I still have a warning from Yandex with Opera 12.02 on Ubuntu 8.04, right at this moment.
Topic: [Fixed] Sophos Anti-Virus says my site is malicious (Read 3195 times)
Sophos was blocking it for me the other day, haven't tried again on those machines. Both vanilla Win 7 Pro x64 systems.
Checkpoint IPS is blocking something to, the CSS I think, but not the whole site.
Checkpoint IPS is blocking something to, the CSS I think, but not the whole site.
A couple people told me over email that the site it no longer triggering alerts on Sophos. Yandex will hopefully update its blacklist soon.
That's good. More interestingly it would be to find out what triggered it ? What kind of code triggered it. I would think you don't have any malware on your site in the first place..
A couple people told me over email that the site it no longer triggering alerts on Sophos. Yandex will hopefully update its blacklist soon.
False positive, I guess they don't care much ? Perhaps somebody should sue their ass! 
https://www.virustotal.com/cs/url/f6cfaa9ebfbf8935b09e6a9a7bc37c7e853cd0a2858a424a0ea524b8d66c35a9/analysis/1365243245/
Yandex still say it is malware site.
Yandex still say it is malware site.
Well I took out the embedded JavaScript and re-scanned the file with that online scanner, and it passed Sophos. Hopefully they will update their Yandex blacklist so Opera users will continue to use the site.
Can any Sophos users confirm that the site passes?
Can any Sophos users confirm that the site passes?
I just got off the phone with Sophos, and they're 'sending it to their lab' for analysis...
Hope fully some of the techs are bitcoin fans
I just got off the phone with Sophos, and they're 'sending it to their lab' for analysis...
I'm in the UK and I left your page running overnight and woke up to the warning message, that your site has been responsible for distributing malicious software. I use Opera & Avast!
And yeah sorry, I usually close it down when I'm afk.
And yeah sorry, I usually close it down when I'm afk.
Yandex is partnered with Sophos (which caused the malware flag), and Opera uses the Yandex blacklist for its page screening. Go figure.
I'm in the UK and I left your page running overnight and woke up to the warning message, that your site has been responsible for distributing malicious software. I use Opera & Avast!
And yeah sorry, I usually close it down when I'm afk.
And yeah sorry, I usually close it down when I'm afk.
Some antivirus scan files/websites with heuristic algorithms.
Your website is a false positive
Your website is a false positive
Erm you're probably not seeing many posts because of the fact you're saying your site might be giving trojans..
Are you using free hosting? Anti viruses flag some hosts themself, so if your host is flagged for providing a lot of sites with viruses, they flag you too. I had the same issue with mcaffee a few years ago using a free host.
Are you using free hosting? Anti viruses flag some hosts themself, so if your host is flagged for providing a lot of sites with viruses, they flag you too. I had the same issue with mcaffee a few years ago using a free host.
I changed a bit of JavaScript code last night and this morning I had feedback from users claiming that Sophos had blocked my site, claiming it contained Troj/JSDldr-F.
URL: http://bitcoin.clarkmoody.com/
Is anyone else having the site blocked for them? Please let us know your OS version, browser version, and antivirus software.
Would any other Sophos users care to submit false positive reports? http://www.sophos.com/en-us/support/knowledgebase/17327.aspx
Edit 2:
Sophos seems to have had a problem with the way I was inlining my JavaScript into the main page (for speed). Taking the JS out into include files caused no malware triggers whatsoever.
The problem appears to be resolved. The site never contained malware, and I maintained control of my servers and source the entire time.
Edit:
Using jotti.org reveals this:
URL: http://bitcoin.clarkmoody.com/
Is anyone else having the site blocked for them? Please let us know your OS version, browser version, and antivirus software.
Would any other Sophos users care to submit false positive reports? http://www.sophos.com/en-us/support/knowledgebase/17327.aspx
Edit 2:
Sophos seems to have had a problem with the way I was inlining my JavaScript into the main page (for speed). Taking the JS out into include files caused no malware triggers whatsoever.
The problem appears to be resolved. The site never contained malware, and I maintained control of my servers and source the entire time.
Edit:
Using jotti.org reveals this:
Jump to: