false positive by avast.

avast detects a trojan on this site http://forum.hosts-file. net/viewtopic.php?f=11&t=645&st=0&sk=t&sd=a&start=40 it is a false positive. i disabled the link but it is harmless.

i asked about it on the hphosts forums http://forum.hosts-file.net/viewtopic.php?f=13&t=661

I certainly looks like a false positive, I had a quick look at the page source and didn’t see anything obvious.

VT results on that page, http://www.virustotal.com/analisis/cc3a08fbd38174cb0599dcb76ed796da, 4/36 detections, but I still think it is an FP and have reported it as such.

the admin at the hphosts forum has this to say about it:

Alas it seems the AV isn't differentiating between an actual malicious script, and a script thats safely pasted in a forum post

The good news is that the Avast warning can be ignored

thanks for reporting it as a false positive DavidR :slight_smile:

You’re welcome.

That is I guess the problem with signature based detection it finds the signature and alerts.

That’s not a false positive. That’s simply the code of the malware - and we don’t differentiate by purpose if it’s “active” or not.

i thought that it was called a false positive if it is harmless. i could barely read what was written on that page because avast was showing its warning window so that is the only problem i have with it but the detection may also scare someone. i was not exactly shocked to see a detection from avast or other antiviruses for that case because i was almost sure that it was just a post with inactive malicious code that triggered avasts detection. however i dont have the knowledge about how this detections works.

at least the hphosts forums isnt malicious and can safely be visited, dont you agree? :wink:

avast is one of the best free antiviruses :slight_smile:
the only thing i dont understand is why we must register to use it for a long time. why is that?

False positive is detecting non-malware as malware.
But the thing on that page is malware, just inactivated.

Regarding the registration - we’re planning bandwidth usage and such things regarding to the registered user base.

False positive is detecting non-malware as malware. But the thing on that page is malware, just inactivated
i understand, then there is not another option on the hphosts forums than putting the malicious code in an attachment or such.
Regarding the registration - we're planning bandwidth usage and such things regarding to the registered user base.
you mean that the people that uses the free version and is not registered will get low priority updates? or is that the case already?

What are the plans Kubecj?

No, it’s not.
Just that Home version could only set automatic updates to 120 minutes (not less).

ok, thanks :slight_smile: how do i pay for avast? what is the most important difference between the free one and the paid one? i mean what stronger security does the paid one give?

Buying the Professional version.

Security is the same: same engine, same virus databases.
Pro version has other provider (that works good on XP), allows scheduling and automation, the configurability is a huge high (more flexibility).

Hope Kubecj doesn’t lose the question in the middle of this thread…

What plans? It’s just that we count the registrations and plan the bandwidth/server purchases according to the expected traffic.

Sorry. I’ve misunderstood your first post.
I’ve thought free users will have update limitations over the paid ones, like on Avira and AVG.

Buying the Professional version.
how do i buy it? where?

http://avast.com/eng/download-avast-professional.html

i will see what i do after i have payed for my new speakers.


OOPS!

Never mind as I did not read the thread far enough.