Avast blocks site but VT is all green.

[nclr11111]

So i ran across a website in hunt for a new wallpaper in google images. The site (***.ryylxjw.com) was instantly blocked by Avast as infectious.
As far as i can tell Avast blocks 15 items on the site and refuse to open it. Seen in retroperspective i should have noticed that the url was, lets say, a bit odd but i didn´t check at the time since i was clicking on an image.
You can see what image i was clicking on in the upladed image.

Anyway, i went to VT and scanned the url and the scan says 0/68. So now i´m a bit lost to what Avast is protecting me from?
Is it a real threat or a FP???

Not sure if this is the correct forum but i had a hard time finding a place for this question.

 

[yigido]

Are you sure than you are not infected?

 

[nclr11111]

Are you sure than you are not infected?

Yep! Was using sandboxie.

 

[DJ Panda]

I am not the one to believe in FPs if Avast or Zemana detect anything malicious regardless what VT says and the other way around I would avoid that site/file.

 

[nclr11111]

I am not the one to believe in FPs if Avast or Zemana detect anything malicious regardless what VT says and the other way around I would avoid that site/file.

Yeah! I will not try to load it. Was just curious....

 

[askmark]

My gut feeling would be Avast didn't like the domain name. It looks like random characters strung together which would probaby break a rule that Avast uses to determine if a site is safe or not.

I ran the site through a couple of online checkers and it came up clean overall, but the odd domain name was flagged as a potential risk.

 

[CMLew]

Could it be that the site is not reputable which is why Avast block? But at the same time it's not malicious as well, so thats why VT shows green?

Just a thought.

 

[King Alpha]

It's better to stay away from that site. Sometimes being curious can get you in trouble.

 

[shmu26]

if you are surfing with sandboxie anyway, it won't harm you to just visit the site.
you can just empty your sandbox afterward, if you want.
that's why you have sandboxie...

 

[_CyberGhosT_]

Just that domain name in itself , screams a warning.
But hey, if you want to play there, at least you can get to know TwinHeadedEagle
And it could be that the sites name has been associated with nefarious actions in the past too.

 

[nclr11111]

It's better to stay away from that site. Sometimes being curious can get you in trouble.

Ahh, but you never learn if you're not curious and ask questions! Just have to take precautions and be ready to take the consequences.

Just that domain name in itself , screams a warning.
But hey, if you want to play there, at least you can get to know TwinHeadedEagle
And it could be that the sites name has been associated with nefarious actions in the past too.

I think I'm a bit slow but what's the "TwinHeadedEagle"??

 

[_CyberGhosT_]

Ahh, but you never learn if you're not curious and ask questions! Just have to take precautions and be ready to take the consequences.


I think I'm a bit slow but what's the "TwinHeadedEagle"??

Keep getting wallpapers there and you will see
hes our resident Malware removal expert rofl
And Zemana Staff member

 

[_CyberGhosT_]

And seeing you were hunting for wallpapers, weather you were sandboxed or not, you obviously
planned on keeping the images, the images can contain code too, i'm sure you knew this, but what happens when
your not sandboxed and that image code gets executed ? I hope you deleted any images. Investigating the link
out of curiosity is cool, having any images from there may cost you. Just a Heads Up

 

[shmu26]

out of curiosity is cool, having any images from there may cost you. Just a Heads Up

CyberGhosT said it like it is.

 

[askmark]

And seeing you were hunting for wallpapers, weather you were sandboxed or not, you obviously
planned on keeping the images, the images can contain code too, i'm sure you knew this, but what happens when
your not sandboxed and that image code gets executed ? I hope you deleted any images. Investigating the link
out of curiosity is cool, having any images from there may cost you. Just a Heads Up

You make a very valid point, which I wouldnt have considered myself. Thanks.

 

[nclr11111]

Keep getting wallpapers there and you will see
hes our resident Malware removal expert rofl
And Zemana Staff member

Time to take a walk in the hall of shame.... Really need to spend more time here at MT!

And seeing you were hunting for wallpapers, weather you were sandboxed or not, you obviously
planned on keeping the images, the images can contain code too, i'm sure you knew this, but what happens when
your not sandboxed and that image code gets executed ? I hope you deleted any images. Investigating the link
out of curiosity is cool, having any images from there may cost you. Just a Heads Up

Def a valid point! But I can honestly say I've never came across anything like this when hunting for wallpaper. Usually I use Alphacoders HP but this was the exception and a learning experience it was!

 

[Andytay70]

Its not worth the hassle!
There are plenty of wallpaper sites out there which are legitimate, So if you want my opinion, avoid sites with weird domain names!
Better to be safe than sorry!

 

[jamescv7]

Seek second opinion siteadvisor or verify by reporting it to the Avast itself, since the information will provide much clearer when you request it.

In such typical browsing, Google Searches have no guarantee to filter out those bad sites however having siteadvisor tool can give you ratings without worries.

 

[King Alpha]

Ahh, but you never learn if you're not curious and ask questions! Just have to take precautions and be ready to take the consequences.

Just be careful. Curiosity killed the cat, you know.

 

[Ramona]

The main issue is that you use custom settings and you set the sensibility to high. It's a FP so don't worry about it