According to VirusTotal the file
hXXp://80.17.2.198/data/8006b0f02907687d/au.v4.download.windowsupdate.com/d/msdownload/update/software/uprl/2015/07/windows-kb890830-x64-v.5.26_9b9723c065acf885288e5f085994de2e1f75157a.exe
I started getting similar warnings a few days ago — that would be late August of 2015…
I am going to provide some information and comments. However, I want to first say that, in my view, AVAST SHOULD RESPOND and let us know exactly what is going on.
I abort the download in every case.
As long as the notices remain, my browser stalls and will not access the internet. However, my Juno 4 stand-alone email still works. Once I have aborted all attempted downloads, the browser function resumes.
The notices come in groups of 6 (once, I got a group of 7) with the same filename and same “origin”. A group comes about 2 or 3 times daily.
The finename is different between groups or batches. The “origin” also varies, but by just one letter: for example:
My system is set to never download anything without my knowledge. Therefore, anything that IS downloaded to my system without my knowledge is malicious. In the present case, there is no question that these attempted downloads are malicious.
I have more detailed notes of my experience with that, but I think the above contains all the necessary information.
PLEASE — AVAST — look into this and let us know what is going on.
This reply seems to have been lost so I’m submitting it again. Sorry if there is a duplicate:
“that seems to be windows update files or windows 10 files if you have said yes to the upgrade”
I see no evidence that this is anything but a guess. I have seen similar attempts at an explanation many times in various forums. I regard it as a poor guess because these files appear without any explanation or request for permission from the point of origin and are not digitally signed.