sportsfan54
Premium
join:2001-04-27
Laurel, MS
 ·AT&T Southeast
| False Positives in AdAware 2008?
When I updated AdAware2008 this morning there was some sort of program update. When I scanned my computer, it came up with all of these redirects that have never shown up before. When I tried to remove them, it acted like it was removing them but they are still there. Are these possibly false positives or what? Anybody else seeing this? |
|
Kayrac
Premium
join:2001-09-29
Rochester, NH
1 edit | »www.timeatlas.com/mos/Term_to_Le···ts_file/
look at the bottom for the host file location
open it in notepad, see if those locations are present in the hosts file
-Brian
actually do you use any sort of hosts file? it looks like porn/crack sites that have been redirected to 127.0.0.1 so if you visit them it goes nowhere |
|
sportsfan54
Premium
join:2001-04-27
Laurel, MS | reply to sportsfan54
Yes I use a Hosts file. I found one of them so far. Do I delete the ones I find? |
|
redwolfe_98
join:2001-06-11
 ·RoadRunner Cable
1 edit | reply to sportsfan54
no, you don't need to remove the entries from your HOSTS file if they are supposed to be there.. you should report this issue in the ad-aware forum and then they will address the issue with ad-aware's flagging the entries in your HOSTS file..
in the ad-aware forum, i would post the scan-log.. it seems they always ask for that.. |
|
sportsfan54
Premium
join:2001-04-27
Laurel, MS | I understand. Most of the redirects are not showing up in my Hosts file. Does this mean that I should ignore them? |
|
LS Pekka
join:2007-05-29
SWEDEN
| reply to sportsfan54
Hi!
We will take a closer look at these entries that clearly look to be inserted in the Hosts file in order to block access to the listed domains as the malicious hostnames are redirected to 127.0.0.1 (local address or localhost). We will correct this as of the next definition file update. The blocking may have been done by some other application that you may have installed and and it may also have locked(write protected) the Hosts file in order to protect it from changes (this can also be done by the Ad-Aware Hosts File Editor, by ticking "Write-Protect Hosts File"). The Ad-Aware 2008 Hosts File Editor can be reached via the Tools & Plug-Ins button.
Spybot Search & Destroy is an example of an application that let their users "Add Spybot S&D hosts lists" in order to block access to certain malicious sites. If the Hosts file is locked down by the application the entries cannot be removed for as long as the the lock(write-protection) is applied.
Thank´s for informing us about the issue!
As mentioned previously it will be corrected as of the next definition file update.
Regards,
LS Pekka
Lavasoft Research |
|
redwolfe_98
join:2001-06-11
·RoadRunner Cable
| reply to sportsfan54
sportsfan, it looks like ad-aware is flagging entries in your HOSTS file that are supposed to be there, in which case, yes, you could say that the detections are "false-postives", and so you should ignore them, except that you could report it to ad-aware, in their forum, so that they will know to fix the problem..
malware can add entries to your HOSTS file, for various purposes, like to send you to malicious websites, or to block you from accessing good websites, which is what ad-aware scans your HOSTS file for, to find entries that shouldn't be there.. however, in this case, as far as i can tell, it looks like ad-aware is flagging some entries that shouldn't be being flagged.. |
|
sportsfan54
Premium
join:2001-04-27
Laurel, MS | I posted in the AdAware forums about this. There are some other people reporting this too. Thanks everybody for your help. |
|
LS Pekka
join:2007-05-29
SWEDEN | reply to sportsfan54
Hi!
This issue is fixed in the current definition file, 0123.0000.
Thank´s for reporting this issue!
Regards,
LS Pekka
Lavasoft Research |
|
pampam
@Level3.net
| reply to sportsfan54
Glad I found this thread, as I had the same exact problem today when I downloaded the def files. I just tried another download and it's taking, so I guess you all were quick to fix this issue. Thanks! (I'm hoping this latest download will solve the issue). |
|
