Hi, i´m the owner of a website i use to host some JPG images for my online sales in brazilian ebay. Avast is returning false alert and scaring some of my costumers. Heres a example of the product i´m selling: http://produto.mercadolivre.com.br/MLB-461460021-nintendo-3ds-destravado-original-varias-cores-c-150-brinde-_JM
On this webpage the imagens hosted on my website,http://wiiclubgameseacessorios.com are all getting false alarms. Please check why my JPG files are beeing flaged.
Content after the < /html> tag should be considered suspicious. It sends the message “Please come hack this site!” to every hacker in the world.
1548:
There might be an IP blocked there, because of JS/Downloader.Agent from another domain on IP 66.96.147.118. and EXPLOIT-KIT Redkit exploit kit redirection attempt from 66.96.147.118 (see: http://urlquery.net/report.php?id=795802)
polonus
And what is it avast say?
A screen shot of the warning would help…
Hi Pondus,
Avast says “Infection: URL:Mal”, consistent with my theory of the IP being blocked by avast Network Shield because of malware being launched from that abused, misused server…
2013-01-21 22:41:04 0 / 1 htxp://www.ncssma.org/regional_assns/NYMS/wpscripts/jsNavBarFuncs.js [United States] 66.96.147.118
2013-01-20 03:21:13 0 / 1 hxtp://www.ncssma.org/regional_assns/NYMS/wpscripts/global_navtree.js [United States] 66.96.147.118
2013-01-05 07:30:20 0 / 1 htxp://www.qloup.com/c18.html [United States] 66.96.147.118
2013-01-05 07:30:12 0 / 1 htxp://www.qloup.com/ [United States] 66.96.147.118
2012-12-30 02:55:39 0 / 4 htxp://redhead.uxxxporn.com/?video=11068 [United States] 66.96.147.118
2012-12-27 02:14:19 2 / 2 htxp://www.thebakertwins.com/thebtguys.com/ [United States] 66.96.147.118
polonus
Several detected websites hosted on same IP
urlvoid.com/ip/66.96.147.118/
So What should i Do? The page is hosted by www.ipage.com and i don´t own the host so i can do nothing about the other webpages on the same IP. And i Wonder why only avast is getting a FP in my site, the other Anti-Viruses don´t.
You could report a possible FP here: http://www.avast.com/contact-form.php?loadStyles and ask for a domain exclusion from the general IP block,
polonus
Do they take too long to answer? Because when i´ve started this post i´ve mailed them using that link and got zero answer till now.
They won’t answer here, but in case of a genuine FP they are known to react soon with an update to cure it.
If the site is malicious, it should be cleansed first, before unblocking could take place…
polonus