Avast WEBforum

Consumer Products => Avast Mac Security => Topic started by: REDACTED on August 29, 2017, 04:02:08 PM

Title: Js-Download-Def
Post by: REDACTED on August 29, 2017, 04:02:08 PM
For the past several days AVAST Security for Mac started frequent detection of the following virus on Yahoo!Mail and Facebook

https://ad.adtr02.com/js/ad2.js?v=**
JS: Downloader-DEF

Both are secure web sites.
Why does this happen and what can be done to disable the warning if it does not contain any serious matters?

Screenshot available here- https://ibb.co/nL7PxQ

Title: Re: Js-Download-Def
Post by: Eddy on August 29, 2017, 04:05:36 PM
Just because it says https it doesn't mean the site is trusted/secure.

There is mentioning about the same detection in the Windows forum.
I'm waiting for the outcome of that.
Title: Re: Js-Download-Def
Post by: REDACTED on August 29, 2017, 06:03:45 PM
Just because it says https it doesn't mean the site is trusted/secure.

There is mentioning about the same detection in the Windows forum.
I'm waiting for the outcome of that.

It's not about being trusted it's about that Yahoo or Facebook would not be a source to expect catching a malware :)
Title: Re: Js-Download-Def
Post by: Eddy on August 29, 2017, 06:09:42 PM
Well, they do have a lot of ads from 3rd parties.

And adtr02 is just one of them and is currently offline.
It is releated to adsv7 and others and all seem to be down a.t.m.
Looks to me a non trusted advertiser that changes the subdomain a lot.
Title: Re: Js-Download-Def
Post by: REDACTED on August 29, 2017, 06:12:11 PM
Another two on Facebook

https://ibb.co/nL7PxQ
Title: Re: Js-Download-Def
Post by: Eddy on August 29, 2017, 06:16:45 PM
I just checked and don't get the warning, but that is logical.
I have that (and many other) ad-servers blocked in my host file (Windows) :D