Website Is Blocked In Bitdefender Internet 2016 - But I Can't Find It In Any Blacklist - Malware Sca

I went to http://jakub.kotrla.net/putty/ to download a particular version of PuTTY, and received a notification from Bitdefender Internet 2016 that the site was blocked due to malware.

I checked everywhere that I could think of and the site comes up clean at http://quttera.com/website-malware-scanner and also https://sitecheck.sucuri.net/results/jakub.kotrla.net/putty/ - the latter of which checks with ten of the most prominent blacklists.

The Bitdefender notification screen in my browser that I was presented with offered no additional information as to why, no link, explanation - aside from malware. Why is there no explanation or link?

Where can I find the reason for this malware block?

I've been going to this site for some time now to d/l PuTTY and would like to know if there really is a problem or if this is some kind of false positive.

Is there a place where I can go to parse the list of blocked sites and perhaps even add them to a safe zone, or even see the reasons why a particular site in that list has been blacklisted by Bitdefender?

Suggestions thoughts advice, anyone?

Thank you in advance for any assistance in this matter :)

post-199808-0-14540500-1456900193_thumb.png

Comments

  • Hello,

    Please complete the Sample or URL Submit form.

    http://www.bitdefender.com/submit/

    Bitdefender Labs will check it and if it is indeed clear it will be unblocked with an automatic update.

    Ro.

  • tallship
    edited March 2016

    Hello,

    Please complete the Sample or URL Submit form.

    http://www.bitdefender.com/submit/

    Bitdefender Labs will check it and if it is indeed clear it will be unblocked with an automatic update.

    Ro.

    Thank you @Rohugh, for answering absolutely NONE of my questions.

    Did I ask where to submit the site? No! I did not. For your information, I already had submitted the site to the URL you provided.

    Now, once again, my questions that are still, as yet, unanswered....

    I went to http://jakub.kotrla.net/putty/ to download a particular version of PuTTY, and received a notification from Bitdefender Internet 2016 that the site was blocked due to malware.

    I checked everywhere that I could think of and the site comes up clean at http://quttera.com/website-malware-scanner and also https://sitecheck.sucuri.net/results/jakub.kotrla.net/putty/ - the latter of which checks with ten of the most prominent blacklists.

    The Bitdefender notification screen in my browser that I was presented with offered no additional information as to why, no link, explanation - aside from malware. Why is there no explanation or link?

    Where can I find the reason for this malware block?

    I've been going to this site for some time now to d/l PuTTY and would like to know if there really is a problem or if this is some kind of false positive.

    Is there a place where I can go to parse the list of blocked sites, or even see the reasons why a particular site in that list has been blacklisted by Bitdefender?

    Suggestions thoughts advice, anyone?

    Thank you in advance for any assistance in this matter :)

    So you see @Rohugh, you addressed absolutely NOTHING with respect to my questions.

    I appreciate the link but to reiterate, I had already submitted the site there - so your response to my post was indeed Off-Topic.

  • tallship
    edited March 2016

    My questions:

    1.) Why is there no explanation or link?

    2.) Where can I find the reason for this malware block?

    That will suffice - in many systems, there is a link explaining (in many systems, and indeed at a few of the scanner sites I used to verify the integrity of this block) the actual exploit thought to be extant at the URL is listed. No such case in the blacklist warning I received - just that the site is blocked due to malware.

    That's not really sufficient to assist someone in making a determination for themselves whether to proceed or not in most situations

    Simon Tatham writes, at http://www.chiark.greenend.org.uk/~sgtatham/putty/

    2015-04-19 PuTTY detected as malware

    We've had several reports recently of anti-virus software reporting PuTTY as malware (under a wide variety of names, often generic). This affects the latest release (0.64) and also the development snapshots (particularly puttygen.exe).

    We believe these are false positives. In those cases where we've been able to contact the vendor (McAfee, Symantec, ClamAV), they have removed the detection.

    However, most vendors' false-positive response is to whitelist specific binaries. While this will resolve detections of the 0.64 release, expect detections to recur with the development snapshots, which are built daily.

    We've had no success requesting AV software vendors to perform more in-depth analysis. If this is causing trouble for you, and you have a support contract with your AV vendor, please query the detection with them directly.

    And I've queried this 'detection' directly by submitting the URL in the form you provided, but my questions are asking something different - in essence, what tools does the subscriber have to determine why a site has been listed?

    As Simon Tatham points out so eloquently above, I, "...have a support contract with my AV vendor...".

    Thank you for your attempt at addressing the matter anyway @Rohugh :)