That is the topic of the post I found in baidu forum. It translate to “(Avast) conflict with 360 safe browser, eveytime opening it will give the alert”, where the alert is mention in the first post here.
360 safe browser is a browser created by the same company as qihoo 360. The poster there seem to have a homepage that use baidu web traffic statistic. Avast is not actually conflict with 360 safe browser.
Well all 360 software should be removed as it is conflicting with various resident av solution installations, this is true for Kaspersky’s and avast!'s having conflicts with 360 Antivirus
360 Safe
360 Security Guard
Read http://esupport.trendmicro.com/en-us/home/pages/technical-support/internet-security/1061023.aspx
Again it seems this browser is incompatible with avast resident av solution.
So users have to completely uninstall these softwares and preferably also reboot before installing avast! av without it giving conflicts.
Conflicts could mean keyboard and mouse stop functioning, normal start-up routine and/or safemode routine no longer available.
Here is TrendMicro’s support list for removing conflicting security software, I do not know as of now for a similar list for avast av, I would like it if some-one would come up with such a list.
Just updated to avast 2015. Now I have received a lot of this :(. Look like it is undetected in the old version??
Or maybe something have changed ???
Just now I am getting this when I access http://www.7k7k.com/
I remember when I scan www.7k7k.com in urlquery, it use cnzz.mmstat.com/9.gif.
So it look like it is indeed the very same website traffic statistic code file.
By the way, is this an IP block? maybe this can be excluded from the block. It is not really malicious.
Edit: Hmm… not good in APEWS.org . Oooops 61.135.185.140 is currently listed in APEWS
Entry matching your Query: E-357221
61.135.160.0/19
CASE: C-175
AS4808 CN, ISP permits abuse and/or ignores criminal activity
I remember what “criminal activity” could mean…
Is this valid?
Edit2: I’ve done some testing. This js code can be blamed for lagging my browser in chinese website. Look like it is continuously doing some work even though you just stay in that page. But I can’t see what action the js code is doing. Is there malicious action?
Also for -hm.e.shifen dot com/h.js
I get [Errno 104]connection reset by peer>
"Connection reset by peer" is the TCP/IP equivalent of slamming the phone back on the hook. It's more polite than merely not replying, leaving one hanging. But it's not the FIN-ACK expected of the truly polite TCP/IP converseur.
Quote credits: Bunyk, edited by Sam Rad.
The dreamhost.com DNS zone is currently having troubles, so most hostnames within this zone are not resolving.
There is up and active malware running from that website: -hm.e.shifen.com,61.135.185.140,Criminals,
(result credits: Peter Kleissner’s VirusTracker results).
There is up and active malware running from that website: -hm.e.shifen.com,61.135.185.140,,Criminals,
(result credits: Peter Kleissner's VirusTracker results).
This agree with the infomation in apews.org. So baidu just put their code in a bad IP :(