This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Re: False positive mal/HTMLgen-a

As the top Google hit for "Mal/HTMLGen-A" I thought I'd chime in here.  Sophos users are reporting that they're getting this Mal/HTMLGen-A error for my site:

http://rogerborg.dnsd.me

Which I use solely as a repository for handy images that I link to in other web forums.  Thusly for "rogerborg.dnsd.me/hipster-hulk.jpg", which sums up my feelings about now.

hipster-hulk.jpg

There's also a trivial (single <img>) index.html page, and a robots.txt that denies all.

This is all that the Sophos threat library has to say about this issue:

"Mal/HTMLGen-A is the threat name associated with web pages that have been classified as malicious by SophosLabs.

Web pages blocked by Sophos products as Mal/HTMLGen-A are likely to be used in an infection chain used to infect users with malware"

So it doesn't imply or even suggest any actual infection, it just means that Sophos doesn't much like the look of this site.  Is it because the domain is hosted on a dynamic IP?  The index.html is too simple?  There's a deny robots.txt?  I don't know, and I and the end usesr have no way of knowing.  Telling them that it's infected is deceitful, unhelpful, and alarming.

Poor show, chaps.  Poor show.

:36863


This thread was automatically locked due to age.
Parents
  • Hi Sandy,

    Thanks for the response.  

    Yes I previously put in two requests for reassessment after reading the article and by using the form at the link you provided.  Since you don't acknowledge requests, how would I know if the reassessment has taken place?  Also, is it possible that this site genesisdomains.com is being confused with genesisdomain.com (without the "s" at the end) as I suspect that the second site is bogus.

    I purchase a domain from this particular registrar a few years ago and now I want to transfer it to another registrar to launch our new webiste.  To do that, I need to be able to access genesisdomains.com to put through the request.  Is there anyway you can suggest to fix this problem?

    thanks,

    Stormy

    :52799
Reply
  • Hi Sandy,

    Thanks for the response.  

    Yes I previously put in two requests for reassessment after reading the article and by using the form at the link you provided.  Since you don't acknowledge requests, how would I know if the reassessment has taken place?  Also, is it possible that this site genesisdomains.com is being confused with genesisdomain.com (without the "s" at the end) as I suspect that the second site is bogus.

    I purchase a domain from this particular registrar a few years ago and now I want to transfer it to another registrar to launch our new webiste.  To do that, I need to be able to access genesisdomains.com to put through the request.  Is there anyway you can suggest to fix this problem?

    thanks,

    Stormy

    :52799
Children
No Data