Jump to content
longbeachlouise

Google Sent Me the Creep Reel

Recommended Posts

I just checked my Malwarebytes Browser Guard and thought you might find this interesting as well:

Blocked.png.b457100e14dad5c55d469f5e601f02bf.png

So MBG also blocks it (I use uBlock also along with Disconnect, Privacy Badger, Ghostery and DuckDuckGo Privacy Essentials).

Share this post


Link to post
Share on other sites
2 hours ago, exile360 said:

I just checked my Malwarebytes Browser Guard and thought you might find this interesting as well:

 

So MBG also blocks it (I use uBlock also along with Disconnect, Privacy Badger, Ghostery and DuckDuckGo Privacy Essentials).

That is interesting - thanx! 🙂

Edited by longbeachlouise
Edited to increase the font to, 16. It is much more legible.

Share this post


Link to post
Share on other sites
3 hours ago, longbeachlouise said:

View Page Source of the code, and Go to Edit / Find, and type, Google Tag. This is what appears as to my code:


			<!-- Google Tag Manager -->
<noscript>
<iframe src="//www.googletagmanager.com/ns.html?id=GTM-MKSKW3"
height="0" width="0" style="display:none;visibility:hidden"></iframe>
</noscript>
<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':
new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],
j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=
'//www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);
})(window,document,'script','dataLayer','GTM-MKSKW3');</script> 
<!-- End Google Tag Manager -->
		

Nasty!

 

 

Share this post


Link to post
Share on other sites
4 hours ago, exile360 said:

I just checked my Malwarebytes Browser Guard and thought you might find this interesting as well:

So MBG also blocks it (I use uBlock also along with Disconnect, Privacy Badger, Ghostery and DuckDuckGo Privacy Essentials).

Should I get Browser Guard?

Share this post


Link to post
Share on other sites

I definitely recommend it.  It's excellent for blocking malware as well as many ads and threats to privacy (including many of the trackers from the likes of Google, Microsoft and others).  It's also excellent at blocking tech support scam sites.

Share this post


Link to post
Share on other sites
On 1/17/2020 at 5:42 PM, longbeachlouise said:

Should I get Browser Guard?

Yes,

You should also get and use uBlock Origin as I've posted multiple times. It can and will stop any site you want to stop or any script or object you want. Videos on how to use it were also provided.

Continuing to post your discontent about how or what these sites do when you haven't followed our advice doesn't help you or us.

 

Share this post


Link to post
Share on other sites
On 1/17/2020 at 11:55 PM, exile360 said:

I definitely recommend it.  It's excellent for blocking malware as well as many ads and threats to privacy (including many of the trackers from the likes of Google, Microsoft and others).  It's also excellent at blocking tech support scam sites.

Thank you, exile360. Would you help me clean up my PC, before I add another software? I'd like to clean it up and run a Defraggler. I guess I have to back up my files first. I'll get to work on that.

Share this post


Link to post
Share on other sites

Dear AdvancedSetup, That's fine, but may I ask, you saw the last two messages I sent you, in view of the forum glitches you and exile360 discuss in another thread? Thank you.

Share this post


Link to post
Share on other sites
On 1/17/2020 at 11:55 PM, exile360 said:

I definitely recommend it.  It's excellent for blocking malware as well as many ads and threats to privacy (including many of the trackers from the likes of Google, Microsoft and others).  It's also excellent at blocking tech support scam sites.

exile360, Would you help me clean up my PC, after I finish saving what I want? Thanx.

Share this post


Link to post
Share on other sites

Unfortunately I'm not really trained in malware removal, although you can certainly follow the instructions in this topic then create a new topic in the malware removal area by clicking here and one of our malware removal specialists will assist you in checking the system for any threats and guiding you in removing them.

Share this post


Link to post
Share on other sites

OK, we should be able to help you with that.  Please create a new topic in our General PC Help area by clicking here and we'll get to work.  We'll need the following items to get started and you can just attach them to your first post in the new topic:

  1. Download and run the Malwarebytes Support Tool
  2. Accept the EULA and click Advanced tab on the left (not Start Repair)
  3. Click the Gather Logs button, and once it completes, attach the zip file it creates on your desktop to your post

Create an Autoruns Log:
Please download Sysinternals Autoruns from here and save it to your desktop.

Note: If using Windows Vista, Windows 7, Windows 8/8.1 or Windows 10 then you also need to do the following:

                Right-click on Autoruns.exe and select Properties
                Click on the Compatibility tab
                Under Privilege Level check the box next to Run this program as an administrator
                Click on Apply then click OK

  • Double-click Autoruns.exe to run it.
  • Once it starts, please press the Esc key on your keyboard.
  • Now that scanning is stopped, click on the Options button at the top of the program and verify that the following are checked, if they are unchecked, check them:
        Hide empty locations
        Hide Windows entries
  • Click on the Options button at the top of the program and select Scan Options... then in the Autoruns Scan Options dialog enable/check the following two options:
        Verify code signatures
        Check VirusTotal.com
  • Once that's done click the Rescan button at the bottom of the Autoruns Scan Options dialog and this will start the scan again, this time let it finish.
  • When it's finished and says Ready. on the lower left of the program window, please click on the File button at the top of the program and select Save and save the file to your desktop and close Autoruns.
  • Right click on the file on your desktop that you just saved and hover your mouse over Send To and select Compressed (zipped) Folder
  • Attach the ZIP folder you just created to your post
Edited by exile360

Share this post


Link to post
Share on other sites

Okay, I downloaded the file, and will create a new topic.

In the meantime, let's keep this thread open to discuss Google Tags and the issues outlined on this thread:

https://forums.malwarebytes.com/topic/231043-forum-shows-as-containing-unread-topic-after-topic-has-been-moved/

Also, may I ask you to please try this desktop video capture:

https://www.nchsoftware.com/capture/download-now.html

 

to make it easy to document anomalies of being forum moderator? To share with your fellow moderators, not me or the public.

 

 

Edited by AdvancedSetup
Removed live hyperlink

Share this post


Link to post
Share on other sites
On 1/8/2020 at 11:34 PM, exile360 said:

To actually fix this they should just have so that if you click on the link to the moved topic to view it, if that was the only 'new' content preventing the area from showing as read then doing so should mark the entire area as read.  This is my main issue with this function.  There is no reason for an area to show as containing unread content when I have viewed every single topic in that area, including any 'moved' threads that are still linked there.  It is bad UX and doesn't make sense, period.

 

On 1/10/2020 at 11:48 AM, exile360 said:

I've found a new bug related to this.  While browsing an area, once I view a thread and then return to the sub-forum where the thread is contained, other threads with new replies which I have not yet viewed are suddenly marked as read.  This has happened multiple times in the past few days and I believe I've seen it before then but it does seem to be happening more frequently now.

 

You didn't know it before, but we established Google Tag Manager exists in this BB software, and the article,  Malicious Activities with Google Tag Manager, demonstrates the tag manager can be injected with a redirect to make the viewer go to a different webpage created to look like the one shown in the url bar, by using the code:

window.location.href = “http://www.yourdomain.com/somepage.html”;
Quote

An attacker can just copy all the contents of your legitimate version and put it in their modified version while adding the malicious content.

The article notes there has to be a compromise of your Google Tag Manager account for the "attacker to either replace the code or the ID called on the script for the script to be used for bad intentions."

So. with this thread, I am saying the bad or "rogue" actors, as AdvancedSetup called them, exist within Google, just as the scary images were served to me based solely on IP address in real estate controlled by Google [youtube], the sidebar suggested videos, which in targeting me carried the tag, Recommended for You on nearly every scary image, implying human intervention!

Similarly, the glitchy forum software used here is accessed by Google bad actors, or insiders, who wreck havoc and serve imitation pages, therefore the, "Unread" labels you have to drill through.

exile360, can you say it is not a possibility? Based on the article, which you enjoyed, and your Malwarebytes Browser Guard which discerned 93 attempts to access your IP address by Google Tag Manager, out of 100, so it is the most, and the insufferable changes to the forum [for moderators and other visitors, alike] can you say injected code from the Tag Manager is not causing havoc to your ability to access critical content, which is questions and postings from users?

Share this post


Link to post
Share on other sites

Finally, I would like to pose Google Tag Manager on this forum is NOT Malwarebytes.

Does Malwarebytes have a Google Tag Manager account?

Maybe it belongs to Invision Community, and that is how they access the forum software and cause havoc and trouble for the moderators [and users].

Maybe Google Tag Manager comes preloaded in this Invision packet, and the Google Tag Manager account doesn't belong to Malwarebytes, but to the software suppliers, or IPS [Community Suite] I guess Advanced has referred them as, the suppliers of the software.

Quote

Reply from IPS support:  The issue you describe has been corrected in our upcoming 4.5 release

May I get an answer, why there has to be Google Tag Manager on this forum, and why there has to be Double Click trying to access the user's IP address?

What need is there for those tags on working Forum software?

Share this post


Link to post
Share on other sites
3 hours ago, exile360 said:

I assume that was intended for AdvancedSetup as I am not a forum moderator.

No, exile360, I absolutely intended this for you! You are helping the users - I thought you are one of the Malwarebytes forum-recommended trouble shooters for the issues people have. That is what you are. I have been helped by volunteers through the years, who I believe are NOT moderators, but they are vetted to be allowed to assist the users who have issues.

Please address the observations in the above.

Sincerely, Louise.

Share this post


Link to post
Share on other sites
53 minutes ago, longbeachlouise said:

 

 

You didn't know it before, but we established Google Tag Manager exists in this BB software, and the article,  Malicious Activities with Google Tag Manager, demonstrates the tag manager can be injected with a redirect to make the viewer go to a different webpage created to look like the one shown in the url bar, by using the code:


window.location.href = “http://www.yourdomain.com/somepage.html”;

The article notes there has to be a compromise of your Google Tag Manager account for the "attacker to either replace the code or the ID called on the script for the script to be used for bad intentions."

So. with this thread, I am saying the bad or "rogue" actors, as AdvancedSetup called them, exist within Google, just as the scary images were served to me based solely on IP address in real estate controlled by Google [youtube], the sidebar suggested videos, which in targeting me carried the tag, Recommended for You on nearly every scary image, implying human intervention!

Similarly, the glitchy forum software used here is accessed by Google bad actors, or insiders, who wreck havoc and serve imitation pages, therefore the, "Unread" labels you have to drill through.

exile360, can you say it is not a possibility? Based on the article, which you enjoyed, and your Malwarebytes Browser Guard which discerned 93 attempts to access your IP address by Google Tag Manager, out of 100, so it is the most, and the insufferable changes to the forum [for moderators and other visitors, alike] can you say injected code from the Tag Manager is not causing havoc to your ability to access critical content, which is questions and postings from users?

No, it's not possible because we know the cause of the issues I experienced.  It was/is a bug/issue with the IPS software itself.  AdvancedSetup confirmed this himself through contact with IPS.  They are aware of the issue and claim that it is the expected behavior (moved threads continue to make the area they were moved from show as 'unread' for about 24 hours after the thread was moved).  It has nothing to do with Google or any substitute pages.

Share this post


Link to post
Share on other sites
17 minutes ago, exile360 said:

No, it's not possible because we know the cause of the issues I experienced.  It was/is a bug/issue with the IPS software itself.  AdvancedSetup confirmed this himself through contact with IPS.  They are aware of the issue and claim that it is the expected behavior (moved threads continue to make the area they were moved from show as 'unread' for about 24 hours after the thread was moved).  It has nothing to do with Google or any substitute pages.

The forum is too glitchy - even outside the "moved" threads, many of the Read threads and sub categories being labeled, Unread, are making the forum almost unusable to tech aids, such as yourself! - to be considered, "expected behavior."

It may be a question for the Forum Webmaster, but I feel the keys were handed to IPS Community Suite, or Invision . . .

The changes you experienced might be because a change in the ID script allows a bad actor to create the changes you are experiencing.

As you said, the 2016 update in forum software is supposed to make the forum work more efficiently, not the reverse!

Why does this forum, or part of the Malwarebytes website, have to offer the easy access to insert javascript or make javascript changes to its pages?

The changes and anomalies you observed are indicative of compromises taking place on the website, the ones the Webmaster should be looking out for!

You said:

"There is no reason for an area to show as containing unread content when I have viewed every single topic in that area, including any 'moved' threads that are still linked there.  It is bad UX and doesn't make sense, period."

Period.

Share this post


Link to post
Share on other sites

Well, IPS' developers are aware of the issue.  I'm definitely not the biggest fan of the current forum software, but I wouldn't go so far as to call it overall 'glitchy'.  It's just one bad design decision, in my own opinion, however their decision to make it work this way was quite deliberate, not some part of an overall unstable code situation.  If their software was that bad Malwarebytes would have selected a different piece of software to run the forums on, and overall I'm actually happy with a lot of the new features offered in the current version.  In fact, many of those new features are the very reason we don't have to deal with hundreds of spam threads from spambots every day any more, because that's how bad it was before IPS worked with our admins that run the forums to develop, install and enhance blacklisting tools, filters, and additional security measures to keep spammers and spambots off the forums and it has worked wonders.  Now we have maybe an average of 1 spammer per month or less that successfully gets through, and usually those are actually humans; the automated/scripted bots that used to create tons of fake accounts constantly and bombard the forums with garbage are gone, and it is all thanks to the work done by the forum admins at Malwarebytes and their efforts to collaborate with IPS and take all these measures to put a stop to the spambot garbage.

Edited by exile360

Share this post


Link to post
Share on other sites
1 hour ago, exile360 said:

Well, IPS' developers are aware of the issue.  I'm definitely not the biggest fan of the current forum software, but I wouldn't go so far as to call it overall 'glitchy'.  It's just one bad design decision, in my own opinion, however their decision to make it work this way was quite deliberate, not some part of an overall unstable code situation.  If their software was that bad Malwarebytes would have selected a different piece of software to run the forums on, and overall I'm actually happy with a lot of the new features offered in the current version.  In fact, many of those new features are the very reason we don't have to deal with hundreds of spam threads from spambots every day any more, because that's how bad it was before IPS worked with our admins that run the forums to develop, install and enhance blacklisting tools, filters, and additional security measures to keep spammers and spambots off the forums and it has worked wonders.  Now we have maybe an average of 1 spammer per month or less that successfully gets through, and usually those are actually humans; the automated/scripted bots that used to create tons of fake accounts constantly and bombard the forums with garbage are gone, and it is all thanks to the work done by the forum admins at Malwarebytes and their efforts to collaborate with IPS and take all these measures to put a stop to the spambot garbage.

Thank you for your explanation. That means something, because the interface of the forum was clean to me before and after the switch to IPS.

Yet - who knows? - lots of SPAM might be an indication of a healthy system . . .

There is less SPAM, but what is the trade-off? Whoever controls that Tag Manager has an upper hand on what is served to the users, since it can copy and make changes to the page, fooling users and staff alike.

Share this post


Link to post
Share on other sites

All I know is that I have been a regular visitor to these forums since at least as far back as 2008 (and for a long time prior I was a near constant lurker, reading and learning by observing) and I have never seen or heard of anything that has ever made me suspect that there is anything nefarious going on with these forums.  I also worked as a mid to high level employee of Malwarebytes for years.  I was their first QA back when the entire enterprise was literally just a hand full of people with a single product, and I became their first Product Manager and was in charge of their entire line of products at the time.  I then spent years as PM for their flagship product along with several other smaller projects and later took on a role my boss at the time and I came up with to help keep Malwarebytes close to the community and to help ensure that the company listens to its users and customers (all things that were enabled by this very forum; a near constant throughout my entire tenure with the company as it was also the primary place I would go for new ideas and feedback about Malwarebytes products and it was the first place I would look when trying to replicate issues as QA and I was even hired on as an employee specifically because of my participation as a user here on the forums).

If there were anything shady or screwed up going on I assure you we would find it.  Members like myself, AdvancedSetup (who is also and has been for a very long time the root admin here on the forums), regulars like David H. Lipman, Firefox and plenty of others, and with all these members generally having excellent memories and watching closely for any kind of problems or issues with the forums, I can't believe that there is something wrong with the forums and some bad actors intercepting or modifying content and that none of us has ever noticed it or commented on it even once.  If you want an idea of how much time we spend around here, just take a look at our post counts and when we signed up and just consider that many of us spend many hours per day here, so we know our forums.

I cannot speak to your other claims because frankly until you brought it up, I was unaware of it.  I know that Google has a hand in virtually every site these days, as does Facebook, Twitter, Disqus and others, and while I am definitely not the biggest fan of things like data harvesting, tracking and mass data collection (something my own past posts on this very forum will often attest to), but I have never seen anything to make me think that they have bad actors within their company doing what you claim.  That doesn't mean that I think it is impossible, as I could certainly imagine abuses going on whenever human beings have access to the kind of tools and information they no doubt have access to, however I frankly just don't know if that is what is occurring in your situation or not.  Web forensics is not within my particular skill set so I cannot advise you on what is happening or what to do about it.  I might be able to assist you with your system if you wish in helping you get rid of any programs you don't need to help your system run better but that's about it.  I am not equipped to deal with the whole Google situation so I don't know what to tell you about that, we can only do what we have already done in that regard and advise taking measures to protect your privacy.  I won't go on the web without them, and I know that many here on the forums who frequent it feel the same way, that's one of the reasons Malwarebytes Browser Guard and tools like it exist.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.