Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: REDACTED on September 07, 2016, 12:48:17 PM
-
Help me please. Avast falsely triggered on the site http: //XN--H1ADEHFB2AN.XN--P1AI/
The site is completely thoroughly rechecked . Viruses on it is not exactly . Most likely , the site is just some list of infected sites or of avast , or adjacent bases.
How to remove it from there ?
-
Make this URL unclickable by hxxps.This is rightfully block by avast!.VT: https://virustotal.com/en/url/c914c9145de99b44ee7ecb2c6bd7a64eacd7e0080fedfa0f060bcac844c57045/analysis/1473245733/ (https://virustotal.com/en/url/c914c9145de99b44ee7ecb2c6bd7a64eacd7e0080fedfa0f060bcac844c57045/analysis/1473245733/)
-
URLVoid > http://www.urlvoid.com/scan/xn--h1adehfb2an.xn--p1ai/
hpHost info > http://hosts-file.net/?s=xn--h1adehfb2an.xn--p1ai
•EMD - Sites engaged in malware distribution
This classification is assigned to website's engaged in the distribution of malware (e.g. adware, spyware, trojans and viruses etc).
Sites with this classification typically either contain files (e.g. cracks, keygens, adware, spyware, trojans, viruses et al) or lead to such via (for example) "fake scanners" or other social engineering and misleading tactics. This includes the activities of rogue Internet Service Providers (ISPs) that host other sites to which the EMD classification applies.
-
The domain name itself is already very suspicious.
-
html scan
https://virustotal.com/en/file/e27bb7dab19670d871f61f784126988596d22b46e11d756b564fb98d6a2ec19f/analysis/1473252260/
-
This was blocked because of Locky at xn--h1adehfb2an[.]xn--p1ai/counter/?ad=15q8pv1pw6vd3jpegzuex6e71yaujayz5j&id=y5rzyqa6rhrlpw15bcjahwzdyvkfnfvzt-njuf_z27je4xzvwsbzsg8k5uv0h1xubgso00vee25w7xc0klky6al4cwi&rnd=42
Can you confirm this has been healed so I can unblock it?