Triavip.fr not running any malware

Our French store http://triavip.fr is being blocked by Avast from an apparent url:mal warning and despite several false warnings submitted it remains the same and impossible to access if you are running Avast. Here are the online check results from sucuri and google:
https://sitecheck.sucuri.net/results/triavip.fr
http://www.google.com/safebrowsing/diagnostic?site=triavip.fr

Our Spanish store runs on the same server from the same installation so if it is clean, the French store should be as well. Please review and remove from your list as dangerous.

hey zulu did not found anything to

http://zulu.zscaler.com/submission/show/4983ad3f1911014c4f69e35235cd7110-1439457810

but the result of your google scan did say something that had happen to the link during two days during the latest 90 days. have you chance anything on the site?

hopyully someone more knowledge in this will check this up, sens im no expert.

It was cleared by Google Webmaster Tools after the warnings came in almost immediately and were links identified away from the store, but it’s been over a week since I’ve been asking for the domain to removed from Avast without any reply. It’s obviously damaging when users on our France store try to access and are blocked if they have Avast on their device. The tool to notify Avast of a false positive hasn’t had any success so the forum is the only hope.

The tool to notify Avast of a false positive hasn't had any success so the forum is the only hope.
Did you report it here ? https://support.avast.com > avast virus lab

I had posted from the actual Avast tool and on the contact form but thanks for the link to this. Posted and hoping for a speedy recovery. Thanks.

Hello,
it was hijacked by ExploitKit Angler. Clean the files on hosting, change passwords, update systems. And then create ticket in https://support.avast.com/ → Avast Virus Lab for unblocking.

Milos

just some info if interested…

A closer look at the Angler exploit kit https://blogs.sophos.com/2015/07/21/a-closer-look-at-the-angler-exploit-kit/

Angler Exploit Kit Gives Up on Malwarebytes Users https://blog.malwarebytes.org/exploits-2/2015/05/exploit-kit-authors-give-up-on-malwarebytes-users/

To prevent infection it is important to be protected by a decent ad-ware blocker as malware-ads may angler infest.
Also third party page redirects of injected javascript should be blocked - via uMatrix for instance -

polonus

Hi Milos,

What was used to detect the hacking by Angler exploit kit and can it be run again to identify if still at large?

Thanks

Hello,
we use some rules to detect it. The domain looks clean now, we will unblock it.

Milos