Why bother using an AV if you don’t intend to listen to it’s advice ???
If you think the detection is incorrect, report it and wait for a change in the detection if you’re correct.
This really is a side issue to the fact that the avast web shield settings don’t work as expected, regardless of wanting to commit on-line suicide.
We might not agree with it, but the settings should work.
Exactly. The behaviour of this checkbox isn’t as expected.
If my AV tells me: “This site might try to scam you”, fine, noted. I’ll be careful. If it just flat out blocks the site because some people might fall for said scams, at least give me an option to say: “I get it. I understand. Now let me proceed.” Make it an advanced option somewhere. I’m perfectly willing to take my chances. I have backups. I have virtual machines. Blocking for viruses is one thing, blocking for phishing is another. I’m fine that Avast does this by default, and on most sites I would have it enabled. But ultimately I decide 
Ideally I would have URL blocking enabled, except for explicitly added exclusions. So, that option doesn’t exist, and the option that does exist doesn’t do what it is supposed to do.
It would seem I have stumbled upon a bug then
Hi all,
You can turn webshield, but the exclusions only work on (JS, HTML, …) detections on the domain, not the domain itself. To override URL block, you have to disable shields.
DavidR: The 2 popups that you were seeing are from AOS (Avast Online Security, the browser plugin).
“This site could have harmed your computer” is an equivalent of URL:Mal detection, AOS uses the same database for that
“This site has been marked as a phishing site” is a result of our internal phishing database, that is created (loosely) based on Mailshell, Phishtank, APWG and Cyren databases.
If I understand this correctly, the only way to bypass a dangerous site is to turn off the Shield.
I don’t want to turn off the Web Shield. But I do expect that if I disable URL blocking, Avast actually stops blocking URLs (and giving me an alert when I visit a site that it blocked it based on URL → URL:Mal(2)).
As it stands, disabling that feature doesn’t in fact disable it.
Ha die Rundvleeskroket,
Why you wanna turn of the obvious and reasonable Mal:URL or Mal:URL2 blocking alerts for Pete’s sake?
I would keep all protection up and running, not make an exclusion for that website, but visit it using a webproxy of sorts,
like for instance [i]https://whoer.net/webproxy[/i]
Whenever you are blocked against something in the code while running a site on a webproxy server,
then you should report back here, because then the site you wanna visit perse is laden with malcode or working something uncanny out into the browser executable.
What does the Google Safebrowsing report on that particular site say, and what do you get scanning it at: isithacked.com
When not enough of the vulnerable or suspicious or even malware code is showing a webproxy is a safe way of going somewhere
to keep a particular threat at bay and not given up the exisiting line of defense and protection.
Ik zou zeggen probeer dit eerst eens uit en dan zien we wel weer, gegroet,
polonus
I can visit the site in a dedicated VM if I must. But I’d rather avoid the hassle.
Tell me: what is the point of having a checkbox, if it doesn’t matter whether it is checked or not? At the very least the feature should behave as expected. It currently does not.
Het komt er op neer dat ik zelf wel bepaal welke functionaliteit ik wel en niet gebruik, en welke sites ik wel of niet bezoek. Mijn virusscanner is een gereedschap om mijn risico’s te mitigeren, en daar maak ik dankbaar gebruik van. Maar dat wil niet zeggen dat ik moet kiezen voor het keurslijf van Avast gericht op klikgrage lui. Ik ben me bewust van de risico’s. Blijf vooral waarschuwen dat het gevaarlijk is. Ik weet het. Ik kies er voor om door te gaan. Serieus … wat moet er gebeuren dat zo spannend is? In het ergste geval zet ik gewoon een image van vorige week terug. Of die van vorige maand. Of die van twee maanden terug. Etc. 10 minuten werk. Desnoods op een andere schijf die ik een stapel heb liggen. Ik vind het vreemd dat ik herhaaldelijk gevraagd word waarom ik het wil doen, want oei oei oei, terwijl ik dat al heb uitgelegd. Ik vind het alleen ook onzin om hele stukken van Avast uit te schakelen terwijl een klein deel een uitzondering geven zou kunnen volstaan. Dan geniet ik het voordeel van de AV, en kan die alsnog als ik daadwerkelijk de site bezoek over de zeik gaan en me waarschuwen.
Well go watching it in that webproxy shows the site, but also the alert which is for JS:ScrptP-inf[Trj]
The site is redirecting to -http://www.adnetworkperformance.com/a/display.php?r=121020
which should be blocked.
It is malware, read http://www.freefixer.com/b/remove-adnetworkperformance-com-pop-up-ads/
You want that infection because you just like to go to that page?
It is a free world, do as you please. I would use a script blocker then to get away from,
and keep all the fake malware protection off of your machine, these phising guys seems in bed with.
polonus
Except it isn’t!
Yes, if I use the proxy I get the same alert about a trojan. But I just visited the site in a VM. With Firefox and AdBlock Plus. And Avast.
After disabling Web Scanning I can visit the site. I am not redirected anywhere. No popups or popunders. Just the site. Works fine for what I need it for.
I’m not dismissing the risk. Just that it seems acceptable to me. ABP is probably already filtering out the threat.
Since about 80 - 85% of all infections come through the internet, shutting down the WebShield
isn’t really a safe remedy. Your computer, your risk and your choice. Definitely not mine.
I think that we, as avast users have made our point clear, but it doesn’t excuse why the avast settings don’t work as expected.
Its broken and avast needs to either fix it or remove the options.
I think I have made it perfectly clear that I prefer to have Web Shield enabled. And URL blocking too, for that matter. However, I’d like the option to add an exclusion. Or at least the option to proceed after Avast blocks a site.
All this is secondary though, to the fact that the option to disable the URL blocking feature all together is broken. What I need it disabled for isn’t all that relevant. The option exists. It should work.
Totally agree. Either it works or it shouldn’t be there.
(Reported to Avast let’s see if that helps.)
Thanks. Let’s hope a fix comes soon.
There is no fix needed as everything is working as it should.
See HonzaZ’s reply.
It is a dogs hind leg completely bent out of shape. There is no delimiting factor in the UI that explains it is only for JS and HTML. We shouldn’t expect users to be mind readers to know what is the unwritten rule. Sorry but users expect if they enter a URL exclusion that it bloody works and is excluded.
It needs fixed period, one way or another:
- full explanation of exactly what can be excluded.
- all URLs regardless of categorisation should be allowed.
- remove the exclusions completely.
Why the hell it can’t be excluded is beyond me (even after HonzaZ’s post), when the only other option is to disable the web shield completely, so they might as well have the exclusions work for all instances.
^
This guy gets it!
Bump. Can we expect the URL blocking/unblocking to work in the near future? Any other news regarding this bug?
Uhm… I just tested a couple of URLs which we block. I added them to exclusions (I tried both global and webshield exclusions) and I can access the blocked sites normally without any popup. Seems like I have been mistaken about the fact that URL:Mal detection cannot be excluded; it seems like everything is working like a charm.
If you guys have any trouble setting up exclusions, please do let me know 