Author Topic: Dns Jumper False Positive ?  (Read 6203 times)

0 Members and 1 Guest are viewing this topic.

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Dns Jumper False Positive ?
« on: October 10, 2013, 09:50:56 AM »
I cannot download Dns Jumper (zip file) because it is blocked by Web Shield.It says
it is Win32:Evo-gen[Susp].
  http://www.softpedia.com/get/Internet/Other-Internet-Related/Dns-Jumper.shtml
Same thing is with Dns Jumper homepage.
  http://www.sordum.org/7952/dns-jumper-v1-0-6/
« Last Edit: October 10, 2013, 09:52:29 AM by abruptum »

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Dns Jumper False Positive ?
« Reply #1 on: October 10, 2013, 10:24:05 AM »
Please click the "report false positive" button on th epopup message when trying to dowload.
The people from avast will look at it and correct things when/if needed.

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: Dns Jumper False Positive ?
« Reply #2 on: October 10, 2013, 10:43:43 AM »
I don't see "report FP" button in popup.
Also I can't test file at VirusTotal because I cannot download it.
It is not possible to check file at VirusTotal through VTzilla add-on because
connection is terminated by Web Shield.

Offline Asyn

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: Dns Jumper False Positive ?
« Reply #3 on: October 10, 2013, 10:50:58 AM »
You can report a possible FP here: http://www.avast.com/contact-form.php
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: Dns Jumper False Positive ?
« Reply #4 on: October 10, 2013, 11:07:21 AM »
I reported it as FP on website because I cannot upload the file.

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: Dns Jumper False Positive ?
« Reply #5 on: October 10, 2013, 11:29:53 AM »
I've tested download link for Dns Jumper (not file) at VirusTotal.
Softpedia Secure Download (US)
  https://www.virustotal.com/en/url/393015d18ab6b9669c3d9cd253b14b78c4b30bf1f7c79f1df3db13915a523456/analysis/1381396977/

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: Dns Jumper False Positive ?
« Reply #6 on: October 10, 2013, 11:34:09 AM »
Hi abruptum,

Cleanse your  browser cache and again go there now.
No problems nor Shield flags for me: http://www.sordum.org/7952/dns-jumper-v1-0-6/
even with NoScript and RequestPoliciy allowing on mentioned link.
Here is the Anubis link: http://anubis.iseclab.org/?action=result&task_id=17a1fe376dfb5cc7411bfce43db36accd
The former detection could have been based on these  VT results also: https://www.virustotal.com/en/ip-address/173.254.28.82/information/
and http://urlquery.net/report.php?id=6545625  an tehn consider "Recent reports on same IP/ASN/Domain" results.

polonus
« Last Edit: October 10, 2013, 11:37:27 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: Dns Jumper False Positive ?
« Reply #7 on: October 10, 2013, 11:54:08 AM »
Polonus,
thanks,but I still cannot download Dns Jumper.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Dns Jumper False Positive ?
« Reply #8 on: October 10, 2013, 01:15:51 PM »
It is not the sites that are flagged, but the file people.

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: Dns Jumper False Positive ?
« Reply #9 on: October 10, 2013, 01:44:25 PM »
I turned off Web Shield and downloaded DnsJumper_v1.0.6.zip.Scanned it with Avast And MBAM and everything is fine,
but when I try to unzip the file, DnsJumper.exe is blocked by File System Shield (Win32:Evo-gen[Susp]).
I am trying to upload file to Avast,but it is stuck at connecting.
I also cannot upload zip file at VirusTotal.There is 502 error.

P.S. Finally,message has been sent to Avast.

Offline Michael (alan1998)

  • Massive Poster
  • ****
  • Posts: 2768
  • Volunteer
Re: Dns Jumper False Positive ?
« Reply #10 on: October 10, 2013, 03:02:15 PM »
A little bit to add. Are you using the latest Avast with the latest updates? I've just successfully downloaded it off the Homepage. Comodo nor Avast have said anything
VOLUNTEER

Senior Security Analyst; Sys Admin (Linux); Forensics/Incident Response.

Security is a mindset, not an application. Think BEFORE you click.

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: Dns Jumper False Positive ?
« Reply #11 on: October 10, 2013, 03:23:11 PM »
Avast Free 8.0.1497
Current version 131009-1
I am receiving Streaming Updates.

Edit: I need to say that I already have and use DnsJumper version 1.0.5 without any problems.
« Last Edit: October 10, 2013, 03:41:11 PM by abruptum »

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31079
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re: Dns Jumper False Positive ?
« Reply #12 on: October 10, 2013, 05:05:22 PM »
abruptum, you have reported it, now have patience.
The people from avast will look at it and when/if needed take action.

Offline abruptum

  • Massive Poster
  • ****
  • Posts: 2460
Re: Dns Jumper False Positive ?
« Reply #13 on: October 10, 2013, 05:53:10 PM »
It is fixed with 131010-1 update.
Thanks.