WordPress.org

1. rougebaby
   Member
   Posted 3 years ago #

   I got this message:

   What is the current listing status for http://www.xtinaweb.org?

   This site is not currently listed as suspicious.

   What happened when Google visited this site?

   Of the 3 pages we tested on the site over the past 90 days, 1 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2008-12-05, and the last time suspicious content was found on this site was on 2008-12-05.
   Malicious software includes 1 trojan(s). Successful infection resulted in an average of 11 new processes on the target machine.

   Malicious software is hosted on 1 domain(s), including gianttopnano.cn/.

   my site is xtinaweb.org

2. webgirl
   Member
   Posted 3 years ago #

   I would first determine if the viruses are coming from ads on your site. You should do a check on any complaints for the third party ad networks you are using for Trojans and viruses. I would remove any ad networks recently added on your site and then submit for a recheck of your site via Google webmaster.

   Other than that, look at the template/theme and folders and make sure that the files haven't been modified and folders have the correct permission.

   From looking at your site it seems it may be coming from an ad network.

3. rougebaby
   Member
   Posted 3 years ago #

   I have tried removing the ads but it doesn't help. You think its google ads fault?

   I have replaced all template/theme and folders, still nothing works :(

4. rougebaby
   Member
   Posted 3 years ago #

   now i got this updated message:

   Of the 4 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2008-12-05, and the last time suspicious content was found on this site was on 2008-12-05.

   Malicious software includes 2 trojan(s). Successful infection resulted in an average of 11 new processes on the target machine.

   Malicious software is hosted on 1 domain(s), including gianttopnano.cn/.

   1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including vxhost.cn/.

5. ClaytonJames
   Member
   Posted 3 years ago #

   It appears as though the flash banner iframed in the header might be flagged as malicious.

   <iframe height="90" frameborder="0" width="728" scrolling="no" marginheight="0" marginwidth="0" src="http://www.xtinaweb.org/ad/728x90.html" name="topad">

6. rougebaby
   Member
   Posted 3 years ago #

   I have deleted the <iframe height="90" frameborder="0" width="728" scrolling="no" marginheight="0" marginwidth="0" src="http://www.xtinaweb.org/ad/728x90.html" name="topad">

   but it still doesn't work at all :(

7. ClaytonJames
   Member
   Posted 3 years ago #

   It's still there. Better start looking for compromised files.

   Here is the ad I presume you want there:
   //www.xtinaweb.org/ad/728x90.html

   This is what might be your issue. It appears to be loading at random over the top of your ad space.

   <html>
   <head>
   <!-- GAM -->
   script type="text/javascript" src="http://partner.googleadservices.com/gampad/google_service.js"></script>
   <script type="text/javascript">
   GS_googleAddAdSenseService("ca-pub-8927547412499869");
   GS_googleEnableAllServices();
   </script>
   <script type="text/javascript">
   GA_googleAddAdSensePageAttr("google_hints", "TV Shows, TV Guide, Entertainment News, Movies, Photographs, Videos, Games, Gaming, DVD, TV Listings");
   GA_googleAddSlot("ca-pub-8927547412499869", "BTV_Global_728x90_Top");
   GA_googleFetchAds();
   </script>
   <!-- END OF TAG FOR GAM -->
   </head>
   <body>
   <script language="JavaScript"> GA_googleFillSlot("BTV_Global_728x90_Top");
   </script>
   </body>
   </html>

   It appears to be loading over the top of your intended advertising. That is just a guess, mind you. It's just something that looks suspicious to me. If you don't recognize it, it might be worth investigating further.

8. rougebaby
   Member
   Posted 3 years ago #

   Thank you for pointing it out as this ad is my host's ads. I will remove it now and see how.

   Do you think its inside my posts?

Topic Closed

This topic has been closed to new replies.