Badware is software that fundamentally disregards a user's choice over how his or her computer will be used. There are several commonly recognized terms for types of badware - spyware, malware, and deceptive adware. Common examples might be a free screensaver that surreptitiously generates ads, or a malicious web browser toolbar that makes your browser go to different pages than the ones you expected. To know more, click here.

We decided to call ourselves StopBadware.org, and emphasize the term badware, because we want to be a 'big tent'. We want to attack all forms of badware, not just software that steals your information (spyware) or software that pops up unexpected ads (deceptive adware).

StopBadware.org is a "Neighborhood Watch" campaign aimed at fighting badware. We will seek to provide reliable, objective information about downloadable applications in order to help consumers make better choices about what they download onto their computers. We aim to become a central clearinghouse for research on badware and the bad actors who spread it, and become a focal point for developing collaborative, community-minded approaches to stopping badware.

Harvard Law's Berkman Center for Internet & Society and Oxford University's Oxford Internet Institute are leading this effort with the support of several prominent tech companies, including Google, Lenovo, and Sun Microsystems. Consumer Reports WebWatch is serving as an unpaid special advisor.

We are educational nonprofits with the support of a broad base of institutions, including corporations, that understand the scope and challenge of the badware problem. Together we offer legal, policy, and technical analysis to the public, a track record of working with open communities, and a shared desire to bring this problem under control in the near future. You can find out more about us on our about page.

In the short term, we aim to be a clearinghouse on anti-badware efforts, providing people with a way to submit their stories and their data, and using that data to inform our research efforts. We aim to put badware developers on notice- we'll be writing standards and testing procedures to define what badware is, and we'll spotlight the worst offenders with the help of the anti-badware community. Finally, we aim to provide the public with quality information about badware and to help inform their downloading decisions. Long term, we hope to build and participate in a community of organizations, corporations, and individuals who are all working together to stop badware.

Our sponsors want people to have a positive experience on the internet and to feel safe downloading software. They believe that our independent, community-centered approach is the best way to reach this goal.

Obviously, lots of other people and companies are working in this space. That is a good thing. We feel we're different for a number of reasons. Unlike many of the companies working in the space, our roots are in organizations (.orgs and .edus) with independent traditions, so we won't be afraid to call out badware creators of any size. We're not going to hand down solutions from on high - we want to work with both experts and the broader internet community to define and understand the problem. We'll work with that same community to create solutions that will protect the internet in the long term. Finally, since part of our goal is to become a central clearinghouse for data, we view ourselves as a complement to the best other efforts in the field. We believe that our unique take will act as a complement, as we all share data to better attack the same end goal.

Your data will be recorded in an anonymized database. Once we have enough data, our researchers will start poring through it so that they can confirm their suspicions about the worst offenders, and eventually spot trends and patterns, allowing us to put the spotlight on new forms of badware even more quickly. The database will also be made available to the public, including nonprofits, companies, government officials, and consumers, so that the rest of the world can pitch in and make their own valuable contributions to everyone's knowledge of badware.

In the short term, we'll share the data we collect in the form of monthly reports. The reports will spotlight the worst badware offenders and badware trends. Long term, we hope to build a community of organizations, corporations, and individuals who are all working together to stop badware, and build tools to allow millions of people to collectively monitor the health of the internet and their own computers. We want to figure out how the internet community can take back control of our computers.

You can help us by telling those you know - family, friends, coworkers, and acquaintances - about the problem and directing them to this site. If you have stories about your experiences with badware, please share them with us by using this form. Ask others to contribute their experiences and stories. We will also be releasing reports about the worst badware offenders. Information in these reports could be helpful to you before you decide to download a program or visit a website. Please join our report mailing list and we will keep you informed of our progress.

We know many of the most technically savvy readers of this FAQ have probably already 'solved' the badware problem for themselves by installing anti-spyware software, or even by switching operating systems. Unfortunately, the problem of badware threatens far more than our individual security and privacy. We believe that if badware and similar problems continue their explosive growth, governments and software manufacturers will be tempted to start making decisions about what you can and can't run on your computer. If that happens, we'll all be impacted. You can help, even if you have successfully protected yourself against spyware, by urging co-workers, friends and family to report their problems, and by working with us to help plan strategy.. If you're interested in finding out more, Project Co-Director, Jonathan Zittrain, has written about this in recent papers.

Google has placed warnings in its search results for websites that its testing has determined to host or distribute badware. If a Google user searches for a site that Google has determined to be potentially dangerous, they will see a warning in the search results.

Currently, many sites that are the subject of Google's warnings have been the victims of a malicious hacking attack, in which code linking directly to badware through exploits was inserted onto an otherwise innocent, but poorly secured, website. In other cases, a website with no intention to distribute badware hosts content (such as ads or hit counters) provided by a third party, and can inadvertently distribute badware through that content. If you are confused about why your site has a Google warning, then there are strong odds that your site has experienced one of the above situations.

To remove the warning, you will need to discover what code on your site caused Google to flag your site, and then clean and secure your site.

Once your site is certain to be clean and secure, there are three ways the Google warning can be removed. Google periodically re-scans the sites it has previously flagged, so you can choose to wait for this re-scan. Please note that there is no set schedule for these re-scans.

Alternately, you can submit a request for review to StopBadware, using our Request for Review form. While StopBadware cannot guarantee a specific length of time to process a review, submitting a request actively puts your site in line to be re-scanned. Working with our partners at Google, we respond to each request for review as quickly as is reasonably possible.

Lastly, as of August 2007 Google makes it possible for verified website owners logged in to its Webmaster Tools console to request reviews directly through that console. Please note that reviews requested through Google’s Webmaster Tools are administered entirely by Google, not by StopBadware.

Google has an information page for users of its web search who are curious about the warnings, and another for owners of sites that are the subject of warnings .

Google has a right to safeguard the users of its search engine from websites it finds to be dangerous. When Google independently finds sites that contain or link to badware, it may choose to create a warning page for the website. This warning page shows up when someone searches for a potentially harmful website and then follows the link to that website from the search results. The web searcher sees the warning page instead of being sent directly to the potentially harmful site. The warning page informs the web searcher that the site they are trying to reach may contain badware.

It is important to note that, in placing its warning, Google has not modified your website in any way or blocked users from accessing your site. The warning page is part of Google’s search results, and is not part of your website itself. If a web searcher chooses to type or copy and paste your URL into their browser, they will still go directly to your site.

Google independently checks the web for badware and badware-linking code, and places warnings in its own search results. StopBadware’s role is to help site owners who want to remove the warnings to learn about badware and website security. StopBadware also administers an independent review process through which a website owner can request the removal of a warning.

Although Google's warning pages contain a link to the StopBadware.org site for more information, the decision to post a warning page is an independent decision made by Google, not by StopBadware, and does not reflect any testing or review by us in advance. Also note that URLs appearing in the Badware Website Clearinghouse are automatically posted as part of Google's warning process without any review, research, or editing by us.

Using its own testing procedures, Google is the sole decider for initial decisions to post a warning page for a website. Google does not rely on any testing or reports from StopBadware in making these initial decisions. However, StopBadware has the ability to review Google's decisions, and you may request that we engage in a review by filling out a Request for Review. Working with our partners at Google, we respond to each request for review as quickly as is reasonably possible. Please note that this web form is the only way to contact StopBadware about a request for review.

Once you have submitted a request for review, you should see a confirmation page to confirm our receipt of your request. We will then investigate and respond to your request once investigation is complete. Please note that the time required to respond to an individual request can vary, depending in part on factors such as whether the site is already clean when the request is submitted, and the extent and type of badware or badware-distributing code found on the site. We respond to each request as quickly as is reasonably possible.

Google makes its own determinations about whether to remove any warning pages it has posted; however, StopBadware's findings on a request for review are a critical input into Google's decision whether or not to continue warning users about a site. In our experience, whenever we have reported to Google that we found a site to be free of badware at the time of our review and Google's own follow-up tests have confirmed our results, the warning page has been removed.

Here is how the warnings and review process works:

• Google discovers badware or badware-distributing code on a website. Google places a warning in its search results for the site and reports the site to StopBadware, for automatic inclusion in our Badware Website Clearinghouse. Google also attempts to contact the owner of the website to notify them of the warning and of the process for review.
• A website owner learns about the warning and works to locate and remove the badware or badware-distributing code from their site. The site owner then requests a review using StopBadware’s web form.
• StopBadware forwards all review requests to Google for an initial rescan. If the Google rescan finds that the site is indeed now clean, Google notifies StopBadware of this finding and removes its warning. The removal of the Google warning triggers the removal of the site from the Badware Website Clearinghouse.
• If the Google rescan does not find that the site is clean, Google notifies StopBadware. StopBadware then performs further detailed testing. If we find badware or badware-distributing code on the site, we notify the site owner. The site owner then will need to clean the site and submit a new request for review. If we find the site to be clean, we notify Google. If Google’s testing then verifies that the site is indeed clean, Google removes its warning. If Google’s testing still does not find the site to be clean, both Google and StopBadware perform further testing to make a final determination.

NO. It is not possible for someone to falsely report your site to Google or us and have a warning placed in search engine results for your site.

Google independently identifies sites that host or distribute badware. If it finds a site that contains or links to badware, it puts a warning page in the search results for that site. Google also informs StopBadware, after the fact, of its findings. If a search for your site leads to a Google warning page, it means that Google's testing process has determined that your site either hosts or distributes badware and may be harmful to site visitors. Google does not post warning pages merely in response to reports from the public; it will only post a warning page after, and as a result of, its own testing of the site.

Please see the previous question in this FAQ for more information about how the warning page process works.

The Google warning page is NOT the same thing as a StopBadware report. Here's how StopBadware does research on badware. We encourage members of the public to report to us sites that may host or distribute badware. We always research the sites before making any information public. We only make public the sites that have been reported to us by users after our staff has checked for and verified the presence of badware or links to badware on the site. If we do find badware, we release a report about that website. But we never issue a report or otherwise list a site as containing or linking to badware based solely on an untested report from the public. You can learn more about our reports here.

We understand that this may be an incredibly frustrating situation for you.

However, we have found that website owners often are not aware that their sites contain or link to badware. This is particularly likely if a site contains content (such as advertising) that is provided by a third party or if a website's host server has been hacked. In these cases, the third-party supplied content may contain links to badware, or the server hacks may have resulted in the insertion of code onto the site's webpage that allows badware to be installed on visitors' computers via security exploits. Several site owners who discovered that their sites had been spreading badware without their knowledge have told us they appreciated the opportunity to clean up their sites and learn how to prevent such problems in the future.

To learn more about badware that is placed on sites without the site owner’s knowledge, and for some tips on how to locate it and clean your site, please visit our Security Tips page.

Each case of badware is different, so there is no one quick solution to cleaning up badware on every website. If your site has been hacked, you will most likely need to work with your web host to discover what has made your site vulnerable to hacking. If the badware on your site appears due to third party advertising networks or other remotely served content, you will most likely need to address the problem with your ad network or content provider.

You can find some tips for cleaning and securing your site on our Security Tips page. The easiest way to find the badware or badware-distributing code on your site is to carefully check your site’s source code for common exploits. You can learn about these exploits and how to look for them on our Security Tips page. Google also provides information to verified site owners through its free Webmaster Tools service. Because many hacking attacks are the result of server vulnerabilities, your web hosting provider may also be able to help you check, clean and secure your site. You may also wish to join StopBadware’s discussion group and request assistance from a technically proficient volunteer.

If you have followed the advice above and on our Security Tips page and are still unable to locate the badware or bad code on your site, please submit a Request for Review. Our follow-up can help you discover what files or links on your site may be distributing badware. Please note that it can take significantly longer for us to process a review if the affected website is not already clean when the site is first re-tested.

Google has its own independent process for locating badware on websites. To preserve the integrity of that process, Google does not release detailed information about the results of its testing to the public at large. However, Google does offer information to verified site owners through its free Webmaster Tools service.

Google makes a good faith effort to contact the owners and administrators of sites with Google search warnings. Google sends emails to potential site owner addresses such as webmaster@domain.com Google also notifies site owners with Webmaster Tools accounts. To read more about Google’s notifications to webmasters, see the Google blog post about the notifications.

This FAQ is constantly growing, so we continue to add to it as new questions arise. In the meantime, please contact us at contact@StopBadware.org for any questions about the review process. You can also join our discussion group to learn more about the badware problem and share your thoughts on ways to promote a safer internet experience.