Hello Avast,

I am here to report a false positive report on my website i.e hostoxide.com

It is a clean hosting company I started few months ago. Avast and Trendmicro kept saying it as malware/phishing website.
I reported it to both companies and ofcourse got no reply. So tried to post here.

All domains includiing all subdomains show a malware error while visiting the website. It kills the customers sometimes, actually most of the times. I feel its very urgent to reclassify the domain and improve this false error.

Avast is a big antivirus used by almost all world. It was not expected with this

I hope I get a help

False Positive Report-
Domain= hostoxide.com \ *.hostoxide.com(all-subdomains)
Domain registered by me- before 2 months
False report coming since- No idea probably when the last owner had it.

I hope avast solves this as soon as psossible.

Regards
Hostoxide

All domains includiing all subdomains show a malware error while visiting the website.

a malware error tell us nada......what does the message say best are if you attach a screenshot of avast warning popup

I do not use avast.

My multiple customers have reported me that.

Hello,
I don’t see any detection. Post screenshot of avast!'s alert window and IP address on which the URL translates to you, please.

Milos

http://imgur.com/e4IdEER.jpg

http://imgur.com/h3TTWfh.jpg

Here are the screenshots given by one of my customer.

Virustotal: https://www.virustotal.com/de/url/52e8ec23e4a84aa81921ef22334310574e50e1f546b4812ca8f85cadd6b7b568/analysis/1383932450/

Just Clean MX gives suspicious.

IP adress for AMAZE.HOSTOXIDE.COM (142.4.202.42) is blacklisted here dnsbl-2.uceprotect.net
test here http://www.uceprotect.net/en/rblcheck.php

^ Well it may be due to last owner of that ip. Ofcourse Datacenter applies it manually.

Does it means it won’t get removed ?

Does it means it won't get removed ?

avast can remove it from there list ....

You can upload files and report issues to avast here : http://www.avast.com/contact-form.php (select subject according to Your case)

I reported it 2 times.

Got no reply. Still waiting.

I need a reply.

Avast please help me. Its not a malware site.

Consider this abuse from IP: http://www.projecthoneypot.org/ip_142.4.201.113

Sending unsolicited commercial or bulk e-mail to Microsoft’s computer network is prohibited.

The block could very well be spam related! *

This site check an sich was clean:
Checking: http://urlquery.net/javascript/jquery-ui-1.9.2.custom.min.js?id=7519818
File size: 232.23 KB
File MD5: 7368211102cd69dfb5930379c7948a0e
I get this response from websniffer:

]

See decoded files info here: http://jsunpack.jeek.org/?report=5ee9d403d5b43e293e89dd412ef10b0cc3b1912d Seems site has been compromised! Header returned by request for: htxp://AMAZE.HOSTOXIDE.COM/cgi-sys/defaultwebpage.cgi -> 142.4.202.42

Content after the < /html> tag should be considered suspicious. 

57:                                                                    

Host not fopund by DNS → http://www.dnscolos.com/dnsreport.php
Failed Parent nameservers HOSTOXIDE.COM Your NS records at the parent server are:

Failed Nameservers for domain in DNS HOSTOXIDE.COM Your NS records at your nameservers are:Mailserver connection test
HELO, MAIL FROM, RCPT TO, QUIT Connect to mailserver c02d7ea975f30549ebe862c3093658.pamx1.hotmail.COM FAILED (could be greylisting)
550 Requested action not taken: mailbox unavailable
Mailserver greeting The server should have an A record which points to the mailserver for the hostname
which is presented in the greeting

c02d7ea975f30549ebe862c3093658.pamx1.hotmail.COM
220 BAY0-PAMC1-F6.Bay0.hotmail.com Sending unsolicited commercial or bulk e-mail to Microsoft’s computer network is prohibited.

• Other restrictions are found at http://privacy.microsoft.com/en-us/anti-spam.mspx. Sat, 9 Nov 2013 09:21:34 -0800

polonus

Recent VT scan results: {“timestamp”: “1384018993”, “sha256”: “8de8e7f9bcfb0b594cbfc5745216d167bb0c850816f2260a070bd30c7ba804c4”, “analysis_url”: “/en/url/8de8e7f9bcfb0b594cbfc5745216d167bb0c850816f2260a070bd30c7ba804c4/analysis/1384018993/”, “result”: 1, “verbose_msg”: “Invalid URL”}

See this at TrendMicro: http://community.trendmicro.com/t5/Malware-Discussions/Website-Reclassification-Requests-PLEASE-READ-FIRST-POST/m-p/134259
But you should also try and get a clear bill here: http://www.projecthoneypot.org/ip_142.4.201.113

You web rep here is that of a safe site: http://www.scamadviser.com/check-website/hostoxide.com

polonus

Well I am waiting from trendmicro too for a fix.
And my ip is - http://www.projecthoneypot.org/ip_142.4.202.42 .

I just have a Server and datacenter allots IP randomly. Its a clean site now.

I am still confused why its a “malware site” or a “phishing webpage”.