Jump to content

blocking websties

Hec

By Hec
in Website Blocking

 Share

Recommended Posts

Hec

Hec

Posted
Posted

So ive been having a finew experience with windows and malwarebytes recently i updated firefox to firefox quantum, nothing suspicous has happened but just today everytime i start surfing in firefox i notice no sites are getting encrypted with https even with https everywhere which seemed weird, i go on with my day but then malwarebytes starts blocking connections and ip's and then comodo firewall starts showing me requests for downloading ccleaner, the ip's and domains were mostly:

ftp.snt.utwente.nl, 130.89.149.20, tj.symcd.com, 23.58.43.27, driver.reimageplus.com, 161.47.7.14, gp.symcd.com, 23.4.43.27,  the locations always detail program files mozilla so im confused what should i do i installed some more security tools to scan currently got nothing

Link to post
Share on other sites
DotNettie

DotNettie

Posted
Posted

I just updated to Firefox Quantum and am having the same issue that just started this morning; the popup identifies gm.symcd.com...IP 23.60.139.27. I also have https: everywhere enabled. I use ighome.com as my homepage and it was not encrypted either.

I didn't intend to hi-jack the thread, but it seems like the issues are similar

Link to post
Share on other sites
Hec

Hec

Posted
  • Author
Posted

Yup it seems weird I researched and it seems like something about failing to validate ssl certificates from Symantec i don’t know I’ve resorted to forcing encryption everywhere and hardening my firewall to see if it helps might just be issues with the new update hope you guys can solve this too

Link to post
Share on other sites
taintedbloop

taintedbloop

Posted
Posted

I am also experiencing this issue. FIrst happened in Chrome, I dont have Firefox installed at all. It first appeared when I went to my banking website (chase). It seems that many elements of the web page will not load.

This also happened when I opened Edge. 

I tried pressing Update in malwarebytes but it's still blocking parts of websites. Here is a screenshot of one of the alerts.

: a18700b1c1.png

 

There are many, all with variations on the subdomain.

 

Please help! Malwarebytes has had many annoying false positives in the last few months that seem obvious.. it's getting quite frustrating.

Link to post
Share on other sites
Hec

Hec

Posted
  • Author
Posted

this seems like a brand new issue could it possibly be something trying to hijack or inject code i really am clueless to what this is, at first i thought it might have to do about having windows firewall disabled while playing destiny but doesnt seem like it i tried using ccleaner to clean out everything in firefox im gonna try just searching the program files see if i see anything suspicous ill also try adw cleaner maybe that will detect something and i do agree with the sub domain thing there are many ive just gotten the rc.symcd.com variant maybe we can get the attention of someone from malwarebytes see if they know whats going on

Link to post
Share on other sites
rodant2017

rodant2017

Posted
Posted

I am also getting warning messages that are very similar.  I have windows 10 creator' s fall edition, I am using firefox latest browser Quantum and also using Microsoft Edge and about 75% of the websites that I try to visit are blocked and that is using either browser.  I am also getting warning when trying to access Malwarebytes's main website.

In about 10 minutes of browsing I have received 192 notifications.  Is most of the internet hacked, or is it Malwarebytes Premium 3,  or is it my pc.  I don't want to remove Malwarebyte's software, especially if they are right because that would make my pc vulnerable.

Link to post
Share on other sites
ronzie009

ronzie009

Posted
Posted
55 minutes ago, Dashke said:

The block has been corrected, the update should be out soon. Thanks! :)

My copy of MBAM claims it's current, yet I'm still seeing these blocks. 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/17/17
Protection Event Time: 9:32 AM
Log File: 307405b6-cba4-11e7-8ceb-001e37255085.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3282
License: Premium

-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: gn.symcd.com
IP Address: 23.50.75.27
Port: [15502]
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe



(end)
Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/17/17
Protection Event Time: 9:32 AM
Log File: 30882a3c-cba4-11e7-ac33-001e37255085.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3282
License: Premium

-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: gn.symcd.com
IP Address: 23.50.75.27
Port: [15502]
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe



(end)
Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/17/17
Protection Event Time: 9:37 AM
Log File: dc32fab0-cba4-11e7-93f2-001e37255085.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3282
License: Premium

-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: ss.symcd.com
IP Address: 23.54.187.27
Port: [15631]
Type: Outbound
File: C:\Program Files (x86)\Internet Explorer\iexplore.exe



(end)

 

Link to post
Share on other sites
rodant2017

rodant2017

Posted
Posted (edited)

As of now I have about 400 'detections' from Malwarebytes.  I have done some checking and found out that this problem is unique to Firefox.  I am using their newest browser known as Quantum.  Also I have found out that the domain owner of the  .symcd is owned by Symantec and apparently firefox has had issues with this domain in the past.  I opened my firefox browser and had it update itself and closed it and rebooted.  The problem is now corrected and was probably caused by the new firefox browser.  I have not checked  for this problem using the Microsoft Edge browser.  If the problem still exists using that browser, I will post.

 

Edited by rodant2017
grammatical error
Link to post
Share on other sites
Hec

Hec

Posted
  • Author
Posted

yep i am no longer getting blocks thanks mbam if you happen to be getting alerts from bitdefender or blocks when going into websites like the malwarebytes website it is worth opening a malware removal thread and scanning with various scanners to make sure you are not infected, everyone have a nice day :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.