Author Topic: A false positive on site  (Read 2604 times)

0 Members and 1 Guest are viewing this topic.

gavkontrol@gmail.com

  • Guest
A false positive on site
« on: September 07, 2016, 12:48:17 PM »
Help me please. Avast falsely triggered on the site http: //XN--H1ADEHFB2AN.XN--P1AI/
The site is completely thoroughly rechecked . Viruses on it is not exactly . Most likely , the site is just some list of infected sites or of avast , or adjacent bases.
How to remove it from there ?

Offline Be Secure

  • Long Time Avast User(10years.....) Security Enthusiast.
  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1908
Re: A false positive on site
« Reply #1 on: September 07, 2016, 12:59:43 PM »
PC- Windows10 EDU 64Bit,avast! free 21.1.2449,uBlock Origin,NVT_OSA,GoogleChrome(64bit),CCleaner,Unchecky,ZAM Free,Shadow Defender.
Security Enthusiast

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37182
Re: A false positive on site
« Reply #2 on: September 07, 2016, 01:19:14 PM »
URLVoid > http://www.urlvoid.com/scan/xn--h1adehfb2an.xn--p1ai/

hpHost info > http://hosts-file.net/?s=xn--h1adehfb2an.xn--p1ai

•EMD - Sites engaged in malware distribution
This classification is assigned to website's engaged in the distribution of malware (e.g. adware, spyware, trojans and viruses etc).

 Sites with this classification typically either contain files (e.g. cracks, keygens, adware, spyware, trojans, viruses et al) or lead to such via (for example) "fake scanners" or other social engineering and misleading tactics. This includes the activities of rogue Internet Service Providers (ISPs) that host other sites to which the EMD classification applies.


Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31222
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: A false positive on site
« Reply #3 on: September 07, 2016, 02:04:38 PM »
The domain name itself is already very suspicious.


Offline HonzaZ

  • Avast team
  • Advanced Poster
  • *
  • Posts: 1123
Re: A false positive on site
« Reply #5 on: September 08, 2016, 09:50:41 AM »
This was blocked because of Locky at xn--h1adehfb2an[.]xn--p1ai/counter/?ad=15q8pv1pw6vd3jpegzuex6e71yaujayz5j&id=y5rzyqa6rhrlpw15bcjahwzdyvkfnfvzt-njuf_z27je4xzvwsbzsg8k5uv0h1xubgso00vee25w7xc0klky6al4cwi&rnd=42
Can you confirm this has been healed so I can unblock it?