Avast declares URL:Blacklist threat when saving MS Word docx files

Currently Avast declares a URL:Blacklist threat (referencing http://static.hugedomains.com/images.logo_huge_domains.gif) when I save some but not all .docx files using MS Word. Please see the attached image for a copy of the warning.

When I run a scan using Avast, the Word.exe is not reported as infected, and not all doc or docx file are affected, so there must be some thing in the file contents triggering the problem. Searching for .gif file references, or references to hugedomains in the affected files does not find any occurrences.

Can anyone suggest how to isolate the issue that is triggering Avast’s threat engine? I suppose I could start deleting blocks of content, but so far the affected files are large, so it could take quite a while to narrow down using incremental refinements of binary search of deletions.

Is there a better way to get more info on the location of the problem?

Wait for a final verdict from an avast team member, as they are the only ones to come and un(b)lock.

Here it has been given the all green: https://www.virustotal.com/gui/url/501b4f25291e3345d0b039f8e2e9bf3bdc943b12ab0b26cdc79468f48b12f2ee/details

I get a scan fail, caused through a 500 Internal server error (ASP).

polonus

Thank you for the reply and information.

I’m confused though, because the word file that triggers the error message when i save the file, does not reference the URL that Avast provides in the threat detection message.

Can anyone tell me why does Avast think that Word is trying to reference this strange file that I don’t see referenced anywhere? Maybe it’s true(?), but there is no obvious reference… Could the threat warning possibly be mistaken in some way?

Anyone?

Could someone from the Avast team reply please?

  1. Can you please confirm whether the threat alert message correct and accurate in this case?

  2. Can you please confirm whether it is fact MS Word accessing the file referenced in the threat message (which is NOT the file I’m editing/saving). Or is it perhaps another process? or Avast? accessing the file in question?

Thanks in advance!

https://forum.avast.com/index.php?topic=14433.msg1289438#msg1289438

Thank you for the reply and information.

Since Avast’s regular scan says that both the MS Word executable and the affected file are not infected, I will report the file and the associated threat report as a potential false positive.

Cheers.