GPT Posted August 30, 2022 ID:1530650 Share Posted August 30, 2022 (edited) Hi, The browser guard recently started to blocking my website: https://paradiseprotech.com It states that there is a "trojan" installed in the website but there is not and here is the proof about it: 1. Malware bytes tool claims website have a trojan, then it says there is there is no block items and finally it just says it cannot "evaluate" this type of page: Then HOW COME DOES THIS TOOL CLAIMS there is a trojan when it cannot even evaluate the page??? Please explain 2. look at the extension link below: chrome-extension://ihcjicgdanjaechkgeegckofjjedodee/app/eventpages/block.html?referrer=null&url=https%3A%2F%2Fwww.paradiseprotech.com%2F&host=www.paradiseprotech.com&type=malware&subtype=trojan&tabId=293404736&filename=undefined&prevUrl=null Parameters with null values indicate that there is no such file as a "trojan" filename=undefined prevUrl=null Please assistance as soon as possible Edited August 31, 2022 by AdvancedSetup Disabled live hyperlink Link to post Share on other sites More sharing options...
Porthos Posted August 30, 2022 ID:1530652 Share Posted August 30, 2022 1 minute ago, GPT said: Then HOW COME DOES THIS TOOL CLAIMS there is a trojan when it cannot even evaluate the page??? Please explain For what ever reason you site got blocked by all Malwarebytes software. Browser guard does not evaluate a site it blocks because it is on a list. When reported staff will evaluate the block and remove it manually from the list if deemed safe. Link to post Share on other sites More sharing options...
GPT Posted August 30, 2022 Author ID:1530653 Share Posted August 30, 2022 Here are the extracts in the logs from the Chrome extension: {"@timestamp": "2022-08-30T23:35:37.560Z", "session": "1661896714458", "message": "OM: Malware (malware) detection on https://paradiseprotech.com/. Redirecting to block page.", "level": "INFO"} {"@timestamp": "2022-08-30T23:35:38.136Z", "session": "1661896714458", "message": "OM: (PAGE_BLOCK) malware (trojan) match found on https://paradiseprotech.com/ for https://paradiseprotech.com/. Database: {'trojan':'2.0.202208302226'}", "level": "INFO"} There is no indication of the "infected file" in there Link to post Share on other sites More sharing options...
Porthos Posted August 30, 2022 ID:1530655 Share Posted August 30, 2022 1 minute ago, GPT said: There is no indication of the "infected file" in there Malwarebytes does not "scan" any site for malware/Trojans. Link to post Share on other sites More sharing options...
GPT Posted August 30, 2022 Author ID:1530656 Share Posted August 30, 2022 Thank you so much for the quick reply Porthos, If there is something we have to do in our end, Our team will be more than happy to do it for the sake of our security and users that browse our website. Will I get more information about this "infected" file in paradiseprotech.com if the staff determines the website is unsafe? What cause this issue in the first place? Is there an ETA for waiting for a reply? Link to post Share on other sites More sharing options...
Porthos Posted August 30, 2022 ID:1530657 Share Posted August 30, 2022 1 minute ago, GPT said: Will I get more information about this "infected" file in paradiseprotech.com if the staff determines the website is unsafe? Yes here in this topic. 1 minute ago, GPT said: What cause this issue in the first place? I cant say. 1 minute ago, GPT said: Is there an ETA for waiting for a reply? It usually does not take long. I will guess you will get an answer pretty soon. Since you are in the US, probably before business Wednesday. Link to post Share on other sites More sharing options...
GPT Posted August 30, 2022 Author ID:1530658 Share Posted August 30, 2022 I need to report it to a Malwarebyte staff, is there another way I can report this to them directly or open a ticket? Link to post Share on other sites More sharing options...
Porthos Posted August 30, 2022 ID:1530659 Share Posted August 30, 2022 (edited) Just now, GPT said: I need to report it to a Malwarebyte staff, is there another way I can report this to them directly or open a ticket? Posting this topic is reporting it. Posting here is the fastest way to report False Positives. Edited August 30, 2022 by Porthos Link to post Share on other sites More sharing options...
GPT Posted August 30, 2022 Author ID:1530660 Share Posted August 30, 2022 Excellent. I will double check tomorrow at noon EST for more updates. Thank you so much Porthos! 1 Link to post Share on other sites More sharing options...
Solution thisisu Posted August 31, 2022 Solution ID:1530662 Share Posted August 31, 2022 Hello, It was a MBAM block due to having the following URL path https://paradiseprotech.com/files/lJLCA-ZoVWgk8cq441YS_oEgJcMrPm-mL/ https://www.virustotal.com/gui/url/b92910d0b95e728218eeb01a9b4dad6c98c0d71e430ee4826c8a3934a278479b/details Good news is that it no longer exists so the domain will be unblocked in the next update Regards 1 Link to post Share on other sites More sharing options...
GPT Posted August 31, 2022 Author ID:1530711 Share Posted August 31, 2022 Last night we did a preventive update to clean out all files and did an update of the website nodeJS libraries. That may have taken care of it. Thank you so much thisisu! Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now