XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
Privacy Policy
It is currently Tue Jun 18, 2019 9:45 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 21 posts ] 
Author Message
PostPosted: Sun Jan 06, 2019 12:52 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
In Safari with Sys Prefs>Accessibility>Invert colors checked it works as expected, when unchecked Ctrl+CMD+alt+8 brings up this... anybody else??!!


Attachments:
CntrCMDAlt8.gif
CntrCMDAlt8.gif [ 133.71 KiB | Viewed 472 times ]
Top
 Profile  
 
PostPosted: Sun Jan 06, 2019 2:05 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
No idea how it happens from the keyboard shortcut, but looks like some kind of adware, maybe in a Safari extension, that maybe Malwlarebytes could deal with.


Top
 Profile  
 
PostPosted: Sun Jan 06, 2019 3:21 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
Ah, in an extension, didn't think about that, thanks.

Will run MWB now... didn't find anything.


Top
 Profile  
 
PostPosted: Fri Jan 11, 2019 10:26 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
BDAqua wrote:
Ah, in an extension, didn't think about that, thanks.

Will run MWB now... didn't find anything.

If that was from the 1.2.6, it's no longer supported. If you don't have it, get the 1.3.1 and run that.

https://data-cdn.mbamupdates.com/web/mbam-mac-1.3.1.dmg


Top
 Profile  
 
PostPosted: Fri Jan 11, 2019 10:38 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
Hmmm, my version says...

Malwarebytes Anti-Malware 2 (1.2.4.584).app

But same Mod date as 1.3.1 DMG's version?

Ran what downloaded from your link, after it completed said there was a new version 3 available, running it now...

Reports I am clean, thanks.

I doubt any standard thing is going to find this thing, it being so non-standard!


Top
 Profile  
 
PostPosted: Fri Jan 11, 2019 10:51 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
The 3.xxx is a 30 day free trial version for the new paid (not cheap/haven't looked lately but something like $40/yr) MWB, which includes always on/on-access scanning. After the trial, it reverts to the current manual on-demand, the way it is now. Haven't tried the 3 yet myself.

You could ask Thomas about the crap you're getting here:

https://forums.malwarebytes.com/forum/1 ... p-support/


Top
 Profile  
 
PostPosted: Fri Jan 11, 2019 2:46 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10598
Location: Caught between the moon and NYC
The problem with older versions of MB is they're not guaranteed to catch anything new, whereas 3 theoretically should. I usually disable the real-time stuff on a system the user isn't intending to buy a full license on, that way when the trial runs out there's no dire warning about the trial expiring (or if there is there's no impact when it does).

MB isn't too bad if you buy a multi-year license, I ended up buying 5 licenses for 2 years for around $100 which worked out to around $20/year which really isn't bad. I have it on my phone, tablet, Windows, and Mac, and am debating on what to put the last license on. I would stay away from buying licenses from anywhere except direct, scammers are out in force (not just for MB, they're really going nuts on Office and Windows).

I wonder whats listed under Shortcuts in the Keyboard system preference? Poking around in there may show something listed for command/control/option/8. I suppose if you don't have the patience for that (it'd stress mine) you could just restore defaults for each of the categories on the left, I doubt they've modified the system defaults.


Top
 Profile  
 
PostPosted: Fri Jan 11, 2019 5:15 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
Thanks WZZZ & MB.


Top
 Profile  
 
PostPosted: Wed Jan 16, 2019 1:52 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
MB: re. Malwarebytes, installed the 3. (free version, even though it had 10+ trial days of "premium" to go). Compared to the 1.3.1 (which I'm still not certain doesn't get the latest definitions, I know the 1.2.6 doesn't) seeing an awful shitload of outbound connections. Have usage/statistics unchecked, but wary it's still connecting to "telemetry," and also something called "crashlytics.com," which from a search, is owned by google, and seems Malwarebytes might be employing to analyze or deal with user/endpoint data -- can't find anything definitive. So for now have blocked both of those and am testing. (Seems like a lot of the connections it makes may be related to any Malwarebytes program, not just the Mac one.)

Really only need it for the very occasional scan with updated definitions.

Have you played around with any of its outbound connections? I'm trying to determine the minimum to allow just to be sure it gets the latest definitions


Top
 Profile  
 
PostPosted: Wed Jan 16, 2019 2:24 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10598
Location: Caught between the moon and NYC
Its possible that once the trial is concluded that connections will taper off.


Top
 Profile  
 
PostPosted: Wed Jan 16, 2019 3:01 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
I aborted the trial, multitude of connections persist. Can you get any better idea of what connections to crashalytics are for?


Top
 Profile  
 
PostPosted: Wed Jan 16, 2019 3:25 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 10598
Location: Caught between the moon and NYC
Are they being made to crashalytics (Google) or crashlytics (Not Google)? From a quick search I think its the latter.

Edit: Oh. Which was acquired by Google. Because of course they had to. :roll:

You could ask them on their forum what they're doing with crashlytics. It might be an attempt to analyze possible malicious activity on the servers versus local. All that fancy cloud computing kids are hip to do these days.


Last edited by MonkeyBoy on Wed Jan 16, 2019 3:31 pm, edited 1 time in total.

Top
 Profile  
 
PostPosted: Wed Jan 16, 2019 3:28 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
Quote:
Crashlytics is a Google-owned Boston, Massachusetts-based software company founded in May 2011 by entrepreneurs Wayne Chang and Jeff Seibert.
Its main product is a software development kit for crash reporting, application logging, online review and statistical analysis of application logs. It supports iOS, Android and Unity.

https://en.wikipedia.org/wiki/Crashlytics


Top
 Profile  
 
PostPosted: Wed Jan 16, 2019 3:31 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
Sorry, typoed. Should be crashlytics. (crash-a-lytics rolls off the tongue more easily -- sounds like Doo-wop group from the '50s, "The Crashalytics," conjurning up an image of klutzy dance moves.) Yeah, BD, already saw that wikipedia entry. Doesn't sound all that reassuring.


Top
 Profile  
 
PostPosted: Thu Jan 17, 2019 3:12 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
MonkeyBoy wrote:
The problem with older versions of MB is they're not guaranteed to catch anything new, whereas 3 theoretically should.

Looks like the 1.3.1 is for now just as effective as the 3. Seeing that it's still getting signature updates, so asked at support forum:

Quote:
1.3.1 is technically no longer supported, but in reality we're still delivering database updates and will still answer questions about it. Older than 1.3.1, though, is really truly not supported, with no further database updates. (There was a bug in those older versions that caused them to choke on more recent databases.)

As of now, 1.3.1 and Malwarebytes for Mac 3.x detections should be equivalent. We're going to be adding some improvements soon, though, that will mean that 3.x will be capable of detecting or blocking things that 1.3.1 can't. The change will initially mostly affect real-time protection, which 1.3.1 doesn't have, but over time the capabilities are going to diverge further, as other new capabilities are added and newer rules are created.

https://forums.malwarebytes.com/topic/2 ... nt=1293142




BD: if you install the 1.3.1, be sure to go to Update Rules from Scanner in the menubar, which should bring over the latest definitions.


Top
 Profile  
 
PostPosted: Thu Jan 17, 2019 3:35 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
Thanks W, just did it, Rules version 337 2019/01/17


Top
 Profile  
 
PostPosted: Thu Jan 17, 2019 3:55 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
Yeah, the 337 is the latest I'm seeing here. Did it catch anything?


Top
 Profile  
 
PostPosted: Thu Jan 17, 2019 6:47 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
No nothing at all.

And just found out it does not happen in Firefox, just Safari.


Top
 Profile  
 
PostPosted: Fri Jan 18, 2019 9:24 am 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
Found it by using CheatSheet...
https://www.idownloadblog.com/2018/04/1 ... shortcuts/

Tuns out alt+CMD+number is for Shortcuts to Favorites, if they're not used by the OS, can't for the life of me remember why torrents.cx would be there, but got rid of it & fine now...


Attachments:
SafariShortcuts.gif
SafariShortcuts.gif [ 12.76 KiB | Viewed 385 times ]
Top
 Profile  
 
PostPosted: Fri Jan 18, 2019 5:17 pm 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6550
Location: NYC
Tried it myself with different numbers: twitter, facebook, and other things come up. Nothing I want to remember, or ever use again.


Top
 Profile  
 
PostPosted: Fri Jan 18, 2019 5:43 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 16090
Yeah I deleted all but 1, 6, & 8, which are now 1,2, & 3... can add meaningful Favorites now.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 21 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group