Remove from avast blacklist

I posted several days ago explaining my problem with my site. It was apparently blacklisted by Macafee. I hired a programmer to clean up my site and it now shows clean on Macafe and they removed me from their blacklist. I submitted for bitdefender to remove it as well. How can I resolve this with avast?
site in question is: wxx.elitetraffic.net

Thanks

WOT doesn’t like it either (that is generally reputation though).

Sucuri still reports it as being blacklisted by McAfee http://sitecheck.sucuri.net/results/www.elitetraffic.net/, it is also reporting that your site appears to be hacked.

Nothing specific on this http://urlquery.net/report.php?id=8206889, but there are some other sites on the same Host that have been infected, so I don’t know if that has an effect.

One hit on this http://www.urlvoid.com/scan/elitetraffic.net/ and that relates to WOT as I mentioned earlier.

Avast uses its own malicious sites list.

I have reported it as a possible false positive, giving a reference to this topic.

Your hired programmer forgot about a couple of issues and did not report them to those responsible for the server that is hosting that website. ;D
See: https://asafaweb.com/Scan?Url=www.elitetraffic.net
Site comes also still listed as coming in the adware/spyware category
Issues flagged are:
Custom errors Fail,
Excessive header information spread to the global community and attackers,
Clickjacking Warning.
So that server does not seems to have been correctly configured and security hardened.
Alas your site is not the only site with questionable web security status. There are millions like that, so potentially fully open to attack, exploits and abuse.
So your site has probably been compromised as Sucuri says.

This is also not helping your situation: http://sameid.net/ip/216.15.209.2/
One of the 199 sites on one and the same IP gets blacklisted and you may suffer along.
Nothing in the form of immediate threats here: http://jsunpack.jeek.org/?report=b265878a80e497658415935a3f3b8019c485100f

So your site is not infested or with actual malware, but to say it is secure is quite another thing.
but site still found malicious, 95/100%, here: http://zulu.zscaler.com/submission/show/5f5c07118af19a3a745b755dda922c48-1386352732

polonus

Thanks you guys for the feedback.

David R …
Does the Sucuri take a while to update? I just got the email from macafee this morning.
https://www.trustedsource.org/en/feedback/url
The category now says: Internet Services and Reputation of Minimal Risk.
Before it was category: MAL and Reputation of High Risk…

Do you know where I would go to ask WOT to recheck the site? or how does that work?

polonus…
The errors found on asafaweb.com (Custom errors Fail, Excessive header information spread to the global community and attackers,
Clickjacking Warning. ) Would these cause a blacklist, or is this just extra security stuff?

Sorry, I don’t have experience with this stuff…

I don’t think it should take time to update, firstly it does its site scans and then looks for the other things like blacklisting, for that it refers to the various sites, such as McAfee - Whilst McAfee may have emailed you I don’t know if its site has been updated yet.

If you followed the link in the urlvoid site click on the Info opposite the WOT entry, that would lead you to https://www.mywot.com/en/scorecard/elitetraffic.net and there is a Button 'Click here if you own this site.

Thanks DavidR…

I followed the link to wot that you sent and verfied my site with them etc…

My sitestill shows blacklisted by Macafee here:
http://sitecheck.sucuri.net/results/elitetraffic.net

But it shows clean here:
http://www.siteadvisor.com/sites/elitetraffic.net

Are these not the same? Sorry to bother with this, but I really need to get this resolved.

You’re welcome.

I’m not sure if they are the same reference point or they should be the same, but I’m only an end user nothing to do with either site and just reporting the findings.

That said I have gone back and looked at the sucuri.net results again and at the bottom of that page it indicates these are cached results more than two days ago. So it is possible that they have been changed on McAfee but not picked up on this scan, you can however go back to that page and Force a rescan to clear cache.

I just forced a rescan and it is showing clear no McAfee blacklist.

Hi godin5150,

polonus... The errors found on asafaweb.com (Custom errors Fail, Excessive header information spread to the global community and attackers, Clickjacking Warning. ) Would these cause a blacklist, or is this just extra security stuff?

Sorry, I don’t have experience with this stuff…


No, such errors won’t even produce a potential suspicious flag with an av solution or on most anti-malware scans. It only makes a potential attack and abuse more likely. When an attacker knows what software is running on a particular website from the server header response for instance. That info will make it easier to look up a possible attack scenario than when this information is not being spread around. This can be done by changing the actual server configuration to be silent about that info. The situation nowadays is that a multitude of hosting companies have other priorities than security (economic). Whenever you have 700 or 1000 sites running on one and the same IP then site security is not your first priority I am afraid. I am in this website security scanning for quite some years now here on the forums and I have noticed we are far, far away from a somewhat more secure situation. There is still so much work to be done in this respect. There is also another truth. With a Dutch proverb we say: “Als het kalf verdronken is, dempt men de put”. This means that people only act when their site has become infested with malware and it will cost them money because they loose visitors when their site gets blacklisted.
What I talk about is the so-called “grey area” that exists before an actual successful attack and infestation, so try someone to do something about this and make your exclusion report for one of the avast team members in a mail to virus AT avast dot com

polonus