Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Clean site in blacklist avast
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Clean site in blacklist avast (Read 3908 times)
0 Members and 1 Guest are viewing this topic.
Vadim_S
Guest
Clean site in blacklist avast
«
on:
January 06, 2013, 06:06:26 PM »
Hello,
My site hxtp://kvnbest.ru is in the avast black list. This site has been tested and does not contain viruses.
http://www.unmaskparasites.com/security-report/?page=kvnbest.ru
https://www.virustotal.com/url/771c5bf773b5fb4396df67334d8e84499c0381c890c67051ed8f5854defd3d3f/analysis/
Please help to exclude a site from the black list.
«
Last Edit: January 08, 2013, 11:40:22 AM by Milos
»
Logged
MAG
Guest
Re: Clean site in blacklist avast
«
Reply #1 on:
January 06, 2013, 06:35:44 PM »
If you're certain it's clean you can report as false positive:
http://www.avast.com/contact-form.php?loadStyles
Logged
Pondus
Probably Bot
Posts: 37527
Not a avast user
Re: Clean site in blacklist avast
«
Reply #2 on:
January 06, 2013, 06:41:45 PM »
And what does avast say?......a screenshot of the warning may help
urlquery give a ISD alert
http://urlquery.net/report.php?id=623232
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: Clean site in blacklist avast
«
Reply #3 on:
January 06, 2013, 08:19:23 PM »
Hi Pondus.
I think this is IP related because of a long overdue JS/Blacole.O detection on an url domain for that IP ->:
http://wepawet.iseclab.org/view.php?type=js&hash=20ecd55b3af07a78b06d65d0326b2b0b
& ->
https://www.virustotal.com/file/6a640db20a52065b54de054e9af728c381f04d733a552fedcaec37ebd8411b2c/analysis/
Malware alive and active since: 2012-08-06 12:00:59 status: OVERDUE! Overdue! active for over 3681.1 hrs. (data from VirusWatch):
Re:
http://urlquery.net/queued.php?id=8050508
. For the Suricata&Snort IDS alerts there, see: -> this link on GMane from Balasubramaniam Natarajan :
http://comments.gmane.org/gmane.comp.security.ids.snort.emerging-sigs/17692
(commented Oct 1st 2012 by Matt Jonkman for EmergingThreats pro Snort ruleset)
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Vadim_S
Guest
Re: Clean site in blacklist avast
«
Reply #4 on:
January 07, 2013, 02:47:54 PM »
Quote from: Pondus on January 06, 2013, 06:41:45 PM
And what does avast say?
IE:
After Stopping Network Shield (Yandex Browser):
Logged
polonus
Avast Überevangelist
Probably Bot
Posts: 33897
malware fighter
Re: Clean site in blacklist avast
«
Reply #5 on:
January 07, 2013, 03:16:21 PM »
Also get this firekeeper IDS-alert for that site, details: === Triggered rule ===
alert (msg:"The address you tried to access points to a Malware. Please visit
http://www.malwarepatrol.net
for more information"; url_content:"
http://web.archive.org/
"; reference:url,www.malwarepatrol.net; fid:350030; rev:20130107135342;)
=== Request URL ===
http://web.archive.org/web/
*/kvnbest.ru
see:
http://urlquery.net/report.php?id=630304
(IDS flag for exploit kit's filemagic macromedia flash exploit
polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.
Use NoScript, a limited user account and a virtual machine and be safe(r)!
Milos
Avast team
Super Poster
Posts: 2294
Re: Clean site in blacklist avast
«
Reply #6 on:
January 08, 2013, 11:40:52 AM »
Hello,
it should be fixed from yesterday.
Milos
Logged
Vadim_S
Guest
Re: Clean site in blacklist avast
«
Reply #7 on:
January 09, 2013, 05:12:26 AM »
Thank you all! My site was removed from the blacklist.
Logged
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Clean site in blacklist avast