Hello, it appears that Avast is incorrectly identifying our script as malicious. The script that is flagged is: http://cdn.vigllnk.com/api/vglnk.js
We are a Google Ventures funded company that has been around for over 3 yrs and we are not a malicious script or virus.
Below are reports from Avast users:
hxtp://acapella.harmony-central.com/showthread.php?2879744-Still-Getting-Warnings-From-Avast-Antivirus
hxtp://acapella.harmony-central.com/showthread.php?2879089-Avast!-AntiVirus-Flags-Malicious-URLs-on-This-Forum!##
hxtp://acapella.harmony-central.com/showthread.php?2879178-Malicious-URL-on-KSS-update-your-virus-protection#
Does anyone have insight on how to get this removed or reversed on Avast’s side, ASAP?
I can’t recommend you anything than to change the hosting. We’re not blocking your domain, but the server, which is hosting:
google-analitycs . com
ad-doubleclick . net
which are clearly evil.
Thank you for the response. We use the internap’s cdn to host our script, however, we cannot be held responsible for the content on their service and should not be penalized for the other sites they host. Is there any way that you can create an exception for our script since we are not a virus or malicious?
Can you make the links given non-click-through like with hxtp: or wXw.
Here is an example of suspicious code on one of those links:
-acapella.harmony-central.com/clientscript/yui/connection/connection-min.js?v=408 suspicious
[suspicious:2] (ipaddr:74.63.163.229) (script) -acapella.harmony-central.com/clientscript/yui/connection/connection-min.js?v=408
status: (referer=-acapella.harmony-central.com/showthread.php?2879744)saved 11604 bytes 10ebcea9a5b9a89ad271c462fdafb5d012b9af64
info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
info: [decodingLevel=0] found JavaScript
error: undefined variable YAHOO
error: undefined variable YAHOO.util
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var YAHOO.util = 1;
error: line:1: …^
suspicious:
Cdn.vigllnk.com pointed to 184.82.149.180 which belongs to HostNoc and for me it still points there. According to robtex a bgp.he.net, it points to 184.82.149.182, which belongs to HostNoc as well. I can’t see any reference to InterNap in there.
We block sites from 184.82.149.178 to 184.82.149.181, they’re full of evil stuff and the blocks are saving our customers. Ask the CDN people to contact me (kubec@ you know what domain) for resolving this. There is no way to exclude your site from this block (it’s technically impossible, as the block occurs before the actual connection takes place), the only way how to resolve is to ask CDN provider to clean up the mess they’re hosting.