Avast are still saying my site is infected despite multiple scans to the contrar

Viruses and worms
1

Hi

I have contacted Avast numerous times using the correct form and reporting ‘report false virus alert on website’ , and I am getting no response. This has now been going on for months. I am getting really tired of this and wondered if there is any legal action I can take against Avast, unless I am totally wrong and there are viruses, however according to all the scans below there are none.

I have checked my site on numerous scanners:

hxxp://vscan.novirusthanks.org/analysis/8fd80e03d0c5bac7216ff604fc85eab2/aW5kZXg=/

hxxp://sitecheck.sucuri.net/results/www.cytguides.com

hxxp://zulu.zscaler.com/submission/show/5ec34ca02cde41714e708fb7f1d4f3f0-1363273591

hxxp://urlquery.net/report.php?id=1427307

Can anybody help out at all, or know a contact at Avast that can get this sorted, I am losing money every day.

Steve

2

and what does avast say?..a screenshot would help
if it say URL:mal it means it is on a blacklist… for whatever reason

urlvoid. http://www.urlvoid.com/scan/cytguides.com/
browser defende. http://www.browserdefender.com/site/cytguides.com/

virustotal
https://www.virustotal.com/en/url/59ca8eaaaa94a8c827ae32ca5de3c9ca2dff45e77df979da5f44ba52251d7762/analysis/1363276220/

3

Here it is

4

http://support.avast.com/index.php?languageid=1&group=eng&_m=tickets&_a=submit
try that one if you haven’t yet, and set the priority on high you should get an email back response soon

5

Potential suspicious files found by Quttera’s:

/js/iview.pack.js Severity: Potentially Suspicious Reason: Detected potentially suspicious content. Details: Detected potentially suspicious initialization of function pointer to JavaScript method eval __tmpvar1616100674 = eval;
/IsoMind/index.html Severity: Potentially Suspicious Reason: Detected procedure that is commonly used in suspicious activity. Details: Too low entropy detected in string [['***************************************\n\n W A I T B E F O R E Y O U G O !\n\n CLICK THE *ST']] of length 254 which may point to obfuscation or shellcode.
/84PersonalDevelopmentReports/?action=topaffiliates Severity: Potentially Suspicious Reason: Detected procedure that is commonly used in suspicious activity. Details: Too low entropy detected in string [['***************************************\n\n > > > W A I T < < <\n\n CLICK THE ***CANCEL*']] of length 218 which may point to obfuscation or shellcode.
iFrame scanned 1:
6

Hi

Thanks for the responses. I used the new webpage to contact Avast, and hopefully can get this resolved.

A new scan at:

http://www.urlvoid.com/scan/cytguides.com/ reveals no threats found, the one you used Pondus was 4 months old.

Fingers crossed I can finally get this resolved.

7

Also Browser Defender states the server is in the UK, and it was changed way back last year, so their records are out of date as well.

http://www.browserdefender.com/site/cytguides.com/

8

Well send a FP report to virus AT avast dot com and link to this thread. Remember that it is the avast team that will decide on detection.
If found to be clean they are soon to repair FPs, even as fast as with an upcoming update,

polonus