Currently Avast declares a URL:Blacklist threat (referencing http://static.hugedomains.com/images.logo_huge_domains.gif) when I save some but not all .docx files using MS Word. Please see the attached image for a copy of the warning.
When I run a scan using Avast, the Word.exe is not reported as infected, and not all doc or docx file are affected, so there must be some thing in the file contents triggering the problem. Searching for .gif file references, or references to hugedomains in the affected files does not find any occurrences.
Can anyone suggest how to isolate the issue that is triggering Avast’s threat engine? I suppose I could start deleting blocks of content, but so far the affected files are large, so it could take quite a while to narrow down using incremental refinements of binary search of deletions.
Is there a better way to get more info on the location of the problem?
I’m confused though, because the word file that triggers the error message when i save the file, does not reference the URL that Avast provides in the threat detection message.
Can anyone tell me why does Avast think that Word is trying to reference this strange file that I don’t see referenced anywhere? Maybe it’s true(?), but there is no obvious reference… Could the threat warning possibly be mistaken in some way?
Can you please confirm whether the threat alert message correct and accurate in this case?
Can you please confirm whether it is fact MS Word accessing the file referenced in the threat message (which is NOT the file I’m editing/saving). Or is it perhaps another process? or Avast? accessing the file in question?
Since Avast’s regular scan says that both the MS Word executable and the affected file are not infected, I will report the file and the associated threat report as a potential false positive.