system
March 27, 2015, 8:06am
1
Hello Mods,
my website is blocked by avast anti-virus.
my site is smartlattice.com
Have taken following steps to resolve the problem.
1.downloaded completed website ,scanned with avast anti-virus.
2.deleted all the files from website
3.uploaded scanned and cleared files to website.
4.taken dedicated ip from godaddy for website.
5.have checked every available online virus checking tools,no issues from anyone.
anything more to be done and how long it is going to take to unblock my site?
Thank you
Hi Sri G, welcome to the forum
Can you make the link unclickable please.
I am no website analist. But if you beleve your website is clean, you can report it as a false positive https://support.avast.com/
Select : Avast Virus Lab - False Positive - False Positive Website.
Greetz, Red.
Eddy
March 27, 2015, 8:41am
4
There are problems on the same IDS:
http://urlquery.net/report.php?id=1427444614413
Also a old version of IIS is used.
Version 7.0 is used while the latest is 8.5
Suspicious Iframe found in:
frameworks/mc/em/application/smartlattice/objects/release/customoffer.html
IP is on 3 blacklists:
http://multirbl.valli.org/lookup/203.124.108.248.html
TLS 1.2 not supported:
https://www.ssllabs.com/ssltest/analyze.html?d=smartlattice.com
SOA and DNSSEC issues:
http://dnscheck.pingdom.com/?domain=www.smartlattice.com
system
March 27, 2015, 9:14am
5
Thanks.
Reported website as false postive
HonzaZ
March 27, 2015, 10:12am
6
Hi,
I unblocked your domain now ;-)!
@Sri G,
Your site may be unblocked now, gratulations with that achievement. It does not mean an instant threat now.
However you still should consider the recommendations Eddy has proposed.
Also consider the 1 red out of 10 Netcraft risk status for your site:
http://toolbar.netcraft.com/site_report?url=http://smartlattice.com
Server insecurities:
http://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-3436/Microsoft-IIS.html
Consider also the possible insecurities flagged here:
https://asafaweb.com/Scan?Url=smartlattice.com
One basic issue there you spread exessive server header info to the world and potential attackers alike
and should be alerted to the following clickjacking warning as well.
Also Custom errors;Fail is being detected for the website in question. See: http://www.webpagescreenshot.info/img/55153b54e58d93-46014588
As Eddy already mentioned alerted is as a suspicious iFrame check: Suspicious
-frameworks/mc/em/application/smartlattice/objects/release/customoffer.html’
Your olark issues are being discussed here:
https://www.olark.com/developers-corner/dont-break-the-internet-with-your-javascript
link article author Olark’s CTO Matt.
kind regards,
polonus
system
November 5, 2015, 2:58am
9
I have the same problem, checked everywhere (tools and websites) and it says im clean, this is ruining my traffic!!! Please HELP!
www.MunterMag.com
Eddy
November 5, 2015, 10:38am
11
polonus
November 5, 2015, 12:00pm
12
Eddy is right there and vulnerable script should always be retired.
That is why a lot of website admins run their scripts now from Goolge where code is not left, unpatched or not updated!
This should be looked into:
Detected libraries:
jquery-migrate - 1.2.1 : -http://muntermag.com/wp-includes/js/jquery/jquery-migrate.min.js ? * ver=1692912e5e50055dfe3eed832aeb225b
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : -http://muntermag.com/wp-includes/js/jquery/jquery.js?ver=1692912e5e50055dfe3eed832aeb225b
1 vulnerable library detected
Script is vulnerable for instance to CloakCloak SEO Spam, a larger seo spam campaign,
actively abusing website code since autumn 2014.
polonus