Sosuke ezflash forums

Discussion in 'EZ-Flash' started by dsisive, Jul 26, 2006.

Jul 26, 2006

Sosuke ezflash forums by dsisive at 9:01 PM (1,085 Views / 0 Likes) 10 replies

  1. dsisive
    OP

    Newcomer dsisive Member

    Joined:
    Nov 30, 2005
    Messages:
    13
    Country:
    Canada
    its twice now

    last time the banner ads in the forums installed a bunch of stuff, somehow it got past my antivirus, i had to reinstall, throw on 2 antivirus progs, now im back and it caught them

    but damn now i am gettin popups out of nowhere and its from this forum

    [​IMG]

    and also i just notice this toolbar gettin installed

    this is definately from this forums ad banners

    i only had this browswer open to google, jumped to this forum and bam, ad banners installed galore

    [​IMG]

    anyone else experience this?
     
  2. FAST6191

    Reporter FAST6191 Techromancer

    pip
    Joined:
    Nov 21, 2005
    Messages:
    21,735
    Country:
    United Kingdom
    Whoa, that is very bad news: I will speak to the admins right away.
    I have the adverts blocked by default (they are not shown for my username either) so I did not catch this.

    I hear a few sites have been hit by the recently discovered wmf vulnerability but to be safe drop Java and javascript for now.
    You might also wish to consider running some windows updates on your system.

    Edit, admins looking into it.
     
  3. meangreenie

    Banned meangreenie Banned

    Joined:
    Nov 14, 2005
    Messages:
    639
    Country:
    United Kingdom
    Do you mean the little ads that come up between posts ? They don't seem to bother my PC, and I use those forums all the time. My PC runs fine. Apparently the more posts you make the less those little ads show up.

    It's probably you're anti-virus reporting something it doesn't recognise, as possible malware.
     
  4. sosuke

    Newcomer sosuke Newbie

    Joined:
    May 30, 2006
    Messages:
    8
    Country:
    Kind of the topic I have to reply too, I have no idea how this is happening, which obviously sucks, I went ahead and disabled the non-AdSense ads, they only showed up when Google had nothing to show, but can you provide some more details please?

    What page where you on?
    What banner was on?
    What was the advertiser? I need to report them.

    Your screenshots only show the top, so I don't have any details to go on to track down the culprit. I will not tolerate someone using my forum to spread this kind of stuff.

    On that note, the screenshot you do show is on imageshack.us not ezflash.sosuke.com, are you sure their ad's didn't install the offending software?
     
  5. dsisive
    OP

    Newcomer dsisive Member

    Joined:
    Nov 30, 2005
    Messages:
    13
    Country:
    Canada
    sorry i opened up another window to go to imageshack to host the freeavg screenshot but upon opening a new window i saw the mirar toolbar

    i have no reason to spread rumours about your site as its great info for ezflash and i use it alot to read/get updates on the rom list etc...

    its just this is the 2nd time now and im forced to reinstall cause it renders the system unusable, im gettin killer popups at random time

    im on my laptop now instead

    i was visiting the ez4 flash forum in discussions and clicked on a link regarding the new ez4 client...then ie froze, then freeavg popped up saying virus detected, i moved to vault

    then all these popups started showing up, i guess freeavg doesnt detect malware

    edit: the list of malware i found so far after visiting the sosuke site that freeavg didnt catch

    ezula
    mirar
    webhancer
    some more wierd ones as the scans are showing

    i think i learn my lesson, time to switch over to firefox/mozilla and get rid of IE forever...

    edit2: here the thread i opened up and thats when the adwares installed

    http://ezflash.sosuke.com/about1740.html
     
  6. sosuke

    Newcomer sosuke Newbie

    Joined:
    May 30, 2006
    Messages:
    8
    Country:
    I am honestly at a loss, I can't find anything on that page that is malware, refreshed several times to get different ads and nothing, using IE6, no popups or anything. I run McAfee VirusScan Enterprise 7.1.0 definition version 4814 updated July 25th 2006.

    After a few minutes on Google I found some reports of problems on ImageShack, but nothing about AdSense issues regarding (malware|spyware|adware)

    One of the issues was for ImageShack regarding misleading OS dialog ads that did after clicked install stuff.
    http://malwareremoval.com/plog/index.php?blogId=4

    Can you recreate the symptoms?

    Edit: I can't find any information regarding any of the trojans listed on your screenshot, even on Grisoft's site there is no detailed information about the variants or their parent trojans. Can anyone help find out just where these come from?
     
  7. dsisive
    OP

    Newcomer dsisive Member

    Joined:
    Nov 30, 2005
    Messages:
    13
    Country:
    Canada
    honestly i dunno what happens

    i can tell you its from certain ads on your site, its not from imageshack, i just went there afterwards to post the screenshots and noticed the mirar banner...

    last time i was browsing your forums and the whole IE froze then resumed, i thought nothing and went away, came back and there were like 10 popups by itself

    this time i was just browsing that thread and it slowed down and then freeavg popped up saying all these .exe files were showing up, i moved them to the vault

    on my laptop i run mcafee enterprise so it has never failed me with its continuous online scan

    freeavg well, it failed me twice but still i dont like the fact that some ads on your site forcefully installed some stuff onto my desktop

    i will still browse the forums but i will be using firefox now instead...IE is too prone for this kind of stuff

    anyways i'm almost done reinstalling so no loss there except maybe 1 hour to reconfigure again...i run a basic desktop for work/etc so no big lost in customization...

    edit: i googled those viruses in my screenshot and it shows stuff like this

    http://vil.nai.com/vil/content/v_131836.htm#tab4

    Alternatively they may be installed by visiting a malicious web page either by clicking on a link, or by the website hosting a scripted exploit which installs the downloader onto the user's system with no user interaction.

    so it could just be the ads that have a scripted exploit...how lucky i am to be hit twice

    installing firefox now on the desktop and going to find some adblocker plugins etc
     
  8. martin88

    Member martin88 GBAtemp Advanced Fan

    Joined:
    Dec 18, 2005
    Messages:
    990
    Country:
    Canada
    Good thing I use Firefox... [​IMG]

    Wait, there are ads at Sosuke's ezflash forum? I never knew that since I have adblock extension installed which removes all advertisement from any webpage.
     
  9. dsisive
    OP

    Newcomer dsisive Member

    Joined:
    Nov 30, 2005
    Messages:
    13
    Country:
    Canada

    yea there are ads at sosuke lol

    like i said, i am install firefox now with a adblock plugin....lesson learned...shoulda learned from the 1st time too lol
     
  10. martin88

    Member martin88 GBAtemp Advanced Fan

    Joined:
    Dec 18, 2005
    Messages:
    990
    Country:
    Canada
    @dsisive
    Remember to download extension Filterset.G along with adblock, it acts like a definition file for adblock to know what is ad, and is updated constantly (automatically).
     
  11. sosuke

    Newcomer sosuke Newbie

    Joined:
    May 30, 2006
    Messages:
    8
    Country:
    http://www.pierceive.com - for Filterset.G

    again, I have not now nor ever knowlegeably used advertisers that tried to use such techniques, glad to see you will still be around the forum with the added protection of firefox!

    if you or anyone find this to be the case again please PM or email me
     

Share This Page