Author Topic: Blacklist virus can't open any files for teaching  (Read 1242 times)

0 Members and 1 Guest are viewing this topic.

Offline Cheryl109

  • Newbie
  • *
  • Posts: 2
Blacklist virus can't open any files for teaching
« on: May 11, 2020, 02:10:28 AM »
I am a music teacher during this shutdown. My school distrist uses email through www.gaggle.net. I tried to ask avast to allow this to go through.
Everytime I try to open up an attachment in my gaggle email Avast blocks it saying it's infected with Blacklist/URL.
My technical person at school says that isn't true. I am able to forward the messages to another email and open them there.

It's getting old after having all of my students send me their assignments K-12 via email. Also anything from work is blocked from Avast.

My phone, laptop and desktop at home have Avast, and I normally love this anti virus, but this is too old. Please help!

Offline Cheryl109

  • Newbie
  • *
  • Posts: 2
Re: Blacklist virus can't open any files for teaching
« Reply #1 on: May 11, 2020, 02:27:34 AM »
figured it out in exceptions. I had the wrong address. I had to put the word apps in it, now they purr like kittens! I even get thumbnails. So happy!!!
Cheers!

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Blacklist virus can't open any files for teaching
« Reply #3 on: May 11, 2020, 09:41:07 AM »
Hi Cheryl109,

What are these links: -https://static.zdassets.com/ekr/snippet.js?key=0ac05b8a-1f77-4139-90d2-dc53e947287c  Host ID: 4aHxo4gUIWCy5LnmZ6WAUh7NWIO5XedTss4ysx8eut5qe0T7s6tZ0JnDFvqSHrK3sbKp/UH3Zrg=
&
-https://hitech-lamongan.com/  A for sale domain, that can certainly be abused...
Consider -https://www.4wd-101.com/  Not secure Chinese tracker: -http://101.com/
developing platform...
Quote
At least 5 third parties know you are on this webpage.

-img5.99.com -img5.99.com
 -101.com
 -www.sneduyun.com.cn
 -at.alicdn.com
 -img8.91huo.cn

Now to the word press website SEC:

For a WordPress website it has some outdated plug-in software:
Quote
   site-gaggle   
bbpowerpack   
wordpress-seo 13.3   latest release (14.0.4)
https://yoa.st/1uj
better-click-to-tweet 5.9.2   latest release (5.9.2)
https://wordpress.org/plugins/better-click-to-tweet/
addthis 6.2.6   latest release (6.2.6)
https://wordpress.org/plugins/addthis/
page-links-to 3.3.3   latest release (3.3.3)
http://txfx.net/wordpress-plugins/page-links-to/
tablepress 1.10   latest release (1.11)
https://tablepress.org/
event-calendar-wd 1.1.34   latest release (1.1.35)
https://10web.io/plugins/wordpress-event-calendar/
insert-pages   latest release (3.5.3.2)
https://github.com/uhm-coe/insert-pages
usahtmlmap 2.9.9.6   
advanced-backgrounds   latest release (1.6.4)
bb-plugin
Retirable jQuery library
Quote
Retire.js
jquery   1.12.4   Found in -https://www.gaggle.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp<br>Vulnerability info:
Medium   2432 3rd party CORS request may execute CVE-2015-9251   
Medium   CVE-2015-9251 11974 parseHTML() executes scripts in event handlers   
Low   CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution   
Medium   Regex in its jQuery.htmlPrefilter sometimes may introduce XSS
Insecure Tracker SSL results
Quote
Website is insecure by default
100% of the trackers on this site could be protecting you from NSA snooping.
Tell -gaggle.net to fix it.

 All trackers
At least 6 third parties know you are on this webpage.

-js.hs-scripts.com -js.hs-scripts.com
 -www.gaggle.net
 -Google
 -static.zdassets.com
 -fast.wistia.com
 -Google

These IP related detections might have caused the FP: https://www.virustotal.com/gui/ip-address/104.198.69.90/relations

Wait for a reaction form avast team to you reporting an FP. They are the only ones to come and unblock, we here are just volunteers with relative knowledge.

Here some recommendations towards improvement for that particular website:
https://webhint.io/scanner/bbb0d5b2-b0ec-453c-8cda-7ce9c7332a11

polonus (volunteer 3rd party cold recon security analyst and website error-hunter)
« Last Edit: May 11, 2020, 11:52:06 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!