Folder AVG Forums » Other topics » Virus Removal, Tools for Removing » Complaint From A Webmaster
June 20, 2012 10:02 Complaint From A Webmaster #209661
Reply with Quote | Quick Reply | Top
M00N0i

Avatar

Novice
Join Date: 20.6.2012
Posts: 6
Dear AVG team

I'm here to complain about false positives reported by your website / LinkScanner.
My users have been reporting to me that my site was infected!

And that is probably just the top of the iceberg, I don't know how many users I have lost because or your incompetent scan.

The reported threat was VBS/heur, meaning AVG didn't in fact detect anything, but found a piece of code it didn't understand.

The false positive is being triggered by obfuscated javascript.
I obfuscated the google analytics tracking script because people would misuse the google account number to invade my privacy.

AVG has been the one and only scanner reporting my site as a threat.

Because of you, I had to create another google account and to change my analytics account.
The threat warning for my site has gone away.
But I have about 80 websites - I can't imagine having to do this for every site.

Instead of reporting everything your scanner does not understand as a threat, you should do what your more clever competitors do: run the website's code in a sandbox and detect any malicious actions from there.

Every javascript that's obfuscated is not necessarily harmful.

Your current technique hurts thousands of businesses. Fix it.

An angry webmaster.
June 20, 2012 10:33 Re: Complaint From A Webmaster #209671
Reply with Quote | Quick Reply | Top
BIG AL 43

Avatar

Moderator
Join Date: 18.6.2009
Posts: 23807
@ M00N0i

Have a look @ this link http://www.avg.com/ww-en/page-rating-report.

Also have a look @ FAQ #2889 http://free.avg.com/ww-en/faq.num-2889#num-2889.


AVG Forums Volunteer ModeratorAVG Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan
How-To Articles | FAQ | Free Support
June 20, 2012 11:03 Re: Complaint From A Webmaster #209685
Reply with Quote | Quick Reply | Top
M00N0i

Avatar

Novice
Join Date: 20.6.2012
Posts: 6
thank you, but...

@ big al

thank you, I know that.

yes, I have eval unescape code on my site, this is intentional.

I know you are only trying to help, but these links are no use to prevent AVG from labeling a site a threat without actually verifying - the technical means to verify if the threat is real or not do exist - it is just a matter of AVG doing it right.

In the current state of things, AVG wrongly labels sites a threat whereas they really aren't.

This is commercial defamation and trade libel.
It would be enough reason to start a lawsuit if I was rich and had enough time on my hands.

In my case, the warning had been up for months before a user reported to me. This is a big damage over a long time.

At least AVG should inform the webmasters of detected sites before hurting their business.

When a detection occurs, it is not too difficult to send an automated mail to a short list of possible adressees like admin, webmaster, info, contact, root, postmaster, abuse @infecteddomain.com (plus to any other email adresses from that domain detected while scanning the site).

This is THE LEAST AVG could and should do.

We are not amused.
June 22, 2012 08:50 Re: Complaint From A Webmaster #210093
Reply with Quote | Quick Reply | Top
M00N0i

Avatar

Novice
Join Date: 20.6.2012
Posts: 6
AVG's position?..

Could we have AVG's thoughts on this please
June 26, 2012 07:52 Re: Complaint From A Webmaster #210768
Reply with Quote | Quick Reply | Top
Pokornyz

Avatar

Administrator
Join Date: 29.11.2010
Posts: 8235
Hello M00N0i,

Unfortunately obfuscated javascript is often misused to hide malicious code.

AVG inform users that page can contain hidden malicious code.

When a detection occurs, it is not too difficult to send an automated mail to a short list of possible adressees like admin, webmaster, info, contact, root, postmaster, abuse @infecteddomain.com (plus to any other email adresses from that domain detected while scanning the site).

We invite you to submit suggestions for product improvements at the http://www.avg.com/ww-en/product-feedback web form.

Thank you.



AVG Team
How-To articles | FAQ | Free Support
January 1, 2013 14:10 Re: Complaint From A Webmaster #222345
Reply with Quote | Quick Reply | Top
M00N0i

Avatar

Novice
Join Date: 20.6.2012
Posts: 6
illegal..

I'm coming back to this because the problem persists and nothing is being done by AVG to stop defaming my website.

Unfortunately obfuscated javascript is often misused to hide malicious code.

AVG inform users that page can contain hidden malicious code.

Actually, AVG doesn't do what you say.

AVG labels the site as a definitive threat, whereas AVG should instead say something like "some code is obfuscated so we can't say for sure if there is a threat or not, it may be nothing. proceed if you trust the site" or something similar.

AVG still wrongly and ILLEGALLY defames the site as containing a VBS/heur VIRUS.

Fix it !
January 1, 2013 14:46 Re: Complaint From A Webmaster #222348
Reply with Quote | Quick Reply | Top
BIG AL 43

Avatar

Moderator
Join Date: 18.6.2009
Posts: 23807
@ M00N0i

For your info re the present AVG Team forum involvement.. Just to keep you updated.. 'Information' forum area.. Have a look @ Christmas Holidays 2012 i.e. The AVG Team will answer @ the earliest after 2nd Jan 2013. When the AVG Team do return they will probably start working thro' the inevitable postings backlog, in date order, commencing with those @ 20th Dec 2012.


AVG Forums Volunteer ModeratorAVG Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan
How-To Articles | FAQ | Free Support
January 3, 2013 11:54 Re: Complaint From A Webmaster #222447
Reply with Quote | Quick Reply | Top
Pokornyz

Avatar

Administrator
Join Date: 29.11.2010
Posts: 8235
Hello M00N0i,

There is no reason for using obfuscated javascript, except hiding malicious/harming code.

I can only recommend you stop using such techniques.

Thank you



AVG Team
How-To articles | FAQ | Free Support
January 3, 2013 21:27 Re: Complaint From A Webmaster #222490
Reply with Quote | Quick Reply | Top
M00N0i

Avatar

Novice
Join Date: 20.6.2012
Posts: 6
Pokornyz wrote

There is no reason for using obfuscated javascript, except hiding malicious/harming code.


wow, you are so sure about that.

You recommend I stop using that technique. Your comment brands me as either a liar or a criminal since I use javascript obfuscation, yet AVG is the one acting illegally by making false claims.

I have 40 sites and one google analytics account. I obfuscate only one javascript line to hide my analytics IDs since some people use that to spy on my sites.

But there are other legitimate uses for obfuscating javascript, such as protecting antispam and security measures from view and for protecting copyrighted code.

When I scan my site using www.urlvoid.com , among 29 scanners, AVG is the only one that defames my site and wrongly labels it a threat.

The AVG info page on javascript obfuscation is as laughable as your comment above:
http://www.avgthreatlabs.com/webthreats/info/javascript-obfuscation/
according to that page, it is "spreading", it's "highly active" and was "detected on victim's machines" LOL!

Of all website virus scanners around, because of just AVG, I will be forced to open 40 separate Google accounts to track my sites and change all the tracking codes on my sites and lose all historical statistical data.

Thank you AVG!