Reply
Occasional Visitor
ramsydney
Posts: 1
Registered: ‎Mon 18-Mar-2013
0

"High Risk Website Blocked" - Mal/HTMLGen-A has been found on this website

I am a website developer and one of my websites is being tagged as a high risk website by Sophos Anti-Virus.  The URL is www.consultanttraining.com.au. I did a test on www.virustotal.com and Sophos is returing a "Malicious site" result. This is a very simple website and absolutely nothing malicious has been installed on it.  My web host company has tested the server at their end and cannot find any problems. I tested the website on Google Webmaster tools and nothing negative resulted. I tested the site on checkwebsitesafe.net and the result was 100% positive.  Can you please advise why your software is having a problem with this website and what code is resulting in the website being seen as a problem? Thanks so much for your assistance.

Executive VIP
QC
Posts: 4,468
Registered: ‎Mon 23-Nov-2009
0

Re: "High Risk Website Blocked" - Mal/HTMLGen-A has been found on this website

Hello ramsydney,

 

many of the threads you get when searching for Mal/HTMLGen-A on this board are about the same situation, please see for example this thread.. I know I mention this in vain though ...

Anyway, the answer is always the same: Please contact, or better - have your host company contact Support directly, they will look into the issue and should be able to tell the reason for the classification and to initiate a re-classification of the site IP. It's likely one of the other sites hosted on the server which triggered the detection.

 

Christian

Occasional Visitor
forloop5
Posts: 2
Registered: ‎Tue 21-May-2013
0

Re: "High Risk Website Blocked" - Mal/HTMLGen-A has been found on this website

Sophos doing more harm than good with policies to block everything even if it does not conatin a virus.  Sounds to me like politics is in mix with sophos bottom line.  Sophos - Not just anti-virus but we tell you what you can look at!

Occasional Visitor
brissie-boy
Posts: 1
Registered: ‎Thu 01-Aug-2013
0

Re: "High Risk Website Blocked" - Mal/HTMLGen-A has been found on this website

We have this same message for www.engineeringexcellenceawards.com

 

The IP address is not blocked.  So no problem there.

We've checked the HTML, and there's nothing there.  It's a really simple site, and malware would be obvious.

Sophos, can you advise if this is a problem with our shared hosting please?

Occasional Visitor
rebecca324
Posts: 1
Registered: ‎Sun 04-May-2014
0

Re: "High Risk Website Blocked" - Mal/HTMLGen-A has been found on this website

It appears to be a false positive on the mspyonline.com, how can this get corrected so that I am not blocked from going to this website while I have Sophos on my computer?  If you go to the virus check, Sophos is the only one that detects this website as malicious.  I found the below post, can this website be corrected?  Thank you!

 

 

 

Re: False positive mal/HTMLgen-a [ New ]

Hi Rogerborg,

 

First, some history, for the benefit of the rest of the community ...

 

  1. You added a post (above) to the existing mal/HTMLGen-A thread.
  2. During standard moderation work, I looked at it, and I was immediately given a malware warning.
  3. I asked SophosLabs to take a look, but in the interests of being safe rather than sorry, moved the post with the (apparently) offending links to the SophosTalk quarantine area.
  4. SophosLabs have rescanned your site, and recategorised it as free of threats.
  5. I've put your post back. Unfortuanetly, due to the way the forums platform works, I can't put it back in as a reply, but only as a new thread.

So, getting down to the real business of this post, it's time for me to apologise for the annoyance and confusion caused. I move content (apart from where it's just in the wrong place) very rarely, as it's not my content. Getting a warning on my screen about mal/HTMLGen-A was sufficient to set the alarm bells going.

 

It does occasionally happen that a site has been categorised as showing the presence of malware, but that circumstances change. We at Sophos are always happy to investigate situations like this. So, if you think your site falls into this category, please let us know in this community, or contact Sophos Support direct.

 

Apologies again to Rogerborg.

 

Best regards,

 

spike

 

- - - - - - - - - - - - 
SophosTalk community manager, SOPHOS
Knowledgebase  |  @SophosSupport  |  Video tutorials
Occasional Visitor
86gtconv
Posts: 1
Registered: ‎Wed 14-May-2014
0

Re: "High Risk Website Blocked" - Mal/HTMLGen-A has been found on this website

I am also receiving this error on a link from our training website.  Here is the link:  jak.gzipdistro.net/sd/1060/3051.js.  Is there a way to get this site verified to see if it is really malicious?

 

Thanks.

Moderator
sandy
Posts: 1,060
Registered: ‎Mon 16-Nov-2009
0

Re: "High Risk Website Blocked" - Mal/HTMLGen-A has been found on this website

You may wish to submit a request to Sophos for reclassification of the site. 

Please refer to this knowledgebase article, and follow the instructions given there: 

http://www.sophos.com/en-us/support/knowledgebase/119440.aspx


Sandy.

Communities Moderator, Sophos
Knowledgebase  |  @SophosSupport  |  Video tutorials
If a post solves your question use the Accept as Solution button and award kudos.