« previous next »
Pages: [1]   Go Down

Author Topic: help to resolve origin of "Infection blocked"  (Read 2196 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
help to resolve origin of "Infection blocked"
« on: November 30, 2018, 07:16:14 AM »
Hi,
First post so pls bare with me :-) I have a persistent (ones or twice a week) infection blocked popup appearing on my screen since I installed a network surveillance program some weeks ago. I would need some help in determining what is going on. Is this infection attempt is originating from outside my Mac or if it's the network surveillance program that is somehow vulnerable to a random infection attempt. It's always the same URL (but different Token) and the same process involved. It seems odd to me that it's the same process and URL that's involved.

The program involved is an paid app Network Logger Pro, which checks and logs internet outages ( https://networklogger.net)

Any help in resolving this would be highly appreciated.

I'm on an iMac Mojave 10.14.1 and Avast Security Pro 13.11 and here's the popup message:

Infection blocked!
Avast Web shield has blocked a threat.
Infection: URL:Phishing
URL: http://zatnawqy.net/?uniqifyingToken=24LKhEoaO3dnjnwxdihC
File: http://zatnawqy.net/?uniqifyingToken=24LKhEoaO3dnjnwxdihC
Process: /Applications/Network Logger Pro.app/Contents/MacOS/Network Logger Pro

Many thanks in advance
Claes
Logged

REDACTED

  • Guest
Re: help to resolve origin of "Infection blocked"
« Reply #1 on: November 30, 2018, 08:12:50 AM »
The app developer resolved my question so ít was perhaps premature of me to post here but for what's it worth here's the reply in case it can help someone else in a similar situation.

"Hi Claes, not to worry, I’ve seen this before.  What is happening is that when the Automatic Connection Testing feature is turned on in Network Logger Pro, it makes http header and pings requests to the top 5,000 servers on the Internet.  A few of those URLs are blacklisted and I’m assuming that your Avast app has such a URL blacklist.  I’ve been removing blacklisted URLs from the testing list as people bring them to my attention.  However, even when present, no payload data is downloaded from those servers, Network Logger Pro is just seeing if it can reach them in the course of checking to see if your Internet connection is up.  In short, the program is fine. Thank you for that screenshot, I will remove that URL from the list for the next update. Feel free to forward any others you encounter."

Best,
Claes
Logged

Offline lukas.hasik

  • Avast team
  • Advanced Poster
  • *
  • Posts: 931
  • Product manager of Avast Security for Windows
Re: help to resolve origin of "Infection blocked"
« Reply #2 on: November 30, 2018, 12:57:29 PM »
This website is blocked by Google too. It's a phishing site.
Logged
Quality is also a feature.
Pages: [1]   Go Up
« previous next »