AdWords is now Google Ads. Our new name reflects the full range of advertising options we offer across Search, Display, YouTube, and more. Learn more

Ads
2.5K members online now
For issues or questions regarding logging in, account access, or account security
Guide Me
star_border
Reply
Highlighted

Mailware detected

Visitor ✭ ✭ ✭
# 1
Visitor ✭ ✭ ✭

We can't  run advert because on my site have been detected this mailware.
https://ri.cwzpvo.com/notify/rendered?a=adsnativedirect&cep=3eeiBEYC0RvBWVo0vuiibgzT7_mHyay-CU_ZIoln...

 

What the best way to find this code?

1 Expert replyverified_user

Mailware detected

Rising Star
# 2
Rising Star

Your link is not opening. If possible then please tell your website and landing page URL.

 

Also, you got this link from Google team or somewhere else? If from somewhere else, then:

 

 

You should contact the AdWords support team via phone (see number and support timing on below link). Call them on working timing and request them to send you some reference links of malicious code so that you can investigate further. Usually, support team send an email with reference links to help the customer to solve the issue.

 

https://support.google.com/adwords/answer/7218750

 

Do follow-up with the support team. When you get the reference links from support team investigate further and try to remove those link reference from your website.

 

Adwords team have an internal tool, which goes beyond and checks code inside the js/CSS and other files in your hosting environment. Further, switching the content of the page, injecting any code in the page (like ads), and infected hosting environment may cause this issue in AdWords tool.

 


Sunil, AdWords Rising Star, Community Profile  Rmotive Services
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’

Mailware detected

Visitor ✭ ✭ ✭
# 3
Visitor ✭ ✭ ✭

Our site: https://techtoday.in.ua/

Support didn't tell what page has been infected.

Mailware detected

Rising Star
# 4
Rising Star

Hello Andrey!

 

I double checked your website and found nothing. From where you are getting malware link?

 

But, when I see the link you give in your initial thread then I can see that it's for the native advertisement on your website.

 

As I already told you, switching the content of the page, injecting any code in the page (like ads), and infected hosting environment may cause this issue in AdWords tool. For me, it's advertisement on your website that switching the ads whenever the page loads.

 

Side notes: If your business model is to get visitors from AdWords and then earn from the advertisement on your website then this business model is not allowed with the Adwords.

 


Sunil, AdWords Rising Star, Community Profile  Rmotive Services
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’

Mailware detected

[ Edited ]
Visitor ✭ ✭ ✭
# 5
Visitor ✭ ✭ ✭

We have the same problem. What we found is a Disqus plugin that shows native ads. You also have it on your website:
<img src="https://ri.cwzpvo.com/notify/rendered?a=adsnativedirect&amp;cep=rtBwHlzJ5PHSjQUu1RJJ_0NAJ75pstHfJBs6..." style="margin: 0px; padding: 0px; height: 1px; width: 1px; border: none; float: left; display: none;">
Capture.PNG
We disabled it but AdWords support team can still see the same issue after a recent scan. Looks like there is a problem with google's website scan tool.

Mailware detected

Rising Star
# 6
Rising Star

@Ruslan U

 

Can you share website URL?

 


Sunil, AdWords Rising Star, Community Profile  Rmotive Services
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’

Mailware detected

Visitor ✭ ✭ ✭
# 7
Visitor ✭ ✭ ✭

https://www.boilergrants.info/form.php
But we have removed this plugin already 3 days ago

Re: Mailware detected

Rising Star
# 8
Rising Star

I can see some scripts at the end of page:

sc​ript > eval(mod_pagespeed_ItsjHfSVxq);< / sc​ript 
718:  < sc​ript > eval(mod_pagespeed_RJfV3I$M43);< / sc​ript 
719:  < !--< sc​ript src="/js/main.js"> < / sc​ript > --> 
722:  < sc​ript > eval(mod_pagespeed_cRQBVhgv63);< / sc​ript 

and one at starting

 

script > try{Typekit.load();}catch(e){}< / script 

 

Please make sure why you are using this script. if not necessary then remove them.

 

Clear your website cache, server cache and any cache code in .htaccess file. Then call the support team and ask them to review again after clearing the tool cache.

 

If they find the link ask them to send you the reference link for further investigation.

 


Sunil, AdWords Rising Star, Community Profile  Rmotive Services
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’

Re: Mailware detected

Visitor ✭ ✭ ✭
# 9
Visitor ✭ ✭ ✭

@Sunil27 wrote:

I can see some scripts at the end of page:

sc​ript > eval(mod_pagespeed_ItsjHfSVxq);< / sc​ript 
718:  < sc​ript > eval(mod_pagespeed_RJfV3I$M43);< / sc​ript 
719:  < !--< sc​ript src="/js/main.js"> < / sc​ript > --> 
722:  < sc​ript > eval(mod_pagespeed_cRQBVhgv63);< / sc​ript 

and one at starting

 

script > try{Typekit.load();}catch(e){}< / script 

 

Please make sure why you are using this script. if not necessary then remove them.

 

Clear your website cache, server cache and any cache code in .htaccess file. Then call the support team and ask them to review again after clearing the tool cache.

 

If they find the link ask them to send you the reference link for further investigation.


Thank you.
We have escalated this problem further and google review team has approved our ads after that.

Mailware detected

Rising Star
# 10
Rising Star

@Ruslan U

 

You are most welcome!

 

 


Sunil, AdWords Rising Star, Community Profile  Rmotive Services
Did you find any helpful responses or answers to your query? If yes, please mark it as the ‘Best Answer’