Jump to content

Nicolas2

Honorary Members
 View Profile  See their activity

  • Posts

    44

  • Joined

  • Last visited

 Content Type 

Posts posted by Nicolas2

    IS THIS A SIGNAL OF A HACK??

    in Malwarebytes for Mac Support Forum

    Posted

    10 hours ago, crint said:

    Hello everyone,

    So yesterday I logged into my computer where I normally use Safari as my default browser and it had signed me out of my YouTube account. None of my other accounts had been affected but YouTube (Google drive, instagram, twitter, etc.). This happens every time I close the tab and it is starting to get annoying.

    As a side note, when I log again to YouTube it doesn't ask for my password, it just logs me in and even when it logs me out I can still see the channels I am subscribed to... 

    I've tried deleting the caché and browser history but none of this worked, any idea why this might be happening?

    Hey, i'm no official MB staff, nor am i an expert, but I just wanna say that i don't think this is a hack. The same thing happens to me every time i open youtube. This is most likely nothing to worry about. This is probably just some wonky google mistake. 

    Help needed

    in Chrome

    Posted

    10 hours ago, gonzo said:

    Found them!!!  The files were blocked. Here are the three log pairs related to the trojan blocks.  They have been sanitized (by me).  Google -- in all its wisdom -- knew that when you said you wanted images related to "European War 7", you really meant "European War 6" and gave you what you didn't ask for.  Their searches for images are much less specific than for text.  At least they didn't show you the top 400 retailers that sell the game.  All three blocks are for the same image file.  Browser Guard did its job.

     

    {"@timestamp": "2021-09-17T08:17:15.363Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiU2KXmyIXzAhU1h_0HHfT7C8sQ_AUoAXoECAEQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=sG_0auzh7DFF1M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
    {"@timestamp": "2021-09-17T08:17:15.380Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

    {"@timestamp": "2021-09-17T11:27:22.161Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwjGjOb_8oXzAhUOhv0HHVfJBAAQ_AUoAXoECAIQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=4YmmB_VSxDd36M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
    {"@timestamp": "2021-09-17T11:27:22.178Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

    {"@timestamp": "2021-09-17T11:27:22.569Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwjGjOb_8oXzAhUOhv0HHVfJBAAQ_AUoAXoECAIQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=sG_0auzh7DFF1M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
    {"@timestamp": "2021-09-17T11:27:22.595Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

     

    Thanks for the help! what exactly did it block though? I didn't try to download anything? And would i have been at risk without MBBG? ALso, the reason whhy it gave EW6:1914 results, is because EW7 çisn't out yet :D, i was just searchin for clues as to when it would come out.

    Help needed

    in Chrome

    Posted

    36 minutes ago, gonzo said:

    Your log is 107,000 lines covering 29 hours worth of usage.  In order to tell you something more than this, I would need to know something more, like (as examples):

    • Your specific search teams from your Google image search, or
    • The specific type of block you encountered, or
    • The specific file name/URL that was blocked, or
    • The exact time that it happened

    The logs are not friendly for searching. That's our problem, not yours. At the same time, we need whatever meaningful information you can give us.  I have spent thirty minutes or so searching, and the best I can say right now is that you spend a lot of time on YouTube.  Unfortunately, that doesn't have anything to do with the issue you have asked for help with.

    Hey, my exact search terms were: "European war 7" I have no idea of the specific name, or url, and it happened around 10AM in the morning for me. I hope this info can help you!

    Help needed

    in Chrome

    Posted

    Also, just for people to know, i can't open this file myself, as i'm on a chromebook, and i have no programs to open it, and can't install any. So please don't refrain from helping me just because I already have the logs and such. I need your help to determine what exactly happened there.

    Help needed

    in Chrome

    Posted

    Ok, i discovered the culprit, but why did it happen? I was looking at google images of apk's from games. I din't visit the websites, i just looked at the picture in google images. What did it say was malware? I watched those pics again, and it blocked more malware???? Can someone help me pls? I am really worried about this. And i need to know what it blocked. Did it block a script? Did it block some cookies, which were from a malicious website? Did it block a download?

    Weird website

    in Resolved Malware Removal Logs

    Posted

    3 hours ago, AdvancedSetup said:

    Hello Nicolas

    Why are you using 2 accounts @Nicolas6 @Nicolas2 - the forums has a policy of only allowing one account.

    Please choose which account you'd like to use and we'll either merge your accounts into one or remove the other.

    Thank you

     

    Ok, you can use the account i'm posting from now as my main. I made thé Nicolas6, tegen forfait thé password, then made nicolas2, and then i Rememberd first password. Now i use 6 as my chromebook account, and 2 as my phone/pc account. I cannt always Acces both.

    Weird website

    in Resolved Malware Removal Logs

    Posted

    11 hours ago, kevinf80 said:

    Hello Nicolas6 and welcome to Malwarebytes,

    The website you ask about does not seem to be malicious, have a read at the following link:

    https://www.urlvoid.com/scan/agarbot.ovh/

    Any other issues or concerns..?

    Thank you,

    Kevin.

    Thank you Kevin. I don't have any more issues. I just freaked out because i've never before been asked to do a captcha because i sent too many request. It kind of freaked me out, because i'm not that much into tech, and i thought my IP was hijacked. Thanks for the help!

    Weird website

    in Resolved Malware Removal Logs

    Posted

    Hello. First a bit of background on my problem. I was playing agar.io, you probs know what that is, and i got a lot of bots that seemed to originate from one website. This site was agarbot.ovh . I went to see on that site why all the bots came from there, and it immediately showed my ip. I backed out of the site, and it seemed like everything was fine, until one min later, where i was asked to solve a captcha by google because i had sent a lot of requests. I immediately scanned my pc, but neither malwarebytes premium, nor browserguard defended me against that site. The captcha could be just a coincidence, but i am afraid it was not. Could someone check the site to see whether there is any malware, and if yes, block it? I did not download anything, i  just left the moment i saw it had my ip. 

    https://www.virustotal.com/gui/domain/agarbot.ovh/relations

    Tiny problem

    in Malwarebytes for Windows Support Forum

    Posted

    Well, i wouldn't really call it a problem, it's more of a weird thing. Malwarebytes just gave me another 14 days of premium? I just logged on my pc and malwarebytes had another premium trial for me. This is odd, as the first one has expired 1 month ago. I also didn't buy anything. Anyone knows why Malwarebytes did this?

    How?

    in Chrome

    Posted

    Hello, i'm sure all of you have seen the announcement post for the malwarebytes browserguard. I have one tiny question about this though. HOW do you manage to get 160 blocked malware downloads,  459 scam blocks, and 15 pup- blocks in  ONE WEEK. Check attachement for the file i'm talking about. This was shown in the post for introducing MBG.  What types of sites are you on to get THAT much malware and pup's?? Do you watch p*rn on shady websites all day or what? Also why is their cookie amount so low? I have like 20k blocked cookies in one week (terraria wiki, you get 50 blocked cookies every time you reload the site)

    Screenshot 2021-06-17 20.11.08.png

    Questions for malwarebytes.

    in Malwarebytes for Windows Support Forum

    Posted

    2 hours ago, AdvancedSetup said:

    Without the Premium version there are no real-time protection modules to stop any infection period. The free version is and always has been an after the fact clean up scanner.

    If you have an infected PDF or Word document then if you did go to run it our Exploit protection module would catch and stop it if using the Premium paid version

    https://www.malwarebytes.com/antivirus

    Thank you

     

     

    Well that sucks. 

    Questions for malwarebytes.

    in Malwarebytes for Windows Support Forum

    Posted

    7 hours ago, Porthos said:

    Malwarebytes does not target script files during a scan.. That means MB will not target; JS, HTML, VBS, .CLASS, SWF, BAT, CMD, PDF, PHP, etc.

    It also does not target documents such as; PDF, DOC, DOCx, XLS, XLSx, PPT, PPS, ODF, etc.

    It also does not target media files;  MP3, WMV, JPG, GIF, etc.

    Malwarebytes will block the execution of files like these on execution only with the anti-exploit module of the paid program.

     

    So what you're saying is if you don't have premium, you are only protected against .exe and nothing else? So if you get An infected PDF it won't do anything? Except if you scan the file yourself? And don't Tell me that doesn't happen, enough virusses spread through excel, pdf, MP3, and what more. 

    Questions for malwarebytes.

    in Malwarebytes for Windows Support Forum

    Posted

    Hello there, 

    I have a few random questions for malwarebytes. 

    1. Did malwarebytes ever get hacked?

    2. Did malware ever sneak past your security? (I mean a virus/ malware that is known to you, not an unknown virus)

    3. When does malwarebytes detect something as a treat? (When it's downloaded, when it's executed,...)

    4. Why can't the free users have real - time scanning?

    5. Why do scans take so much longer on a free version than on a premium? (Experienced it firsthand)

     

    I would be really happy if you could answer these questions for me.

    Problem with download

    in Malwarebytes for Windows Support Forum

    Posted

    4 minutes ago, Porthos said:

    It is junk adware.

    BonziBuddy is an infamous adware software, which exhibits spyware traits. Despite being shut down in 2004, third parties may be misusing its name for malware and distribute it via fake websites these days

    Seriously? I didn't know this. It was my favorite program back then. I also liked his jokes :)

    Help me pls

    in Chrome

    Posted

    1 hour ago, gonzo said:

    I could see in the log that you "hit the ground running" as soon as you turned on your Chromebook.  On a fresh install and (likely) on a Chromebook without persistent local storage, Browser Guard starts with its databases in the state they were in when the product was released.  These databases contain information about blacklisted sites as well as whitelisted sites.  It then updates the databases with the most current information.  If you get started before it gets done, you get malware detections that seem to go away on their own.  Good for them, but not so good for your peace of mind.  You then cache your database so it should be ready for you in the future.

    As far as that one other one goes, we were blocking a domain that contains malware, but not unblocking a specific part of that same website that is safe and contains information that is widely used by other websites. We found that and fixed that at about the same time that you detected it.

    I believe i Know what exactly you are referring to. I clear cache and stuff a lot of times so it may just be that. I didn't get that issue before though. 

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.