Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

False positive?


  • Please log in to reply
3 replies to this topic

#1 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:38 PM

Posted 13 November 2014 - 02:51 PM

For some reasons my Kaspersky Endpoint Security 10 flagged a Bleeping Computer thread as "phishing website"... that boggles me.

Or maybe I'm just paranoid with all the security settings cranked up to High.

1_zpsc5fe3d19.jpg 



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 PM

Posted 13 November 2014 - 03:02 PM

Yes it appears to be a FP. The detection is on the url for this topic: Trojan dllhost.exe *32 COM virus

It is a heuristic detection. Heuristics is the ability of a scanning program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Sintharius

Sintharius

    Bleepin' Sniper

  • Topic Starter

  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:38 PM

Posted 13 November 2014 - 03:20 PM

I never had any issues with Bleeping Computer until that thread, so probably it's in the title or something? Anyway I know heuristics can be wrong, but I don't see anything in that thread to be suspicious enough to get flagged. (Just sayin')

Thanks for the explanation.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:38 PM

Posted 13 November 2014 - 04:31 PM

Most likely it's hitting on the last part of the url.

http://www.bleepingcomputer.com/forums/t/554742/trojan-dllhostexe-32-com-virus


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users