warning on for blocks like this one.
Do a scan of your PC and make sure there are no Trojans/viruses capturing your ids/passwords, change ALL passwords especiallly FTP, it is likely your passwords have been compromised. Never store/save your passwords in your FTP client, use secure FTP if available.
