nclr11111

Level 6
Verified
Joined
Feb 25, 2011
Messages
257
Operating System
Windows 7
Antivirus
Kaspersky
#1
So i ran across a website in hunt for a new wallpaper in google images. The site (***.ryylxjw.com) was instantly blocked by Avast as infectious.
As far as i can tell Avast blocks 15 items on the site and refuse to open it. Seen in retroperspective i should have noticed that the url was, lets say, a bit odd but i didn´t check at the time since i was clicking on an image.
You can see what image i was clicking on in the upladed image.

Anyway, i went to VT and scanned the url and the scan says 0/68. So now i´m a bit lost to what Avast is protecting me from?
Is it a real threat or a FP???

Not sure if this is the correct forum but i had a hard time finding a place for this question.
1.JPG
 

askmark

Level 12
Verified
Joined
Aug 31, 2016
Messages
560
Operating System
Windows 10
Antivirus
#6
My gut feeling would be Avast didn't like the domain name. It looks like random characters strung together which would probaby break a rule that Avast uses to determine if a site is safe or not.

I ran the site through a couple of online checkers and it came up clean overall, but the odd domain name was flagged as a potential risk.
 
Last edited:

nclr11111

Level 6
Verified
Joined
Feb 25, 2011
Messages
257
Operating System
Windows 7
Antivirus
Kaspersky
#11
It's better to stay away from that site. :) Sometimes being curious can get you in trouble. :p
Ahh, but you never learn if you're not curious and ask questions! Just have to take precautions and be ready to take the consequences. :p
Just that domain name in itself , screams a warning.
But hey, if you want to play there, at least you can get to know TwinHeadedEagle :p
And it could be that the sites name has been associated with nefarious actions in the past too.
I think I'm a bit slow but what's the "TwinHeadedEagle"??
 

_CyberGhosT_

Level 53
Content Creator
Verified
Joined
Aug 2, 2015
Messages
4,217
Operating System
Windows 10
Antivirus
#12
Ahh, but you never learn if you're not curious and ask questions! Just have to take precautions and be ready to take the consequences. :p


I think I'm a bit slow but what's the "TwinHeadedEagle"??
Keep getting wallpapers there and you will see :p
hes our resident Malware removal expert rofl
And Zemana Staff member
 

_CyberGhosT_

Level 53
Content Creator
Verified
Joined
Aug 2, 2015
Messages
4,217
Operating System
Windows 10
Antivirus
#13
And seeing you were hunting for wallpapers, weather you were sandboxed or not, you obviously
planned on keeping the images, the images can contain code too, i'm sure you knew this, but what happens when
your not sandboxed and that image code gets executed ? I hope you deleted any images. Investigating the link
out of curiosity is cool, having any images from there may cost you. Just a Heads Up
 

askmark

Level 12
Verified
Joined
Aug 31, 2016
Messages
560
Operating System
Windows 10
Antivirus
#15
And seeing you were hunting for wallpapers, weather you were sandboxed or not, you obviously
planned on keeping the images, the images can contain code too, i'm sure you knew this, but what happens when
your not sandboxed and that image code gets executed ? I hope you deleted any images. Investigating the link
out of curiosity is cool, having any images from there may cost you. Just a Heads Up
You make a very valid point, which I wouldnt have considered myself. Thanks.
 

nclr11111

Level 6
Verified
Joined
Feb 25, 2011
Messages
257
Operating System
Windows 7
Antivirus
Kaspersky
#16
Keep getting wallpapers there and you will see :p
hes our resident Malware removal expert rofl
And Zemana Staff member
Time to take a walk in the hall of shame.... Really need to spend more time here at MT! :D
And seeing you were hunting for wallpapers, weather you were sandboxed or not, you obviously
planned on keeping the images, the images can contain code too, i'm sure you knew this, but what happens when
your not sandboxed and that image code gets executed ? I hope you deleted any images. Investigating the link
out of curiosity is cool, having any images from there may cost you. Just a Heads Up
Def a valid point! But I can honestly say I've never came across anything like this when hunting for wallpaper. Usually I use Alphacoders HP but this was the exception and a learning experience it was! :rolleyes:
 

jamescv7

Level 61
Verified
Joined
Mar 15, 2011
Messages
12,603
Operating System
Windows 10
Antivirus
Windows Defender
#18
Seek second opinion siteadvisor or verify by reporting it to the Avast itself, since the information will provide much clearer when you request it.

In such typical browsing, Google Searches have no guarantee to filter out those bad sites however having siteadvisor tool can give you ratings without worries.
 
R

Ramona

Guest
#20
The main issue is that you use custom settings and you set the sensibility to high. It's a FP so don't worry about it :)
 
Likes: askmark