Does avast detect in PUP-mode?

[polonus]

See: http://urlquery.net/report.php?id=1495997263451
See: https://www.virustotal.com/pl/url/a7e1c46788001528eb80c185f8a86cf160d8ee7e31cb25c7a231b50270c0ca8e/analysis/1495999641/
See: https://www.virustotal.com/pl/file/f7f75701f45c47660953b4cc13dc8fab8421e7e92a4812a326bc266df75ed27e/analysis/1495998272/

How b5.exe is dangerous for your system?
It is dangerous and affects the overall performance of the system as:

1.It displays many fake security warnings and error messages that are displayed to scare the users that their system has security issues.
2.It gets automatically installed to the system via Trojans.
3.It blocks other legitimate programs to run on the system.
4.It is also responsible for redirecting the browsers home page.
I get: The request did not return any content

The sitescan found some terms that are commonly used in spam hacks. Suggest you check through the content listed out below for anything suspicious.

hxtp://inform51.ru
Detected libraries:
jquery - 1.11.0 : (active1) https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
bootstrap - 3.3.2 : hxtp://inform51.ru/assets/template/js/bootstrap.min.js
Info: Severity: medium
https://github.com/twbs/bootstrap/issues/20184
(active) - the library was also found to be active by running code
2 vulnerable libraries detected

C-status: https://sritest.io/#report/ef1a1686-0370-44d3-9e42-9ed2f6c37867

F-status: https://observatory.mozilla.org/analyze.html?host=inform51.ru

polonus

[mchain]

Hi pol,

Yep, avast blocks a sandboxed download of b5_exe (if .exe is doubleclicked in sandbox), so avast users are protected as long as they do not allow it to run.

It was Hardened Mode that blocked it.

[EDIT:]  Clarified action needed to trigger block.