Blocked website

A website which I manage has been affected by some virus, obviously a trojan or malware. Everytime I try to access the website the usual way by Google or some other browser, I get a warning message and the site is blocked.

Since I’m the webmaster of the site, I can access the web host and access the files that way but I don’t find anything wrong or strange.

How do I solve this problem?

How do I solve this problem?
what is the URL ..... post it no clickable

Killmalware http://killmalware.com/lynx677.byethost12.com/

What is the message from avast? … you may attach a screenshot

Info about this IP https://www.virustotal.com/en/ip-address/185.27.134.158/information/

IP is also Blacklisted at apews.org Entry created 2014-03-28

Oooops 185.27.134.158 is currently listed in APEWS :-( Entry matching your Query: E-1336659 185.16.0.0/12 CASE: C-131 Unallocated CIDR, no traffic until allocated, or allocated to bad reputation provider or allocated but dynamic / generically named IPs, or bogons, see www.cidr-report.org, or orphaned IP / CIDR in routing table History: Entry created 2014-03-28

I’ve sent the screenshot in a private message.

Unfortunately, it doesn’t give me much information other than that the web protection has blocked a harmful file.

So what should I do? Contact the webhost or simply wipe out the whole website and start over again by uploading everything (which will take some time because I’m in the middle of another project and have no time for rebuilding a website until next month)?

The website is likely blocked because there are malicious websites on the same IP.
If you believe your website is clean, you can ask avast to remove the block.
www.avast.com/contact-form.php

Only thing you can do to prevent this from happening again is getting a dedicated server (your own IP address).

The website is likely blocked because there are malicious websites on the same IP.
yepp, just click the VT link i posted above and you will see plenty of them listed .... including malicious files from that IP

guess that explains why it blacklisted

Thanks Pondus and Eddy for help and information.

But I must ask: How do I get a “dedicated server”? My IT-provider has nothing of that sort and since there are a lot of things going on considering Internet connection in my area, I might have to change IT-provider in the coming months.

I’ve sent a message to Byethost about the problem but who knows how long it will take for them to sort out the problems. So far they have been a good web host but you’ll never know. I’ve had some bad experiences with certain web hosts, I still cringe when I think of 110 MB who suddenly became impossible to access and get in touch with, making it impossible to update a certain website for six months and I was “bombed” by mails from people who wondered what I was doing.

I’m not 100% sure if my site si clean, therefore I’ll have to wait before asking Avast to remove the block.

I tried to access the site using Firefox as browser and the result was the same. When I pushed the button “more information” I got this message and took a screenshot:

http://img.photobucket.com/albums/v433/Lynx677/Viruswarning2_zps91dd2632.png

Just for your information.

I don’t know if there is anything here which can help me to solve the problem.

So far, no reply from the web host so I’ve started to look for other options considering the site. Is there anyone who knows about a decent webhost (most likely a free one), I would appreciate that.

Free hosts never give you your own IP, they are all giving you a shared one.
If you want a dedicated server (with your own IP), you will need to pay for it.

Prices vary a lot but are mostly between €15 and €100 a month, depending on what they offer you.

This is actually the first web host I’ve ever encountered which has provided me with a virus. >:(

Since you are in sweden why not use a swedish one (eller en Norsk) then you can just pick up the phone if there is a problem

This is actually the first web host I've ever encountered which has provided me with a virus.
No, it is not the host that gave you a virus. Besides, who says that your website does contain malware? There are websites on the same IP that are at least not trustful. That is the real problem.
No, it is not the host that gave you a virus. Besides, who says that your website does contain malware? There are websites on the same IP that are at least not trustful. That is the real problem.

Not good if my site is affected because of viruses on other sites on the same IP. Anyway, as I wrote before, I’ve written to Byethost about the problem but the only thing I’ve got so far is a somewhat cryptical reply on their forums about sub-domains from another forum user.

So far, I ve replaced the index site with a sign which explains the problem. If the problem can’t be solved until Saturday, I’ll delete the site.

Hello

is being blocked by another analyst
in this case through the contact form

http://www.avast.com/contact-form.php

I’m trying to solve,but who knows tomorrow.

hello

sorry for the inconvenience the delay.

please remove this malicious script. byethost12.com/like.js

Best Regards
Albert Fiala

Some additional info from some third party checks I had performed.

Site runs on ats/4.2.1.1
There is a recent unspecified vulnerability out for Apache Traffic Server:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3525
Unspecified vulnerability in Apache Traffic Server 4.2.1.1 and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.
For a conditional redirect read this discussion: http://lowendtalk.com/discussion/28009/my-domain-redirects-to-google-adsense-script-adsense-domains-caf-js
Site has bodisparking infection: Bodisparking.com is a website that shows irrelevant links and advertisements to anyone who comes across Bodisparking.com for code see: http://www.rexswain.com/cgi-bin/httpview.cgi?url=http://www.byethost12.com/&uag=MSIE+8.0+Trident&ref=http://www.google.com&aen=&req=GET&ver=1.1&fmt=AUTO

polonus

P.S. Liked the music of the Yardbirds on Big L when I was young ;D