There is an on-line contact form, http://www.avast.com/contact-form.php?loadStyles for: * Sales inquiries; Technical issues; Website issues; Report false virus alert in file; Report false virus alert on website; Undetected Malware; Press (Media), issues.
If you are reporting an FP, then you get another input field open, enter the web URL for the site you wish to submit for review (Network Shield), etc. A link to this topic also wouldn’t hurt.
@ Kwartet!
When giving script examples it is best to use an image as the last thing we would want is avast at some point alerting on a script example. Whilst you have used the XX to break links, that may not stop avast considering such script as an insert/exploit, etc.
Whilst there is no alert at this time, it is just safe practice when posting script examples.
If avast considered my posting deserving an alert, it would have done so before it would be published. no? And it would have stopped it. Long live avast!
as david say, this have happened quite a few times that users have posted copy and paste of script here …and later when surfing the forum avast give alarm
so to avoid that …take a screenshot of the script …
Do you mean avast does not clean this forum from [links to] malicious scripts? Rhetorical question: what would you do, if you were a respected antivirus company?
Best regards,
PS. Sorry Steven Aitchison, it’s getting quite tangential to your question.
It isn’t about the links as I mentioned in my post (you modified them); it is about the posting of the complete script including tags which at some point could be considered suspect causing avast to alert in the forums.
This is the way script could be presented (take an image from the webpage that has the code and take out identifiable data), see attached.
I have a malicious script detection in Google Chrome that certainly would alert to looking up part of the code with Google, even the %3E%3C/script%3 bit will be enough to get an XSS alert (there is no payload so that is nonsense, but you better have it alerted in case code is nalicious. Users put all code onto pastebin, and going there I would have the browser additionally sandboxed and have script blockers active, so nothing could escape the VM.)
See: -http://packetstorm.wowhacker.com/papers/attack/understanding-xss.txt (flagged by WOT)
Once bitten by malcode, the security aware becomes twice shy. Breaking possible suspiicious links is one, rendering scripts harmless is another rule.
So have the code in Malzilla (the malware browser for the security savvy) and then capture and image (use for instance capture in Click & Clean),
also see the site you gave flagged here: http://urlquery.net/report.php?id=183808