Author Topic: Site flagged for malware (mauiblogger.net), help needed  (Read 10485 times)

0 Members and 1 Guest are viewing this topic.

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #15 on: August 10, 2013, 05:33:00 PM »
Do you recognize the sites found here?: http://urlquery.net/domain_graph.php?id=4458074

~!Donovan
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

411ashish

  • Guest
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #16 on: August 10, 2013, 07:20:52 PM »
Yeah, most of those are ads, which I tried removing entirely but still got the error. You'll notice in that chart that cdn.mauiblogger.net, which is what is setting off the issue, loads directly from 411mania.com, not one of the other URLs. I had Rackspace look into the issue and they couldn't even find anything and said that it must be an issue with Avast since no other antivirus software or Google has any issues with anything on the site. I'm really confused/frustrated here.

Offline !Donovan

  • Web Analyst
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2219
    • The WAR Against Malware
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #17 on: August 10, 2013, 07:44:46 PM »
What is this?
Code: [Select]
GET /k HTTP/1.1
Host: cdn.mauiblogger.net

~!Donovan
Familiarize Yourself! | Educate Yourself! | Beautify Yourself! | Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33935
  • malware fighter
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #18 on: August 10, 2013, 08:20:34 PM »
Look for the alerts on that same IP and domain: http://urlquery.net/report.php?id=3804284
IDS for MALWARE-OTHER TDS Sutra - redirect received, ergo clickfraud

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

411ashish

  • Guest
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #19 on: August 11, 2013, 03:57:01 AM »
polonus, I clicked on the urlquery report you pulled for cdn.mauiblogger.net and it was totally clean with no malware warning. Makes zero sense that urlquery.com gives a malware warning for 411mania.com which they say is coming from 174.122.149.143 (cdn.mauiblogger.net) but that when I do a urlquery report for cdn.mauiblogger.net itself, it comes back totally clean.

Something isn't right here.

411ashish

  • Guest
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #20 on: August 11, 2013, 03:59:43 AM »
Well, now with me not having made any changes, the urlquery warning is gone and I assume the Avast warning is also gone. Seems like this was a false positive that cost me hours of wasted time troubleshooting and a lot of money in lost traffic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33935
  • malware fighter
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #21 on: August 11, 2013, 12:41:53 PM »
No avast flags here for the main site with NoScript and RP active, in IE and fx without NoScript and RP there I get the avast flag for
htxp://cdn.mauiblogger.net/k and a MALWARE-OTHER TDS Sutra - redirect received on http://urlquery.net/report.php?id=3848214
The TDS Sutra Exploit is a “Traffic Direction System” that redirects your browser to malicious websites that host other malware.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48655
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Site flagged for malware (mauiblogger.net), help needed
« Reply #22 on: August 11, 2013, 01:09:14 PM »
Well, now with me not having made any changes, the urlquery warning is gone and I assume the Avast warning is also gone. Seems like this was a false positive that cost me hours of wasted time troubleshooting and a lot of money in lost traffic.
It's not nice to blame the messenger. He, avast!, is only doing his job keeping his customers safe. :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet