slopes

Surf protection

Recommended Posts

I am getting this alert on more than one site.Is this a pop up of somekind?

geo-um.btrll.com is a known phishing host and was blocked

I am using chrome

Thanks

Share this post


Link to post
Share on other sites

It pops up while visiting 2 different sites so far unrelated to that url.

Surfprotection blocks it and notifies.

I am pretty sure this is adware but am wondering why surfprotection is calling it a phishing site

Thanks

Share this post


Link to post
Share on other sites

It looks like this isn't in our Host Rules. You can see that we don't detect it on VirusTotal:

https://www.virustotal.com/en/url/bf48b1e56c3e6600af6f0c8d1461d9d596d69bd44d0118066f9e8e7e25a433c2/analysis/1489558089/

It's more than likely a custom rule that was created at some point (this can happen when you click on an option in an alert), or perhaps a false positive that has since been fixed. Here's how to check if there is a rule for it:

  1. Open Emsisoft Internet Security.
  2. Click on Protection.
  3. Click on Surf Protection in the menu at the top.
  4. Make sure that the option Hide built in list is not selected.
  5. Search for geo-um.btrll.com (or whatever website address the alert showed).

If you find it and it's a custom rule, then you can click on it once to select it, and then click the Remove rule button in the lower-right. If you want to edit the rule to change whether or not it is blocked, then just double-click on the website address in the list you want to edit, change the Implemented action to Don't block, and click OK to save it.

  • Upvote 1

Share this post


Link to post
Share on other sites
On 3/18/2017 at 8:04 AM, slopes said:

I have no custom rules in surfprotection so not sure what was happening.

Not in the built in list and no more alerts on it.

Could have been a false positive that was fixed before I checked it. Our malware analysts are pretty quick. ;)

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.