My site is blocked by avast!.

Hello, my site (http://smart-loads.com) is blocked via antivirus avast!.
I found some hacked ‘.apk’ files on my site and removed them.

Online check services say that everything is ok.

for example: http://www.unmaskparasites.com/security-report/?page=smart-loads.com

How I can fix the problem?

Grateful for the help.

VirusTotal URL scan
https://www.virustotal.com/url/ef76b908c0e2499a0159e7a95849b3151e237d77df1e74398207133aa5312a10/analysis/1330293914/

VirusTotal HTML scan
https://www.virustotal.com/file/b64cfecabd6722fdfb84107a088ac82c7e0c65f3163860767b08c1cad79b7e26/analysis/1330293925/

urlQuery - suspicious
http://urlquery.net/report.php?id=25408

what does the avast warning say ?
can you attach a screenshot ?


http://xmages.net/storage/10/1/0/5/1/upload/093c7e7d.jpg


http://xmages.net/storage/10/1/0/c/6/upload/816c9174.jpg

The only possibly suspicious code I see here: -smart-loads.com/templates/Default/style/idealForms/js/jquery-idealForms.js suspicious
[suspicious:2] (ipaddr:62.212.72.239) (script) -smart-loads.com/templates/Default/style/idealForms/js/jquery-idealForms.js
status: (referer=-smart-loads.com/)saved 6563 bytes 39bfb5006c713c05aaf59fb93926ef16d313ad80
info: [decodingLevel=0] found JavaScript
error: undefined variable jQuery
error: undefined variable $.fn
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var $.fn = 1;
error: line:1: …^
suspicious

polonus

Hm… thanks, really, it was very old version of IdealForms framefork, upgraded to v.1.02 from google code.

Hope now it will be ok. (but old version can steel be displayed in browsers cache)

Hi inspred,

Still get a avast Network shield alert for URL:Mal. If you think it is a FP then there is an on-line contact form, http://www.avast.com/contact-form.php?loadStyles for: * Sales inquiries; Technical issues; Website issues; Report false virus alert in file; Report false virus alert on website; Undetected Malware; Press (Media), issues,
The only other scanner that flags the site is Trend Micro’s: status = dangerous. The latest tests indicate that this site contains malicious software or could defraud visitors. Malware vector status: Site that directly or indirectly facilitate the distribution of malicious software or source code,

polonus