Author Topic: Avast pops up virus alert, calling service provider malware  (Read 2589 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Avast pops up virus alert, calling service provider malware
« on: November 13, 2014, 04:58:14 AM »
I opened up Dailymotion (usually I use youtube, but this time I had to use dm). Anyhow, long story short, something weird happened. Almost immediately as I clicked on a link to view a video, all of a sudden, Avast popped up and blocked this, calling it malware:

hxxp://24.200.246.9/connect/xd_arbiter/QjK2hWv6uak.js?version=41

According to who.is
https://who.is/whois-ip/ip-address/24.200.246.9

The IP belongs to my service provider. As for the js file, God knows what's in there (benign or malign). Any ideas as to why Avast popped up with that message? This is the message I received found on this url:

http://www.avast.com/en-ca/lp-fr-virus-alert?p_ext=&utm_campaign=Virus_alert&utm_source=prg_fav_90_0&utm_medium=prg_systray&utm_content=.%2Ffa%2Fen-ca%2Fvirus-alert-default&p_vir=VVJMOk1hbA&p_prc=C:\Program%20Files\Pale%20Moon\palemoon.exe&p_obj=aHR0cDovLzI0LjIwMC4yNDYuOS9jb25uZWN0L3hkX2FyYml0ZXIvUWpLMmhXdjZ1YWsuanM_dmVyc2lvbj00MQ&p_var=.%2Ffa%2Fen-ca%2Fvirus-alert-default&p_elm=7&p_lex=340&p_lid=en-ca&p_lng=en&p_lqa=0&p_lqe=0&p_lst=0&p_lsu=24&p_pro=0&p_bld=empty&p_vep=9&p_ves=0&p_vbd=2021&p_hid=6ec3e33f-244f-41f9-b90e-53b05dc1d12d&p_ram=3575&p_cpu=7.1
« Last Edit: November 13, 2014, 05:30:01 AM by mades »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37612
  • Not a avast user
Re: Avast pops up virus alert, calling service provider malware
« Reply #1 on: November 13, 2014, 07:40:29 AM »
URL:Mal means URL or IP is on a blacklist for whatever reason, there can be many

IP (24.200.246.9) is on 3 blacklists ... apews.org / dnsbl.sorbs.net / dul.dnsbl.sorbs.net

seems to be spam related


REDACTED

  • Guest
Re: Avast pops up virus alert, calling service provider malware
« Reply #2 on: November 13, 2014, 10:01:20 PM »
I get the exact same pop up alert on different sites...never happend before

Why would my Internet Provider be blacklist? could it be false alert by Avast?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37612
  • Not a avast user
Re: Avast pops up virus alert, calling service provider malware
« Reply #3 on: November 13, 2014, 11:42:25 PM »
Quote
Why would my Internet Provider be blacklist? could it be false alert by Avast?
it could be that many users at that provider have infected machines that send out spam!

you can check your IP for Blacklisting here  http://whatismyipaddress.com/blacklist-check
if listed, ask your ISP why


my IP is on 4 blacklists  dnsbl.sorbs.net / dul.dnsbl.sorbs.net / pbl.spamhaus.org /  zen.spamhaus.org    so seems to be spam related

info given by SORBS
Quote
Usage classification (only important if you run your own mailserver.)
i dont run my own mail server so have no problem   ;)   


REDACTED

  • Guest
Re: Avast pops up virus alert, calling service provider malware
« Reply #4 on: November 14, 2014, 12:50:32 AM »
Thanks!

Its seems (finding on other forums) that many people from this Internet provider are having the exact same problem and were all running on Avast.

Makes me wonder if the problem doesnt come from our internet provider!!

I checked my ip on the site you gave me and its listed only on 2.....dnsbl.sorbs.net / dul.dnsbl.sorbs.net (dont why it would be)

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37612
  • Not a avast user
Re: Avast pops up virus alert, calling service provider malware
« Reply #5 on: November 14, 2014, 12:54:34 AM »
Quote
I checked my ip on the site you gave me and its listed only on 2.....dnsbl.sorbs.net / dul.dnsbl.sorbs.net (dont why it would be)
you can click those to get more info / lookup

SORBS lists are spam related  http://www.sorbs.net/


REDACTED

  • Guest
Re: Avast pops up virus alert, calling service provider malware
« Reply #6 on: November 15, 2014, 12:39:13 AM »
Thanks for the info. Normally I have noscript running, but for some reason, I had allowed dm. I doubt I would have gotten that alert otherwise. Concerning apews, unless I am mistaking, it doesn't matter if you're blacklisted there. Even my own ip is blacklisted there. As for the others, I assume customers flag emails as spam? To me, this may make sense.