Dangerous Site Notification--WHY?

  • 1
  • Problem
  • Updated 2 years ago
  • In Progress
I have been viewing a particular site for more than three years. In the last 2 days I an getting a "Danger" warning. santanvalley.com/media/template/gzip.php?mootools-core-8f6cd595.js This issure is not happening to others using the site. Thank you--Nancy Cunningham Our account is under Merle Cunningham
Photo of azwiremail

azwiremail

  • 70 Points

Posted 2 years ago

  • 1
Photo of TM_L

TM_L, Official Rep

  • 15,740 Points 10k badge 2x thumb
Thank you for reporting this issue. We understand that when you access santanvalley.com, you're getting a warning on a *.js file. To resolve, we suggest disabling a setting in Trend Micro Security's Web Threats protection:--> Uncheck "Prevent Internet Explorer, Firefox, and Chrome from running malicious scripts on infected websites"

Here's a support document to perform this setting change for your reference:
Configuring the Web Threats setting of Trend Micro Security

This setting is designed to block dangerous software injected by hackers into legitimate websites, i.e. prevents execution of some malicious *.js (JavaScript) files on legitimate websites, if the website has been compromised. This setting is on by default, and we recommend keeping it on. However, if it is causing interference with some websites' scripts, it can be disabled with some increase of security risk.

Please let me know if this solves your issue. If it doesn't resolve the problem, can you provide a screenshot of the "Danger" warning to us?

Trend Micro Home Users Community
(Edited)
Photo of anb

anb

  • 100 Points 100 badge 2x thumb
I am getting the same issue.
However, I do not see that turning an important feature off is a reasonable answer.

As per the OP, the "Dangerous Page" warning has only appeared in the last few days.
What has changed?

I have submitted the urls to https://global.sitesafety.trendmicro.com/ and they yield a SAFE result.
santanvalley.com is also "SAFE" according to this scan also.

Another suggestion was here:
https://en.community.trendmicro.com/tm_en/topics/sites-blocked-after-moving-to-win-10
But this is only good for your own computer/device.
This does not resolve the issue for anyone else trying to view your site and being scared off by the "Dangerous Page" warning.

And another here:
https://en.community.trendmicro.com/tm_en/topics/false-warnings-with-joomla-mootools-core-js
Which is still under investigation.
I have submitted 2 of 4 sites affected to be reclassified, with a follow-up replay that they are safe. Yet the warning remains.

Please provide a global solution that does not require a reduction in security.
(Edited)
Photo of TM_L

TM_L, Official Rep

  • 15,740 Points 10k badge 2x thumb
@anb As you replied in two topics, we’ll be replying to you using a new private post "JavaScript blocking warning" to obtain the web sites in question from you. Thanks.

@azwiremail We received an update from our product team, and the "Danger" warning from your website visits is confirmed to be false positive. The fix will be available by end of June, and we'll update you in this post when the fix is released. We deeply apologize for the inconvenience caused. Thank you!

Trend Micro Home Users Community 
(Edited)
Photo of TM_L

TM_L, Official Rep

  • 15,740 Points 10k badge 2x thumb
@azwiremail Many apologies again for taking a long time to fix the this issue. We were informed by our product development team that the fix of this issue is included in the latest pattern file. Please follow the steps below to apply the update:
  1.  Remove related URLs from the Exception List. (if you've added them to the Exception List)
  2.  Right-click on the Trend Micro system tray icon.
  3.  Click Check for Program Updates, then The About Your Software windows will appear and will automatically check for available updates.
After update completed, please verify all websites which had blocking issues and please do let us know if the solution works for you. Thank you.

Trend Micro Home Users Community
(Edited)