Network shield URL exclusion

Is it possible to exclude specific URLs from being scanned by avast’s Network Shield?

I believe one way to do it would be to right-click your avast icon in the system tray, then click Program Settings.

Then click Exclusions, then Add. Type the web address that you want to exclude there.

There is no way to do it. In Program Setings, it says “These settings affect all parts of avast!, except for the resident protection”. That is, it affects on-demand scans. Furthermore, adding URLs to this area won’t make sense I think.

Web Shield has an exclusion list but Network Shield doesn’t. You can pause Network Shield while you surf those specific sites, this seems to be the only solution now.

Why do you want to do this (visit a site being blocked by the network shield) ?

The Network Shield doesn’t actually scan anything in regard to a URL, so there would be no exclusion. What it does when you want to visit a URL avast compares that URL with its list of malicious sites and will block if it matches.

What is the URL (change the http part of the URL to hXXp to avoid accidental exposure) ?

I need info and to download files from this specific website. The website that I tried to visit and that was used to be blocked by avast’s Network shield was hxxp://gf.wiretarget.com . I recently tried to visit this website with avast network shield on and it didn’t block it anymore (I haven’t tried putting it on the exclusion list as suggested by scythe944 yet). Might be a false positive, I’m not sure.

Any way to edit or exclude URLs from this list (in case I might need to exclude a specific website in the future)?

No, as already said, it’s not possible.
If you really want to visit a malicious site (which is hardly a good idea), feel free to disable avast! resident protection temporarily.

Disabling protection for all websites is, IMHO, also a bad workaround, even if done temporarily.

In the case of the website I tried to put in the exclusion list, it appeared to be a false positive (as it was blocked a few days ago and has now been removed from the list). A Network shield exclusion feature would be useful in that case. So, I guess this post is now a request for this feature.

If it was blocked for some time and later removed - may just mean that the site was hacked, and later the owners fixed the “bad” content.
I’m not saying that false positives can’t happen, but generally they are quite rare for the Network Shield detections.
[So, I kinda doubt it was really a false positive in your case.]

Given that the description in a google search for wiretarget.com KeyGen and Game Cheats, etc. etc. I don’t doubt that on occasion this site is going to be black listed as aside from any moral/legal issues surrounding key generators, these frequently come with unwanted guests (trojans).

So that may have had more to do with the detection than anything else, some malware found to be coming down the pipe.

Perhaps he is trying to lessen the activity Avast is having on his PC.

Personally, I am at the point I am going to un-install Avast forever, cause the web shield is going nuts scanning everything in sight, whilst the File System & Mail Shields do little.

It’s very annoying to have my PC lock-up for short periods, cause the web shield is scanning 466,435 objects.

Do what you wish, but did you realize that this thread is ~4 years old? Also webshield is first line of protection while browsing the web or while other applications are connected to the web.

I believe there is a setting that you can check within the webshield settings to scan only well know browsers or something to that effect.

There is a possible way and that is going to the site in question via a webproxy unless the shields are not blocking the live malcode from within the webproxy results.
Then whenever blocked for the proxy this is a strong indicator not to venture out there if one does not want to be “clubbed over the head with the proverbial malcode stick” :smiley: .
A more risky way is going to google cache results, but I would strongly advise against that.
A cleansed site could still be malicious as a cache result page as it was previously taken before a cleansing was performed…
Whenever you know the real uri you want to view your best option would be to go here: http://web-sniffer.net/
that is a quite harmless way to get what is on the site as it is a rather secure third party scan method.

All this from my experience in cold reconnaissance scanning of suspicious websites. Enjoy,

polonus