Web shield false positive

Avast Web shield gives a alert on this page: http://maxima-library.org/knigi/genre
There is absolutely nothing wrong with this page and also all other pages from same site ( http://maxima-library.org ) are open fine.
So something is wrong there.

Avast Free Antivirus / Pro Antivirus / Internet Security/ Premier (!)
Avast Free/Pro/IS/Premier topics and issues, not viruses or false alarms here!

Something to fix >> https://retire.insecurity.today/#!/scan/11b9327207e8a5a8deab54828d1b1da4f3007b9ada08b450d0748e0594588584

Report a false positive (select file or website)
https://www.avast.com/false-positive-file-form.php

Thank you very much,
That’s the link I spend 20 minutes looking for before making this post.
I wish it was on “Threat blocked” page near “Create exception” action - sounds natural for me.

Viruses and Worms forum section

at top there you find two sticky posts with relevant info

https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Detection was removed yesterday.

Our virus specialists have been working on this problem and it has now been resolved. The provided website isn't detected by Avast anymore.

I noticed that about 3rd time this year the sites get virus false positive report.
After reporting false positive it lifted and then after a few weeks returns back again.
I am frequently use this site to track what I was reading and what not and this Avast popups are very annoying, especially since no virus there.
Looks like you have a major problem in your detection algorithm.
Guys, please fix this thing, it so annoying that I am considering stopping to use Avast.

Well the trouble is, there are often malicious files that can be downloaded from various URLs on that domain, and when that happens, we block the URL.

So far, this has been the case with the following URLs.

maxima-library[.]org/knigi/year
maxima-library[.]org/knigi/knigi
maxima-library[.]org/knigi/genre

I made sure these will not be blocked again, but if there is another URL that will let users download infected files, it might be blocked again.
Cheers,
Honza

Thank you,
Although I find it a bit strange , since the only files you can download from there are .txt and .epub and as far as I aware so far our dear friends virus writers :slight_smile: haven’t yet managed to put viruses in this two, at least not the viruses that can run from there without some renaming or such :slight_smile:
As for a paths on site , the site is not mine, but if I am not mistaken the site is on Joomla and uses Joomla’s auto generation of links , there is no specific page paths there, all auto generated from DB or something, so limiting to 3 urls is a bit useless, it’s just sorting categories.

The files I am talking about were infected PDFs. But, to be more broad, the executability is not a requirement for us to recognize a file as malicious. .txt files that contain hyperlinks to other (malicious) sites will also be blocked by Avast, as will a .txt file that is actually just a renamed .exe.

We haven’t limited this to anything, these 3 are URLs from which the malicious files were downloaded.

OK, thanks, this made a things a bit clear to me as I was wandering on what was infected. PDFs are one possibility , you absolutely right.

No, what I means that all “3 links” you talking about is a daily news filters , one sorted by genre, another by year , and 3rd not sure. They are not reeal links , something like www.sitename.com/news&order=year - each day (or even each request) display something different.

Exactly, and from these 3 URLs malicious content was downloaded, so these 3 URLs were blocked.