This site may harm your computer message

Forum Moderators: Robert Charlton & goodroi

Message Too Old, No Replies

This site may harm your computer message

ezeevivek

11:33 am on Mar 22, 2012 (gmt 0)

Hi,

My websites .htaccess was hacked a long back for once, then after that I saw this message (This site may harm your computer) in Google search results related to my website (on home page only).

After fixing the problem I went to webmaster center of google but I couldnt find any problem there. But still after a month, the message is there and no problems reported by webmaster center.

How to tell them to remove this message?

Thanks,

tedster

6:16 pm on Mar 22, 2012 (gmt 0)

Here's a discussion thread on your topic. It was five years ago, but the situation is unchanged in that time as far as I know.

"This site may harm your computer" [webmasterworld.com]

ezeevivek

2:26 pm on Mar 23, 2012 (gmt 0)

I tell what happened in recent past:

With message "This site may be compromised.", I found a message in webmaster tools as "Notice of Suspected Hacking on ....".

In this message a url was reported as hacked or suspected, which was:

example.com/navani0324-profile-17124.html

Actually its a user profile url where user has used its display name as navani0324 and his user id is 17124 which is getting translated by mod_rewrite. Under this url there is a line:

"These URLs are using practices which do not follow our quality guidelines,"

Now I am confused first whats wrong with this url? many sites using similar urls and second if its a url problem then why it has been reported as hacking?

Again at last a line says "Once you've made sure your site is clean and secure, you can request reconsideration". Well my site is not blocked then why reconsideration? It should be a malware review I feel.

garyr_h

2:34 am on Mar 26, 2012 (gmt 0)

Did you ever submit the malware reconsideration?

Also, there still might be some remnants of the hack somewhere on your server. I had a problem before with a Russian hacker who placed a file deep within my folders and couldn't find it. I'd fix the problem and he'd go back and use that file to get back in and cause a problem again.

Make sure all your files and folders are secure. That includes correct access privileges. Make sure all the files and folders were created by you or the CMS you use. I actually suggest a complete delete and start over of the files and use a backup last of the last known good files. *Afterward* change your password and be sure to use SFTP or SSH from then on if you weren't before.

Once that is finished, use the reconsideration request. It should only take 24-48 hours for a response. If the message still appears and you receive a message stating the problem still exists or is something to do with the numbers in the URL, then you have other things to look at. I've never, ever heard of that causing a problem but the URL *does* look at the very least spammy.

You might also want to check out the profile pages HTML source and see if anything unusual is being spit out like a link to an untrusted page or javascript redirect. This includes header redirects and also check out different referrals when checking for anything odd happening. Some will have PHP redirects from Google search results or Yahoo search, ASK search, etc and leave direct traffic alone so they are harder to find by the webmaster.

For what it's worth, I believe the "These URLs are using practices which do not follow our quality guidelines," and "Once you've made sure your site is clean and secure, you can request reconsideration" are the exact wording a malware reconsideration request uses.

So I believe the exact issue is with malware.