Fake virus notification removal

[giankar]

Sorry about that :/

[gbaliotis]

Good morning.

We still have the same problem in Nethall.gr. In http://sitecheck.sucuri.net/scanner, we found that our site is verified clean and not blacklisted.

Nevertheless, we got the following error from avast:

avast! blocked you from visiting an infected webpage
Infection Details
URL:   http://separate-buffet.25u.com/showthrea...
Process:   file://C:\Program Files (x86)\Internet E...
Infection:   js:Downloader-gen@bhv [Expl]

Warn your friends to avoid this website Twitter
Threat stats for last 30 days

Blocked infected sites: 41 840 160
Infected domains: 288 237

Can you please help us. Unfortunately, we lose visits with this problem.

Best regards,

George Baliotis
e-mail: gbaliotis@gmail.com

[Asyn]

Report    2011-10-31 12:15:56 (GMT 1)
Website    separate-buffet.25u.com
Domain Hash    acd1a5fbaa103c24d1e8c6205bd83930
IP Address    95.163.66.209 [SCAN]
IP Hostname    -
IP Country    RU (Russian Federation)
AS Number    12695
AS Name    DINET-AS Digital Network JSC
Detections    2 / 23 (9 %)
Status    SUSPICIOUS

Report    2011-10-27 13:23:01 (GMT 1)
IP Address    95.163.66.209
IP Hostname    -
IP Country    RU
AS Number    N/A
AS Name    N/A
Detections    2 / 26 (8 %)
Status    SUSPICIOUS

http://www.google.com/safebrowsing/diagnostic?site=separate-buffet.25u.com
http://global.sitesafety.trendmicro.com/
http://www.malwaredomainlist.com/mdl.php?search=95.163.66.209
http://www.mywot.com/en/scorecard/95.163.66.209

[gbaliotis]

Hello Asyn.

Thank you very much for your quick response!

Can you help us find the infected file? Where did you find this Russian site? Where is it placed in Nethall.gr?

Thanks for your help in advance.

George Baliotis

[Asyn]

Thank you very much for your quick response!

You're welcome..!
Sorry, no time to investigate further, atm.
Hopefully someone else can help you.
Good luck..!