So Avast recently blocked a website, saying it contained a trojan. I found this very strange, since I have been using the website for years without any problems.
So I accessed the site from my phone, which I would assume cannot be infected by a trojan designed for Windows computers, to ask if anyone else had experienced something similar. My initial thought was that the site was temporarily hacked, and that many others would have experienced this as well. Nobody told me they did, and considering the fact that the site has a relatively large userbase, I believe it is highly unlikely that everyone except for me what using something other than Avast, and that Avast was the only antivirus software to pick it up.
So, I was wondering, how can one (at least temporarily) whitelist a site from “trojan blocking”? Or is there some better solution to this problem?
So Avast recently blocked a website, saying it contained a trojan. I found this very strange, since I have been using the website for years without any problems.
Every website can get infected. It doesn't mather if it is a new one or one that is there for a long time.
So I accessed the site from my phone, which I would assume cannot be infected by a trojan designed for Windows computers, to ask if anyone else had experienced something similar.
Your phone can get infected too. What tells you it is a windows specific malware?
My initial thought was that the site was temporarily hacked, and that many others would have experienced this as well. Nobody told me they did, and considering the fact that the site has a relatively large userbase, I believe it is highly unlikely that everyone except for me what using something other than Avast, and that Avast was the only antivirus software to pick it up.
A large userbase is attractive to people who aren't honest. Why would it be unlikely that avast detects a certain malware before others do? There has to be some av that detects it as first one.
Whitelist? That is not gonna happen before more research is done.
What website are you talking about?
Make the link not clickable.
Every website can get infected. It doesn't mather if it is a new one or one that is there for a long time.
Yeah no shit, which is why I also said "My initial thought was that the site was temporarily hacked [and infected]".
Your phone can get infected too. What tells you it is a windows specific malware?
I said [i]assume[/i]. I have no important files on my phone (and not really on my computer either, for that matter, but a phone is cheaper to replace and I am anyway considering buying a new one. I assume it is a Windows specific malware because the vast majority of the site's userbase browses it on Windows computers, according to surveys and common sense.
A large userbase is attractive to people who aren't honest.
lol
Why would it be unlikely that avast detects a certain malware before others do? There has to be some av that detects it as first one.
You misunderstood my post. I meant that nobody reported having experienced this, whether they were using avast or some other antivirus. I found it very unlikely that for some reason only my version of Avast would detect it when seemingly nobody else did.
Whitelist? That is not gonna happen before more research is done.
To clarify, I meant on my local computer. I'm not asking for Avast to officially whitelist it, that would be ridiculous. I want to whitelist it because other antivirus programs on my other computers have not detected it, which is why I think it is an error. Either that, or my computer has some other virus that gives false positives, and that have nothing to do with the website in question (thus it would be logical to assume that locally whitelisting the website would cause no [i]additional[/i] harm. Alternatively, it could be some add-on that is the problem, but that seems unlikely to me.
What website are you talking about?
Make the link not clickable.
It is an imageboard called "Krautchan". krautchan (dot) net.
Submit the URL to urlquery.net and to VirusTotal.com so they can check it live. Make sure to ask to reevaluate, i.e. check the site now. You don’t want old results.
Oooops 204.45.109.26 is currently listed in APEWS :-(
Entry matching your Query: E-605512
204.45.109.0/24
CASE: C-14
Spambots, zombies, contaminated CIDR, bad reputation provider
History:
Entry created 2012-09-30
It’s in Norwegian, but roughly translated it says “Virus blocked” and “virus type: JS:Script, etc”, and at the bottom “Don’t worry, your avast! has just stopped a virus, upgrade now to get protection against other types of threats” which I assume is the standard message (it has happened a couple of times before, with other sites). It seems to have something to do with javascript, for some reason. And what the “hxxp” is I have no idea…
However, I just opened it to screenshot the “blocked” error message I get, but now suddenly it works fine again! I didn’t do anything, but maybe my copy of avast noticed it was a false alarm or something.
IP is blacklisted at apews.org
Oooops 204.45.109.26 is currently listed in APEWS :-(
Entry matching your Query: E-605512
204.45.109.0/24
CASE: C-14
Spambots, zombies, contaminated CIDR, bad reputation provider
History:
Entry created 2012-09-30
Probably something to do with the fact that it's an imageboard, and one doesn't need an account to post and so on. It is heavily moderated though, and links are not clickable.
Anyhow, problem seems to be solved now. Thanks for the replies
