Infected Site
Stuart
via web
Hi:
I am unable to obtain your tool to extract JPEG from RAW. My Antivirus product blocks most of your site due to infections. It seems that every jpg, png and gif file on yuor site os infected with Mal/ObfJS-AL.
See attached Sophos log file below which will hopefully help to get this removed from the site.
**** Sophos Anti-Virus Log - 08/08/11 16:23:25
20110808 131857 Blocked web request to "www.whibalhost.com/ss/product_box-product_info.jpg"
(linked from "mtapesdesign.com") for user. 'Mal/ObfJS-AL' has been
found at this website, reference ID 27430697.
20110808 131859 Blocked web request to "www.whibalhost.com/lensalign/images/logos/luminous-landscape.jpg"
(linked from "mtapesdesign.com") for user. 'Mal/ObfJS-AL' has been
found at this website, reference ID 27430697.
20110808 131904 Blocked web request to "www.whibalhost.com/ss/mast_main.jpg"
(linked from "mtapesdesign.com/rawworkflowcom-download-page") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 131915 Blocked web request to "www.whibalhost.com/ss/mast_main.jpg"
(linked from
"rawworkflow.squarespace.com/instant-jpeg-from-raw-utility") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 132039 Blocked web request to "www.whibalhost.com/ss/product_box_bug-viewcart.gif"
(linked from
"rawworkflow.squarespace.com/instant-jpeg-from-raw-utility") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 132442 Blocked web request to "www.whibalhost.com/ss/mast_main.jpg"
(linked from
"rawworkflow.squarespace.com/instant-jpeg-from-raw-utility") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 134946 Blocked web request to "www.whibalhost.com/ss/product_box_bug-viewcart.gif"
(linked from "mtapesdesign.com/instant-jpeg-from-raw-utility") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 135546 Blocked web request to "www.whibalhost.com/ss/masthead/main_mast_mtd_72x1030.png"
(linked from "mtapesdesign.com") for user. 'Mal/ObfJS-AL' has been
found at this website, reference ID 27430697.
20110808 135548 Blocked web request to "www.whibalhost.com/ss/product_box-ijfr.jpg"
(linked from "mtapesdesign.com") for user. 'Mal/ObfJS-AL' has been
found at this website, reference ID 27430697.
20110808 135558 Blocked web request to "www.whibalhost.com/ss/mast_main.jpg"
(linked from "mtapesdesign.com/rawworkflowcom-download-page") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 135603 Blocked web request to "www.whibalhost.com/ss/product_box-product_info.jpg"
(linked from
"rawworkflow.squarespace.com/instant-jpeg-from-raw-utility") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 135605 Blocked web request to "www.whibalhost.com/ss/ijfr_02.jpg"
(linked from
"rawworkflow.squarespace.com/instant-jpeg-from-raw-utility") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 135621 Blocked web request to "www.whibalhost.com/ss/masthead/main_mast_mtd_72x372.png"
(linked from "www.mtdhelp.com/help/custom.css")
for user . 'Mal/ObfJS-AL' has been found at this website, reference
ID 27430697.
20110808 135637 Blocked web request to "www.whibalhost.com/ss/masthead/main_mast_mtd_72x372.png"
(linked from "www.mtdhelp.com/help/custom.css")
for user . 'Mal/ObfJS-AL' has been found at this website, reference
ID 27430697.
20110808 161557 Blocked web request to "www.whibalhost.com/ss/mast_main.jpg"
(linked from
"rawworkflow.squarespace.com/instant-jpeg-from-raw-utility") for
user . 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 161601 Blocked web request to "www.whibalhost.com/ss/product_box_bug-separator.gif"
(linked from
"rawworkflow.squarespace.com/instant-jpeg-from-raw-utility") for
user. 'Mal/ObfJS-AL' has been found at this website, reference ID
27430697.
20110808 161616 Blocked web request to "www.whibalhost.com/ss/masthead/main_mast_mtd_72x372.png"
(linked from "www.mtdhelp.com/help/custom.css")
for user . 'Mal/ObfJS-AL' has been found at this website, reference
ID 27430697.
20110808 161813 Blocked web request to "www.whibalhost.com/_ss/masthead/main_mast_mtd_72x372.png"
(linked from "www.mtdhelp.com/help/custom.css")
for user . 'Mal/ObfJS-AL' has been found at this website, reference
ID 27430697.
(24 items)
Support Staff 2 Posted by Michael Tapes Design on 08 Aug, 2011 05:55 PM
We just did a sweep of our site last week, but I will look into this. I would not think it is possible for all of these files to be infected, but of course, there could be a bug somewhere, and we will look into it within the hour.
I will get back to you. Sorry for the problem.
Michael Tapes Design closed this discussion on 08 Aug, 2011 05:55 PM.
Michael Tapes Design re-opened this discussion on 08 Aug, 2011 05:55 PM
Support Staff 3 Posted by Michael Tapes Design on 08 Aug, 2011 07:07 PM
Stuart,
I cannot find anything, and no other reports. Can you please tell me where in the site are you first blocked. Thanks for your assistance.
Michael
4 Posted by Albert Fester on 08 Aug, 2011 08:55 PM
Hi Michael: As soon as I hit your home page http://mtapesdesign.com/ my AV application, Sophos, starts alerting that jpg anf gif's are infected and the site has been blocked. It does seem better now though, once I hit the download link I don't get any AV messages also from the download page I don't get any AV messages. It looks like the pictures have been removed though. I have navigated back to the start page and got no AV messages. It seems that the messages are generated by the pictures under the Site Highlights. RegardsStuart
> From: ***@tenderapp.com
> To: ***@hotmail.com
> Date: Mon, 8 Aug 2011 15:06:25 -0400
> Subject: Infected Site [Talk to us]
>
>
> // Please reply above this line
5 Posted by Albert Fester on 08 Aug, 2011 08:58 PM
I forgot to mention that I have completed the form for the IJFR app four times now and still have no download link for it. Could you possibly email me the link or the file? Stuart
> From: ***@tenderapp.com
> To: ***@hotmail.com
> Date: Mon, 8 Aug 2011 15:06:25 -0400
> Subject: Infected Site [Talk to us]
>
>
> // Please reply above this line
Support Staff 6 Posted by Michael Tapes Design on 08 Aug, 2011 09:25 PM
Probably sophos has the site blocked in their database on your machine or in the cache. That is why the images do not show up because they are blocked. If I receive another mention of this I will look further, but for now I cannot find anything.
Regarding the link...just tell me what OS you need and I will send it to you.
Thanks.
Michael Tapes Design closed this discussion on 08 Aug, 2011 09:25 PM.
Albert Fester re-opened this discussion on 08 Aug, 2011 09:27 PM
7 Posted by Albert Fester on 08 Aug, 2011 09:27 PM
Oh sorry I forgot that. Windows 7 64bit. Thanks Very muchStuart
> From: ***@tenderapp.com
> To: ***@hotmail.com
> Date: Mon, 8 Aug 2011 17:23:46 -0400
> Subject: Infected Site [Talk to us]
>
>
> // Please reply above this line
Support Staff 8 Posted by Michael Tapes Design on 08 Aug, 2011 09:51 PM
Here you go. Enjoy.
Michael Tapes Design closed this discussion on 08 Aug, 2011 09:51 PM.
Albert Fester re-opened this discussion on 09 Aug, 2011 01:05 PM
9 Posted by Albert Fester on 09 Aug, 2011 01:05 PM
Thank youStuart
> From: ***@tenderapp.com
> To: ***@hotmail.com
> Date: Mon, 8 Aug 2011 17:50:07 -0400
> Subject: Infected Site [Talk to us]
>
>
> // Please reply above this line