Author Topic: avast Blocking Access to My Own Site: FP?  (Read 10666 times)

0 Members and 1 Guest are viewing this topic.

Ken Saunders

  • Guest
avast Blocking Access to My Own Site: FP?
« on: July 16, 2011, 07:09:56 AM »
Will someone please tell me why avast is reporting that my site has a Trojan and blocking me, its owner and creator from accessing it?
s:Downloader-LP [Trj]




http://www.siteadvisor.com/sites/www.accessfirefox.org
http://www.siteadvisor.com/sites/www.accessfirefox.org

Look, I've been a user for a long time. probably for 5 or so years.
I was seriously considering going Pro.
Why? Sure, the extra features, but also to give back for what I've gotten.

This is quite frustrating though.
So is not being able to print my scan report so that I can research and also report all of the false positives showing up in the scan for PHP elements in my site backups, and WordPress ones too.

Man, I do not want to shutdown avast and install something else.
I've tried something else. I've tried many different programs. Avast is the best, and the one that has suited my needs.
I love it, I trust it.

Guys, this is my own site.
Please advise, or just update the engine and definitions so that I can work on my site and others using avast aren't blocked too. It's quite embarrassing and it'll give my site a bad rep, not to mention causing me to lose visitors forever.

Thanks
Ken
« Last Edit: July 16, 2011, 01:40:47 PM by Ken Saunders »

Ken Saunders

  • Guest


Offline nmb

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3060
Re: avast Blocking Access to My Own Site: FP?
« Reply #3 on: July 16, 2011, 08:17:32 AM »
Generally avast is pretty good in catching such things. But, as the VT results shows that other antiviruses does detect the site, I highly doubt that it is a FP unless disproved by analysis.

Ken Saunders

  • Guest
Re: avast Blocking Access to My Own Site: FP?
« Reply #4 on: July 16, 2011, 11:57:23 AM »
What an unbelievable mess. Seriously. There's probably a few hundred link entries (injections?).
I'm so, man, pissed? Sure.

My backup seems to be clean so I'm just wiping out the site and I'll restore it.

It actually occurred on two of my sites.
The issue is so obvious on accessfirefox.org, but not so much on one of my others.
And another, that does have WordPress installed, was clean.

I think that this happened after a recent WordPress update. I'm nearly certain.
I remember there being a WordPress breach of some kind a month or two ago. I didn't think that an update made two days ago would bring this on if that is indeed where the idiots entered.

I'm humbled, and extremely appreciative for help. It was spot on.
I'm also so very grateful for avast!
It's saved my butt, and my visitors. For me, not the first time.

When I get the $, I'll be upgrading, and promoting avast! on my sites. Not as an affiliate to earn cash for myself, but just to support them and to help others who need to be using it.


Any PC that I work on, and have in the past gets Avast installed.
I require it or I won't bother troubleshooting and repairing software issues.

Thanks a hundred times.
I have a lot more to learn.

Sincerely,
Ken Saunders















Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
Re: avast Blocking Access to My Own Site: FP?
« Reply #5 on: July 16, 2011, 12:51:45 PM »
URLvoid results.

Report    2011-07-16 07:30:35 (GMT 1)
Website    accessfirefox.org
Domain Hash    290081dba1b815ef6161f5731f527392
IP Address    173.236.193.200 [SCAN]
IP Hostname    apache2-igloo.castor.dreamhost.com
IP Country    -- (--)
AS Number    26347
AS Name    DREAMHOST-AS - New Dream Network, LLC
Detections    0 / 23 (0 %)
Status    CLEAN

Site check-Sucuri results :
    Site:     accessfirefox.org
    Status: Verified Clean
    Trust:   Not Blacklisted


Security report (No threats found):
check       Blacklisted:      No
check   Malware:    No
check   Malicious javascript:      No
check   Malicious iFrames:    No
check   Drive-By Downloads:      No
check       Anomaly detection:      No
check       IE-only attacks:        No
check   Suspicious redirections:        No
check   Spam:   No
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Ken Saunders

  • Guest
Re: avast Blocking Access to My Own Site: FP?
« Reply #6 on: July 16, 2011, 01:40:07 PM »
Awesome!
Just scanned it too.

I have another one to fix still.

Thank you.  ;D

Ken Saunders

  • Guest
Re: avast Blocking Access to My Own Site: FP?
« Reply #7 on: July 16, 2011, 01:43:48 PM »
By the way, great to see that you use Firefox.

Memory issues are being worked on.  ;)

Do you use avast's add-on?
I'm wondering if the bouncing back and forth between servers and my browser will slow things down.
I used to use WOT.

Offline Left123

  • There Is No Patch For Human Stupidity.
  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 1048
  • Proud Community Member&Helper.
Re: avast Blocking Access to My Own Site: FP?
« Reply #8 on: July 16, 2011, 02:08:28 PM »
By the way, great to see that you use Firefox.

Memory issues are being worked on.  ;)


Do you use avast's add-on?
I'm wondering if the bouncing back and forth between servers and my browser will slow things down.
I used to use WOT.

It's true,unfortunately.
AMD Athlon(tm) X2 Dual-Core Processor 4200+ - 2.20 GHz,3,00 GB RAM -
Browser:Mozilla Firefox +WOT - SoftWare:CCleaner - Windows 7 32 bit
No Anti-Virus

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33577
  • malware fighter
Re: avast Blocking Access to My Own Site: FP?
« Reply #9 on: July 16, 2011, 04:17:09 PM »
Just some more info on that website: Spamcheck secure, SafeBrowsing: secure, WOT rating: four greens and webutation score 100 out of 100: http://www.webutation.net/go/review/accessfirefox.org
, furthermore: site does not use cookies on starting site, the server does not give away the version number (which is more secure), site uses tracking, accessibility issues: NoScript tag is present, some headings aren't marked as such, nearby image with same txt, event handler present,
Site not blacklisted on GoogleChrome, Firefox, Norton Safe Web, sources checked four, entries found zero, iFrame report: No zeroiframes detected!
Check took 4.37 seconds

(Level: 0) Url checked:
-http://www.accessfirefox.org/
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.accessfirefox.org//css_switcher/css_switcher.js
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.accessfirefox.org//javascript/images_off.js
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.accessfirefox.org//menu/dropdownmenukeyboard.js
Blank page / could not connect
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.accessfirefox.org//javascript/pngfix.js
Zeroiframes detected on this site: 0
No ad codes identified

(Level: 1) Url checked: (script source)
-http://www.accessfirefox.org//stateye/stateye.js
SyntaxError: XML tag name mismatch (expected img):
Zeroiframes detected on this site: 0
No ad codes identified

Syntax error: <!DOCTYPE html PUBLIC "-/W3C/DTD HTML 4.01/EN" "-http:/www.w3.org/TR/html4/strict.dtd">

Site now with 2 flags (probably not actual results): reanalysis at VT:
http://www.virustotal.com/url-scan/report.html?id=d4dbbd158233a299a05a49daf4484db1-1310817962

polonus
« Last Edit: July 16, 2011, 04:20:50 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Ken Saunders

  • Guest
Re: avast Blocking Access to My Own Site: FP?
« Reply #10 on: July 18, 2011, 05:23:51 AM »
Hey I want to thank you all for the awesome, and precise help and links (bookmarked them).
It's greatly appreciated.

Sorry to avast for my initial accusatory post.
Avast wasn't the issue after all was it? In fact, it saved my butt.

I've volunteered for a few help forums and sites in the past (mozillaZine, SpreadFirefox.com, and others) and it's all too often that people show up all pissed off blaming a product for a user issue.  I did just that when I know better.

Again, thanks sincerely for the help.
I hope that others that you assist return too, to at least show some gratitude.

Ken