How to get $7 in your PayPal account Directly
Powered by MaxBlogPress 

May 8 2008

Don’t Trust Unknown Anti-Virus And Google Reaction!

A few months ago, my host emailed me because they found "malware" on my main site. They were "nice" enough to include a link to the "bad" file. After a very long verification on my part, I discovered that it was safe and emailed them about it. I never heard from them again thus the matter was closed.

A few weeks ago, it was Google that email me but this time, they only mentioned the site. I did not have any more information than that. Again, after little verification, I discovered that I was linking directly to one of my freeware: MIS Info Video. To be sure, I took some security precautions and also changed my password of my blog that was reported.

But Google reaction will go one step further when people find your site using Google:

Notice: This site may harm your computer

Google Badware Warning

I had to login in Google Webmasters and asked for a review. I did and I'm still waiting for some confirmation from them. So, I have to be very patient with them.

In the first instance, it was just an update file and today, I suspect it's the main file but located on another one of my site(mirror). They both have my misinfovideo.exe in it.

When A Virus Is Not A Virus

I'm sure that in both cases, it was reported by an user using some unknown anti-virus.

When my host contacted me, I used 2 online virus checker. Both used many known anti-virus but also unknown anti-virus. Both are free to use and you only have to upload the suspected files.

Jotti's malware scan
VirusTotal

I also used a few major companies online virus checker.

All the major anti-virus claimed that my software was safe. Only a few unknown anti-virus were claiming it was infected.

But why MIS Info Video?

Even if it's freeware, I protect my source code using a major third party applications. Because of this, it could be reported has infected even if it's not. One day, it will be okay, the virus definition is updated and bam!, it's infected. When the virus definition is updated a day later, my software is safe again.

AVG will react like this 1-2 times a year but it's free. I do like AVG because it was able to remove smitfraud-c where others and more bigger software(detected only) could not remove it according to comments left in that post.

When I used both sites above to verify misinfovideo.exe, 2-3 unknown anti-virus gave false positive. Nothing was detected with the others including the major ones.

If you use the new AVG v8.0, a new graphic is shown next to the main link in Google.

Google Badware Warning

Google Badware Warning

Conclusion

Don't panic if you get infected because you might not be after all. Plus, the file should be in quarantine. You can always use another online virus checker to make sure that the file is indeed infected. Most popular anti-virus companies will offer a way to counter verify your own anti-virus result. Just don't use your company online checker! ;)

The best is to stick with a major anti-virus like AVG v8.0(free). It's a good choice if you don't have the money. The free version offer less features that it's paid version.

P.S. You can make a backup of your data now. Virus or not, it's good of doing one from time to time.

Related Posts

TAGS:
1,819 views

1 Comments on this post

Trackbacks

  1. Removing wp-stats-php Infection From WordPress wrote:

    [...] concerning one of my blog. Google had detected “badware” on it. Was it the same blog as last time? No it was not and was not about my software giving a false positive. So, I went to check the blog [...]

    June 5th, 2008 at 11:19 am
UBD Moneymaker Theme by Unique Blog Designs & Phillip van Coller
Copyright 2007 - 2012 McGrath.ca