Can you tell me how to get my domains off the Avast blacklist
The names are:
kasnoff d com
timkasnoff d com
fsboed d com
Thank you for any assistance,
Tim
Can you tell me how to get my domains off the Avast blacklist
The names are:
kasnoff d com
timkasnoff d com
fsboed d com
Thank you for any assistance,
Tim
Joomla outdated. http://sitecheck.sucuri.net/results/kasnoff.com
Avast support. https://support.avast.com/ > avast virus lab
Blacklisted :
http://www.siteadvisor.com/sites/timkasnoff.com
http://zulu.zscaler.com/submission/show/9b7e85e2c555da025f0cfea0e4b9fd26-1427815416
Malicious file:
http://quttera.com/detailed_report/timkasnoff.com
Other problems:
http://urlquery.net/report.php?id=1427815723131
https://www.ssllabs.com/ssltest/analyze.html?d=timkasnoff.com
Thank you for the additional info.
We will work on these.
detected by quttera
https://www.virustotal.com/nb/url/fb966ca340729bd7054bf2d3e81352854769083d0a7d399fbd1a4854eddab402/analysis/1427829433/
/templates/cleanout/js/s5_flex_menu.js - Threat detected according to previously retrieved information
http://quttera.com/detailed_report/timkasnoff.com
Thank you all!!
I think I have www.timkasnoff.com and www.fsboed.com fixed.
I would certainly appreciate it if someone could verify this before I contact Avast about the blacklisting.
Now on to:
Severity: Potentially Suspicious
I have seen this same file on alot of reports.
/media/system/js/mootools-more.js
Severity: Potentially Suspicious
Reason: Suspicious JavaScript code injection.
Details: Procedure [+] has been called with a hidden string ‘valuevalue’ containing execution of potentially suspicious code
Threat dump: View code
Threat dump MD5: 78A4A7F2FAB74E758B5C2F8C04E37509
File size[byte]: 47472
File type: ASCII
Page/File MD5: 9764375114C36AE5F7C4BDE82441B494
Scan duration[sec]:
Any thoughts??
Tim
I get a firefox error, ‘The connection to the server was reset while the page was loading.’ for timkasnoff.com, no problem on fsboed.com that loads without alert.
Thank You DavidR,
interesting, I’m using firefox and it came right up for me.
Tim
For support see here: https://support.pillwax.com/open-source/doku.php?id=joomla:general:mootools
This is only a potentially suspicious file (so it depends on other insecurities to make it into a real threat,
Quttera has it from Google alerts for media/system/js/mootools-more.js as it could be abused by a shell exploits).
Indeed here the mootools core file should come first.
The detection is rather likely to be a false positive as detections for js.feeb are FPs.
polonus
It has loaded this time around and no alerts.