Author Topic: [RESOLVED]FALSE ALERM googleapis.com  (Read 10269 times)

0 Members and 1 Guest are viewing this topic.

adoria0000

  • Guest
[RESOLVED]FALSE ALERM googleapis.com
« on: June 24, 2013, 07:12:04 PM »
http://fonts.googleapis.com/css?family=Open+Sans:400italic,700,400|Open+Sans+Condensed:700&subset=latin-ext
http://ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js

130624-1

avast! release engineering team are stupid.
« Last Edit: June 25, 2013, 06:32:32 AM by adoria0000 »

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: FALSE ALERM googleapis.com
« Reply #1 on: June 24, 2013, 09:03:32 PM »
The first one is blacklisted see http://sitecheck.sucuri.net/results/fonts.googleapis.com
The second one is good http://sitecheck.sucuri.net/results/ajax.googleapis.com

If you still feel these are false positives use this form http://www.avast.com/contact-form.php  :)
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.

Offline mbd35

  • Jr. Member
  • **
  • Posts: 62
Re: FALSE ALERM googleapis.com
« Reply #2 on: June 24, 2013, 09:23:16 PM »
Avast is constantly blocking googleapis on websites. This is very annoying.

"URL:   http://ajax.googleapis.com/ajax/libs/jqu...
Process:   C:\Program Files (x86)\Mozilla Firefox\f...
Infection:   URL:Mal"


adoria0000

  • Guest
Re: FALSE ALERM googleapis.com
« Reply #3 on: June 24, 2013, 09:25:34 PM »
The first one is blacklisted see http://sitecheck.sucuri.net/results/fonts.googleapis.com
The second one is good http://sitecheck.sucuri.net/results/ajax.googleapis.com

If you still feel these are false positives use this form http://www.avast.com/contact-form.php  :)

ahhhh, interesting
visit http://www.avast.com/virus-update-history,
alerm popups for http://fonts.googleapis.com/css?family=Open+Sans:400italic,700,400|Open+Sans+Condensed:700&subset=latin-ext

So, avast! home page is infected!!! infected!!! infected!!!

Offline Para-Noid

  • Avast Evangelist
  • Starting Graphoman
  • ***
  • Posts: 6700
  • Trust only what you test yourself!
Re: FALSE ALERM googleapis.com
« Reply #4 on: June 24, 2013, 10:47:37 PM »
To check websites before entering use the virus total extension/add-on in both Firefox and Chrome.
Just right click on the link then click on "check with virus total". Virus total uses multiple scanners
to check a site. The virus total add-on/extension is very handy.  :)

@mbd35  The avast page is "not" infected                 https://www.virustotal.com/en/url/c33d4eb8da4e52f2994721130ce29e2e50033dee681f5b385ccc8934ed3f6104/analysis/1372106960/
and http://sitecheck.sucuri.net/results/www.avast.com
« Last Edit: June 24, 2013, 10:52:36 PM by Para-Noid »
Dell Inspiron, Win10x64--HP Envy Win10x64--Both systems Avast Free v17.9.2322, Comodo Firewall v8.2 w/D+, MalwareBytes v3.0, OpenDNS, Super Anti-Spyware, Spyware Blaster, MCShield, Unchecky, Vivaldi Browser and, various browser security tools.

"Look before you leap!" Use online scanners before you click on any link.


Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: FALSE ALERM googleapis.com
« Reply #6 on: June 24, 2013, 11:01:33 PM »
I get a suspicious file from Quttera's
Potentially Suspicious files: 1
http://quttera.com/detailed_report/www.schtserv.com
look here: http://jsunpack.jeek.org/?report=ead8ad1817185c38dde84421c3dbc2f7e588a95a
(visit last link with active script blocker and inside a VM)
similar script flagged here also: wXw.portlypiperpub.com/mobile/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Issagrim

  • Guest
Re: FALSE ALERM googleapis.com
« Reply #7 on: June 24, 2013, 11:04:51 PM »
I think what the OP is talking about is the Apis posted and othesr like them are being blocked all over the place.

Like when i visit Kickstarter.com i get a notification for a file http://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js being blocked as a URL:Mal

when i click on More details in the popup, the Avat site has a notification popup for the file http://fonts.googleapis.com/css?family=Open+Sans:400italic,700,400|Open+Sans+Condensed:700&subset=latin-ext being blocked as URL:Mal

Point being is, it is making some sites almost unusable as it blocks functionality.

As a side note going to http://sitecheck.sucuri.net/results/www.avast.com i get two URL:Mal notifications one for http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js and one for http://ajax.googleapis.com/ajax/libs/jqueryui/1.7.1/jquery-ui.min.js

so yeah, very frustrating.

EDIT: it appears after restarting Firefox for the 5th time it has fixed itself.
« Last Edit: June 24, 2013, 11:09:28 PM by Issagrim »

adoria0000

  • Guest

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

SweetieBelle

  • Guest
Re: [RESOLVED]FALSE ALERM googleapis.com
« Reply #10 on: June 25, 2013, 09:23:45 AM »
I am already running 130624-2. I have also restarted the service however google's api's are still giving false positives.

Is there another fix aside from shutting the av down?