Jump to content

Browserguard blocks site due to trojan - but nothing found to block

ChrisGR70

By ChrisGR70
in Website Blocking

 Share
Go to solution Solved by Dashke,

Recommended Posts

ChrisGR70

ChrisGR70

Posted
Posted

My website, abwoon.org is blocked by Malwarebytes but when I click through to see the site and click the Malwarebytes icon to scan the site, it says there is nothing to block. Please can this site be unblocked?

Google Safe Browsing and Sucuri - both have the website marked as safe:

https://transparencyreport.google.com/safe-browsing/search?url=abwoon.org&hl=en_GB
https://sitecheck.sucuri.net/results/abwoon.org

Link to post
Share on other sites
  • Staff
Zynthesist

Zynthesist

Posted
  • Staff
Posted

Hello,

These files were reported here: 

https://www.virustotal.com/gui/file/4b7492aa1621a2a1c936c08e163604cefe7edfaa6c8c989b08acaa3bc724ec7b/detection
https://www.virustotal.com/gui/file/c7ef34ac1f0761c62602fd8ebdce318fb6efd70d016492a62ee6e5dce4ce6044


http://abwoon.org/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js
http://abwoon.org/wp-includes/js/jquery/ui/core.min.js

 

Link to post
Share on other sites
ChrisGR70

ChrisGR70

Posted
  • Author
Posted

Thanks, Zynthesist,

Actually this happened back in June, and you told me about the same two files then.  

The core.min.js file was cleaned (I don't remember how, or by whom) and I reinstalled the Embed Plus for YouTube plugin, which appeared to fix the problem.

What I don't understand is why Malwarebytes blocks the site yet it then says there is nothing to block. Does that mean the site is on a blacklist (so Malwarebytes blocks it) but Malwaarebytes Browserguard itself does not detect any malicious files, even though two are listed at virustotal.com. I take that to mean it is blocking the site for no reason - a false positive - and should be able to unblock it as there is no malicious ffile present.

Do you have any explanation as to why Malwarebytes blocks it yet cannot find any reason to block it?

Am I right in thinking that even though a file called core.min.js, or one called ytprefs.min.js, are listed as sometimes detected as malicious on virustotal.com, that does not necessarily mean the actual copies of files with those names are injected with malicious code on my site?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.