Avast are still saying my site is infected despite multiple scans to the contrar

[StevenAitchison]

Hi

I have contacted Avast numerous times using the correct form and reporting 'report false virus alert on website' , and I am getting no response.  This has now been going on for months.  I am getting really tired of this and wondered if there is any legal action I can take against Avast, unless I am totally wrong and there are viruses, however according to all the scans below there are none.

I have checked my site on numerous scanners:

hxxp://vscan.novirusthanks.org/analysis/8fd80e03d0c5bac7216ff604fc85eab2/aW5kZXg=/

hxxp://sitecheck.sucuri.net/results/www.cytguides.com

hxxp://zulu.zscaler.com/submission/show/5ec34ca02cde41714e708fb7f1d4f3f0-1363273591

hxxp://urlquery.net/report.php?id=1427307

Can anybody help out at all, or know a contact at Avast that can get this sorted, I am losing money every day.

Steve

[Pondus]

and what does avast say?......a screenshot would help
if it say URL:mal it means it is on a blacklist..... for whatever reason


urlvoid.   http://www.urlvoid.com/scan/cytguides.com/
browser defende.   http://www.browserdefender.com/site/cytguides.com/

virustotal
https://www.virustotal.com/en/url/59ca8eaaaa94a8c827ae32ca5de3c9ca2dff45e77df979da5f44ba52251d7762/analysis/1363276220/

[essexboy]

Here it is

[augustus]

http://support.avast.com/index.php?languageid=1&group=eng&_m=tickets&_a=submit...
try that one if you haven't yet, and set the priority on high you should get an email back response soon

[polonus]

Potential suspicious files found by Quttera's:

/js/iview.pack.js
Severity:    Potentially Suspicious
Reason:    Detected potentially suspicious content.
Details:   Detected potentially suspicious initialization of function pointer to JavaScript method eval <code> __tmpvar1616100674 = eval; <code/>

/IsoMind/index.html
Severity:    Potentially Suspicious
Reason:    Detected procedure that is commonly used in suspicious activity.
Details:   Too low entropy detected in string [['***************************************\n\n W A I T B E F O R E Y O U G O !\n\n CLICK THE *ST']] of length 254 which may point to obfuscation or shellcode.
 

/84PersonalDevelopmentReports/?action=topaffiliates
Severity:    Potentially Suspicious
Reason:    Detected procedure that is commonly used in suspicious activity.
Details:   Too low entropy detected in string [['***************************************\n\n > > > W A I T < < <\n\n CLICK THE ***CANCEL*']] of length 218 which may point to obfuscation or shellcode.

iFrame scanned 1: <iframe src=exitsplashpage width=100% height=100% align=middle frameborder=0> could be a disapproved ad referral...

and a javascript code hick-up here: (benign but slowing down)
cytguides dot com/js/jquery.plugins.js benign
[nothing detected] (script) cytguides dot com/js/jquery.plugins.js
     status: (referer=cytguides dot com/)saved 73528 bytes f16a47cf5f1d813d0593dc0efae8b057d6c645f6
     info: [decodingLevel=0] found JavaScript
     error: undefined variable jQuery
     error: undefined variable a.fn *
     error: line:1: SyntaxError: missing ; before statement:
          error: line:1: var a.fn = 1;
          error: line:1: ....^
     suspicious: * creating a problem with PHP function

polonus

[StevenAitchison]

Hi

Thanks for the responses.  I used the new webpage to contact Avast, and hopefully can get this resolved.

A new scan at:

http://www.urlvoid.com/scan/cytguides.com/ reveals no threats found, the one you used Pondus was 4 months old.

Fingers crossed I can finally get this resolved.

[StevenAitchison]

Also Browser Defender states the server is in the UK, and it was changed way back last year, so their records are out of date as well.

http://www.browserdefender.com/site/cytguides.com/

[polonus]

Well send a FP report to virus AT avast dot com and link to this thread. Remember that it is the avast team that will decide on detection.
If found to be clean they are soon to repair FPs, even as fast as with an upcoming update,

polonus