Jump to content
roze

loungesrc.net and chrome.exe

Recommended Posts

My ESET warn me about loungesrc.net.

Then I try run MB.

I received this report (see attach file). 

What I can do to correct it?

 

MB_report.txt

Share this post


Link to post
Share on other sites

Hi,    :welcome:

My name is Maurice. I will be helping and guiding you, going forward on this case.   Please let me know what first name you prefer to go by.

Please follow my directions as we go along.  Please do not do any changes on your own without first checking with me.

If you will be away for more than 3 consecutive days,  do try to let me know ahead of time, as much as possible.

 

This is about a website block notice.  The display is a courtesy one.    The Premium web protection is keeping this machine safe

Doména: loungesrc.net
IP Adresa: 172.241.69.28.

Do you remember what website Chrome was on when this notice showed up ?

 

The Block notices from Malwarebytes web protection do mean that Malwarebytes is keeping your pc safe from potential harm.

A block notice is an advisory of the "block".

For Your Information:

The website  Block message indicates that a potential risk was blocked by the malicious website protection. 

The Malwarebytes web protection, by default, will always show each IP block occurrence.

The Malwarebytes Webs protection feature will advise customers when a known or suspected malicious IP is attempted to be reached (outgoing) or is trying access your PC.

 

See our info page https://www.malwarebytes.com/lp/ip-blocking/?ipblock=true

 

Incoming block notice can be ignored, our software is blocking the threat and there is nothing more that can be done.

On Outbound blocks, any attempted connection was stopped.

 

No action is required unless you’re also experiencing malware symptoms or there are multiple (different) IPs (ex;123.23.34 and 4.44.56).

 A browser is not required to be running, just an active Internet connection with processes running,

such as Instant messenger clients, SKYPE or Peer-to-peer software, to trigger these alerts.

 

These are also triggered by banner ads running on websites which is the most common form of alert.

.

Please only just attach   all report files, etc  that I ask for as we go along.

Let's start out with what follows.

[   1   ]

Turn off "SYNC" for Google Chrome.

Using Chrome browser,  go to https://www.google.com/settings/chrome/sync and sign into your account.
Scroll down until you see the "reset sync" button and click on the button
At the prompt click on "Ok".

Now, Close Chrome.

[   2    ]

get & install the Malwarebytes Browser Guard extension for Chrome,

Open this link in your Chrome browser: https://chrome.google.com/webstore/detail/malwarebytes/ihcjicgdanjaechkgeegckofjjedodee

Then proceed with the setup.

[   3    ]

Other suggestions, for Chrome, while Chrome is running:
Press & hold SHIFT+CTRL+Del keys  on keyboard to get menu for clearing browsing data:

Check mark the line  "Browsing history"

Check mark the line "Download history"

Check mark the lined "Cached images and files"
and press Clear Data button  ( in blue )


Still in Chrome, press ALT+F then Settings
Click Extensions on the left.
Closely review the browser extensions that are listed. Disable any that you are not familiar with or that you do not trust.

 

[   4   ]

I  would suggest to download, Save, and then run Malwarebytes ADWCLEANER.

Please close Chrome and all other open web browsers after you have saved the Adwcleaner and before you start Adwcleaner scan.

Adwcleaner  detects factory Preinstalled applications too!

 

Please download  Malwarebytes AdwCleaner  https://downloads.malwarebytes.com/file/adwcleaner
 

Be sure to Save the file first, to your system.  Saving to the Downloads folder should be the default on your system.

 

Go to the folder where you saved Adwcleaner. Double click Adwcleaner  to start it.

At the prompt for license agreement, review and then click on I agree.

 

You will then see a main screen for Adwcleaner. ( if you do not see it right away, minimized the other open windows, so you can see Adwcleaner).

Then click on Dashboard button.

Click the blue button "Scan Now".

 

allow it a few minutes to finish the Scan.   Let it remove what it finds.

NOTE:  When it comes to the section "

Pre-installed applications

 

You can skip that.

Please find and send the Adwcleaner "C" clean report.

In Adwcleaner, click the "Reports" button.  Look at the list of reports for the latest date & type "Clean".

Double Click that line & it will open in Notepad.   Save the file to your system and then Attach that with your reply.

 

That C clean report will be the one with the most recent Date and time at folder  C:\AdwCleaner\Logs

Thanks.  Keep me advised.

Please know I help here as a volunteer.  and that I am not on 24 x 7.

Help on this forum is one to one.   Again, please be sure to ONLY attach report files  with your reply (s)  as we go along.  Do not do a copy / paste into main body.

Thank you,

Sincerely.

.

Share this post


Link to post
Share on other sites

Hi, Maurice my name is Tony.
First I would like to apologize for the bad English 😞
but I hope I understand your recommendation.

The problem occurred today, but I don't remember visiting a suspicious site yesterday.  

a website block notice appears when I visiting almost any web site. 


I have active Chrome sync on four PC... I suppose, that  "reset sync" I should do on all four 
and then continue the steps 1-4 on the first PC - is that right?

Thanks.

Share this post


Link to post
Share on other sites

Hi Tony,

For now, just turn off the SYNC  on this machine.   and go forward will all the rest.

Share this post


Link to post
Share on other sites

Thanks for that report.

The Microsoft Safety Scanner  is a free Microsoft stand-alone virus scanner that  can be used to scan for & remove malware or potentially unwanted software from a system.

The download links & the how-to-run-the tool are at this link at Microsoft

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

Let me know the result of this.

The log is named MSERT.log 

the log will be at  %SYSTEMROOT%\debug\msert.log   which in most cases is

C:\Windows\debug\msert.log

Please attach that log with your reply.   and also let me know, How things are after that.

Cheers.

 

Share this post


Link to post
Share on other sites

After finishing Microsoft Safety Scanner I tried to suppress for a while Malwarebytes Browser Guard extension for Chrome.
Then I restart Chrome , ESET message (or Malwarebytes Trial) 'block notice  loungesrc.net' appears again when I visiting  some web site (e.g. Google search, wiki).

After that I enable Malwarebytes Browser Guard extension for Chrome.

msert.log

Share this post


Link to post
Share on other sites

Thanks for the scan report from the MS safety Scanner.

This pc runs Windows 10, which has the EDGE browser.  Use the edge browser for the time being, instead of using Chrome.

It is quite possible that Edge will not experience the same block notice as when Chrome is used.

 

Let us do a different scan, with a different tool.

I would suggest a free scan with the ESET Online Scanner
Go to https://www.eset.com/us/home/online-scanner/

Look on the right side of the page.  Click Scan Now
It will start a download of "esetonlinescanner_enu.exe"
Save the file to your system, such as the Downloads folder, or else to the Desktop.

Go to the saved file, and double click it to get it started.
When presented with the initial ESET options, click on "Computer Scan".

Next, when prompted by Windows, allow it to start by clicking Yes

When prompted for scan type, Click on Full scan
Look at & un-tick   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click on Start scan button.

Have patience.  The entire process may take an hour or more. There is an initial update download.
There is a progress window display.
You should ignore all prompts to get the ESET antivirus software program.   ( e.g.  their standard program).   You do not need to buy or get or install anything else.

When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.

Click The blue “Save scan log” to save the log.

If something was removed and you know it is a false finding, you may click on the blue ”Restore cleaned files”  ( in blue, at bottom).

Press Continue when all done.  You should click to off the offer for “periodic scanning”.

 

Share this post


Link to post
Share on other sites

After finishing ESET Online Scanner, I tried to deactivate MB Guard extension for Chrome for a while again and tried to access common sites (Google, wiki ...)   'block notice loungesrc.net' appears again  😞
 
Then I tried this ...
I have these plugins in Chrome:
       Adblock Plus - free ad blocker
       Google Docs offline
       Live HTTP Headers
       Looper for YouTube
       Sorter for YouTube playlist
       POI pocket
       Right Click Translate
       Search Center
       Tampermonkey
       Video Downloader Professional
       AirDroid Remote Control Plugin
       Documents
I deactivated them all and I also deactivated MB Guard extension for Chrome and tried Google, wiki ... access again
 'block notice loungesrc.net' don't appear  🙂
  
I suggest to keep the MB Guard extension for Chrome permanently deactivated and gradually (one after another) enable Chrome plugins. 

This will not eliminate the cause of the problem, but at least I will find out its originator.

What do you think?

 

eset_log.txt

Share this post


Link to post
Share on other sites

I have regularly updated Win10 and antivirus (ESET Endpoint Security) and Chrome.
Until now Ihad the Video Downloader Professional plugin in version 1.6.
'block notice loungesrc.net' started to appear about 3 days ago.


I think this is due to changes in ESET's control algorithms. This is  a change for the better.


I updated Video Downloader Professional - now it's called Vimeo Downloader Professional.
When I disable it, 'block notice loungesrc.net' does not appear, when I release it so it appears. The culprit is obviously known.
I have briefly checked the reviews of this plugin in Chrome store. There is no mention of loungesrc.net .
I will definitely write there. It is striking that such a malware plugin will appear in the Chrome store.

Share this post


Link to post
Share on other sites

Hello   @roze   

Thanks for the Eset report.  I see it removed  potentially abusive executables.

I am glad to read that you removed Video Downloader Professional   and that the block notice is gone away.

Is there anything else that you need at this point ?

Share this post


Link to post
Share on other sites

I also think the problem loungesrc.net is solved 🙂.
Thanks for your help and advice.

Share this post


Link to post
Share on other sites

That is great.   Now, some general best practices for pc & internet safety.

It is not enough to just have a security program installed. Each pc user needs to practice daily safe computer and internet use.

 

Best  practices & malware prevention:
Follow best practices when browsing the Internet, especially on opening links coming from untrusted sources.
First rule of internet safety: slow down & think before you "click".

Never click links without first hovering your mouse over the link and seeing if it is going to an odd address ( one that does not fit or is odd looking or has typos).


Free games & free programs are like "candy". We do not accept them from "strangers".


Never open attachments that come with unexpected ( out of the blue ) email no matter how enticing.
Never open attachments from the email itself. Do not double click in the email. Always Save first and then scan with antivirus program.

 

 

Pay close attention when installing 3rd-party programs. It is important that you pay attention to the license agreements and installation screens when installing anything off of the Internet. If an installation screen offers you Custom or Advanced installation options, it is a good idea to select these as they will typically disclose what other 3rd party software will also be installed.
Take great care in every stage of the process and every offer screen, and make sure you know what it is you're agreeing to before you click "Next".

Use a Standard user account rather than an administrator-rights account when "surfing" the web.
See more info on Corrine's SecurityGarden Blog http://securitygarden.blogspot.com/p/blog-page_7.html
Dont remove your current login. Just use the new Standard-user-level one for everyday use while on the internet.

 
Do a Windows Update.

Make certain that Automatic Updates is enabled.
https://support.microsoft.com/en-us/help/12373/windows-update-faq




Keep your system and programs up to date. Several programs release security updates on a regular basis to patch vulnerabilities. Keeping your software patched up prevents attackers from being able to exploit them to drop malware.

For other added tips, read "10 easy ways to prevent malware infection"

.

All best wishes to you.

Sincerely,

Maurice

 

Share this post


Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.