Thursday, January 24, 2013

False malware warning

I just now (9 February 2013) entered into Google Chrome and the false malware message no longer appears.

I have just been told that this blog gives the following malware warning (click to enlarge) to visitors using Google Chrome and the old address (i.e. without the ".au" suffix):

As I explained to the person who kindly warned me of the problem:

I have up-to-date virus protection, I am averaging 68 visits a day, including 17 in the last hour, and no one else has told me my page is infected. I can look at the HTML source code and there is nothing that I haven't written. So I assume ... has received a false positive virus message.

But on further checking I found that when I entered the old (without the ".au" suffix) address into Google Chrome only, I too received the above warning. It does not appear in Internet Explorer or Firefox even when I use the old address. And it does not appear in Google Chrome, Internet Explorer or Firefox when I use the new ".au" suffix address:

So I assume it is a false positive malware message. But because it will deter visitors using Google Chrome and the old address accessing this blog, I have sent the following feedback to Blogger Support:

Blogger Support

When my The Shroud of Turin blog is accessed via Google Chrome using its old address a malware message is displayed that my blog has been infected with malware inserted by www*sanfrancisco*sentinel*com ["."s replaced by "*"s]. The malware message does not appear in Google Chrome, Internet Explore or Mozilla Firefox when the when the new ".au" address is used. And it doesn't appear in Internet Explore or Mozilla Firefox when the when the old ".com" address is used. So it seems to be a particular problem of accessing my blog's old [address] using Google Chrome. Can you please investigate and fix the problem? Thanks.

Stephen E. Jones

PS: I haven't heard back from Blogger Support. But I have since thought of another reason why Google Chrome's warning message:

Content from www*sanfrancisco*sentinel*com, a known malware distributor, has been inserted into this web page. Visiting this page now is very likely to infect your computer with malware.
must be wrong. I have not edited this blog's template for many years, so a malware virus would have to be able to breach Blogger's security to infect it. This morning I looked at this blog's underlying template, which said it had not been updated since 2004, and a search on "sentinel" in it drew a blank. So again it sounds like a Google Chrome issue, and nothing to do with my blog.

PPS: By chance I found one of my blog posts had a reference to sanfrancisco*sentinel*com ["."s replaced by "*"s]. I have deleted that name in the hope that it was the name of that site that Google Chrome was reacting to.

Stephen E. Jones

No comments: