Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 18 replies
  • Subscribers 1 subscriber
  • Views 29329 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

False positive mal/HTMLgen-a

Airiq
Hi im new to Sophia and I wanted to see if the site Checkwebsitesafe.com was a safe site. When checked virus total, it said tha Sophos said it was malicious. I checked other safe URL checking sites and most said it was fine. Only Anubis malware said it was bad. This is the link to the scan report-http://anubis.iseclab.org/?action=result&task_id=15d6e5628029555a4898bdb3d425733ee&format=html and I had a discussion on the clamxav forums which has more info-http://www.markallan.co.uk/BB/viewtopic.php?t=2916&sid=0cc1a50ada0196e8889b07191719ae88 thanks if someone can help me out with this
:34971


This thread was automatically locked due to age.
Parents
  • 0

    Hi Airiq,

    Welcome to SophosTalk.

    I've asked my contacts at SophosLabs about this, and this is the reply I received ...

    I just tried 2 things…

     

    -          I searched on VirusTotal for that URL myself and Sophos is not classifying it as malicious.

    -          I navigated to checkwebsitesafe.com on my desktop machine here and was able to do so without any alerts or blocked actions from Sophos.

     

    Checking our systems history for that URL I can see that it was classified by us back in October but that classification has since been withdrawn. This is quite common as we frequently block/unblock websites as we find them to be infected and then cleaned on a regular basis. Just because a webpage is not compromised today does not mean that it never will be! And likewise, compromised sites can fixed-up and made safe.

     

    I hope that helps.

    As the man says, "I hope that helps".

    Best regards,

    spike.

    :35045
Reply
  • 0

    Hi Airiq,

    Welcome to SophosTalk.

    I've asked my contacts at SophosLabs about this, and this is the reply I received ...

    I just tried 2 things…

     

    -          I searched on VirusTotal for that URL myself and Sophos is not classifying it as malicious.

    -          I navigated to checkwebsitesafe.com on my desktop machine here and was able to do so without any alerts or blocked actions from Sophos.

     

    Checking our systems history for that URL I can see that it was classified by us back in October but that classification has since been withdrawn. This is quite common as we frequently block/unblock websites as we find them to be infected and then cleaned on a regular basis. Just because a webpage is not compromised today does not mean that it never will be! And likewise, compromised sites can fixed-up and made safe.

     

    I hope that helps.

    As the man says, "I hope that helps".

    Best regards,

    spike.

    :35045
Children
No Data