network shield has blocked a website.

Avast Free Antivirus / Premium Security
1

My sister upgraded her avast on Saturday February 13th to the new avast antivirus free edition. No complains except one. the network shield has blocked a website and she can’t go to the website anymore. How do we remove it from the network shield so she can go to it?

I’m trying to help her long distance and I’m not familiar with avast. Please forgive me if this is answered somewhere in the forum but I’ve searched and searched.

Thank you, Helen W.

2

you can’t configure the network shield. Only way if you absolutely want to visit this site is to deactivate it. This said, if it was blocked, there must be a reason :wink:

3

Can you give us the link to the website ??? ( Please make it non-clickable by changing http:// to hxxp:// )

Greetz, Red.

4

I understand you can’t configure network shield but you should be able to remove a website that is blocked.

the website is hxxp://apps.facebook.com/farmtown/play/. apparently there was a malware that was going around and it caused the website to be blocked. It was an ad on facebook that had the malware in it not the actually game.

thanks for any help you can give.

5

I’ve asked my sister to confirm that I put the right website in the last post.

There has to be some way to remove the website on network shield since all websites can sometimes have a malware ad.

If someone can help me with how to remove the website, I would be most appreciative.

6

there’s nothing you can do yourself but submit it (the link) to Avast, and if it’s an FP they’ll remove it.

7

This site is not beyond suspicion and malware has been added.

Of 112075 pages checked during the previous 90 days (and malcreants start to infect after google checked for malcode) 6 pages have been downloading and installing malicious software without user’s consent. Last time that Google visited this site was at 2010-02-23. The last time the site was found to be infected was at 2010-02-23.
Malicious software includes 12 trojans, 1 scripting exploit, 1 worm. Successful infection resulted in an average of 2 new processes on the target machine.

Malicious software is now being hosted at 10 domains, e.g. reycross.net/, dateforasia.com/, dontdatehimgirl.com/.
One of the trojans found there was Discovered: June 8, 2001
Updated: February 13, 2007 11:50:11 AM
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP

Downloader does the following:
Downloader connects to the Internet and downloads other Trojan horses or components that is it goes to a specific Web or FTP site that its author created and attempts to download new Trojans, viruses, worms, or their components.
After the Trojan downloads the files, it executes them.

3 domains seem to function as re-directs for spreading malware to visitors of this site, e.g. mancrushonmcslee.com/, loathsome.us/, vipcastingparty.info/.

This site was hosted on 38 networks including AS20940 (AKAMAI), AS32934 (FACEBOOK), AS4788 (TMNET).

Has the site been functioning as a re-direct and spreading additional malware?
Yes the site has been hosting malicious code and infected 9 domains, e.g.
eylanderphotographyblog.com/, iheartrugs.com/, enuma.net84.n

Therefore Avast blocked it correctly,

polonus

8
Therefore Avast blocked it correctly,

polonus

good :wink: I didn’t check, I only suggested that if it was an FP, Avast would whitelist it. But since it’s definitely not an FP, the OP will have to come to terms with that :slight_smile:

9

Hi Logos,

Well I did check and then I add that malcreants also discovered the workings of Unmask Parasite checks, they wait until the last time the google bot has visited with an all clean bill and then reinfect again for the infection to go under the radar for the next 90 days, so we have to double check here.
The malware landscape with all this reputable trusted websites infested every 3.6 secs is like the ever changing ocean, you never know where the Leviathan is raising its ugly head now. Mr. Kaspersky said in a recent interview that if users were not going to work in a fully VM sandboxed surfing surrounding or completely in a protected cloud the Internet as we know it would be unworkable because of the high grade of malware found on it, and some also say we are fighting against the tide.
Blocking javascript inside the browser now like Fx with NoScript extension is the most secure way to go and also the avast shields are doing a great job here,

polonus

10

ok, issue has been solved. tonight when she clicked on network shield, the website was no longer listed. so my assumption is that avast removed it from the list. After uninstalling and reinstalling flashplayer and cleaning her cookies and temp files, she is able to get to the website.

thank you, Helen W

11

Hey Polonus, which website that you go to that gave you all the info???

12
Hey Polonus, which website that you go to that gave you all the info???

yeah, I agree this should be mentioned and quoted.