Author Topic: False/Wrong Warning when accessing a website !!!!!  (Read 5355 times)

0 Members and 1 Guest are viewing this topic.

Offline xiaoxiao2007

  • Newbie
  • *
  • Posts: 3
False/Wrong Warning when accessing a website !!!!!
« on: February 12, 2015, 06:08:29 PM »
I have a forum website but it's very safe, I don't put any virus codes on that website but avast said it is virus and  blocked it, I can't access to the website except I turn off avast

Could anyone please check this website for me ?
http://ghostonlinevn.com

And if this is false blocked, please update virus definitions again :(

Thank you very much.

Image :

« Last Edit: February 12, 2015, 06:11:02 PM by xiaoxiao2007 »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
« Last Edit: February 12, 2015, 06:24:14 PM by Pondus »

Offline xiaoxiao2007

  • Newbie
  • *
  • Posts: 3
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #2 on: February 12, 2015, 06:33:13 PM »
Yea ...always blame avast for being wrong

Site is infected   http://sitecheck.sucuri.net/results/ghostonlinevn.com/

virustotal html scan
https://www.virustotal.com/en/file/603e7c4b3ad1b2188a33804a029b55a61bcb86c95f72ccf3c3e8480ee36e443c/analysis/1423761678/



Thank you very much
I scanned this website by virustotal too but I can't find the virus
Do you know how to remove that virus ?
I'm the owner of that website but I don't know how to remove it :(

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #3 on: February 12, 2015, 06:36:18 PM »
Errors here http://dnscheck.pingdom.com/?domain=ghostonlinevn.com%2F&timestamp=1423761326&view=1
and here http://www.dnsinspect.com/ghostonlinevn.com/1423761883
and here http://zulu.zscaler.com/submission/show/31ad0918e31c864c189696bf3a78c60e-1423761979

Blacklisted IP here http://multirbl.valli.org/lookup/198.143.143.36.html

edit: You may want to think about hiring someone to assist you with these issues.
       One problem you have is the server which could lead to cross scripting and spam.
« Last Edit: February 12, 2015, 06:39:21 PM by Para-Noid »
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #4 on: February 12, 2015, 06:40:32 PM »
IP history    https://www.virustotal.com/en/ip-address/198.143.143.36/information/

IPvoid  http://www.urlvoid.com/ip/198.143.143.36   multiple domains on same IP

Quote
IP ADDRESS: 198.143.143.36

We have found in our database of already analyzed websites that there are 64 websites hosted in the same web server with IP address 198.143.143.36 and IP hostname phx11.stablehost.com. Remember that it is not good to have too many websites located in the same web server because if a website gets infected by malware, it can easily affect the online reputation of the IP address and also of all the other websites.


WOT  (spamming spammers spamming spamtraps)  https://www.mywot.com/en/scorecard/198.143.143.36


Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #5 on: February 12, 2015, 06:43:57 PM »
If you don't know how to clean the site, you should hire someone who can.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37506
  • Not a avast user
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #6 on: February 12, 2015, 06:47:58 PM »
If you don't know how to clean the site, you should hire someone who can.
Sucuri   http://sucuri.net/website-antivirus/signup


Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #7 on: February 12, 2015, 06:58:10 PM »
Known iFrame redirecting malware to blacklisted domain: htxp://227.statscreen.info/index.html?p=246341
See: http://labs.sucuri.net/?details=868.statscreen.info

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline xiaoxiao2007

  • Newbie
  • *
  • Posts: 3
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #8 on: February 12, 2015, 08:02:54 PM »
Thank you guys so much :)
I've figured it out :)
The solution is very easy but I thought it was complex, took so much time :(
Sulotion for other people if you have same situation :
Simply go to cpanel or directadmin and open index.html, then remove the codes after </html> tag

Done

Result after scanned :
http://sitecheck.sucuri.net/results/ghostonlinevn.com

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: False/Wrong Warning when accessing a website !!!!!
« Reply #10 on: February 12, 2015, 09:42:06 PM »
This is not the received data you are after with your site - it is broken now
Quote
HTTP/1.0 200 OK
Date: Thu, 12 Feb 2015 20:37:44 GMT
Server: LiteSpeed
Accept-Ranges: bytes
Connection: close
ETag: "19b0-549b4fed-b73e5e0a6d4a0d61"
Last-Modified: Wed, 24 Dec 2014 23:44:45 GMT
Content-Type: text/html
Content-Length: 6576

<!DOCTYPE html>
<html lang="en-US" xmlns="http://www.w3.org/1999/xhtml" dir="ltr">
<head>
   <title>Upps - Something Went Wrong!</title>
   <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
   <link rel="shortcut icon" href="https://www.stablehost.com/css/images/favicon.ico" />
   <link rel="stylesheet" href="https://www.stablehost.com/css/style.css" type="text/css" media="all" />
   <link href='http://fonts.googleapis.com/css?family=Lato:100,300,400,700,900,100italic,300italic,400italic,700italic,900italic' rel='stylesheet' type='text/css' />

   <script type="text/javascript" src="https://www.stablehost.com/js/jquery-1.11.0.min.js"></script>
   <script type="text/javascript" src="https://www.stablehost.com/js/modernizr.custom.14914.js"></script>   
   <script type="text/javascript" src="https://www.stablehost.com/js/functions.js"></script>   
</head>
<body>
   <div class="wrapper">
      <header>
         <div class="shell-primary">            
            <a href="http://www.stablehost.com" class="logo">
               <span>stablehost</span>
               <img src="https://www.stablehost.com/css/images/Logo-White.png" alt="" width="191" height="38" />
            </a>

            <nav class="nav">
               <ul>
                  <li>
                     <a href="http://www.stablehost.com/web-hosting.php">Web Hosting</a>
                  </li>
                  
                  <li>
                     <a href="http://www.stablehost.com/reseller-hosting.php">Reseller Hosting</a>
                  </li>
                  
                  <li>
                     <a href="http://www.stablehost.com/vps-hosting.php">Vps Hosting</a>
                  </li>
                  
                  <li class="link-signup">
                     <a class="btn-signup" href="https://billing.stablehost.com/cart.php">Sign Up</a>
                  </li>
               </ul>
            </nav><!-- /.nav -->
         </div><!-- /.shell-primary -->
      </header>

      <div class="container">
         <div class="shell">
            <nav class="nav-secondary">
               <ul>
                  <li>
                     <a href="http://www.stablehost.com/about-us.php">Why Us</a>

                     <span>|</span>
                  </li>
                  
                  <li>
                     <a href="https://forums.stablehost.com/">Community Forums</a>

                     <span>|</span>
                  </li>
                  
                  <li>
                     <a href="https://www.stablehost.com/login.php">Client Login</a>

                     <span>|</span>
                  </li>
                  
                  <li>
                     <a href="https://www.stablehost.com/contact.php">Contact Us</a>
                  </li>
               </ul>
            </nav><!-- /.nav-secondary -->
         </div><!-- /.shell -->

            <article class="article article-error">
               <div class="shell">
                  <div class="article-head">
                     <h1 class="article-title">UPPS - SOMETHING WENT WRONG!</h1><!-- /.article-title -->
                  </div><!-- /.article-head -->
                  
                  <div class="article-body">
                     <h3>Why am I seeing this page?</h3>

                     <p><strong>This website is temporary unavailable, please try back later. </strong></p>

                     <p>If you are the web site owner, it is possible you have reached this page because:</p>

                     <ul class="list-dots">
                        <li>The IP address of your website has recently been changed or you may be using the wrong IP address.</li>
                        
                        <li>Your website may have been moved to a different server recently.</li>
                     </ul><!-- /.list-dots -->

                     <p>Need help? Please try clearing your DNS cache first. If that doesn't work please contact us and we'll be happy to assist!</p>
                  </div><!-- /.article-body -->
               </div><!-- /.shell -->
            </article>
            </div><!-- /.container -->
      
      <footer>
         <div class="footer-inner">
            <div class="shell">
               <div class="footer-nav">
                  <h4>Services</h4>

                  <ul>
                     <li>
                        <a href="http://www.stablehost.com/shared-hosting.php">Shared Web Hosting</a>
                     </li>
                     
                     <li>
                        <a href="http://www.stablehost.com/enterprise-hosting.php">Enterprise Web Hosting</a>
                     </li>
                     
                     <li>
                        <a href="http://www.stablehost.com/reseller-hosting.php">Reseller Hosting</a>
                     </li>
                     
                     <li>
                        <a href="http://www.stablehost.com/vps-hosting.php">Virtual Private Servers</a>
                     </li>
                     
                     <li>
                        <a href="https://billing.stablehost.com/cart.php?a=add&domain=register">Domain Names</a>
                     </li>
                  </ul>
               </div><!-- /.footer-nav -->
               
               <div class="footer-nav">
                  <h4>Company</h4>

                  <ul>
                     <li>
                        <a href="http://www.stablehost.com/affiliates.php">Affiliates</a>
                     </li>
                     
                     <li>
                        <a href="https://forums.stablehost.com/">Community Forums</a>
                     </li>
                     
                     <li>
                        <a href="http://ratelobby.com/review/130/stablehost-com">StableHost Reviews</a>
                     </li>
                     
                     <li>
                        <a href="http://www.stablehost.com/about-us.php">Why Us</a>
                     </li>
                  </ul>
               </div><!-- /.footer-nav -->
               
               <div class="footer-nav">
                  <h4>Support</h4>

                  <ul>
                     <li>
                        <a href="https://billing.stablehost.com/login.php">Account Login</a>
                     </li>
                     
                     <li>
                        <a href="http://www.stablehost.com/network.php">Network Information</a>
                     </li>
                     
                                                        <li>
                                                                <a href="https://www.stablehost.com/contact.php">Contact Us</a>
                                                        </li>
                     
                     <li>
                        <a href="https://billing.stablehost.com/knowledgebase.php">Knowledgebase</a>
                     </li>
                  </ul>
               </div><!-- /.footer-nav -->

               <div class="contacts">
                  <div class="socials">
                     <p class="contact-label">Connect With Us</p><!-- /.contact-label -->

                     <ul>
                        <li>
                           <a href="http://www.twitter.com/stablehost" class="link-twitter">twitter</a>
                        </li>
                        
                        <li>
                           <a href="http://www.facebook.com/stablehost" class="link-facebook">facebook</a>
                        </li>
                     </ul>
                  </div><!-- /.socials -->

                  <div class="phone">
                     
                     <p class="contact-label">Talk With Us</p><!-- /.contact-label -->

                     <strong>
                        <i class="ico-phone"></i>

                        866 945 6952
                     </strong>
                  </div><!-- /.phone -->
               </div><!-- /.contacts -->
            </div><!-- /.shell -->
         </div><!-- /.footer-inner -->

         <div class="copyright">
            <div class="shell-primary">               
               <p>
                  &copy; Copyright 2014 Stable Host, LLC

                  <span>|</span>

                  <a href="http://www.stablehost.com/terms.php">Terms of Service</a>

                  <span>|</span>

                  <a href="http://www.stablehost.com/privacy.php">Privacy Policy</a>
               </p>
            </div><!-- /.shell-primary -->
         </div><!-- /.copyright -->
      </footer>
   </div><!-- /.wrapper -->
</body>
</html>

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!