"Infected web resource detected", netsession_win.exe, for things like akamai and cdn.discord. Appear

fraethir

While no browser is open, I'm getting a metric ton of "Infected resource detected".

Example:

"Online Threat Prevention

We blocked this dangerous page for your protection:

http://23.212.54.230/logs/fa0cfd3252b34e4988a38a03fe0ebd9b.log

Accessed by: netsession_win.exe

Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent."

 

That resolves to a resource under deploy.static.akamaitechnologies.com. On the surface, Akamai is part of the modern internet, and connecting to it is completely normal (windows updates, possibly. Or Adobe. Or other things running in the tray). So why is bitdefender "blocking this dangerous page for my protection"? Looks to me like you're blocking legitimate communications.

As an added bonus, ever time I turn on "web attack prevention" it ends up turned off in short order. Neither your product nor malwarebytes seem to think I have anything hostile on my machine, so what the heck are you doing?

Roxana G

On 10/5/2018 at 5:15 AM, fraethir said:

While no browser is open, I'm getting a metric ton of "Infected resource detected".

Example:

"Online Threat Prevention

We blocked this dangerous page for your protection:

http://23.212.54.230/logs/fa0cfd3252b34e4988a38a03fe0ebd9b.log

Accessed by: netsession_win.exe

Dangerous pages attempt to install software that can harm the device, gather personal information or operate without your consent."

 

That resolves to a resource under deploy.static.akamaitechnologies.com. On the surface, Akamai is part of the modern internet, and connecting to it is completely normal (windows updates, possibly. Or Adobe. Or other things running in the tray). So why is bitdefender "blocking this dangerous page for my protection"? Looks to me like you're blocking legitimate communications.

As an added bonus, ever time I turn on "web attack prevention" it ends up turned off in short order. Neither your product nor malwarebytes seem to think I have anything hostile on my machine, so what the heck are you doing?

Hello,

The link http://23.212.54.230/logs/fa0cfd3252b34e4988a38a03fe0ebd9b.log is no longer detected by our engines. Thus, most likely it was a False Positive. Can you please confirm if everything is alright, now?