Why Is "||files1.majorgeeks.com^$document" On The Ublock Malware Detector?

Discussion in 'Majorgeeks Welcome Center' started by squidcartel, Nov 22, 2024.

Tags:
  1. squidcartel

    squidcartel Private E-2

    Was trying to download a few files, i've scanned the zips and all but the download links are all detected as a malicious website. I'm not sure why, i've never had any trouble downloading anything from here. o_O
     
    squidcartel, Nov 22, 2024
    #1
  2. DangitallRedux

    DangitallRedux Specialist

    What is it that you are trying to download? I assume you're making the attempt from within the MajorGeeks site, but I don't recognize the "files1" portion of the address.
     
    DangitallRedux, Nov 23, 2024
    #2
  3. Corporal Punishment

    Corporal Punishment Head of Software Shenanigans Staff Member

    Beats the shit outta me. Just double-checked Spamhaus, and all is good. Trying to download anything in particular?
     
    Corporal Punishment, Nov 23, 2024
    #3
  4. Corporal Punishment

    Corporal Punishment Head of Software Shenanigans Staff Member

    Well, that took quite a bit of digging.

    Looks like Origin uses and service out of Switzerland abuse.ch (oddly, yes Switzerland is .ch )
    They picked up this file as a false positive that we host
    https://www.majorgeeks.com/files/details/ps1_to_exe.html
    Nice little freeware program that turns PowerShell scripts into exe.
    https://www.virustotal.com/gui/file...618ff2eae01e9adb099ff4343303487975a/detection

    Likely 2 things, since the file hasn't has been updated since 2018, it may be a certificate issue that some of the lesser antivirus will pick up on because they suck. OR an actual piece of malware used the script to compile ps1's to exe, which would then list that program's hash in a database. This is why most AV products suck.

    Origin - instead of blocking the file, block the server. Because, of course, that makes sense (sarcasm intended) > I mean, I got spam today in my email, so why not detect Outlook as a virus - then you 100% wouldn't get spam, right?? OK, I'm crawling off my high horse now.

    Mistakes happen. I reported the information as a false positive, and I'm sure it will be cleaned up quickly. Thanks for letting us know.
     
    Corporal Punishment, Nov 23, 2024
    #4
    plodr, squidcartel and TimW like this.
  5. squidcartel

    squidcartel Private E-2

    Ah, yeah okay. Thanks. I thought it was an error either way, I'm not very paranoid about downloading things from the internet as some other people are, I moved on from it very quickly, but I'd figure I'd make this post if anyone else had this question, or incase it 'dirtied' the legitimacy of the site at all. It's definitely a uBlock problem, they block various other obscure file hosting, freeware gallery, ect sites i use. Just because they MIGHT'VE at one point had a virus on their platform. Still a little bit annoying. :cool:
     
    squidcartel, Nov 23, 2024
    #5
  6. Corporal Punishment

    Corporal Punishment Head of Software Shenanigans Staff Member

    100% appreciate, otherwise we wouldn't have known.
     
    Corporal Punishment, Nov 24, 2024
    #6
  7. _nullptr

    _nullptr Major Geeky Geek Geek

    This is fixed now. If it's still blocking for anyone, you need to update the Online Malicious URL Blocklist (AdGuard).

    Open the uBlock dashboard and click the clock icon next to Online Malicious URL Blocklist.
     
    _nullptr, Nov 25, 2024
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds