InformAction Forums

I have Avast free anti-virus program and NoScript working on my computer. Sometimes I'll be clicking random links after doing an innocent-looking Google search, and right after the pages load, my Avast will freak out and say the computer was about to download a trojan. Why is this happening? Everyone always talks like NoScript is supposed to stop all that sort of nastiness. I don't know too much about computers, but I thought the automatic and invisible attempt to download a trojan was part of a malicious script that NoScript should be blocking.

When I'm clicking through to these sites, it's not like I enable scripts and then it turns out to be a malicious site or something. And it's not like I've added shady sites to my NoScript whitelist either. Starting from the default setup, I've only whitelisted a handful of really common sites -- YouTube, Facebook, maybe a couple others. I blacklist any scripts whose names I Google and find out are connecting to shady advertising in some way.

My (flawed) understanding was that NoScript should stop the scripts on sites from working by default, so I should never even have the chance to be exposed to a trojan unless I download something or enable scripts or something. I'm glad that my antivirus is catching them as my backup net, but it's kinda freaking me out, and I worry that I'm one missed or unreleased antivirus update away from getting a virus or something, despite the fact that I'm running NoScript.

I'm sorry for the stupid questions, but why am I being exposed to trojans? What am I doing wrong or not understanding?

What you are doing wrong is "clicking random links after doing an innocent-looking Google search".
The Avast network shield is warning you that the site has malicious content and blocking it. Even if Avast failed, then NoScript would protect you from any attempt the site could make to execute malicious active content such as JavaScript. Assuming you didn't whitelist the site, even temporarily. I'm glad to see you've limited your whitelist to only sites you trust and frequently use. Make sure you have not checked NoScript Options > General > Temporarily allow top-level sites by default.

Thank you very much for your response. So if I understand correctly, it's just an order-of-operations issue?

Meaning that Avast is simply stopping the malicious site from even loading when I go to click through to it, and even if I did persist in going to the URL or Avast failed to catch the malware, then NoScript would act as a second safety net? (Unless I did something like allowing the site's scripts, even temporarily)

Am I understanding this right?

Computernoob wrote:Am I understanding this right?

Yes.