Hi,
I scanned my client’s website files at wxw.irishmusicinlondon.org lately and found no .exe files or malware in general since we recently did a cleanout, yet Avast is blocking the site with a message that says:
“Access to this page is blocked as the threat Mal/HTMLGen-A has been found on this website.”
Can you check this for me? Thanks in advance.
Patrick
Hello,
the detection name “Mal/HTMLGen-A” does not look like from Avast.
Milos
That seems to be a Sophos AV detection
urlQuery https://urlquery.net/report/65fcf6a8-b5bf-461e-bd64-c24dc11a3f77
Thanks for this, and I noticed it seems to be blacklisted on Mcafee and a few others as well.
You’re welcome.
I get it on Avast now as well.OP sendt me a PM
Does this mean you have more then one antivirus installed?
Oops sorry I was supposed to post on the forum eeek!
Yes I am testing with Sophos on my Android phone now and also Avast on my laptop.
So detection in your first post is from Sophos on your android phone and not avast ?
URL from your screenshot that you sendt in PM
https://www.virustotal.com/gui/url/3e86edf6eb394195e7ed1a98f6021fd129e25520696e04c4063bb836933f83ea/detection
Please note that while the detection is certainly not ours (as other pointed out), we do block a part of the domain because of these URLs:
irishmusicinlondon[.]org/includes/css/signin/sign-in/84513dc25d/index?dispatch=cfb28f91dadd534a2ec38bdbecf9c2ab
irishmusicinlondon[.]org/includesxx/css/verification/daa54maacn1632annenn/index.php?country.x=us-united%20states&lang.x=en
I expect no verification subfolders in css folder, and it really looks like a phishing attack hosted on this domain. Can you confirm or rule out, Patrick?
Yes I can confirm that there was an attack on the site, and we have cleaned it since, and ran some scans with other software to make sure it has been cleaned.