Avast just started reporting malware in js on certain pages

TheOtherBill

Well-known member
Nov 29, 2012
415
0
16
Visit site
All of a sudden I'm getting blocks and malware alerts, on various pages. It started for me on the AT&T Galaxy Note 2 forum, now I'm getting it on this page.

Infection Details
URL: http://d1ros97qkrwjf5.cloudfront.net/42/...
Infection: URL:Mal
I see that file in the html source under this:
Code:
// Main vBulletin Javascript Initialization
		vBulletin_init();
	//--> </script> <script type="text/javascript">if(!NREUMQ.f){NREUMQ.f=function(){NREUMQ.push(["load",new Date().getTime()]);var e=document.createElement("script");e.type="text/javascript";e.src=(("http:"===document.location.protocol)?"http:":"https:")+"//"+"d1ros97qkrwjf5.cloudfront.net/42/eum/rum.js";document.body.appendChild(e);if(NREUMQ.a)NREUMQ.a();};NREUMQ.a=window.onload;window.onload=NREUMQ.f;};NREUMQ.push(["nrfj","beacon-1.newrelic.com","c0a1194d5d","198784","ZVxaNhFRXkEHW0BZWFwWexcQRF9fSXl3HVlXTkwKEVVRVg==",0,37,new Date().getTime(),"","","","",""]);</script> <script type="text/javascript">
 

Phil Nickinson

Android Central Editor Emeritus
Apr 21, 2009
4,508
3,181
0
Visit site
Hey, guys. Pinged our tech team on it, and they're seeing the same thing as that avast thread. Most likely false positives. Will update if there's anything to update. (I'm not expecting there to be.)
 

ignb

Member
Jan 8, 2013
7
0
0
Visit site
Such tracking codes are sometimes identified as potentially unwanted by certain antivirus companies. Of course, it might be very confusing for users to decide if the threat is real or not. Especially, when guys from AV companies say it might be an privacy intrusion, etc. In your case, it's not a big deal, for example Kaspersky or ESET say the file is clean as well as many other AVs. So, I guess there's nothing to worry about.