HI everyone,
My website (m a s s t l u c . c o m) was attacked and had a malware infection 1 months ago.
After coorection and debug, my website is clean, and scanner online say “WEBSITE OK”,
But avast still blocks the site.
How to exclude the site from avast’s blacklist?
Thanks for your time and help.
Have a good day
You can report a possible FP here: http://www.avast.com/contact-form.php?loadStyles
Thanks But i allready sent 2 mails from this link the first one month ago and the second one week ago 
It looks like French Avast Team Doesn t read their mail
Please take a look to my little website , u ll see that s clean and maybe you can turn it on SAFE.
Cause we are a bed & breakfast and this AVAST balcklist make us loose money.
Thanks for your comprehension and time
Report 2012-01-06 16:03:44 (GMT 1)
Website masstluc.com
Domain Hash 9745fe42fd05812bcdd4a5f1f8f606fe
IP Address 213.186.33.19 [SCAN]
IP Hostname cluster010.ovh.net
IP Country FR (France)
AS Number 16276
AS Name OVH OVH Systems
Detections 5 / 21 (24 %)
Status DANGEROUS
http://amada.abuse.ch/?search=masstluc.com
http://www.mywot.com/en/scorecard/masstluc.com
http://www.malwareblacklist.com/searchClearingHouse.php?search=masstluc.com
http://www.scumware.org/search.scumware
http://global.sitesafety.trendmicro.com/
Report 2012-01-06 15:57:12 (GMT 1)
IP Address 213.186.33.19
IP Hostname cluster010.ovh.net
IP Country FR
AS Number N/A
AS Name N/A
Detections 4 / 26 (15 %)
Status DANGEROUS
http://maliciousnetworks.org/
http://www.malwaredomainlist.com/mdl.php?search=213.186.33.19
http://www.mywot.com/en/scorecard/213.186.33.19
http://www.threatlog.com/search/
I m sorry BUT:
http://amada.abuse.ch/?search=masstluc.com this is OLD : 2011-11-17
Since more than one month the website was cleaned, this masstluc.com/img/it11.exe doesn t exist
mywot.com don t know my little website ? then ? dosn t mean it s not safe or a lot of tiny website ll be blacklisted.
malwareblacklist.com, scumware.org list also the same probleme as AMADA.ABUSE.CH
http://www.malwareblacklist.com/searchClearingHouse.php?search=masstluc.com
The file dosn t exist anymore
trendmicro.com say it s infected but doesn t give the problem, i guess it s like other scanner, just a query in a database and not a real scan of the domain.
http://www.threatlog.com give an js.js infected but like the img folder, everything was cleaned long time ago.
Please Check the website code source by yourself, and try calling url listened as NOT SAFE you ll see there is still no problem.
Thanks for your time and Help.
Well, I’m not the one to decide this.
If you sent it to the viruslab and it’s still blacklisted, I can’t really help you.
http://anubis.iseclab.org/?action=result&task_id=1d610361d6822aa54f54c673a1c9d328f&format=txt
see the above report site is malicious…
Thanks True indian, BUT:
I m sorry but the http://anubis.iseclab.org say RISK LOW
I tried with TF1.fr ( first french tv channel ) and it say LOW too lol
see the code source : http://pastebin.com/4BuN1uh2
PLUS WHEN A WEBSITE IS INFECTED GOOGLE WEBMASTER SHOW IT, AND IN MY CONSOLE GOOHLE SAY WEBSITE IS CLEAN SINCE I MADE THE CLEANING
Here are the suspect links on your site. You might want to work with your hosting vendor to research them.
False , the links given are my neighbor on OVH server, then it s not my website.
the eval is jquery lol
I MADE THE WEBSITE, I CLEANED IT ,
THEN IF YOUU SURE I M INFECTED,
GIMME ONE URL WITH 1 MALWARE
avast see a redirect…
http://virusscan.jotti.org/en/scanresult/fd099430c5f75c9ca969a8b8a1a9364e6041d96f
YES and other services nothing, i guess one more false scanner who just made a query on a database.
Look the code source posted on pastebin you ll see nothing
I suggest to contact the viruslab at: virus(at)avast.com
Yes i did it 2 times in french from avast french web form, and today in english.
Thanks to Pondus too for this link:
http://virusscan.jotti.org/en/scanresult/fd099430c5f75c9ca969a8b8a1a9364e6041d96f
it show that all antivirus say OK and just AVAST say DANGEROUS.
In all cases Thanks yall for your help, time and scans ;-p
If you come in the south of France i ll make a great price for you
it show that all antivirus say OK and just AVAST say DANGEROUS.and very often avast is the first to find website malware....of all the cases posted in here i guess avast is correct in more the 90%
but FP happens…the avast devs are probably checking this as we speak
Asyn only if i m unblacklisted LOL.
Ok i ll leave my work now, i ll check my email tomorrow.
Have a nice Week end Avast Team & Avast Users
As said, I’m not the one to decide, so I’ll drop by anyway. ;D
Have a nice weekend,
Asyn
The TR/PSW.Zbot.5590 infection is dead now.
There is still an issue for -http://masstluc.com/img/ unknown_html at VW
also see: https://new.virustotal.com/url/aeef6daeec1b9aba73d0d8aeee61e42bd783e969152830f66511c0792c34a531/analysis/1325872639/
When I open up -http://masstluc.com/img with malzilla I get an avast Networkshield block for infected with URL:Mal
The old entry for http://malc0de.com/database/index.php?search=masstluc.com has been gone,
and seems to be clean: http://vscan.urlvoid.com/analysis/e88e8f75f541e1cbdf5b26b8630c3cfb/aW1n/
So it seems the issue is only with the avast Network shield,
polonus
P.S. I now get: The requested URL /img/ unknown_html was not found on this server,
D
Norman lab
There is a redirect href="-http://www.masstluc.com/chambre-d-hote/" and there is no maliciousness in the webisite and the redirect
So i guess what avast see is the redirect listed at the bottom of the wepawet report - also see screen shot
http://wepawet.iseclab.org/view.php?hash=2d192f3786a692fbbb19eedd92e99696&t=1325932161&type=js