Starting with the update I got this morning, I’m getting a Trojan warning on the Delphiforums chat board when I try to respond to a note using a WYSIWYG editor. I’m 99.9% sure this is a false positive as I’ve been on this board for 17 years with no hint of any malicious activity.
I would also like to know how to shut off the automatic blocking of this site since I run a forum on there and really need to be able to post notes.
Thanks.
Edit to add that the infection shown is JS:ScriptIP-inf [Trj]
The problem is that I don’t get the warning from just visiting the site, I get the warning when I try to respond to a note using a WYSIWYG editor which is exclusive to people who pay for extra features on the site, and of course that makes it hard to check for everyone else.
Here is the (modified) link to one of the posts that the program trips on, but the error appears when I try to reply to any message:
Thanks for the welcome and of course I’m not saying that it’s IMPOSSIBLE for the site to be hacked but I have a good degree of confidence. There have been many posts since I was on last night and nobody has mentioned any issues.
Well, from what you say, this looks to be something that would be hard to pin down considering you need to be a paid user…this may be one for the developers…
I can’t see what is causing the alert myself, or even trigger the alert (understandably, considering the circumstances…)
If you still want the exclusion, you can add it to the list in the ‘Expert settings’ of the web shield section
Something not entirely unrelated, why are you using firefox 3.6 beta 5, the latest firefox version is 3.6.6 and isn’t a beta build, this has closed some security vulnerabilities (it could prevent exploits infecting your system). So I would suggest that you get the latest version of firefox.
Ok I’m BRANDNEW here and came to ask about this same problem and the same forums I am also a co/mod at Delphi forums and the same thing is happening to me and another member emailed me to my home email because she also could not post to the board, this problem is only happening when we want to post or reply back to someone, we can browse and read the board all we want, we just can not post. The warning pops up and then it terminates the connection. I asked the other member what virus program she was running and she emailed back that she is also running AVAST.
I almost want to say that it might be a false notification but dang, if it’s not I don’t want to open myself up to it. No one else has emailed me but they for sure can not post a message about it on the board and no one that is running avast can post to the techs at Delphi because of it either. I did get to their help section and post directly to tech but who knows when/if they will ever get back. They are mostly volunteers with a few real paid employees. They usually help pretty fast if you can post to the members forum.
was anybody able to get there and post or see what was going on?
No it is not just you Cat, I am going to ask our other mod to post and see if any other AVAST users on our forum are having this problem and they will email her back at least we will have a confirmation of sorts.
Exactly what are you entering into the exclusion list?
You could have some problems as the path would change with posting in different threads etc.
So if you are going to put an exclusion, it would be best to minimise the range that it covers…
Can you see what is common in the links that cause an alert. Whilst you could just add the whole site, it is better for a more specific (as is reasonably possible) exclusion.
I just not more than an hour ago sent a report to AVAST like you asked, we’ll see. I am also leaning towards a false positive but don’t want to jump there quite yet.
Also, another poster on delphi has emailed me and said he is having the problem as well on delphi, when replying to posts, and he is an avast user as well.
I don’t speak geek so I can only say the problem is there and delphi members who use other virus programs are not having this problem. Which has all been stated by others here but I’m simply reinterating.
The problem has been fixed I think, I don’t know by who. Try updating your AVAST now and let it install and see if you can post to Delphi , the other site nationa news I don’t know about. It might not hurt to try though. I was successful just a few minutes ago. Good luck everyone!