sL3xx Posted March 6 ID:1621466 Share Posted March 6 (edited) Hello, I am getting a false positive for a website I manage: https://s2000.club/ I have code on the site that obfuscates my email address and a few file names. You can see one example near the footer. Being detected as a false positive. --------- LogMeIn Antivirus blocked this page The page you are trying to access contains malware. Detected malware: Trojan.JS.Redirector.DN Access from your browser has been blocked. --------------- code example: <a href='mailto:dary%6E%40%63u%72v%2Ene%74'><script type='text/javascript'> <!-- var s="ebszoAdvsw/ofu"; m=""; for (i=0; i<s.length; i++) { if(s.charCodeAt(i) == 28){ m+= '&';} else if (s.charCodeAt(i) == 23) { m+= '!';} else { m+=String.fromCharCode(s.charCodeAt(i)-1); }}document.write(m);//--> </script></a> — Instagram: <a href="https://www.instagram.com/daryn.jpg">@daryn.jpg</a> Edited March 6 by AdvancedSetup Disabled hyperlinks Link to post
Staff cli Posted March 6 Staff ID:1621471 Share Posted March 6 Did you mean to contact LogMeIn? Quote LogMeIn Antivirus blocked this page The page you are trying to access contains malware. 1 Link to post
sL3xx Posted March 6 Author ID:1621472 Share Posted March 6 Yeah sorry, I was lead here and thought it was part of Malware bytes but can see it's not. Feel free to delete. Link to post
Porthos Posted March 6 ID:1621474 Share Posted March 6 (edited) @sL3xx The zip downloads on your site are blocked by Browser Guard. I will move your post so the BG team can address that issue. It has probably no bearing on the LogMeIn issue though For example https://s2000.club/LOGO/S2000-RadioDoor-logo.zip @JPopovic@BjelakovicL Edited March 6 by Porthos 1 Link to post
sL3xx Posted March 6 Author ID:1621475 Share Posted March 6 1 minute ago, Porthos said: @sL3xx The zip downloads on your site are blocked by Browser Guard. I will move your post so the BG team can address that issue. It has probably no bearing on the LogMeIn issue though For example https://s2000.club/LOGO/S2000-RadioDoor-logo.zip Thank you. I appreciate it. Only an EPS file and a PNG in that zip. I also discovered that Bitdefender is used by LogMeIn so I contacted them as well. Hopefully resolves my other issue. I know the obfuscation code resembles malware, but you think it would at least analyze the code and not automatically assume malice. Link to post
Solution Porthos Posted March 6 Solution ID:1621476 Share Posted March 6 1 minute ago, sL3xx said: I know the obfuscation code resembles malware Securi does not like your site either. https://sitecheck.sucuri.net/results/https/s2000.club You might want to contact the vendors on this list as well. https://www.virustotal.com/gui/url/83dfa2240ea8aa13caf0f73e90159da3a692bba5f4e61fd2f15bd10dead917bd?nocache=1 https://docs.virustotal.com/docs/false-positive-contacts 1 Link to post
sL3xx Posted March 6 Author ID:1621477 Share Posted March 6 Much appreciated. Did you manually see that or do you have a tool that shows you them all? Was just curious if I should contact anyone else. Link to post
Porthos Posted March 6 ID:1621478 Share Posted March 6 2 minutes ago, sL3xx said: Did you manually see that or do you have a tool that shows you them all? Scanned site at Virus Total. https://www.virustotal.com/gui/home/url 1 Link to post
1PW Posted March 6 ID:1621481 Share Posted March 6 FYI: https://quttera.com/detailed_report/s2000.club 1 Link to post
sL3xx Posted March 6 Author ID:1621482 Share Posted March 6 Thanks guys. You are all extremely helpful even though malwarebytes has nothing to do with this. Link to post
sL3xx Posted March 6 Author ID:1621483 Share Posted March 6 Sorry one question, 1PW. How come under all of the BLACKLISTING STATUS sites it says CLEAN but yet the domain is listed under BLACKLISTED. Is there a way to tell who is blacklisting the domain? Link to post
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now