Is there a list of recent false positives?
Hi Skip H,
Not that I know of, but you can search this forum for FP or False Positives. Normally they are rather short lived issues, they seldom outlive the next virus definition update, so notifying FP’s is far more important than searching lists,
polonus
Aside from what Polonus said - Why would you need to ask such a question ?
If you have a detection that you consider might be a false positive, then what is it ?
e.g. malware name, file name, location (C:\windows\system32\infected-file-name.xxx) and why you think it is a false positive.
Then we can help you confirm/deny the detection and what actions to take, etc.
Yes, I fully agree here with DavidR, that it is important to know why you asked this question. Be more specific to reveal your reasons for asking this. With such a kind of cryptic question, you will only get likewise answers,
polonus
I got what I think is a false positive.
hxxp://www.google-analytics.com/ga.js|>{gzip}
infection HTML:Iframe-INF
It even pops up for the avast forum.
Kindly update your virus defs.
My virus data is up to date
What is the version of definitions you have?
110325-0
Cannot reproduce your problem at all.
I have avast 6.
Could there be a problem on my end?
Can you show us a screenshot, we are all using avast 6 and can’t see the problem you are having…
Eh… What does
nslookup www.google-analytics.com
produce on your box? (Run that in command prompt.)
I meant
nslookup www.google-analytics.com
Also, please use the additional options - attach feature here for screenshots.
85.10.195.196 - Geo Information
IP Address 85.10.195.196
Host static.85-10-195-196.clients.your-server.de
Location DE, Germany
City Nürnberg, 02 -
Organization Hetzner Online AG
ISP Hetzner Online AG
AS Number AS24940 Hetzner Online AG RZ
You clearly are infected by something and your DNS is hijacked.
Here
Yeah, as said - your DNS is not sane. Set it to 8.8.8.8 and 8.8.4.4 (Google public DNS) so that you stop this temporarily and try the nslookup again. Anyway, we will need MBAM and OTS logs (see the stickies here).
IP Address 173.193.227.124
Host 173.193.227.124-static.reverse.softlayer.com
Location US, United States
City Dallas, TX 75207
Organization Hosting Services
ISP SoftLayer Technologies
AS Number AS36351 SoftLayer Technologies Inc.