Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: donbt09 on March 03, 2009, 11:11:59 PM
-
Today the http://translator.live.com from microsoft is triggering avast virus alert (HTML:Script-inf) Could this be a false positive?
-
The address itself seems to be legit, however it could be a hijacked webpage. But then again, it could just as well be false positive of some sort. You may want to report it to virus@avast.com for further inspection or just wait for someone from ALWIL team to check this thread.
-
Well it looks like there is a redirect script on that page that redirects to a site that is being blocked by the network shield.
03.03.2009 22:23:33 Network Shield: blocked access to malicious site wXX.microsofttranslator.com/Default.aspx?br=ro [ C:\Program Files\Mozilla Firefox\firefox.exe ( 3588 ) ]
Since this also belongs to Microsoft I think this could be an FP:
Name: microsofttranslator.com
IP: 65.55.177.207
Domain: microsofttranslator.com
Querying root.rwhois.net:4321 for microsofttranslator.com...
Querying whois.tucows.com for microsofttranslator.com...
Registrant:
Microsoft Corporation
1 Microsoft Way
Redmond, WA 98052
US
Domain name: MICROSOFTTRANSLATOR.COM
I have sent report to avast, but I guess it won't hurt for another.
-
The address itself seems to be legit, however it could be a hijacked webpage. But then again, it could just as well be false positive of some sort. You may want to report it to virus@avast.com for further inspection or just wait for someone from ALWIL team to check this thread.
thanks :) I reported. It looks like Microsoft is doing changes to their windows live translation URL http://liveside.net/main/archive/2009/03/03/windows-live-translator-rebranded-under-live-search.aspx.
-
I paused the network shield to see if I could find anything obvious on the page source (I didn't) but the web shield fired this time, so I have also submitted that for further investigation.
-
It's a FP, my mistake. Had report, virus inside, typical scamsite name 8) and not whitelisted. We have whitelisted most of the big companies webs because this is exactly the situation we want to avoid.
-
Thanks for the prompt response kubecj I trust it will be corrected in the next VPS update.
-
Yep, it's out.
-
Now thats what i call instant FP fixing. :o ;D
-
Yes very fast, but of course it doesn't pay to go blocking Microsoft ;D
-
Now thats what i call instant FP fixing. :o ;D
Nobody wants a fight with MS ;D