Avast has marked my domain as malicious in error.

I have created a web site for a client using joomla. I’m using a template creator package for joomla called template creator ck to generate the css templates. I was testing something on the package and made a template called test. I then generated the template package for joomla, which created a file called test.zip that I need to download so I can then install it in joomla using the joomla component installation package.

But as soon as I tried to download the file, I got a “hay look, avast blocked a malacious web site” pop up, and now I am locked out of my site and cannot finish editing it. I can’t even look at it. I’ve gone into the avast dashboard and entered the url in as an exception but it still is blocked.

I need to finish this web sit and avast won’t let me. I even turned off web monitoring for 10 minute, and it still won’t let me in. Should I just uninstall avast?

what does avast say…can you attach a screenshot of the avast pop-up?

I uninstalled avast and was able to get back to my site. The message was a popup that said Avast has blocked a malicious url, with my domain address in the popup. Any attempt to go to the site after that created a connection reset message in firefox, and the avast message would appear again. I just hope that if I reinstall avast, that it lets me back to the site and there isn’t some hidden folder burried somewhere with it marked that wasn’t removed with the uninstall that will create the problem all over again.

and what is the URL so we can check it ?

It is a known fact that avast! will not scan certain files that are password protected and some other file types as well. You get an error message in your scan log when avast! attempts to scan one of these files.

This is just a wild guess but it could be avast! could not scan the file so it labeled it as malcious and refused to download it.

This is just a wild guess but it could be avast! could not scan the file so it labeled it as malcious and refused to download it.
I have never seen avast mark files that could not be scanned as malicious.... why would it do that if it can not scan it?

Nope.

That is not what I said exactly. I was probably unclear.

It marks unscannable files, during a scan of files on your drives, with an error message, None of those error messages say malicious. You will see files during a scan of your drives that avast! says are malicious however those files are to my knowledge scanned. Those files are already on one of your drives.

I have never gotten a can’t scan error message during the file download process. Maybe because I have never tried to download a file that avast! couldn’t scan as part of the download process. So maybe when you try to download a file that avast! can’t scan during the download avast! says the file is malicious instead of saying it can’t scan it.

Maybe you have seen one of these can’t scan error messages during a file download? If so then my guess is just a bad wild guess :slight_smile:

Nope.

Sorry but I have never seen a file that avast can’t scan be reported as malicious rather than can’t be scanned. The two conditions are worlds apart; if flagged as malicious it would have to result in a full blown avast alert with a malware name assigned.

Like I said initially it was a wild guess

However, I have never had avast! tell me anything with a pop-up during a download except the file is malicious; i.e. Trojan and then quarantine it. However, in Firefox I can see the file being scanned at the end of the download before it is saved to disk. So in my case I have never apparently had a file that avast! couldn’t scan on download. However, I have had numerous files on hard drives over the years that avast! said it couldn’t scan.

So from what you are saying avast! can scan every file that you can download but not every file that is on your drives. I find that a bit strange.

Now I will admit that I may have missed file that was not scanned on download and the file downloaded and saved without seeing it being scanned in Firefox. Then again what I am seeing in Firefox might not be avast! scanning it but W7 Defender or SAS. In that case I have to ask, why doesn’t avast! tell you in Firefox it is scanning a downloaded file if in fact it is scanning it.

In any case something doesn’t mesh here. If avast! is scanning a file during or at the end of a download we shoujld be told avast is scanning the file and if we are told then we should see a pop-up from avast! when it cannnot scan a downloaded file. I have never seen such a popup. It is possible that I have never downloaded a file that was unscannable and only an extracted file from the download were unscannable. Though if that were the case then avast! should be able to scan within the downloaded file to see that there is an unscannable file upon extract and tell me at the end of the download that avast! could not scan the file in its entirety or just delete or block the download.

:o :-X

@ NesivosEven as a wild guess it is so way off how avast works as to be worlds apart as I mentioned.

Plus as the OP mentioned in the first post “hay look, avast blocked a malacious web site” that is a network shield alert not the web shield or file system shield. So this isn’t so much a scanning issue as avast’s network shield considering some site as being malicious.

Despite requests for the URL by Pondus, we still haven’t got it so it can’t be investigated further until we get it.

The site url is http://www.dkoldtobacco.com

Sorry, I’ve been working on the site.

After uninstalling avast, I went to the site and did what I needed to do. Just now, I reinstalled avast (had to uninstall the not wanted google chrome >:( )and the site is not blocked.

Since I had downloaded dozens of this zip package files on several different sites prior to this I can only guess that the file name “test.zip” is some known virus file. I appreciate the fact that it wants to protect me and thats what it’s written to do, but what I didn’t like was the exception filter did not work.

In any event, it’s back to normal and I’ll never use that file name again. ;D

Weird that it is giving a ‘malicious url’ MAL:URL (?) alert as that is normally associated with a domain name or IP address.

I notice on the home page there is a couple of off site scripting links, facebook.net (not unusual) and vivociti.com (is this one meant to be there ?

Yes, one is the facebook like box with link to the clients facebook page, the other is the like box developer.

The vivociti.com one doesn’t get an alert of avast anyway, so it shouldn’t have been that either.

This test.zip file, if it were that would have to have been something in the contents as avast doesn’t block by file name (blacklist) as files could be named anything at all so the detections are signature/heuristic/algorithmic based, not file name.