Avast just started reporting malware in js on certain pages

TheOtherBill

Well-known member
Nov 29, 2012
415
0
16
All of a sudden I'm getting blocks and malware alerts, on various pages. It started for me on the AT&T Galaxy Note 2 forum, now I'm getting it on this page.

Infection Details
URL: http://d1ros97qkrwjf5.cloudfront.net/42/...
Infection: URL:Mal
I see that file in the html source under this:
Code:
// Main vBulletin Javascript Initialization
		vBulletin_init();
	//--> </script> <script type="text/javascript">if(!NREUMQ.f){NREUMQ.f=function(){NREUMQ.push(["load",new Date().getTime()]);var e=document.createElement("script");e.type="text/javascript";e.src=(("http:"===document.location.protocol)?"http:":"https:")+"//"+"d1ros97qkrwjf5.cloudfront.net/42/eum/rum.js";document.body.appendChild(e);if(NREUMQ.a)NREUMQ.a();};NREUMQ.a=window.onload;window.onload=NREUMQ.f;};NREUMQ.push(["nrfj","beacon-1.newrelic.com","c0a1194d5d","198784","ZVxaNhFRXkEHW0BZWFwWexcQRF9fSXl3HVlXTkwKEVVRVg==",0,37,new Date().getTime(),"","","","",""]);</script> <script type="text/javascript">
 
Hey, guys. Pinged our tech team on it, and they're seeing the same thing as that avast thread. Most likely false positives. Will update if there's anything to update. (I'm not expecting there to be.)
 
Such tracking codes are sometimes identified as potentially unwanted by certain antivirus companies. Of course, it might be very confusing for users to decide if the threat is real or not. Especially, when guys from AV companies say it might be an privacy intrusion, etc. In your case, it's not a big deal, for example Kaspersky or ESET say the file is clean as well as many other AVs. So, I guess there's nothing to worry about.
 

Trending Posts

Forum statistics

Threads
956,244
Messages
6,967,180
Members
3,163,492
Latest member
tntitans37216