Frequently Asked Questions

What Is Quttera?

Quttera is a set of heuristic and non-signature based investigation engines designed especially to detect security vulnerability exploits hidden in legitimate web-site content.

What type of exploits Quttera engine is capable to detect?

Quttera capable to detect JavaScript exploits found in HTML pages, malicious PDF files and exploits hidden in images and other media content.

What is a security vulnerability?

In software, security vulnerability basically refers to a bug or defect in program/application which allows cyber-criminals to execute malicious code that further download and execute malware.

How vulnerability exploits are used to propagate malware?

The initial target of vulnerability exploit is to gain control over CPU of an attacked computer and further open a communication channel with attacker (or dedicated server). In majority of the cases such connection is then used to download and execute malicious software on the invaded system.

Web Investigation System. Why investigation of a URL sometimes takes too long?

In most of the cases this is due to a server load. If the large amount of users submit the URL then the speed of the investigation decreases.You can continue browsing our site or come back later and enter the same URL to check what is the status of its investigation.

Web Investigation System. Why investigation of a URL sometimes "stucks" on the Download stage?

After the URL is submitted you can observe its status in the "Current status" field. When the content is being downloaded the status is changed to "Download".This stage of the process might take a while due to traffic limits or low download speed. Basically, investigation time = download time + scan time.

What is an all-include.js file in the investigation report?

HTML file may contain separated JavaScript code in several places and in addition it might contain "includes" from another JavaScript files. What is done in all-include.js file is a merge of all JavaScript sections and code found in external "include" into a single file. Sometimes, invocation of the vulnerability exploit is located in the HTML file and the body of exploit is located in external "include".

Web Investigation System. Getting 'link is not valid' in the Current Status field.

In the majority of cases this is due to the redundant spacing. Make sure you haven't added space before and/or after a URL string in the URL input box.

My web-site was found Clean. What does it mean?

The free scanning web engine works totally from the outside probing and analyzing the same Web pages that your customers see. In other words we scan a website externally only with our free web scanner and we only access to what is visible on a browser such as Internet Explorer, Firefox, Chrome and etc. If you have a hidden malware within your website system files or core files that doesn't render content on the browser, it will not report malicious activity.

If you still think that your website is infected with malware or hacked, please contact us at We can scan your website internally and perform a full manual audit of your site as well as clean any infection that our free scanner didn't point out.

My web-site found Potentially Suspicious. What does it mean?

At least one file is Potentially Suspicious and the rest are Clean. Potentially Suspicious status assigned to pages that contain HTML/JavaScript content previously met in both malicious and clean sites. There is high probability that this content is clean but it still requires your attention to eliminate any doubts. Pages under this status may contain hidden iframes and some well-known encoding procedures used to decrease size of JavaScript code.

My web-site found Suspicious. What does it mean?

At least one file is Suspicious and the rest are Clean or Potentially Suspicious or both. Suspicious status assigned to files that contains HTML tags and JavaScript code previously met in malicious sites and it is unlikely to be used for non-malicious activities. Pages under this status may contain reference to hidden URLs, iframes referencing hidden URLs, obfuscation of JavaScript code that could be used for malicious activities.

My web-site found Malicious. What does it mean?

At least one file is Malicious and the rest are Clean or Potentially Suspicious or Suspicious or files of all three types. Malicious status assigned to files containing binary vulnerability exploits, PDF files containing malicious elements like embedded PE files and other known and/or "zero-day" threats.

Can you clean my website if it is already infected with malware?

Yes, we perform cleanup to already infected websites.

Do you offer a one time cleanup?

No, we do not offer one time malware removal. All our plans include unlimited malware removal.

Do you offer a refund?

Yes, we do offer a full refund in case:

1. A refund has been filed within 30 days from the purchase day and no malware removal request is submitted.

2. We are not able to remove an infection.

Can I upgrade my plan?

Yes, please contact our support team via your dashboard account or emails to

Can I contact support team via phone?

All our malware removal request are handled via our ticketing system. You are welcome to contact us on the following numbers if you still would like to speak to one of our representatives:

US +1 (323) 540-5642

IL +972 (0) 337-413-04

Please note that in case we are busy and not able to take your call, please leave a voice message and we will get back to you as soon as possible.

Do you offer a plan for more than 10 websites?

Yes, we do have a custom plan for customers with more than 10 websites. Please contact our sales team at to get a price list.

  • Connect With Us
  • Facebook
  • Twitter
  • YouTube

© 2016 Quttera Ltd. All rights reserved.