• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

Virus Programs masterrace.. are they starting to spoof for themselves?

Marcus

User.postCount++;
Joined
Nov 14, 2015
Messages
1,074
Solutions
10
Reaction score
392
Location
Sweden
I notice more and more often, that complete safe things are detected as viruses.
simple urls, ip addresses and even IMAGES are detected as viruses today..

So this make me wonder, are virus programs adding more and more random shit in their database for some reason to be able to brag "we protect you from 159,261,917 threats, BUY NOW!"..
While in matter of fact, maybe only 1,000,000 of those things are real threats..

it started a few years ago.. I noticed that some virus sites detect no-ip's as virus.
for example, if you have a program, open it in hex editor and add the url xxxporn.no-ip.org or something like that.. and scan it with virustotal..
even if the program was clean before, it will now display trojans/backdoors and a lot other in the results..

And a few weeks ago, I noticed that even google, have started to detect images as viruses..
All my sites are verified by google, they alert me if they find something harmful on my dedicated servers..
And just a few weeks ago they detected an image of mine as virus.. they was 1 inch from making a global warning about my site (making you unable to connect with firefox/google chrome)..
And talked to them about it, and as thought.. it was a false report and they withdrew it..

and then again, last week, same thing happened, but this time the image was one of the "added screenshots" which was hosted by imgland.net, it was detected as equally harmful as the first image.
Once again I contacted google about it, and again, it was a false positive..
The last image, I'm certain it was the URL that made them detect it as a virus.. since imgland uses very odd URLs for the images.. URLs such as http://1.1m.yt/ and similar.

And while we're at it, it seems like antiviruses doesn't want to remove false positives from their databases even thou it's proven safe.
For example, The tibia client 8.0 is detected as a highly dangerous virus by almost all antiviruses today.
I contacted a handful of companies about it, explaining that it's a badly written connection + updater codes that was made by CipSoft, and the thing detected in there, is unique.. there are no known viruses that uses such codes.. yet they didn't want to whitelist it.

So it seems to me, that ridiculous false positives that may show up in future, will forever be detected as viruses..
And I get the feeling, that if they continue like this, keep adding false positives.. we'll end up in future there you can't even start your internet browser without getting 10 warnings that it's trojans in it.

Anyone else with experience in this matter?
Does anyone know why it is like this?
I mean, look at Avast Free version.. it detects so much viruses in everything that it's useless..
 
It's better to have false positive then false negative. That's the norm for anything involving security.
And in your post, it seems they mark as virus exploitable programs. You would be amazed by how some virus works, or what can be considered virus.
 
It's better to have false positive then false negative. That's the norm for anything involving security.
And in your post, it seems they mark as virus exploitable programs. You would be amazed by how some virus works, or what can be considered virus.
I know how viruses works, I'm working against them, I've studied them..
I had a period when I studied bot-net viruses for example.. how to detect them, and how to trace them etc..

I know that viruses isn't something magical, it's all codes.. like everything else, with exception doing harmful stuffs.

And I understand your points.. but it's not good to keep false positives..
They should be taken care of fast and serious.. false positive creates a risk among people..

For example, you download a shitload of stuffs all the time.. you see false positives in them all the time, you feel safe..
Then one day, you start downloading other stuffs, the warnings looks just like the false ones.. and you just assume it's safe programs.. but in reality, you're downloading a browser sniffer..

Then you have been fooled by millions of false positives, to suddenly think a real virus also was a false positive.

For those who have driver license, there's a similar thing said.

Buses with that child sign on it, that's supposed to blink whenever they're stopping to let kids off..
They're NOT allowed to use them EXCEPT when actually dropping off kids..
Because if they used it all the time, all drivers would get used to it and eventually "there's no kids there.." and eventually that would lead to serious accidents..
Everything that's giving false warnings, should be taken care of, before someone gets used to it and get hurt by it.
 
Back
Top