Jump to content
Hec

blocking websties

By Hec, in Website Blocking

Recommended Posts

Hec   

Hec
Posted

So ive been having a finew experience with windows and malwarebytes recently i updated firefox to firefox quantum, nothing suspicous has happened but just today everytime i start surfing in firefox i notice no sites are getting encrypted with https even with https everywhere which seemed weird, i go on with my day but then malwarebytes starts blocking connections and ip's and then comodo firewall starts showing me requests for downloading ccleaner, the ip's and domains were mostly:

ftp.snt.utwente.nl, 130.89.149.20, tj.symcd.com, 23.58.43.27, driver.reimageplus.com, 161.47.7.14, gp.symcd.com, 23.4.43.27,  the locations always detail program files mozilla so im confused what should i do i installed some more security tools to scan currently got nothing

Share this post

Link to post
Share on other sites

Hec   

Hec
Posted

opening new tabs, reloading pages and so forth seems to trigger the tj.symcd.com connection

Share this post

Link to post
Share on other sites

DotNettie   

DotNettie
Posted

I just updated to Firefox Quantum and am having the same issue that just started this morning; the popup identifies gm.symcd.com...IP 23.60.139.27. I also have https: everywhere enabled. I use ighome.com as my homepage and it was not encrypted either.

I didn't intend to hi-jack the thread, but it seems like the issues are similar

Share this post

Link to post
Share on other sites

TalismanUK   

TalismanUK
Posted

I too am having a similar problem as from this morning, but not just with Firefox. I also get various sub-domains of symcd.com blocked when using Outlook or Edge.

Share this post

Link to post
Share on other sites

Hec   

Hec
Posted

Yup it seems weird I researched and it seems like something about failing to validate ssl certificates from Symantec i don’t know I’ve resorted to forcing encryption everywhere and hardening my firewall to see if it helps might just be issues with the new update hope you guys can solve this too

Share this post

Link to post
Share on other sites

schmidtj   

schmidtj
Posted (edited)

Glad it's not only me. Had been using Google Chrome but with the new Firefox Quantum I'd thought I try it as my default browser this morning.

Edited by schmidtj

Share this post

Link to post
Share on other sites

taintedbloop   

taintedbloop
Posted

I am also experiencing this issue. FIrst happened in Chrome, I dont have Firefox installed at all. It first appeared when I went to my banking website (chase). It seems that many elements of the web page will not load.

This also happened when I opened Edge. 

I tried pressing Update in malwarebytes but it's still blocking parts of websites. Here is a screenshot of one of the alerts.

: a18700b1c1.png

 

There are many, all with variations on the subdomain.

 

Please help! Malwarebytes has had many annoying false positives in the last few months that seem obvious.. it's getting quite frustrating.

Share this post

Link to post
Share on other sites

Hec   

Hec
Posted

this seems like a brand new issue could it possibly be something trying to hijack or inject code i really am clueless to what this is, at first i thought it might have to do about having windows firewall disabled while playing destiny but doesnt seem like it i tried using ccleaner to clean out everything in firefox im gonna try just searching the program files see if i see anything suspicous ill also try adw cleaner maybe that will detect something and i do agree with the sub domain thing there are many ive just gotten the rc.symcd.com variant maybe we can get the attention of someone from malwarebytes see if they know whats going on

Share this post

Link to post
Share on other sites

taintedbloop   

taintedbloop
Posted

Update:

I completely disabled malwarebytes and still have the issue. I now discovered bitdefender is giving me phishing alerts now too.

Look at this: 62a7a2b088.png

Could this be more widespread then just malwarebytes?

Share this post

Link to post
Share on other sites

Hec   

Hec
Posted

i dont know im using bitdefender free also and i did get one alert yesterday im just going through my firewall blocking anything suspicous seems like the best i can do right now

Share this post

Link to post
Share on other sites

hopper15   

hopper15
Posted
3 minutes ago, Dashke said:

The block has been corrected, the update should be out soon. Thanks! :)

Thanks for the update

Share this post

Link to post
Share on other sites

taintedbloop   

taintedbloop
Posted

Anyone else have the bitdefender issue as well? They both started at the same time. I had to press exclude on the phishing alert in order for elements of the web page to load. Could their database have this false positive too? 

Share this post

Link to post
Share on other sites

Hec   

Hec
Posted

Possibly bitdefender just went insane it started flagging everything but that’s probably just a one time bug I hope they just correct this as soon as possible

Share this post

Link to post
Share on other sites

rodant2017   

rodant2017
Posted

I am also getting warning messages that are very similar.  I have windows 10 creator' s fall edition, I am using firefox latest browser Quantum and also using Microsoft Edge and about 75% of the websites that I try to visit are blocked and that is using either browser.  I am also getting warning when trying to access Malwarebytes's main website.

In about 10 minutes of browsing I have received 192 notifications.  Is most of the internet hacked, or is it Malwarebytes Premium 3,  or is it my pc.  I don't want to remove Malwarebyte's software, especially if they are right because that would make my pc vulnerable.

Share this post

Link to post
Share on other sites

janetmenchyk   

janetmenchyk
Posted

g.symcd.com is blocked and don't know what it is, but seems like something that shouldn't be blocked and anyone tell me? Its blocked if I use chrome and edge

Share this post

Link to post
Share on other sites

ronzie009   

ronzie009
Posted
55 minutes ago, Dashke said:

The block has been corrected, the update should be out soon. Thanks! :)

My copy of MBAM claims it's current, yet I'm still seeing these blocks. 

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/17/17
Protection Event Time: 9:32 AM
Log File: 307405b6-cba4-11e7-8ceb-001e37255085.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3282
License: Premium

-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: gn.symcd.com
IP Address: 23.50.75.27
Port: [15502]
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe



(end)
Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/17/17
Protection Event Time: 9:32 AM
Log File: 30882a3c-cba4-11e7-ac33-001e37255085.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3282
License: Premium

-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: gn.symcd.com
IP Address: 23.50.75.27
Port: [15502]
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe



(end)
Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 11/17/17
Protection Event Time: 9:37 AM
Log File: dc32fab0-cba4-11e7-93f2-001e37255085.json
Administrator: Yes

-Software Information-
Version: 3.2.2.2029
Components Version: 1.0.212
Update Package Version: 1.0.3282
License: Premium

-System Information-
OS: Windows 10 (Build 16299.19)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Domain: ss.symcd.com
IP Address: 23.54.187.27
Port: [15631]
Type: Outbound
File: C:\Program Files (x86)\Internet Explorer\iexplore.exe



(end)

 

Share this post

Link to post
Share on other sites

taintedbloop   

taintedbloop
Posted

Try pressing the update button. Even though it says current you can try updating again. I think my malwarebytes has received the update after I tried that.

Share this post

Link to post
Share on other sites

rodant2017   

rodant2017
Posted (edited)

As of now I have about 400 'detections' from Malwarebytes.  I have done some checking and found out that this problem is unique to Firefox.  I am using their newest browser known as Quantum.  Also I have found out that the domain owner of the  .symcd is owned by Symantec and apparently firefox has had issues with this domain in the past.  I opened my firefox browser and had it update itself and closed it and rebooted.  The problem is now corrected and was probably caused by the new firefox browser.  I have not checked  for this problem using the Microsoft Edge browser.  If the problem still exists using that browser, I will post.

 

Edited by rodant2017
grammatical error

Share this post

Link to post
Share on other sites

Hec   

Hec
Posted

yep i am no longer getting blocks thanks mbam if you happen to be getting alerts from bitdefender or blocks when going into websites like the malwarebytes website it is worth opening a malware removal thread and scanning with various scanners to make sure you are not infected, everyone have a nice day :)

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept