My site not infect. False positive . Administrator avast review please!!

Viruses and worms
1

Im sorry i dont speak english

My site was infectad last 2 mont , i install a new site not infect , but avast continue link to old site.

I need that adminitrator avast review my site , because a lot peoples cant entre in my site , thanks very much

wxw.famg.org.ar

2

[Sorry Polonus…I must have posted the same time as you, so I deleted my reply]

Regards,

3

Break that link with wXw please, as long as site is not cleansed…

There are more vendors that flag your site: https://www.virustotal.com/en/url/47970dc18e498da336af3a7e366ec64ce55e98cb2f6d5e29c2f5c9e5e6adc37c/analysis/1371340510/
Your Joomla version needs upgrading, so you are vulnerable: Web application version:
Joomla Version 2.5.x - 3.0.x for: htxp://www.famg.org.ar//media/system/js/caption.js
IP is on PHISHWatch, not necessarily your domain…
Avast alert is an URL:Mal which is a general domain/IP block…
Code hick-up here:
[nothing detected] (script) wXw.famg.org.ar/modules/camera/js/jquery.easing.1.3.js
status: (referer=wXw.famg.org.ar/)saved 8097 bytes 82e40d060bc269a6dde20c3990ca5a4fea6ca754
info: [decodingLevel=0] found JavaScript
error: undefined variable jQuery
error: undefined variable jQuery.easing
error: line:1: SyntaxError: missing ; before statement:
error: line:1: var jQuery.easing = 1;
error: line:1: …^
suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes

polonus

4

WOT has it rated yellow at the moment.

5

Thanks Polonus and cheater for reply.
I was joomla 1.5x and my site was infect ( detect for avast) and I had my site in a hosting.
I install new joomla 3.0 in a new site , new site clear , in a new hosting , diferent to fist , only use same link www.famg.org.ar .

I think avast is continuous with the old register , ( the old site joo1,5) because my new site have 1 month and the avast block more the 2 months.

My new site only contains news records , none of the older site.

Do you have any solution?? I have another link that linking same site and isn´t block ( www.famg.com.ar)

Thanks Mys friends ,and Im sorry for my poor english :-[

6

Hello,
it will,be unblocked for now.

Milos

7

I’ve contacted Avast several times about unblocking one of my client’s websites which is a false positive. There is no malware on the site. We’ve also verified this with several scanning services (including https://www.virustotal.com/en/url/1249af577ced04c8d484056a18f05e61327d07a3ee910b8b65660ec776a26892/analysis/).

The website is http://www.stcroixsource.com/

Thanks!

8

and what is the message from avast? … you may attach a screenshot

9

Reporting the site once and mentioning you believe it to be a false positive is enough.
Have a patience.
The people from Avast will look into it and fix things when needed.
And never put a link to a (possibly) infected site on this webboard please.
Not even when you believe it is a false positive.

Pondus,
the webshield is blocking it.

10

See here: http://urlquery.net/report.php?id=6232109 & https://www.virustotal.com/nl/url/1249af577ced04c8d484056a18f05e61327d07a3ee910b8b65660ec776a26892/analysis/
redirects to htxp://stjohnsource.com/singlesignon/claim see: http://archive.is/stjohnsource.com
4 sites on same IP: http://sameid.net/ip/198.138.68.108/
Report as FP to avast as FP, contact avast → http://www.avast.com/contact-form.php
For general website insecurities, see: https://asafaweb.com/Scan?Url=www.stcroixsource.com
for instance excessive header info given away:
Web server details

Scan for: htxp://stjohnsource.com/singlesignon/claim
Hostname: stjohnsource.com
IP address: 198.138.68.108

System Details:
Running on: Apache/2.2.15 ←
System info: (CentOS)
Powered by: PHP/5.2.17 ←

polonus