Kaspersky Says Google Spreads Malware, but Trojan.JS.Redirector.ar Is a False Positive

Security company hurts legitimate websites and its own users

  Kaspersky false positive for Google AdSense Trojan.JS.Redirector.ar
2 photosVIEW ALL 
Kaspersky products incorrectly blocked access to legitimate websites reporting that ads from Google AdSense were infected with a Trojan horse labeled Trojan.JS.Redirector.ar. Russian-based antivirus maker Kaspersky managed to shoot itself in the foot and deliver a blow to its credibility and legitimacy as a maker of security solution. Again. But while shooting itself in the foot, Kaspersky also hurt its own users and damaged legitimate Internet-based businesses, by falsely alerting customers of its most recent and “top of the line” AV product that Google is spreading malware through AdSense. Again!

Despite the erroneous alerts from Kaspersky Internet Security 2010, Google AdSense is not infecting users with malware, and Trojan.JS.Redirector.ar is a false positive. In fact, customers, including Softpedia users, should disregard alerts from Kaspersky altogether when their very common sense is telling them otherwise. And it’s not just customers running Kaspersky Internet Security 2010 that were affected, but also users of Kaspersky Anti-Virus 2010, Kaspersky Internet Security 2009, Kaspersky Anti-Virus 2009 and Kaspersky Anti-Virus 6.0 for Windows Workstations MP4. Users need to know that Softpedia has taken extensive measure to ensure that its users are protected, and only serves advertising from legitimate sources, such as Google, that have a proven track record of also protecting customers.

They should definitely ignore reports associated with Trojan.JS.Redirector.ar infections in Google AdSense. “On the 25th of January, 2010, some Google web pages can be blocked by your Kaspersky Lab product because of virus detection. In this case the following message appears on the screen: Access denied. The following error was encountered: The requested object is INFECTED with the following viruses: Trojan.JS.Redirector.ar,” Kaspersky Lab stated.

But there are additional false positive alerts to be ignored. “In such cases Kaspersky Lab products may display the message that the requested object is infected with one of the following viruses:
- Backdoor.Win32.Hupigon.jrpd,
- Trojan.Win32.Generic,
- Trojan.Win32.Swisyn.nik,
- Win32.KillFiles.b,
- Win32.StartPage.c,
- Win32.StartPage.d,
- Win32.StartPage.e,
- Win32.StartPage.f,
- Win32.StartPage.g.
- Win32.StartPage.h,
- Win32.Trojan-Downloader.Generic.ac,
- Win32.Trojan-Downloader.Generic.ad,
- Win32.Trojan-Downloader.Generic.ai.

Such detections of the viruses mentioned above on some Google web pages are false alarms,” Kaspersky added.

Somewhere between mind freezing sub-zero temperatures and cheap vodka, Kaspersky’s virus definitions proved a disastrous cocktail for end users, Google and third-party companies. And this is not the first time that Kaspersky has flagged Google AdSense as spreading malware. In November 2009, just three months ago, Kaspersky (KAV 2009) generated false-positives of inexistent phishing attacks coming from Google.

And as it is prancing from one monumental failure to another, Kaspersky did manage to produce a small and insignificant “Oops!” along with new virus definitions to resolve the issue. Well, to temporarily resolve the issue, since the problem seems to become a repetitive and common occurrence for a company that applauds itself for producing alleged leading security products.

It is clear that Kaspersky has to take immediate and critical measures to ensure that similar false positive failures of Kaspersky Internet Security 2010, and other Kaspersky solutions, never happen again. However, judging from the outfit’s past history, users shouldn’t really start holding their breath anytime soon.Just hours before the Trojan.JS.Redirector.ar false positive fiasco, Kaspersky had blocked the bit.ly web address shortening service. This time around, the Russian based security company erroneously prevented access en masse to bit.ly links alerting users that they were actually phishing sites.

“The problem was quickly resolved and by 19:00 Moscow time the company’s products had stopped generating alerts for legitimate Internet pages. Kaspersky Lab would like to apologize for any inconvenience this problem may have caused users. The company is continually improving its procedures for testing products and releasing updates to prevent such errors from occurring in future,” Kaspersky added.

Just to start, Kaspersky needs to do more than just say “my bad” to legitimate websites that witnessed traffic go down, which lost money and got their good name and reputation trashed because of Kaspersky’s failures. Something that some of them might regard as much more than just an inconvenience.

Softpedia’s suggestion to customers is to choose a security solution that they wouldn’t even have to pay anything for, and that will not flag Google or the Internet, as malware. There is a variety of free antivirus users can try as alternatives to Kaspersky including Avira, Microsoft Security Essentials, Avast and Panda Cloud Antivirus.

Avira AntiVir Personal is available for download here.

Microsoft Security Essentials 1.0 can be downloaded for free via this link.

Panda Cloud Antivirus is available for download here.

Avast! Free Antivirus 5.0  is available for download here.
Avast! Pro Antivirus 5.0 is available for download here.
Avast! Internet Security 5.0 is available for download here.

Photo Gallery (2 Images)

Gallery Image
01
Gallery Image
02

12 Comments

By    26 Jan 2010, 10:01 GMT