ads containing malware

ads containing malware, or other potentially unwanted garbage, this is enough to make me want to discontinue, use of your site & services,

Must be your security system because I get no warnings from it.

Hello Mr. Mario

I wanted to bring to yalls attention some of these ads. As a malware researcher I'm very familiar with these scoundrels and there deceptive ads they use to push their warez, Those screenshots came from one of my test machines and as indicated by the Avast logo in the tray the AV was turned off,

These downloads are well known to be malware.

http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Adware%3aWin32%2fHotbar

http://www.pandasecurity.com/homeusers/security-info/44952/encyclopedia/overview?idvirus=52691

Malware, short for malicious software, consists of programming (code, scripts, active content, and other software) designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.

Software is considered to be malware based on the perceived intent of the creator rather than any particular features. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, scareware, crimeware, most rootkits, and other malicious and unwanted software or program. In law, malware is sometimes known as a computer contaminant

unfortunately not every AV hits every file, these were detected by Malwarebytes Anti-Malware as indicated in the log I posted below.

Code:


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7423

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

8/9/2011 11:16:16 PM
mbam-log-2011-08-09 (23-15-57).txt

Scan type: Quick scan
Objects scanned: 2
Time elapsed: 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\documents and settings\wildman424\my documents\downloads\cursormania.exe (Adware.FunWeb) -> No action taken. [906f73a9a35d7d83bed967add32d936d]
c:\documents and settings\wildman424\my documents\downloads\xvidsetup.exe (Adware.Hotbar) -> No action taken. [a659b666946c50b0de0ceb6937c9f10f]


As you can see from these VT reports this is considered malware by most vendors:

Adware.FunWebProducts
File name: CursorMania.exe
Submission date: 2011-08-10 00:21:28 (UTC)
Result: 17/ 43 (39.5%)
MD5: 2746b539feddd47d91c8c111a6174d10
http://www.virustotal.com/file-scan/report.html?id=72d73ba344a24744059ff131afd852cfcbb3437979ee6ef14c6a54fb169713ac-1312935688

Adware.Hotbar
File name: XvidSetup.exe
Submission date: 2011-08-10 00:26:33 (UTC)
Result: 27/ 43 (62.8%)
MD5: 2d02e0f53dcfd854890f54974c775e29
http://www.virustotal.com/file-scan/report.html?id=83d8eb999d6aeff516af266a9226e39c8c8d7ec1be00f2aa650bcd5f464d0a25-1312935993

As stated by my admin wildman424 these have got to stop! This unacceptable! There are some going around saying you have a new message and upon clicking download WhiteSmoke which is well known in the security community as being dropped by rootkits.

http://www.virustotal.com/file-scan/report.html?id=e4a59d5d9f8bb2b1e028abe64105aa606b20d5f1085af79e790940a1e1e51136-1313268749



This is not the type of service I'm paying for and want this to be fixed asap. We should not have to come to you and ask you to remove the malicious ones. I've seen all sorts of these.

You can remove the ad's by buying credits if you don't like the ad's. I'll forward this to the higher up and we'll see.

MrMario wrote:You can remove the ad's by buying credits if you don't like the ad's. I'll forward this to the higher up and we'll see.

Forumotion's ToS says something about not having malware/spyware, etc. It would be ironic if Forumotion's forums have ads that either gave or promoted malicious content >.>

MrMario wrote:You can remove the ad's by buying credits if you don't like the ad's. I'll forward this to the higher up and we'll see.

I have, but this is on a site I moderate. However, we are both security forums and it's in bad taste to have Forumotion using malware related ad's when this is the very thing we are frowning upon.

As stated by a previous comment this is against the terms of use. This shouldn't be a problem if Forumotion was doing their job.

Illicit contents
Forums that does welcome or promote warez, piracy, hacking, cracking, spamming, attacks against networks or servers, pornography, racial hatred, crimes against humanity, inappropriate activities on the servers, or any other actions which violate any applicable laws, aren't allowed. Any forum which contains texts, links, pictures, animations, videos or any other content recognized as illegal will be deleted without notice or warning. Forumotion.com reserves the right to delete any accounts or forums considered like not conform to the rules quoted here or specified in Forumotion.com or in the international website rules according to the international internet law. Any illegal content or act can or would be reported to the concerned services and prosecuted.

Looks like we will be getting free forums without ads!

^You wish lol

I have personally seen ads that redirect to malciulous sites. Not only annoying, but these ads seem to be targeted at Windows users - by suggesting that they download an EXE (saying that it's a media player) when it's actually a trojan. I'll post a screenshot of the ad when I see it.

Not that it matters, since I run Linux

A note to all users: Use common sense. Don't click anything without thinking twice - it doesn't matter what OS you are running, you can be a victim of a phishing attempt - though I haven't seen any phishing ads, yet...

hello
their is no malware on the ads. the messages you get are false positive and do not reflect the reality of the content.
Some antivirus have this problem but it doesn't means that the ads have malwares

The Godfather wrote:hello
their is no malware on the ads. the messages you get are false positive and do not reflect the reality of the content.
Some antivirus have this problem but it doesn't means that the ads have malwares

That is indeed incorrect - I don't have an anti virus (I run Linux) and I've spotted an ad that is indeed malware - and even though the files wouldn't harm my comp it would harm Windows users, the website which one of the ads redirected to tried downloading multiple files to my computer.

I have seen this ad not just on Servimg, but on Forumotion forums as well.

On here is where the ad is (the one that says "Download")





Here's what that ad redirects to when clicked:

http://www.ilivid.com/lp_tia.htm?t202id=11438&t202kw=65881099



A quick google search reveals that this software is malware!

Here's one of the results from Google that indeed proves this is malware: http://www.malwareremoval.com/forum/viewtopic.php?f=12&t=57145

I'd be more than happy to help FM look for malware/viruses in the ads as my it would not harm my computer

- pimentel2

The Godfather wrote:hello
their is no malware on the ads. the messages you get are false positive and do not reflect the reality of the content.
Some antivirus have this problem but it doesn't means that the ads have malwares

That is an outright lie. I've tested several of these ad's. Would you like to me to show reports on these? If I must I will file a report with the Department of Homeland Security, Internet Crime Complaint Center etc to make sure this is taken care of. Distributing malware is a federal crime.

DarkSnake-Kobra wrote:

The Godfather wrote:hello
their is no malware on the ads. the messages you get are false positive and do not reflect the reality of the content.
Some antivirus have this problem but it doesn't means that the ads have malwares

That is an outright lie. I've tested several of these ad's. Would you like to me to show reports on these? If I must I will file a report with the Department of Homeland Security, Internet Crime Complaint Center etc to make sure this is taken care of. Distributing malware is a federal crime.

Forumotion is a French company, so that won't do much good; as if it would even if it were an American run company...

I believe these are Google Ads., so any complaint should be taken up with them. The fact of the matter is that even if the advertisements do contain malware, you have to click on them to receive it.

It does not matter whether it's French or American. I'll take the steps necessary to resolve this matter.

I do not believe these are by Google as I have a Google Adsense account and they seem very different. Regardless I'll find the source and stop it.

So your telling me that you are going to call someone to take care of this? As Godfather has said there is nothing wrong. If you happen to look Facebook even have bad ad's and I have yet to see people complain about it. If you don't like the ad's why don't you go and disable them by buying credits. Problem will be solved. I've been here for about three years now and I have yet to get my computer infected by ad's here. So to end this all I'm locking this topic.