A few month ago we got a malware on one of our website and our ip 217.160.91.5 got blacklisted by avast.
We detected the malware (a w32 file) and removed it within 3 days. We also set up a higher level of security on the server, change every passwords, and installed security softwares to prevent any kind of trouble in the future.
We immediately sent to AVAST the report of the security contractor who cleaned and secured the server.
We received the 28th of June an answer from and Avast ingeneer (Ticket ID: JTA-831143) saying that then IP has been unblocked.
But it is not ! And the ip 217.160.91.5 is still blacklisted after more 40 days !
We tried to send new emails to AVAST but no one would answer or give us a clue of what’s going on !
Could someone of the team give us an answer on how IP Blacklist works here ?
Thanks a lot ! We really hope to find an answer here.
PS: Virustotal report no malware on our websites. Rkhunter doesn’t find anything. And the ip is not blacklisted anywhere else.
Sales inquiries; Technical issues; Website issues; Report false virus alert in file;
Report false virus alert on website; Undetected Malware; Press (Media), issues.
You could include a link to this thread here,
Thank you for your answer.
It is true tyhat the malware has been removed since 21/06/2012.
But, I think you are wrong when you say that htxp://www.coachseduction.fr/ is not being blocked by avast ! It is ! Every single vhost I’ve got on this IP is still blocked !
The only reaons why you can access htxp://www.coachseduction.fr/ (with avast) is because I put it behing a CDN (cloudflare). So your browser connect to a different IP that the one blocked by avast. But If i desactivate the CDN, the website will be blocked because of its IP.
Moreover, you told that htxp://www.orthopass.com/ has been flagged ? there is a problmem in the javascript ? The script you reffer to is a script I got on soundcloud website. It looks like everything is fine on htxp://www.orthopass.com/ .
You could do that once again adding a link to this thread. When there are no further issues preventing the unblocking this could be as soon as with an upcoming update. I cannot influence that, because that is up to the avast analysts. What I could advise you here is to remove the “X-Powered-By”-http header, as this is giving away to the world that content is being generated dynamically. It is being advised to remove this header. Furthermore everything seems OK at secussl.com -spamcheck and Safebrowsing results tested as OK,