Strange behavior of Slimjet-Browser.

Status
Not open for further replies.

show-Zi

Level 36
Thread author
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
Strange things that struck me
Personally, I only use the portable version of this browser, so nothing needs to be installed. The frequency of use is now very low, which previously had a simple reason. A year ago I ran into problems with the browser. Whenever I upload images (as part of my blog activities) to an image hoster, I could not edit them locally on my computer. The Slimjet blocked the image until it was shut down, while in Google Chrome everything worked fine after the upload. I had the whole issue in the blog post File Lock Bug in Slimjet browser version 12.0.15.0 thematized.

Then a few days ago I had an unpleasant observation here in the blog in the article Beware of Bing search engine in the Slimjet browser thematized. In the preconfigured search engine Bing the Slimjet browser pushes another search provider (fpseek.com). Confirmed my gut feeling that I stop using the browser.

And something else came up when writing the blog post. I do not know if this was already the case when the browser was presented here on the blog. But FlashPeak Inc. advertises with a partner program. If I advertise the browser here on the blog and get blog readers to install it, I get (if I register as a partner) from each installation $ 0.5.

With one million installations, I could put my feet up, play on my toes, and watch the trucks with the dollars roll into my yard
wlEmoticon-winkingsmile.png
,

Another strange observation
Let's get to the hanger for this blog post. A few days ago, blog reader Guido contacted me with a very strange observation. I'll just put his text here.

I downloaded the Slimjet Browser from the official manufacturer site and after installation I did not find Slimjet as a task manager process, but Mozilla. Although I had not installed Mozilla at all.

In addition, looked in the Control Panel under Programs uninstall [after], and found that there appeared a new program called 2.1.2.3.

In the startup of the task manager the Mozilla logo was visible. The entry in the autostart was called Update and was marked with the icon from Mozilla.

About msconfig I did not see this entry when I went to hide all Microsoft services.

In addition, two folders were created, which bore the name AMozilla . I could not figure out these things and completely reset my machine, Windows 10 Pro Version 1709. Now the spook is over and I will not install Slimjet for the time being.

Do you already have some insight into the experiences I have made? You can also contact me via mail. I was very unsettled after installing the browser Slimjet. Maybe the site was compromised? Unfortunately, I have no idea what's going on. Slimjet does not belong to Mozilla right now, right?


To the last question: To my knowledge, FlashPeak Inc. does not belong to the Mozilla Inc. A quick test of the portable version, which I quickly downloaded again, did not reveal anything. So I ran the web installer in a Windows 10 virtual machine. The observations of the blog reader regarding Task Manager and startup I can not confirm. If FlashPeak Inc. drives a test, and every 100th user received an experimental browser, I could test my fingers here sore, without coming to a green branch.

hCNAEs8.jpg


I would have left everything alone, if not two things would be strange. Once I found in the Control Panel under Windows 10 V1709 the entries from the above picture. The FlashPeak Slimjet entry has the size 0, while there is another entry 2.1.2.3 without much more details. The 27.5 MB and the installation date showed me that it is connected to the Slimjet. This goes in the direction of the experiences described by the blog reader.

And there is another oddity. I have unpacked the web installer with a tool. I could find a damaged icon (picture above) in the destination folder. A broom should eat me if that is not a Mozilla logo - and you can guess the words 'Firefox' in the lower left part of the broken image. There is something in the bush. That was the point where I decided to post the whole thing for discussion in the blog. My question: Has anyone of you made similar observations or can anyone figure this out?

Source: Google Translate

Mod Edit.
 
Last edited by a moderator:
D

Deleted member 65228

oh,I thought it was English. Thank you for fixing!;)
Are you wearing sunglasses?!?!

Hahahaha maybe you are so used to reading English on forums you didn't even realize and your brain was just converting it into English as you looked at it at the same time you read it.

I used to do this a lot when speaking to people who were not so great with English... I would be asked to fix a typo in a document, but I was so used to reading badly written English after years and years I would just automatically correct it in my head so I'd be oblivious to the actual typo hahaha
 

Prorootect

Level 69
Verified
Nov 5, 2011
5,855
I have many the Nightly-lookalike blue files in each of my portable browsers (chrome and firefox forks), I think because Nightly is my default browser - "Nightly is currently your default browser" inscription in Options or Preferences/General.

I don't have Roaming or RecovObj folders.

In my portable Slimjet html folder, I've 38 "Firefox HTML Document" blue Nightly icons (.htm) - which "opens with" Nightly (look on Properties of files).
Maybe it's normal? I hope
 

show-Zi

Level 36
Thread author
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
Are you wearing sunglasses?!?!

Hahahaha maybe you are so used to reading English on forums you didn't even realize and your brain was just converting it into English as you looked at it at the same time you read it.

I used to do this a lot when speaking to people who were not so great with English... I would be asked to fix a typo in a document, but I was so used to reading badly written English after years and years I would just automatically correct it in my head so I'd be oblivious to the actual typo hahaha

Sunglasses has Ray-Ban.:cool:hahaha
I always read Japanese and translated it, so I did not check the original sentences well. Forgive me;)

I have many the Nightly-lookalike blue files in each of my portable browsers (chrome and firefox forks), I think because Nightly is my default browser - "Nightly is currently your default browser" inscription in Options or Preferences/General.

I don't have Roaming or RecovObj folders.

In my portable Slimjet html folder, I've 38 "Firefox HTML Document" blue Nightly icons (.htm) - which "opens with" Nightly (look on Properties of files).
Maybe it's normal? I hope

I also specify .html document as Firefox, so @Prorootect , it is in the same state as you. However, examples of mysterious exe files that some users are viewing as problems are coming out in Japan. What they have in common is
■ "2.1.2.3" is present in the program list
■ Presence of "RecovObj" folder
 

show-Zi

Level 36
Thread author
Verified
Top Poster
Well-known
Jan 28, 2018
2,463

show-Zi

Level 36
Thread author
Verified
Top Poster
Well-known
Jan 28, 2018
2,463
Slimjet downloads compromised?? - Web Browser Discussion, Browser Talk - Slimjet Web Browser Online Forum

It seems that the signature of the installer downloaded from the official website is of two types, "FlashPeak Inc" and "Stockhub Limited". When I downloaded the installer and looked inside, I found the png documents that I discussed earlier. A Japanese user confirmed that the installer for the Stockhub Limited version was downloaded from the UK and Japan by accessing the official website and the FlashPeak version seems to be downloaded from other countries.

View attachment about.png
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top