How to search image that contain malware, in post. Google sometime report this to us

[basketmen]

In lat 2 months, google contacted me 2 times, from email and from google webmaster tools

Quote:

Dear site owner or webmaster of domain.com,


We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com.

Below are some example URLs on your site which can cause users to be infected (space inserted to prevent accidental clicking in case your mail client auto-links URLs):

http://domain .com/page-name/
http://www.domain.com/page-name/

Here is a link to a sample warning page:
http://www.google.com/interstitial?u...com/page-name/

We strongly encourage you to investigate this immediately to protect your visitors. Although some sites intentionally distribute malicious software, in many cases the webmaster is unaware because:

1) the site was compromised
2) the site doesn't monitor for malicious user-contributed content
3) the site displays content from an ad network that has a malicious advertiser


If your site was compromised, it's important to not only remove the malicious (and usually hidden) content from your pages, but to also identify and fix the vulnerability. We suggest contacting your hosting provider if you are unsure of how to proceed. StopBadware also has a resource page for securing compromised sites:
http://www.stopbadware.org/home/security

Once you've secured your site, you can request that the warning be removed by visiting
http://www.google.com/support/webmas...y?answer=45432
and requesting a review. If your site is no longer harmful to users, we will remove the warning.

Sincerely,
Google Search Quality Team

Note: if you have an account in Google's Webmaster Tools, you can verify the authenticity of this message by logging into https://www.google.com/webmasters/tools/siteoverview and going to the Message Center, where a warning will appear shortly.

because there are some image that contain malware, in post


just looks like ordinary images, like this inside image code

[IMG ]http://www.otherwebsite.com/images.gif[/IMG]



my computer already installed latest norton antivirus and updates, but still cant detect the malware in images, just google found it first




i can just removed the images from that post, and search all post contain that domain and removed all

but it is better in the future i can detect which one images that contain malware before google does, how do you do that?

i think this is good idea for all of us to found solution for this, malware in images (or malware pretend as images) is new way hacker spread virus/malware




Nb. My server already installed Configserver, ClamAV Scanner, etc and have managed services person, but since the malware is in outside the server (in other website), it cant detected

[BirdOPrey5]

I don't think the actual image contained malware. I get google warnings from time to time and the problem is someone linked an image in their post from a domain google knows to distribute malware. Even though the image itself is safe, Google sees the link to the bad domain and puts a warning on your page.

There's not much to do about it short of not allowing your users to post images.

[Lynne]

If you know the domain name they have an issue with, you can put it in your banned/censored words and then users can't link to images from that domain.

[basketmen]

Quote:

Originally Posted by BirdOPrey5

I don't think the actual image contained malware. I get google warnings from time to time and the problem is someone linked an image in their post from a domain google knows to distribute malware. Even though the image itself is safe, Google sees the link to the bad domain and puts a warning on your page.

There's not much to do about it short of not allowing your users to post images.

so it is not always the image contain malware, but sometime only the domain

usually the images that suspicious like this are not showing, and we can open and check the images directly by new address bar, if its get suspicious we can removed the image from the post

if there is otherway guys to know before google please share to us

Quote:

Originally Posted by Lynne

If you know the domain name they have an issue with, you can put it in your banned/censored words and then users can't link to images from that domain.

ah you right we can do this too after get the warning. I ban the member username and ip too that posted

[BirdOPrey5]

Quote:

Originally Posted by basketmen

ah you right we can do this too after get the warning. I ban the member username and ip too that posted

That might be a bit extreme, every time it's happened on my forum it's been an honest mistake- the user had no idea the domain they linked to had malware issues. Not everyone uses good virus scanners... (but they should.)

[basketmen]

Quote:

Originally Posted by BirdOPrey5

That might be a bit extreme, every time it's happened on my forum it's been an honest mistake- the user had no idea the domain they linked to had malware issues. Not everyone uses good virus scanners... (but they should.)

yeah not all, only the one that i suspected the owner of the malware site

maybe some one should create a member article about this in Articles forum? how to step by step to overcome this malware warnings from google, and how to avoid it for future

google just give this links http://www.stopbadware.org/home/security for general sites, it is better steps for vbulletin forum