Dear AVG team

I'm here to complain about false positives reported by your website / LinkScanner.
My users have been reporting to me that my site was infected!

And that is probably just the top of the iceberg, I don't know how many users I have lost because or your incompetent scan.

The reported threat was VBS/heur, meaning AVG didn't in fact detect anything, but found a piece of code it didn't understand.

The false positive is being triggered by obfuscated javascript.
I obfuscated the google analytics tracking script because people would misuse the google account number to invade my privacy.

AVG has been the one and only scanner reporting my site as a threat.

Because of you, I had to create another google account and to change my analytics account.
The threat warning for my site has gone away.
But I have about 80 websites - I can't imagine having to do this for every site.

Instead of reporting everything your scanner does not understand as a threat, you should do what your more clever competitors do: run the website's code in a sandbox and detect any malicious actions from there.

Every javascript that's obfuscated is not necessarily harmful.

Your current technique hurts thousands of businesses. Fix it.

An angry webmaster.

@ M00N0i

Have a look @ this link http://www.avg.com/ww-en/page-rating-report.

Also have a look @ FAQ #2889 http://free.avg.com/ww-en/faq.num-2889#num-2889.

---

AVG Forums Volunteer ModeratorAVG Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan

---

How-To Articles | FAQ | Free Support

thank you, but...

@ big al

thank you, I know that.

yes, I have eval unescape code on my site, this is intentional.

I know you are only trying to help, but these links are no use to prevent AVG from labeling a site a threat without actually verifying - the technical means to verify if the threat is real or not do exist - it is just a matter of AVG doing it right.

In the current state of things, AVG wrongly labels sites a threat whereas they really aren't.

This is commercial defamation and trade libel.
It would be enough reason to start a lawsuit if I was rich and had enough time on my hands.

In my case, the warning had been up for months before a user reported to me. This is a big damage over a long time.

At least AVG should inform the webmasters of detected sites before hurting their business.

When a detection occurs, it is not too difficult to send an automated mail to a short list of possible adressees like admin, webmaster, info, contact, root, postmaster, abuse @infecteddomain.com (plus to any other email adresses from that domain detected while scanning the site).

This is THE LEAST AVG could and should do.

We are not amused.

AVG's position?..

Could we have AVG's thoughts on this please

Hello M00N0i,

Unfortunately obfuscated javascript is often misused to hide malicious code.

AVG inform users that page can contain hidden malicious code.


We invite you to submit suggestions for product improvements at the http://www.avg.com/ww-en/product-feedback web form.

Thank you.

---

AVG Team
How-To articles | FAQ | Free Support
We Protect Us

Computer not working? Laptop slowing down?
Let our AVG TechBuddy expert remotely fix it for you.
Find out more (US & Canada)

illegal..

I'm coming back to this because the problem persists and nothing is being done by AVG to stop defaming my website.


Actually, AVG doesn't do what you say.

AVG labels the site as a definitive threat, whereas AVG should instead say something like "some code is obfuscated so we can't say for sure if there is a threat or not, it may be nothing. proceed if you trust the site" or something similar.

AVG still wrongly and ILLEGALLY defames the site as containing a VBS/heur VIRUS.

Fix it !

@ M00N0i

For your info re the present AVG Team forum involvement.. Just to keep you updated.. 'Information' forum area.. Have a look @ Christmas Holidays 2012 i.e. The AVG Team will answer @ the earliest after 2nd Jan 2013. When the AVG Team do return they will probably start working thro' the inevitable postings backlog, in date order, commencing with those @ 20th Dec 2012.

---

AVG Forums Volunteer ModeratorAVG Forum member since - Nov. 27, 2004My total posts on the Old AVG Free Forum - 27,063
Alan

---

How-To Articles | FAQ | Free Support

Hello M00N0i,

There is no reason for using obfuscated javascript, except hiding malicious/harming code.

I can only recommend you stop using such techniques.

Thank you

---

AVG Team
How-To articles | FAQ | Free Support
We Protect Us

Computer not working? Laptop slowing down?
Let our AVG TechBuddy expert remotely fix it for you.
Find out more (US & Canada)

wow, you are so sure about that.

You recommend I stop using that technique. Your comment brands me as either a liar or a criminal since I use javascript obfuscation, yet AVG is the one acting illegally by making false claims.

I have 40 sites and one google analytics account. I obfuscate only one javascript line to hide my analytics IDs since some people use that to spy on my sites.

But there are other legitimate uses for obfuscating javascript, such as protecting antispam and security measures from view and for protecting copyrighted code.

When I scan my site using www.urlvoid.com , among 29 scanners, AVG is the only one that defames my site and wrongly labels it a threat.

The AVG info page on javascript obfuscation is as laughable as your comment above:
http://www.avgthreatlabs.com/webthreats/info/javascript-obfuscation/
according to that page, it is "spreading", it's "highly active" and was "detected on victim's machines" LOL!

Of all website virus scanners around, because of just AVG, I will be forced to open 40 separate Google accounts to track my sites and change all the tracking codes on my sites and lose all historical statistical data.

Thank you AVG!