Question / Help Questions about web browser plugin. Security

[spyvspyaeon]

Hi there,

I'm having some problem with random malware/adware from this last weeks. Trying to get riddle of this, after do daily tried I did not figure out how on first hand this pops up in my PC. I got my concerns when I did a further look of what I am using on the PC right now. So I limited my use to open only, and I mean only, log in windows 10 64bits, open only trusted sites like twitch.tv and streamelements.com. But during a livestream and/or after my PC starts to slow down and then I have to clean all the dirty adwares.

I did a lot of research to prevent /stop this, because It's insane, even after format c:/ and reinstall all again. Finally yesterday I guess I figured out, changed files .js and .jse in my PC to open with notepad (stopping .js to be executed). Also disabled the WSH (windows script host). When I did a test about the streamelements website( ATM I am only using this external link, it's an Alert overlay) in online scanners to see if there's something suspicious there. Did it in "quttera.com" and "scanner.pcrisk.com" which resulted both in "Detected potentially suspicious content. Detected hidden call to replace.". I know this could be a false positive. But "their" explanation it is even more confusing.

But after all this my question is, what OBS web plugin uses to browse online links? Uses Internet explore from windows or it is a stand alone?
Is it possible by any chance malware infection from a link in OBS web plugin?

Thnk you for you attention.

 

[R1CH]

The OBS browser plugin is based on libcef, which is an embedded version of Chromium (which is what Google Chrome is based on). It is usually fairly up to date, and there have certainly not been any recent Chromium exploits that could result in drive-by malware installation to my knowledge.

Is your router or DNS perhaps compromised and injecting content into pages you visit?

 

[spyvspyaeon]

Hi, thank you for your reply.

Since this post. as as I suspected, or might be a 99% coincidence. I removed the only layer I had at the time from streamelements.com since that, no other malware/adware issue to date. I'm still doing live stream but no other related issue ocurred.

Rolling back to inicial issue, since as your kindly explanation "obs use a version Chromium" not sure if makes any difference, but I don't use and even don't have installed Google Chrome in my machine.

FTR: the adware I was getting on my pc was something related to tons of windows registry like "search123forme.com" causing "my pc" to slow down in severe way. Since I removed the "alert layer" created/provided by streamelements.com website the problem desapeared and did not appeared back. That's a fact.

Much probably it is not a Chromium exploit, but rather what an specific .js file is doing, those scanners (website) I mentioned before, they both report to a suspicios code ( when I read the code, I see something related to Manipulate the browser history ). Their explanation is a joke "it is to detect what browser you are in" . As far as I remember "user agent" it is the right one to detect what browser and OS.

I fairly know that this is not a OBS issue neither can't see that it is related to obs exploit.

Thnk you so much to clear this up!! no streamelements evar on my PC, what I learn from here. Cheers