Blocked Threat

I am using the Avast Free Version and it blocked a threat (a website script).

However, when I went to the Virus Vault to remove it, the vault was empty.

Where does the file go when it is blocked?

Well, I’m betting that since it just blocked a script, it never went to the virus vault.
Script blocking is from the Web Shield, and (as in default configuration) when something nasty is detected, Avast! will just abort the connection to prevent any further damage.
Since the script isn’t located at your computer (like an .exe file from downloads), so there’s no need to move it to the virus vault.

To be clear, even though the ‘connection was aborted,’ the webpage remains open? Firefox did not close the webpage afrter the script threat was detected.

Here in my computer, Avast! never detected an malicious script, but the Web Shield detected once a malicious image from the internet.
When it detected, the webpage remained open, but it just didn’t showed the image.
So I’m betting that yes, the webpage will remain open, but the script will not be executed.

It totally depends on what avast is alerting on, it is is something in the actual html page, then the page wont load as the whole content of that html page would be aborted.

It is possible to have elements in a web page that need to be loaded from another location, in which case that element (image/script, etc.) download would be aborted. The main page would still be present, but not the offending object.

Obviously without a screenshot of the alert or the original URL (breaking the link http to hXXp), then we can only speculate on the cause.

Nori-You stated that the webpage remains open even when Avast detected the malicious script on the webpage but the malicious script is not executed

Is it still safe to keep the webpage open?

We don’t have much to go on as I mentioned on my last post (no malware name and what it is alerting on), so it is very hard to say.

Personally I wouldn’t, as you never know what else could be lurking in other areas/pages of the site. This decision can only be taken when in full knowledge of the detection.

I am an 80 year old female so please bear with me.

The webpage in question was a forum webpage and there was an Avast pop-up message stating that a a script had been blocked but the webpage remained open.

In ‘this’ case, is the issue resolved or should the webpage still be closed?

AS I said a web page is made up of many elements:

  1. the main html or php code page, this contains the layout code and text, etc.
  2. images and some other scripts may be stored in a different location and are imported into that html/php structure page.

If any external element is considered infected then avast will abort that import into the mail page. The mail html/php page is unaffected by this external source, it will remain open, but you may see a blank area on the page where that external element would have gone.

If the problem is in the main html/php layout page then that is aborted and you will see nothing other than a blank page.

I don’t have detailed information or a URL to be able to investigate, so I can’t say that the issue is resolved or if you should close the webpage. Which is why I said:

Personally I wouldn't, as you never know what else could be lurking in other areas/pages of the site. This decision can only be taken when in full knowledge of the detection.

Let me rephrase my question then.

When a webpage script is blocked, is it a good idea to CLOSE the webpage or is the webpage still safe to navigate since the offending script is now blocked?

In theory, since Avast! blocked the threat, it would be safe to navigate in the page.
But, as DavidR said earlier, I wouldn’t leave it open because Avast! can’t detected everything (just like any othe AV products), so since the website you visited tried to infect you, they may try to infect you with other strategies (like in my example, an malicious image).

So to answer your questions: Yes, it’s a good idea to close the webpage(in my opinion).

It is a good idea, and doesn’t make any harm. So do it.

THANKS!