Jump to content

ANSWERED False Positive (I think) -

Recommended Posts

If I've posted on the wrong board my apologies, I'd hope a mod would move it or let me know what edits to make. I haven't completely ruled out infection but I do believe this is a false positive related to PrivateVpn. My computer is running 64 bit Windows 10, which is visible in the logs attached.

I have gotten the below "website blocked" notifications in the following circumstances: #1 shortly after/on startup of the computer (PrivateVPN was setup to start on startup) OR #2 when disconnecting from PrivateVpn New York servers (and perhaps any server, have not tested). I have recently switched to PrivateVPN, and have not gotten these errors before installing and using it. The block is from the same port and ip in every occurrence (I have posted the log of every occurrence below).

I have run a full scan (custom scan, all boxes checked) and malwarebytes found no threats. Log below. I am running another currently just for the sake of thoroughness, won't be done for a while but I do expect no threats found.

I have run a full scan with a recently installed version of HitmanPro, which found 2 traces of threats. However, both of those are from a Zoo Tycoon 2 download that I got directly from amazon. The log mentions that "Program is altered or corrupted since it was code signed by its author" and that "Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated" both of which, to me, make since for an amazon release of a very old game. Again, this is NOT a pirated copy in any way. Log below.

According to WHOIS lookup, the ip belongs to OVH SAS, a major french cloud computing company.

Taking all that into account I would conclude this to be a false positive. Frankly though, it's a bit out of my element so I'm not quite sure. My machine has not been behaving strangely in any other way at all, although I have been leaving it unplugged at night now bc I'm paranoid as all hell :). Anyway, please look at the logs below and let me know your thoughts, any help would be deeply appreciated. This error being related to PrivateVPN is entirely my own speculation, so if anyone could discern the source of the problem for sure, or provide me with methods of scanning that might pick up other threats... as I said any help would be greatly appreciated. Thanks in advance, lmk if I should provide anything else.


WebsiteBlocked1.txt WebsiteBlocked2.txt WebsiteBlocked3.txt WebsiteBlocked4.txt FullScan.txt HitmanPro_20191105_1923.log

Share this post

Link to post
Share on other sites

Oh, I suppose I should also mention: I have not gotten this website blocked notification every time I use PrivateVPN. It's just that I've only gotten it when using PrivateVPN. Sometimes I use it and everything is all good, no notification at all, other times I get this notification seemingly randomly, and the only corresponding action is PrivateVPN is starting up and/or connecting/disconnecting.

Share this post

Link to post
Share on other sites
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.