hello good afternoon all,
i need a big help… i dont why but avast is treating our website like “malicious url blocked” even i have changed the hosting to another server
tried with out any files
when ever i type the domain in the browser it is giving me the warning… this is happening only with avast
this is the url of our company website www.eximlinks.in
thanks
welcome to the forum. i suggest you write to the avast support and send them a ticket about this problem.
http://www.avast.com/contact-form.php?loadStyles
according virustotal scan it shows to be clean. but if avast is reporting it to be malware it could be something in the code.
https://www.virustotal.com/url/0dd06c44e8b0212bacb0b4514331f7796e373d7b671c0617915fc046215e1354/analysis/1341497690/
according to WOT it was/is listed at phishtank.com
Hi Pondus,
Nothing on Phis Tank, and nothing on Sucuri.
But I found site with ‘searchmagnified.com’ d='manual category browser Hijacker
Searchmagnified.com Hijacker is classified as an invasive browser hijacker which adjusts your homepage, search page and favorites to hxtp://Searchmagnified.com and various unwanted sites. It is able to get into your operating system without your concert.
Content returned: 1: test
polonus
should i contact avast support team or what should i do know ?
the replies are confusing… and i am not so sure about what does this mean
MyWOT 05-07-2012, 12:01:25 DETECTED
There is an on-line contact form, http://www.avast.com/contact-form.php?loadStyles for: * Sales inquiries; Technical issues; Website issues; Report false virus alert in file; Report false virus alert on website; Undetected Malware; Press (Media), issues.
When avast receives your report and the site indeed seems secure, they are known to solve these issues rather quickly, sometimes with a coming update.
So just report as DavidR told you how to and wait,
polonus
thank you so much guys. i have sent a request for review to the support team
lets see what they have to say…
really appreciate your help in this matter. never saw this much pro active community…
You’re welcome.
i guess the problem has been solved.
can anyone please check our domain and confirm it please www.eximlinks.in
thanks
Well it isn’t alerting, but there isn’t a whole lot there just a test page ‘literally,’ see image.
But since this was a Network Shield alert on a malicious site, that looks to have been corrected.
However WOT still needs to be sorted as it has historical data giving the site a bad Rep, see http://www.mywot.com/en/scorecard/eximlinks.in, so you might need to contact them also.
Nothing much I can see: http://urlquery.net/report.php?id=83053
Content returned by request for: htxp://www.eximlinks.in/
1: test
polonus
Hi all,
the IP to the site eximlinks.in is 184.173.229.96 which gives no alert on URLQuery so pol is correct…
However there is a bad boy on: 184.173.0.171
see: http://urlquery.net/report.php?id=83890
this is a IP block for 184.173.xxx [xxx=any ransom numbers]…this will need analysis from a virus analyst to examine
Hi true indian,
That one is actually being reported in the Blackhole URL thread here…http://forum.avast.com/index.php?topic=100591.msg806005#msg806005
A sheer coincidence or the reason for the initial IP block, who will tell?
Arrticle author Fraser Howard did a write up about this particular one here in a Sophos Technical Paper:
http://nakedsecurity.sophos.com/exploring-the-blackhole-exploit-kit-6/ I mean the "main.php?page= " Blackhole detection variant…
Checked against realtime lists the IP is not being blocked by any now (or going under the radar)…
polonus
how can we contact WOT
i dont see any contact us form in their website
Just visit the link I gave in my last post as a start, there is a link on the page ‘if you are the owner of this site.’
What do you think of this?: http://www.mywot.com/en/contact
Mind you WOT is a web rep “community” tool and as reliable as the input/feedback from users that report there.
BrightCloud web rep index for your site is green 76 (low rsik) in Business and Economy
polonus
thanks guys i will try to follow the instructions
You’re welcome.