Pixls.us flagged by Malwarebytes as having a trojan

When I got to the Pixls.us homepage, Malwarebytes flags a trojan. Here is the logfile from the event.

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 6/4/21
Protection Event Time: 12:42 PM
Log File: ca8ad498-c553-11eb-ac54-8cec4bd44b51.json

-Software Information-
Version: 4.4.0.117
Components Version: 1.0.1308
Update Package Version: 1.0.41301
License: Trial

-System Information-
OS: Windows 10 (Build 19042.985)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Users[deleted]\AppData\Local\Programs\Opera\76.0.4017.177\opera.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: Trojan
Domain: gmic.eu
IP Address: 213.186.33.40
Port: 443
Type: Outbound
File: C:\Users[deleted]\AppData\Local\Programs\Opera\76.0.4017.177\opera.exe

(end)

It blocked the forum, the blog, or just gmic?

What is the full address of the offending link? E.g., Is it pixls.us or discuss.pixls.us, with a in text link to gmic.eu? Or gmic.eu itself? The more info the better.

Opera, eh? I haven’t used it in a long time. I hear it has VPN and other interesting features.

I get the notification when I type pixls.us in the browser and open the site.

As far as I can tell, pixls loads fine. But I get the pop-up every time I go to it.

I’ve been using for close to 20 years. They have always been on the cutting edge of features. They had tabbed browsing years before any other browser. I was a bit saddened when they dropped their own engine and switched to Chromium, but it definitely helped with site compatibility.

Edit: I just tested it, and I get the notification in Chrome and Edge as well.

well your log out put from above points to that it doesnt like our link to gmic.eu

so maybe ask the malwarebytes vendor what is wrong with gmic.eu and us linking to it.

You are correct. I just tried going to gmic.eu and it flagged it directly.

I just tried in Edge, and this is what I get

This has been reported before indeed.
I still don’t know how they have decided gmic was a malware, I’m curious about it.
It’s a bit sad to know their database is probably full of such false positives.

1 Like

Maybe it was reported by a paid subscription only software company as an act of corporate sabatoge :flushed:

2 Likes

Kinda reminds me of how anything that uses PyInstaller is flaged by McAfee because someone at some point was exceptionally lazy and wrote a Python trojan using PyInstaller - the “stub” gets flagged by the heuristic system.

I’ve had my work PC quarantined at IT twice due to accidentally pipping Kivy, which pulls in PyInstaller, which makes McAfee go nuts

Use the open source code but kick the devs: great business model. :roll_eyes:

Just report it as a false positive to whomever reports the false positive and move on (or even better disable/remove whatever is causing the false positives).