Jump to content
gmr-g

ANSWERED False Positives How to handle

Recommended Posts

I am a member of a popular PLR directory called IDPLR.com. I am have a slight problem right now contacting them right now .

I am getting this message

Website blocked due to a Trojan

Your Malwarebytes Premium blocked this website because it may contain a Trojan.
We strongly recommend you do not continue.

Now, I know that Trojans can take the many forms--attachments, downloads, and fake videos/programs (this is what I am trying to download-video and, once active on a system, may do a number of things etc.

I believe I have seen this happen to me before on a good website.

QUESTION: Is this a common occurrence on a False Positive?

 

Thanks

Share this post


Link to post
Share on other sites
12 hours ago, gmr-g said:

I am getting this message

Website blocked due to a Trojan

I get no warnings for that sites main page.

Share this post


Link to post
Share on other sites

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/4/20
Protection Event Time: 8:01 PM
Log File: 7a4560dc-47bb-11ea-9e14-ec8eb53136b4.json

-Software Information-
Version: 4.0.4.49
Components Version: 1.0.804
Update Package Version: 1.0.18716
License: Premium

-System Information-
OS: Windows 10 (Build 18362.592)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0

-Website Data-
Category: Trojan
Domain: plrpublish.net
IP Address: 149.56.21.79
Port: 80
Type: Outbound
File: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(end)

Share this post


Link to post
Share on other sites

I was getting the site blocked on every page that had a video download. I went into exclusions and added in the domain name and the IP address on 2 popups. 

One address was plrpublish.net with IP address 198.24.172.228

Number two was plrpublish.net IP address 149.56.21.79

 

When I put those into address bar i get two different sites with different notations. This is weird.

When I add them to exclusions I OK, no popups

I just hope I am not shooting myself in the foot.

I don't no why, but haven't heard back from their tech yet.

Share this post


Link to post
Share on other sites

The block was added because of this file -

plrpublish.net/downloads1/software/gold/PublicDomainExpertToolbarLiteEdition.4352.zip 

https://www.virustotal.com/gui/file/200dd71ec68f4b8360594e58e3c2bafb1c037b108517e7194b6d938c9f525f40/detection

Share this post


Link to post
Share on other sites

Since I am new on this topic, what does all that mean?

Is this safe or not?

 As I said before, no problem with downloads on ebooks only on the software downloads.

 

Thanks for your help on this. Do appreciate your time.

Share this post


Link to post
Share on other sites

Would like to say to all for there help and guidance. With the extra research I have done on this topic, I am much more educated on both ends.

 

Thanks,

Regards,

Frederick

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.