Network Shield fickle about blocking stealthproxy.org

Network Shield blocked stealthproxy.org which is apparently called by vectroproxy.com when you request an anonymous proxy connection. Is that valid or a mistake? I’ve used that site for a long time.

At least it did for awhile. It’s not doing it now. I don’t know why.

I first tried entering exclusions for vectroproxy.com and stealthproxy.org into the Web Shield, mistakenly thinking it was the one responsible. Then I removed those exclusions and disabled Network Shield temporarily instead. I then connected OK, no blocks from avast. When I reenabled Network Shield, surprisingly it no longer blocks stealthproxy.org!? ???

So what’s happening here? That doesn’t make much sense. Yes, I cleared my cache & cookies a couple of times.

Why is it “awaiting approval by a moderator”? That never happened before.

It’s a new anti spam measure. :wink:

For all posts? By everyone? Or is it just me? Am I flagged for punishment? I would think you might build in exceptions for longtime members like me. I don’t hang out here, and only come when I have a pregnant question related to avast.

Dont worry you’ve not been singled out or anything like that, i would think that the new spam measures may have picked up on your topic title - stealthproxy.org

@ JohnnyBob
It isn’t for all posts, nor only for you.

I guess that because you have several site references in your original post that the anti-spam triggered. The function is somewhat like heuristics/Bayesian (http://www.tfd.com/bayesian) which has a learning/training feature. So when approved it should add to the learned information and help to lower the number of topics/posts flagged in error.

So what about my original query which started this thread…?

I tried it again and avast is popping up the network blockage flag again today. After the avast popup goes away, I can enter a URL to be used by the proxy and avast doesn’t pop up again. Yesterday it was popping up again, so that it was impossible to enter a url into the proxy.

So why is avast so fickle and unreproducible with this? And why is it flagging this particular site/domain all of a sudden? I’ve used it for many years without a problem.

Unfortunately the network shield doesn’t allow exceptions. It’s all or nothing. I don’t even see a log of the blockage events. So is there any way to find out more info why this domain (stealthproxy.org) was blocked? And is it for real or a false positive?

I’m afraid it got buried with the other issue on why the topic was awaiting approval.

Some checks on stealthproxy.org at other sites don’t find anything, http://sitecheck.sucuri.net/scanner/ finds nothing (image1), URLVoid finds one (by TrendMicro) http://www.urlvoid.com/scan/stealthproxy.org. So it needs further investigation by avast.

There is an on-line contact form, http://www.avast.com/contact-form.php?loadStyles for: * Sales inquiries; Technical issues; Website issues; Report false virus alert in file; Report false virus alert on website; Undetected Malware; Press (Media), issues.

  • If you are reporting an FP, then you get another input field open, enter the web URL for the site you wish to submit for review (Network Shield alert), etc. A link to this topic also wouldn’t hurt.

Done.
I had to try several times.
It didn’t want to accept it, maybe because vectroproxy.com wasn’t connecting temporarily, but it finally went thru.

Personally I would have been submitting the site that avast is actually alerting on, as in your image.

Thank you JohhnyBob, for bringing this to my attention. I am the owner of VectroProxy. Stealthproxy.org is owned by a partner. Stealthproxy.org has been flagged in the past as a “spam” site by Spamhaus because it mentions Scrapebox. Not because the site sends spam, but because it mentions software that Spamhaus doesn’t like. Perhaphs it has also been flagged by other security operations. As far as I know, VectroProxy has not been flagged like that. I think the issue with the warning on VectroProxy was caused by a button image on VectroProxy that was hotlinked from stealthproxy.org. I have saved a local copy of the button on VectroProxy and have referenced that in my code instead. Maybe the security warning from Avast will be gone now.

Hi ye all,

I see a hick-up on the code analysis here: wXw.google-analytics.com/ga.js suspicious
[suspicious:2] (ipaddr:74.125.227.139) (script) wXw.google-analytics.com/ga.js
status: (referer=stealthproxy dot org/)saved 33408 bytes f5d1e82ad2ca5817cd86d1282133c86b5c3d3510
info: [decodingLevel=0] found JavaScript
suspicious

polonus

Yes, the avast security warning is gone now. I tried on two machines (XP and W7) both running free avast antivirus. Thanks!