request for removal from blacklist

Greetings,
on May 22nd 2013 our website http://www.crij.org has been hacked.

We were running with joomla 1.7 and identified a lack of security. We upgraded the engine to joomla 2.5.13 after cleaning the website. Since then Avast keeps reporting our website as dangerous.

We request a removal from your databases since our actions can be verified with every on-line tools we could try.
In case we forgot a step, please notify us

Regards, Claire, crij.org web master

It is infected http://zulu.zscaler.com/submission/show/cd499f78e2b4399e0393c6bdd197a72d-1378487784

Hi CRIJ Toulouse & essexboy,

Seems the malware is now has been closed: http://support.clean-mx.de/clean-mx/viruses?id=12220588
So a FP report could be send to avast. You can report a possible FP here: http://www.avast.com/contact-form.php

polonus

Checking via DrWeb’s:hxtp://www.crij.org//media/system/js/mootools-core.js
File size:94.10 KB
File MD5:cf58a30ea9b7a731712baede90b790ec

htxp://www.crij.org//media/system/js/mootools-core.js - archive JS-HTML

htxp://www.crij.org//media/system/js/mootools-core.js/JSTag_1[4746][13124] - Ok
htxp://www.crij.org//media/system/js/mootools-core.js - Ok

Checking:htxp://s7.addthis.com/js/250/addthis_widget.js#pubid=ra-4ec6801f7fcd7c0e
File size:7157 bytes
File MD5:ced32c07c47d01b9db513268a90b447c

htxp://s7.addthis.com/js/250/addthis_widget.js#pubid=ra-4ec6801f7fcd7c0e - archive JS-HTML

htxp://s7.addthis.com/js/250/addthis_widget.js#pubid=ra-4ec6801f7fcd7c0e/JSFile_1[0][1bf5] - Ok
htxp://s7.addthis.com/js/250/addthis_widget.js#pubid=ra-4ec6801f7fcd7c0e - Ok

Checking:htxp://www.crij.org//templates/crij/js/scripts.js
File size:2061 bytes
File MD5:ca91ac74d930b9e5016a713abab5c06b

htxp://www.crij.org//templates/crij/js/scripts.js - archive JS-HTML

htxp://www.crij.org//templates/crij/js/scripts.js/JSFile_1[0][80d] - Ok
htxp://www.crij.org//templates/crij/js/scripts.js - Ok

Checking:htxp://widget.calameo.com/library/?type=account&id=228355&rows=3&sortBy=latestPublished&theme=white&bgColor=&thumbSize=small&showShadow=true&showGloss=true&showInfo=account&linkTo=embed
File size:2110 bytes
File MD5:35c3dbb678e44e3303feecf4fd5fe93e

htxp://widget.calameo.com/library/?type=account&id=228355&rows=3&sortBy=latestPublished&theme=white&bgColor=&thumbSize=small&showShadow=true&showGloss=true&showInfo=account&linkTo=embed - archive JS-HTML

htxp://widget.calameo.com/library/?type=account&id=228355&rows=3&sortBy=latestPublished&theme=white&bgColor=&thumbSize=small&showShadow=true&showGloss=true&showInfo=account&linkTo=embed/JSTAG_1[1ba][1b5] - Ok
htxp://widget.calameo.com/library/?type=account&id=228355&rows=3&sortBy=latestPublished&theme=white&bgColor=&thumbSize=small&showShadow=true&showGloss=true&showInfo=account&linkTo=embed/JSTAG_2[54e][5d] - Ok
htxp://widget.calameo.com/library/?type=account&id=228355&rows=3&sortBy=latestPublished&theme=white&bgColor=&thumbSize=small&showShadow=true&showGloss=true&showInfo=account&linkTo=embed/JSTAG_3[5d7][1a0] - Ok
htxp://widget.calameo.com/library/?type=account&id=228355&rows=3&sortBy=latestPublished&theme=white&bgColor=&thumbSize=small&showShadow=true&showGloss=true&showInfo=account&linkTo=embed - Ok

Checking:htxp://www.crij.org//media/system/js/caption.js
File size:729 bytes
File MD5:031416fd2123cc114170494fdfc1a8a0

htxp://www.crij.org//media/system/js/caption.js - Ok

Checking:htxp://www.crij.org//media/system/js/core.js
File size:4784 bytes
File MD5:4b59c964036a5a6ba36d4cfa34968c2a

htxp://www.crij.org//media/system/js/core.js - Ok

Checking:htxp://www.google-analytics.com/urchin.js
File size:22.15 KB
File MD5:1f36e699091daed40331072860cce88a

htxp://www.google-analytics.com/urchin.js - Ok

Checking:htxp://www.crij.org//templates/crij/js/head.min.js
File size:5376 bytes
File MD5:6f5e6fce4858e71673e74ee183f9315b

htxp://www.crij.org//templates/crij/js/head.min.js - Ok

Checking:htxp://www.crij.org/index.php
Engine version:7.0.5.6250
Total virus-finding records:4449284
File size:42.38 KB
File MD5:15606b1b258f22c0f6f05f0764c2dd13

htxp://www.crij.org/index.php - archive JS-HTML

htxp://www.crij.org/index.php/JSTAG_1[57d][f5] - Ok
htxp://www.crij.org/index.php/JSTAG_2[69db][1bd] - Ok
htxp://www.crij.org/index.php/JSTAG_3[6bc2][41] - Ok
htxp://www.crij.org/index.php/JSTAG_4[a8a3][5b] - Ok
htxp://www.crij.org/index.php/JSTag_5[69e0][1b8] - Ok
htxp://www.crij.org/index.php/JSTag_6[6bc7][3c] - Ok
htxp://www.crij.org/index.php/JSTag_7[6ca9][39] - Ok
hxtp://www.crij.org/index.php/JSEvent_8[cd] - Ok
htxp://www.crij.org/index.php - Ok

Consider the general website security alerts according to: https://asafaweb.com/Scan?Url=www.crij.org%2Findex.php

polonus