| General > General Technical Chat |
| gotroot.ca warning |
| (1/4) > >> |
| Gyro:
I've been seeing intermittent warnings from Malwarebytes browser guard about potentially malicious activity from gotroot.ca, when viewing eevblog over the past few days. I'm wondering if anyone else has experienced this? It has just showed up twice in a row when opening page 7 of the 'YouTube runs experiment addressing users with ad blocker thread'... https://www.eevblog.com/forum/chat/youtube-runs-experiment-addressing-users-with-ad-blocker/msg5118930/?topicseen#msg5118930 I don't know, but it may be that this the thread that I have opened each time I've seen the error previously - this is the first time I have had the presence of mind to do a quick screen capture of the brief warning. Malwarebytes is usually pretty reliable and not prone to false detections. The thing that triggered me to post is that on searching the web, a lot of the hits link to eevblog (the MicroCap now free as beer thread) and also links to hacking Rigol scopes. A cautious attempt to access the catroot.ca site is immediately blocked with a Trojan warning. I'm running Firefox, fairly locked down with uBlock Origin, Noscript, DuckDuckGo privacy essentials, and Ghostery, and of course virus scanner running (which hasn't detected anything). Flagging it and reporting the post to Mods anyway in case it is something that needs fixing. |
| Whales:
Looks to be a forum member: https://www.gotroot.ca/rigol/riglol/ I think it's this user's avatar: https://www.eevblog.com/forum/profile/?u=17762 http://gotroot.ca/media/oinkav.png I didn't realise avatars could be hosted offsite. I suspect it's a false positive. It probably triggered because it's a small site, has few hyperlinks and doesn't look like the standard harmless baseline (doesn't have 1000 SEO blogspam articles :D). |
| thm_w:
Either whitelist it in malwarebytes or use ublock to block the users avatar. Its just a PNG image, unlikely to cause any harm. edit: https://www.virustotal.com/gui/domain/gotroot.ca |
| Veteran68:
I've seen that warning too. I expect it's something in MBAMs filter lists about that specific domain, beyond it just being a small unknown site thing. Other than a temporary period on imgur due to an upload script issue, I self-host most all of my content on one of my several web hosts with vanity domains. Including the images that I use online here and at other forums/sites. Those have never triggered a warning across any of my computers nor others' that I'm aware of. EDIT: I'm also getting a SSL protocol error on that domain with Chrome. It may be running an outdated TLS version, or no TLS at all, which Chrome now requires by default. |
| gnif:
Malware software it terrible these days, I had them (malware bytes, defender and several others) not only block a subdomain of mine but my entire domain because my open source software I was serving binaries for was not code signed. The trigger that was setting it off was building with msys/gcc for windows. Google flagged my domain costing me several thousand $ in lost work. This looks like another false positive. |
| Navigation |
| Message Index |
| Next page |