Originally Posted by msmofet
This is the only site I have ever gotten a warning on.
3168 lines of html code make up just the page this post is on, prior to my reply.
Within those lines of code there are many "commands" that make the page work in both vbulletin scripts and standard html scripts. Virus programs are nothing more than yet another type of script that examines other scripts for types of patterns which have been identified as something that could be part of a malicious command script in both the active sense and "Trojan" sense.
The endless battle between those who write malicious scripts and those who try to stop them is what makes these "might be" notifications happen.
Here's how it works:
1. virus made by someone
2. script that finds that virus is written
3. script that gets around the script that finds the virus is written
4. new detection script is written that finds the work around
See what I mean?
Most virus programs are pretty good at what they do, but none are perfect. Using a combination of detection programs is the best idea and keeping a continuous scan going on your PC that monitors every script that passes through your PC is also a great thing to do.
Knowing what NOT to click on or sites to avoid is another.
The above 1-4 steps are repeated tens of thousands of times each year.
This is, of course, a gross over-simplification of the actual actions involved, but I'm sure you see what I'm saying.