False-Positive Detection of MQLLock
We have got several emails about this issue and want to clarify our clients about AVG False-Positive detection. False-Positive detection is caused because of heavy protections we do have inside MQLLock compiled DLL files. These protection is heavy enough that AV Software cannot analyse inside the DLL and suspects it being a possible harmful source. AV is warning you and thinks its better then not-warning. All MQLLock DLL files are protected by multiple protection measurements and moreover they are code-signed. Code-signed DLL files are signed from someone. The right to sign has been assigned from an certificate-authority with additional permissions. We think that AV they detect code-signed DLL is suspect itself, because a valid certificate on code-signed target also ensures integrity of the file on binary level. So a possible virus must be either coded from originator (in this case from signer) or someone must infect the file and sign it again, but siging those files with self-created-signatures does not generate a valid certificate at all. We guarantee you that MQLLock DLLs files are no viruses. They are heavy protected high-end codes which cannot be exemined by some small group of AV Software (for now just AVG). Thank you for trusting us.
What is False-Positive detection
A false positive is another way of saying ‘mistake’. As applied to the field of anti-virus programs, a false positive occurs when the program mistakenly flags an innocent file as being infected. This may seem harmless enough, but false positives can be a real nuisance. original article of description