Hi, I am having the latest free avast version and when i click excelfourm, which is a genuine site, dealing with excel questions and answers help, I get the above warning and a bug report of Html.script.inf and the message , that the connection to the server was reset while the page was loading. How to overcome this? is it a real threat?
since that is a forum, i guess somone have posted some code on that forum that trigger avast webshield…
can you attach a screenshot of the message…
Hi pl find the enclosure
It is ended with firefox.exe
Hi, Why no action has been taken sir.
Why genuine sites could not be logged in . I do not have any doubt, that something is messing when surfing. But could not avast try the same and give the solution. For weeks i am waiting . I have included the problematic picture also to you
“Official” and “genuine” or not, a website/forum can be compromised; that “appellation” has nothing to do with the likelihood of such issues occurring.
Also, clicking on the avast warning’s “More info” button, and seeing the details it provides, might be useful.
Still, and without those details, it’s possible that either the forum has been compromised (wouldn’t be the first forum, whether or not it runs vBulletin, and whether “official” or not), or, at a quick glance, that your problem might be browser-related. More specifically: possibly a FireFox script that’s been installed. And even though avast points at the “genuine” website as the place of infection, it wouldn’t hurt doing a thorough check and cleanup of FireFox (periodically, in fact).
You could try emptying the browser cache and doing some general cleanup and security/privacy checks.
But I would even suggest that you take this chance to look at the FireFox scripts page (Tools → Add-ons → User scripts) and try to locate the offending script, then disabling it at first. If that improves things in the slightest way, remove the offending script (and stay away form new versions of it for the time being).
Alternatively, disable all user scripts temporarily. See if there’s any improvement to the situation.
Finally, double-check for FireFox updates even if you think it’s up to date. Or, an even better way: download the latest version of FireFox. Uninstall the version you have (reboot if needed or if you’d like to be thorough) install the new version you just downloaded (after scanning the package with avast or any other AV and anti-malware software you have) – and finally, reinstall FireFox, the latest version you just downloaded.
Exercise extra caution with any new add-on you may want to install to FF, be they user scripts, extensions, plugins, etc.
I’m going to take a second glance at that screenshot, and maybe make a note of the script and look into it, if time allows, but those are my first impressions of the issue, rather than laying the blame on avast AV.
(Incidentally, you posted on February 6th, today it’s the 14th, so it’s hardly weeks you’ve been waiting on this forum, though it is past one. Just a side note, and for the record.)
Till someone else weighs in, you might well try the above: if it still doesn’t solve the issue, or if the website in question was compromised, or it’s just a case of avast false positive, in the ‘worst’ case, you’ll end up with an up-to-date and cleaner, smother browser. Won’t hurt and won’t take longer than minutes (rather than weeks or even hours).
Oh, and you might as well download the free version of Malwarebytes Anti-Malware tool, update it, and run a quick (and/or full scan) with it (independently from avast). As long as you don’t install the always-on active monitoring paid version, it won’t interfere with avast (or any other security package that I know of).
Good luck, hope my hunch is right and it works – if not, apologies, and enjoy your squeaky-clean ‘refurbished’ browser.
Hi, very happy to receive the reply.
I have checked , it was the latest firefox update,
Noted that the adds on, they are given in the txt file enclosed.
If you suspect anything in the addon, that i think does not harm, pl advise me, and i will delete those
I am regular user of ccleaner and malware bytes, and really am proud to be user of free avast, and i am suggesting this to all problems at forum questions. Particularly scan boot.
I regularly browse excel forum for solution and questions. Not all sites produce this . I have also written to excel forum and expecting a reply.
Thanks for reply. But even though days are shorter, the attack , computer attacks are more now than ever. so i expected a quick reply
I am enclosing the aswmbr.txt
It found one infection in red, which is saved as text and sent herewith
But the Fix it button, does not have any life after the scan.
I am having the latest avast free antivirus and updating regularly.
I just changed the username to user. Would you give the solution
Thinstall is VMware so the detection is probably a false positive on Avasts part, do you get the same report for a standard scan ?
Glad that it is a false positive. But how to gain access to the genuine site.It is not on every site. A little more information would be of much help. Once avast popups with the alert, again clicking the browser , led to problem loading the pages.
Why latest avast latest free did not stop this. It includes aswmbr. Ok.
What do you mean by standard scan. I have enabled daily scan of avast of possible deduction of virus.
excelforum is the site, that i am trying.
Would adblock plus plugin be the cause. Why then it shows as firefox.exe. Firefox is a worldwide trusted search engine.
I am a big voter of avast and am recommending to any body who asks for antivirus, because, of its prompt alert of url also. How to gain then this site, by modifying or allowing in avast.
But on surfing the net, html.script.inf is a dangerous trojan, that it hides itself from deducting camouflaging under the firefox by avast alert. Pl. explain. I also wish to state that these kind of camouflaging script is really a matter of concern. Expecting more lights on this subject.
I can access the forum with no problem… Are you still having problems ?
I had that problem to day also. But i copied your link as save as link to my desktop. It saved as htmlfirefox file.When i click this there is no problem. If i come across again, then i will inform you. Can i make some settings to allow this site in future. Is it safe, sir,
To me it appears that your favourite links are somehow corrupt so I would suggest going to the site from my link and then saving that as your favourite
I have done as you say. But instead of bookmarking this site, i tried to pin. It does not work. Or it does not show in firefox. Thanks for your reply.
What is this thinstall, directory containing Stub folder and other folder, which is troubling me with this script.
You can delete the entire directory C:\Users\user\AppData\Local\Thinstall the evo gen (susp) designation means that although it is not a virus as such the file is suspicious in its behaviour
Hi, Thank you for the information. What is this thinstall, who is the owner of the program? Is it firefox? or some other thing?
Once the reply is received then i will close the thread. Thanks to essexboy for the solution. Now i will try to pin this site in firefox.