Information on Flagged Site Removal

[REDACTED]

Hi Everyone, hoping to get some info here.   

We have a rather large and popular website that is being flagged as containing malicious content on systems protected with Avast. The website has been cleaned and is not on any of the popular blacklists. My question is, does Avast use 3rd party blacklists, maintain it's own blacklists and/or use other scanning techniques.

Basically we were unable to find anything online about having this warning removed. Most other security entities have routes of removal posted on their sites. We called customer service and they told us to open an account and start a ticket. Just wondering if we could get some basic info here.

Thank you

[DavidR]

Two items that can help to analyse is the URL (change http to hXXp, so the link isn't active) and attach an image of the avast alert (or post the avast alert info).

You are more likely to get a faster response on the forums than generating a support ticket.

[REDACTED]

Thank you so much for the helpful response. It basically says "HTML:Script-ref"   http://screencast.com/t/yjKthBVwXqo

[DavidR]

Since you have obscured the URL in your image, no one can attempt to analyse it.

Please modify the URL of the alert as I mentioned so it isn't active/clickable to avoid exposure and post it in your next post.

The HTML:Script-ref is normally associated with script injection, but that can't be checked without the URL.

[polonus]

Like DavidR says this detection comes from particular embedded javascript code that is alerted.
There were cases however where it was a false positive.
Contact Avast Team here with the full url where the alleged detection was found: https://www.avast.com/contact-form.php
When indeed a FP Avast Team Members are found to react quicly  and sometimes with a next update of the AV.

polonus (volunteer website security analyst and website error-hunter)