Avast 5 home-free ed keeps flagging the trojan “JS: Downloader-LP” at the message board section of www.stockhouse.com, a popular Canadian financial website. I contacted them about it and they said they would look into it. After a shprt period yesterday where things were fine, it’s back again today.

I’m wondering if there is any chance that this is a false positive. When I search this forum I found only one reference to it, and it really had nothing to do with the topic that was being discussed. Comments?

Well in the past avast’s web shield has been very accurate in these detections.

I’m at the bullboard index page and no alert, so you will have to be more specific on the URL, change the URL from http to hXXp or www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.

If they are in areas like My Favs, etc. where you need to be a member, etc. obviously I can’t check it out.

Maybe I was doing something wrong, but I couldn’t get your URL substitutions to work.

I clicked each of the five or so pages I usually visit and there was no problem this time, or at least Avast didn’t flag it. Here is one of those pages:
hxxp://wxw.stockhouse.com/Bullboards/SymbolList.aspx?s=IPT&t=LIST

As an extra precaution I’ll do a either a malware scan with a different program or a GoBack revert after I post this. Using Win2000, btw.

I see now what you were driving at - don’t POST a functioning link to a potentially malware-infested site. Duh, sorry.

Go to PROFILE then Modify Profile then Forum Profile Information then Please select your country: then Signature: and put information about your system if you like just like my signature as that helps with problem resolution for the helpers.

You having pasted the URL into the post, change tt of http to XX so it reads hXXp as in my change to your URL in the quoted text. So you can use the Modify button in the post to subsequently edit the URL.

I also don’t get any alert in the URL you posted, so I can’t do any checking if there is no alert.

If this is a web shield alert, the only option you have is abort connection and this drops the infected element so it doesn’t get saved to your browser cache or run. So your system should be clear.