Since a few days, Avast repeatedly notify me having blocked a connection to clogitec.com, with the reason being that it is infected by “Other: Malware-gen[Trj]” in the processus Firefox.exe. Problem is that I never tried to connect to this website (I don’t know what it is), so I supposed it’s another problem. When I scan with Avast and Malwarebytes, nothing is found ; I tried also in safe mode, but Malwarebytes found nothing, and Avast don’t want to work…
I’m with Windows 8 64 bits, my navigator is Firefox 72.0.1.
Thanks in advance for your help and sorry for my english if I made mistakes.
When I scan with Avast and Malwarebytes, nothing is found ; I tried also in safe mode, but Malwarebytes found nothing, and Avast don't want to work...
-Scanning in safe mode does not have any detection advantages, what it give you is removal advantages if you have problems removing something that is already detected
-avast have boot scan
-Malwarebytes is not designed to be run in safe mode, it will run but all drivers are not loaded so will run crippled
Content that was returned by your request for the URL: htxp://clogitec.com/
1: < html>
2: < head> < title> 403 Forbidden< /title> < /head>
3: < body bgcolor=“white”>
4: < center> < h1> 403 Forbidden< /h1> < /center>
5: < hr> < center> nginx< /center>
6: < /body>
7: < /html> Content after the < /html> tag should be considered suspicious.
8: < !-- a padding to disable MSIE and Chrome friendly error page →
9: < !-- a padding to disable MSIE and Chrome friendly error page →
10: < !-- a padding to disable MSIE and Chrome friendly error page →
11: < !-- a padding to disable MSIE and Chrome friendly error page →
12: < !-- a padding to disable MSIE and Chrome friendly error page →
13: < !-- a padding to disable MSIE and Chrome friendly error page →
This at IP address -104.18.40.175
polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
Hello,
So I reported a false positive, as bob tells me. I suppose I have to wait a bit to see a change (for it continues to be detected, in the mean time) ?
Since it is blacklisted and taken down (not online anymore) i think detection is/was correct
You may have some crap in your browser that try to connect to that URL
Sorry for the long delay to answer, but since my last message Avast stopped to notify it until this morning. So about the logs asks, please find them attach. I will grateful if you could see what is going on here.