Author Topic: JS:Feebs-A2? False positive?  (Read 4034 times)

0 Members and 1 Guest are viewing this topic.

akashifire

  • Guest
JS:Feebs-A2? False positive?
« on: December 19, 2009, 01:01:38 PM »
Hey! I'm hoping to get some advice regarding a warning by avast!

It's detecting this thing called JS:Feebs-A2 on a website I really need to use (the site has OH&S training modules I need to download and complete before I start work at this place). When it detects it, I obviously abort connection.

The owner of the site is reliable, but the particular site I'm talking about is a standalone site. I'm able to see the site fine, but when I click on a module - which requries Macromedia Flash - avast! sends off its warning.

Does anyone know anything about JS:Feebs-A2?

Online polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33869
  • malware fighter
Re: JS:Feebs-A2? False positive?
« Reply #1 on: December 19, 2009, 07:12:07 PM »
Hi akashifire

This could be because there is copyright protection being used and that could be detected as JS:Feebs-A2:
Do they use this: http://html-protection.qarchive.org/
Because the protection could also be used to protect malcode then this could be at the base of this FP,
upload to virustotals and give us the results,

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

YoKenny

  • Guest
Re: JS:Feebs-A2? False positive?
« Reply #2 on: December 19, 2009, 09:49:31 PM »
Malwarebytes' Anti-Malware (MBAM) blocks access to html-protection.qarchive.org:
http://hosts-file.net/?s=174.132.135.50

akashifire

  • Guest
Re: JS:Feebs-A2? False positive?
« Reply #3 on: December 21, 2009, 06:54:38 AM »
Thanks for the responses. It was copyrighted material, so false positive.