My website is being blocked by Avast?

Viruses and worms
1

Hi guys,

Avast seems to block my website according to some users:

http://blog.thierryvanroy.be

Could this have been because of an outdated wordpress (which is now restored)? I ran a few tests and there was zero malware, phishing or whatever.

My only other guess would be the feedcat widget at the bottom, but isn’t that going too far? It’s just a ping widget with admittedly, some ads (none of them to my benefit though, they are generated elsewhere).

Thanks in advance!

2

You can report a possible FP here: http://www.avast.com/contact-form.php?loadStyles

Report 2011-08-10 08:33:55 (GMT 1)
Website blog.thierryvanroy.be
Domain Hash 6305fe09f478cbde015a75b4ebb23cc0
IP Address 193.202.110.241 [SCAN]
IP Hostname webcluster01.one.com
IP Country DK (Denmark)
AS Number 51468
AS Name ONECOM One.com A/S
Detections 0 / 23 (0 %)
Status CLEAN

Report 2011-08-10 10:20:06 (GMT 1)
IP Address 193.202.110.241
IP Hostname webcluster01.one.com
IP Country DK
AS Number N/A
AS Name N/A
Detections 0 / 26 (0 %)
Status CLEAN

3

URLvoid also doesn’t find anything, http://www.urlvoid.com/scan/blog.thierryvanroy.be.

That said, I’m not getting an alert on your site, so what were the details of the alert ?
When posting the URL please ‘modify’ your post change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

Or attach a screenshot of the alert window.

First I would say ensure that you have the latest avast virus definitions update 110810-0, being the one that I had when I visited the above link.

Having out of date content management software (wordpress, etc.) could leave you more vulnerable to a hacking exploit, but just having an old version wouldn't be the cause of the alert.
4

Hi Thierry-Vanroy,

I get a clean scan here:
Checking: -http://blog.thierryvanroy.be/wp-includes/js/jquery/ui.tabs.js?ver=1.8.12
File size: 11.36 KB
File MD5: 087072e535830ca3ba52af113a14f1c7

-http://blog.thierryvanroy.be/wp-includes/js/jquery/ui.tabs.js?ver=1.8.12 - Ok

Checking: -http://wieowie.nl/embed/80712/small.js
File size: 420 bytes
File MD5: 5c5579dda99bd51ae846222951cf8358

-http://wieowie.nl/embed/80712/small.js - Ok

Checking: -http://w.sharethis.com/button/buttons.js?ver=3.2.1
File size: 54.30 KB
File MD5: 2005ddeb656849b937afb73acd4cff05

-http://w.sharethis.com/button/buttons.js?ver=3.2.1 - Ok

Checking: -http://blog.thierryvanroy.be/wp-includes/js/jquery/ui.core.js?ver=1.8.12
File size: 4326 bytes
File MD5: 4688f380b9e0021db778a38ca0f5df6f

-http://blog.thierryvanroy.be/wp-includes/js/jquery/ui.core.js?ver=1.8.12 - Ok

Checking: -http://blog.thierryvanroy.be/wp-content/themes/crisp/includes/js/general.js?ver=3.2.1
File size: 2415 bytes
File MD5: 8c9ac490bbecb9f87a733acf1d8e40cf

-http://blog.thierryvanroy.be/wp-content/themes/crisp/includes/js/general.js?ver=3.2.1 - Ok

Checking: -https://www.google.com/reader/ui/publisher-en.js
File size: 13.04 KB
File MD5: ea5eddbdd6802287f0005cc38974d928

-https://www.google.com/reader/ui/publisher-en.js - Ok

Checking: -http://www.youtube.com/embed/LC6fbryzBgk
File size: 14.99 KB
File MD5: 2e42023624d1282e157165abf5568113

-http://www.youtube.com/embed/LC6fbryzBgk - archive HTML

-http://www.youtube.com/embed/LC6fbryzBgk/Script.0 - Ok
-http://www.youtube.com/embed/LC6fbryzBgk - Ok

Checking: -http://blog.thierryvanroy.be/wp-content/themes/crisp/includes/tumblog/swfobject.js?ver=3.2.1
File size: 6887 bytes
File MD5: 699027eb66b113bebaf40b578997aade

-http://blog.thierryvanroy.be/wp-content/themes/crisp/includes/tumblog/swfobject.js?ver=3.2.1 - Ok

Checking: -http://blog.thierryvanroy.be/wp-includes/js/jquery/ui.widget.js?ver=1.8.12
File size: 3274 bytes
File MD5: 5a2daaad606706ff30162cd91f4e52ae

-http://blog.thierryvanroy.be/wp-includes/js/jquery/ui.widget.js?ver=1.8.12 - Ok

Checking: -http://api.twitter.com/1/statuses/user_timeline/thierryvanroy.json?callback=twitterCallback2&count=5&include_rts=t
File size: 11.77 KB
File MD5: 4600f5f794d3329eaa80ced9e63ff688

-http://api.twitter.com/1/statuses/user_timeline/thierryvanroy.json?callback=twitterCallback2&count=5&include_rts=t - Ok

Checking: -http://blog.thierryvanroy.be/wp-includes/js/l10n.js?ver=20101110
File size: 308 bytes
File MD5: d64dc5dca841a048946621b935e540a3

-http://blog.thierryvanroy.be/wp-includes/js/l10n.js?ver=20101110 - Ok

Checking: -http://blog.thierryvanroy.be/wp-content/themes/crisp/functions/js/shortcodes.js?ver=1
File size: 3425 bytes
File MD5: 618c6f98a3c7f01d701d1b94a0979e02

-http://blog.thierryvanroy.be/wp-content/themes/crisp/functions/js/shortcodes.js?ver=1 - Ok

Checking: -https://ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js?ver=3.2.1
File size: 88.40 KB
File MD5: 83cb635ccf80e2ae3e4907d978f5fc62

-https://ajax.googleapis.com/ajax/libs/jquery/1.6.0/jquery.min.js?ver=3.2.1 - Ok

Checking: -http://blog.thierryvanroy.be/
Engine version: 5.0.2.3300
Total virus-finding records: 2467422
File size: 55.68 KB
File MD5: deb3f0479408462500098590fa863906

-http://blog.thierryvanroy.be/ - archive HTML

-http://blog.thierryvanroy.be//Script.0 - Ok
-http://blog.thierryvanroy.be//Script.1 - Ok
-http://blog.thierryvanroy.be//Script.2 - Ok
-http://blog.thierryvanroy.be//Script.3 - Ok
-http://blog.thierryvanroy.be//Script.4 - Ok
-http://blog.thierryvanroy.be//Script.5 - Ok
-http://blog.thierryvanroy.be//Script.6 - Ok
-http://blog.thierryvanroy.be//Script.7 - Ok
-http://blog.thierryvanroy.be//Script.8 - Ok
-http://blog.thierryvanroy.be//Script.9 - Ok
-http://blog.thierryvanroy.be//Script.10 - Ok
-http://blog.thierryvanroy.be//Script.11 - Ok
-http://blog.thierryvanroy.be//Script.12 - Ok
-http://blog.thierryvanroy.be//Script.13 - Ok
-http://blog.thierryvanroy.be//Script.14 - Ok
-http://blog.thierryvanroy.be//Script.15 - Ok
-http://blog.thierryvanroy.be/ - Ok
Also Sucuri scan gives it as clean, but your website uses cookies without Platform for Privacy Preferences Project; de server gives the servernumber of the software away; Spam Check and SafeBrowsing check status secure, included scripts:
Script […] addthis.com/js/250/addthis_widget.js#username=flavorsme
Script […] loudfront.net/0cc591a/z/scripts/shared/combined_page.js *
Script […] ccf8.cloudfront.net/0cc591a/z/scripts/shared/ie_only.js
Script […] oudfront.net/0cc591a/z/scripts/shared/jquery.address.js
Script […] nt.net/0cc591a/z/scripts/userpage_v2/groups/vertical.js
Script […] nt.net/0cc591a/z/scripts/userpage_v2/layouts/sidebar.js

  • RexBd Site Validator could have scurity issues 4 x red WOT status

polonus

5

Me neither. (Also, when I tested it at forenoon.)
But this could also be related to NoScript, which we both use.
However, the site looks clean to me. (Also tested it at Sucuri.)

6

No (not for me), I selectively allow each site so I can pin anything down if there is an alert when visiting a site.

7

You mean it doesn’t look clean to you or it isn’t related to NoScript…??

8

It means that noscript isn’t blocking anything, so if there was a script causing the alert it isn’t there now as noscript wouldn’t be blocking it.

9

Thanks, got it.