Jump to content

Help needed


Nicolas2

Recommended Posts

Ok, i discovered the culprit, but why did it happen? I was looking at google images of apk's from games. I din't visit the websites, i just looked at the picture in google images. What did it say was malware? I watched those pics again, and it blocked more malware???? Can someone help me pls? I am really worried about this. And i need to know what it blocked. Did it block a script? Did it block some cookies, which were from a malicious website? Did it block a download?

Link to post

Also, just for people to know, i can't open this file myself, as i'm on a chromebook, and i have no programs to open it, and can't install any. So please don't refrain from helping me just because I already have the logs and such. I need your help to determine what exactly happened there.

Link to post
  • Staff

Your log is 107,000 lines covering 29 hours worth of usage.  In order to tell you something more than this, I would need to know something more, like (as examples):

  • Your specific search teams from your Google image search, or
  • The specific type of block you encountered, or
  • The specific file name/URL that was blocked, or
  • The exact time that it happened

The logs are not friendly for searching. That's our problem, not yours. At the same time, we need whatever meaningful information you can give us.  I have spent thirty minutes or so searching, and the best I can say right now is that you spend a lot of time on YouTube.  Unfortunately, that doesn't have anything to do with the issue you have asked for help with.

Link to post
36 minutes ago, gonzo said:

Your log is 107,000 lines covering 29 hours worth of usage.  In order to tell you something more than this, I would need to know something more, like (as examples):

  • Your specific search teams from your Google image search, or
  • The specific type of block you encountered, or
  • The specific file name/URL that was blocked, or
  • The exact time that it happened

The logs are not friendly for searching. That's our problem, not yours. At the same time, we need whatever meaningful information you can give us.  I have spent thirty minutes or so searching, and the best I can say right now is that you spend a lot of time on YouTube.  Unfortunately, that doesn't have anything to do with the issue you have asked for help with.

Hey, my exact search terms were: "European war 7" I have no idea of the specific name, or url, and it happened around 10AM in the morning for me. I hope this info can help you!

Link to post
  • Staff

Found them!!!  The files were blocked. Here are the three log pairs related to the trojan blocks.  They have been sanitized (by me).  Google -- in all its wisdom -- knew that when you said you wanted images related to "European War 7", you really meant "European War 6" and gave you what you didn't ask for.  Their searches for images are much less specific than for text.  At least they didn't show you the top 400 retailers that sell the game.  All three blocks are for the same image file.  Browser Guard did its job.

 

{"@timestamp": "2021-09-17T08:17:15.363Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiU2KXmyIXzAhU1h_0HHfT7C8sQ_AUoAXoECAEQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=sG_0auzh7DFF1M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
{"@timestamp": "2021-09-17T08:17:15.380Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

{"@timestamp": "2021-09-17T11:27:22.161Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwjGjOb_8oXzAhUOhv0HHVfJBAAQ_AUoAXoECAIQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=4YmmB_VSxDd36M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
{"@timestamp": "2021-09-17T11:27:22.178Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

{"@timestamp": "2021-09-17T11:27:22.569Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwjGjOb_8oXzAhUOhv0HHVfJBAAQ_AUoAXoECAIQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=sG_0auzh7DFF1M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
{"@timestamp": "2021-09-17T11:27:22.595Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

 

Link to post
10 hours ago, gonzo said:

Found them!!!  The files were blocked. Here are the three log pairs related to the trojan blocks.  They have been sanitized (by me).  Google -- in all its wisdom -- knew that when you said you wanted images related to "European War 7", you really meant "European War 6" and gave you what you didn't ask for.  Their searches for images are much less specific than for text.  At least they didn't show you the top 400 retailers that sell the game.  All three blocks are for the same image file.  Browser Guard did its job.

 

{"@timestamp": "2021-09-17T08:17:15.363Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiU2KXmyIXzAhU1h_0HHfT7C8sQ_AUoAXoECAEQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=sG_0auzh7DFF1M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
{"@timestamp": "2021-09-17T08:17:15.380Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

{"@timestamp": "2021-09-17T11:27:22.161Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwjGjOb_8oXzAhUOhv0HHVfJBAAQ_AUoAXoECAIQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=4YmmB_VSxDd36M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
{"@timestamp": "2021-09-17T11:27:22.178Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

{"@timestamp": "2021-09-17T11:27:22.569Z", "message": "BTW: (URL_BLOCK) malware (trojan) match found on hxxps://www.google.com/search?q=european+war+7&rlz=1CASFJY_enBE959&source=lnms&tbm=isch&sa=X&ved=2ahUKEwjGjOb_8oXzAhUOhv0HHVfJBAAQ_AUoAXoECAIQAw&biw=1366&bih=617&dpr=1&safe=active&ssui=on#imgrc=sG_0auzh7DFF1M  for  hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg", "level": "INFO"}
{"@timestamp": "2021-09-17T11:27:22.595Z", "message": "OM: (URL_BLOCK) Malware (malware) detection on hxxps://media.cdnandroid.com/item_images/1093537/imagen-european-war-6-1914-8gal_min.jpeg. Redirecting to block page.", "level": "INFO"}

 

Thanks for the help! what exactly did it block though? I didn't try to download anything? And would i have been at risk without MBBG? ALso, the reason whhy it gave EW6:1914 results, is because EW7 çisn't out yet :D, i was just searchin for clues as to when it would come out.

Link to post
  • Staff

It blocked the three files mentioned in the log.  Though you think you didn't try to download anything, consider how those images are made to appear on your screen...they are downloaded in a thumbnail form by Google and rendered for viewing according to Google's methods.  Whether you would have been at risk is questionable.  Compared to Windows machines, Chromebooks are not high-profile targets.  They do not store files in the same manner, and because they are not running the most widely-used operating system in the world (and also the most prone to issue), malware is often not targeted to Chromebooks.

Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.