Hi,
our site hxxp://www.thevenusproject.com/
the Avast is still showing it as containing a URL:Mal , is it a blacklist of Avast?
Not other Antivirus are detecting anything now. Also this is proof of the lack of any infection right now.
hxxp://www.virustotal.com/url-scan/report.html?id=90f7a614204bf287dc6f062421a25b17-1292780099
Thanks in advance.
When I enter that URL, I do get a warning - however not on the thevenusproject.com domain, but on a completely different (and highly suspicious one, I’d say) domain.
I didn’t check any further, but it doesn’t look like a false alarm to me.
Hi capiscuas, welcome to the forum 
It seems that something on the website is trying to connect to a site that is blacklisted in avast!
The image is the alert I get when trying to load the site.
Also, please deactivate the link (change http to hXXp) to prevent others potentially becoming infected. Thanks.
Scott
Fixed the hxxp link, sorry.
The site was hacked around the 9th of December and probably got the infection. Then it was down for 1 day and the hosting provider (godaddy) said they had cleaned up the malicious things, and we upgraded to latest version of the CMS.
Not other software is showing the site containing any malicious url, also that url checking from totalvirus says it’s clean. Is there anybody could point too (if is) where is the redirection being produced?
Thanks in advance.
I am looking at it now, and I am guessing that it is in some scripting part of the site, as it shows under NoScript.
Ok, so from my limited knowledge,it could be this:
wXXw.thevenusproject.com/templates/thevenusprojectlight/js/jquery-tooltip/lib/jquery.dimensions.js
At the end of this file, it appears as though there is a long script on one line that doesn’t seem to belong there…
However I could be wrong, and would like an avast! team member to confirm/deny…
Scott
EDIT: Judging from the results of the latest test, it would appear that I was correct. See how the code unpacks to the site that is in the network shield alert.
Also, I will report this to avast! since the web shield hasn’t caught the script, as is usually the case.
Thanks a lot, I fixed the malicious script hacked in.
that blackoutmpn site virus total says its clean. it shows just a blank page with no codes. was it shut down possibly
You’re welcome, glad to help
I don’t get an alert on the site any more.
@PaCKINheAT,
Regardless of whether someone has got there first and shut down the site, avast! still blocks the attempt to connect. How can avast! know? Better to be safe than sorry.
Scott
Hello. I have the same problem with my web hxxps://www.multiencargos.com
Could you help me for to solve it please
you are posting in a topic that is 6 years old
for help, always start your own topic