Whewehw Posted November 6, 2019 ID:1343480 Share Posted November 6, 2019 If I've posted on the wrong board my apologies, I'd hope a mod would move it or let me know what edits to make. I haven't completely ruled out infection but I do believe this is a false positive related to PrivateVpn. My computer is running 64 bit Windows 10, which is visible in the logs attached. I have gotten the below "website blocked" notifications in the following circumstances: #1 shortly after/on startup of the computer (PrivateVPN was setup to start on startup) OR #2 when disconnecting from PrivateVpn New York servers (and perhaps any server, have not tested). I have recently switched to PrivateVPN, and have not gotten these errors before installing and using it. The block is from the same port and ip in every occurrence (I have posted the log of every occurrence below). I have run a full scan (custom scan, all boxes checked) and malwarebytes found no threats. Log below. I am running another currently just for the sake of thoroughness, won't be done for a while but I do expect no threats found. I have run a full scan with a recently installed version of HitmanPro, which found 2 traces of threats. However, both of those are from a Zoo Tycoon 2 download that I got directly from amazon. The log mentions that "Program is altered or corrupted since it was code signed by its author" and that "Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated" both of which, to me, make since for an amazon release of a very old game. Again, this is NOT a pirated copy in any way. Log below. According to WHOIS lookup, the ip belongs to OVH SAS, a major french cloud computing company. Taking all that into account I would conclude this to be a false positive. Frankly though, it's a bit out of my element so I'm not quite sure. My machine has not been behaving strangely in any other way at all, although I have been leaving it unplugged at night now bc I'm paranoid as all hell :). Anyway, please look at the logs below and let me know your thoughts, any help would be deeply appreciated. This error being related to PrivateVPN is entirely my own speculation, so if anyone could discern the source of the problem for sure, or provide me with methods of scanning that might pick up other threats... as I said any help would be greatly appreciated. Thanks in advance, lmk if I should provide anything else. WebsiteBlocked1.txt WebsiteBlocked2.txt WebsiteBlocked3.txt WebsiteBlocked4.txt FullScan.txt HitmanPro_20191105_1923.log Link to post Share on other sites More sharing options...
Whewehw Posted November 6, 2019 Author ID:1343481 Share Posted November 6, 2019 Oh, I suppose I should also mention: I have not gotten this website blocked notification every time I use PrivateVPN. It's just that I've only gotten it when using PrivateVPN. Sometimes I use it and everything is all good, no notification at all, other times I get this notification seemingly randomly, and the only corresponding action is PrivateVPN is starting up and/or connecting/disconnecting. Link to post Share on other sites More sharing options...
Staff Solution Zynthesist Posted November 7, 2019 Staff Solution ID:1343664 Share Posted November 7, 2019 Hello, IP block will be removed. Link to post Share on other sites More sharing options...
Recommended Posts