False Positive ???

Hello,

At random times when I am browsing the internet, I get a popup message from Avast that says:

Threat Blocked Object: hxxps://rah7uph.bid

and Avast suggest that I run a Smart Scan which I do every time I get the popup and every time the scan finds nothing wrong and says my system is clean. I have also ran a Full Scan of my system several times and nothing has ever been found. I have also ran MalwareBytes Anti malware and again everything comes up clean so my question is if this is a false positive or do I have a issue that needs to be fixed? BTW I am running the latest version of FireFox and Avast if that matters at all. I have also included some basic info about my system.


------------------
System Information
------------------
Time of this report: 4/14/2017, 19:06:46
       Machine name: MICHAEL-PC
   Operating System: Windows 7 Professional 64-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_ldr.170307-1800)
           Language: English (Regional Setting: English)
System Manufacturer: Gigabyte Technology Co., Ltd.
       System Model: Z97MX-Gaming 5
               BIOS: BIOS Date: 09/18/15 16:57:17 Ver: 04.06.05
          Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz (4 CPUs), ~3.5GHz
             Memory: 16384MB RAM
Available OS Memory: 16246MB RAM
          Page File: 3009MB used, 29479MB available
        Windows Dir: C:\Windows
    DirectX Version: DirectX 11
DX Setup Parameters: Not found
   User DPI Setting: Using System DPI
 System DPI Setting: 96 DPI (100 percent)
    DWM DPI Scaling: Disabled
     DxDiag Version: 6.01.7601.17514 32bit Unicode

Thanks for any and all replies.

Please break the active link, change the https to hXXps.

What would be helpful would be a screenshot of the avast alert window as that gives other information on what process is responsible for connecting to that url and what further action needs to be taken.

Are you talking about the popup or a window from within the AVAST program itself ? If it’s the popup that was all the information that I was given was what I posted already. I am not sure how to get more information from it so if you know what I need to do when it pops up to get the information you need then please explain. If you are talking about a window in the AVAST program itself then again I am not sure where to locate the information you need so some help would be great.

Start a new topic in V&W and post your logs there: https://forum.avast.com/index.php?action=post;board=4

Why would I do that if it has not been confirmed to be a Virus or Worm yet? At this point I am really thinking it’s simply a false positive since I don’t go to sites that are “risky” and every scan I run always says my system is clean. I don’t mind posting in another forum, but should we not determine if it’s really a virus or a false positive first before I post there?

HTTP Status Code: 403 Forbidden

Ahhhhh What? How does that help me in any way shape or form?

In short, it means the site can’t be scanned.

Obviously, but that still does not help determine if it’s a false positive or not. I am going to go on the side of it’s a False Positive since I do not use illegal (cracked) software and I do not visit “risky” sites an every scan I have done has come up clean. Thanks… i guess

Well, without the logs we can’t say for sure, but you’re welcome.

I will post the logs and refer to this post in that topic just to make SURE I am not infected. The new topic is located here ===> https://forum.avast.com/index.php?topic=200780.0

OK. Happy Easter.

Same and I updated my last post to include the new post in the V&W Forum as per your suggestion.

Site is down > http://downforeveryoneorjustme.com/rah7uph.bid

Has been blacklisted
https://www.virustotal.com/en/url/9d1c94b81223c533eb63c6039e4eacd487455842422585e6d42af95d5c042e15/analysis/1492250238/

IP history > https://www.virustotal.com/en/ip-address/69.42.65.40/information/

At random times when I am browsing the internet, I get a popup message from Avast that says:
Try clear your browser history / cashe, you may also run AdwCleaner