SUMo : Keep your software up to date

You're welcome !

 

SUMo - 3.4.13 (Released 2012-12-06) [ View Issues ]
===================================
- 0001840: [Refactoring] "%Software Updater" shall be filtered (Kyle_Katarn) - resolved.
- 0001789: [Refactoring] Filter out useless entries of Firefox family (Kyle_Katarn) - resolved.
- 0001842: [Bug] Erroneous redirection of VDub auxsetup.exe (Kyle_Katarn) - resolved.

 

Hi, I am just wondering, could please fix Google custom search generated by KC Sumo? http://img339.imageshack.us/img339/9153/capture12072012112351.jpg

Lets say, I want to update a software like LibreOffice, I will click on "Download LibreOffice", it will jump to "Get LibreOffice", I will click on it and I all I get is an empty search.

 

updated

 

Thanks for posting

 

Your link is not and empty search... does the problem occurs with all browsers ? Does anyone elsa is facing this issue ? I can't reproduce it here ;-(

 

SUMo - 3.4.14 (Released 2012-12-22)
===================================

http://www.kcsoftwares.com/?sumo

 

SUMo - 3.4.15 (Released 2012-12-25)
===================================

http://www.kcsoftwares.com/?sumo

 

Bullguard nailed this product installation as containing snoopware/adware. Essentially, this product directs your information to;

http://www.fullcirclestudies.com/home.aspx

Bullguard FW prevented the product from dialing out to SecureStudies as a 'risky' IP address, but I decided to 'allow' this activity to see what this product is up to knowing I can very easily restore back to a snapshot from an hour ago, I was more curious to see what this was up to than worried about rolling back a snapshot... Then Bullguard's Behavior blocker nailed it when stealthy trying to install snoopware underneath it's core installer. This is precisely why I use Bullguard - frankly. Note - bullguard blocked this file via the HTTP stream, not even letting it arrive, this detection isn't heuristic based for reference.

http://www.anony.ws/i/2012/12/25/oIux.jpg

Therefore, unless we get further data on this, I am going to label this product as snoopware/adware, or a PUP, and send it in to Bullguard for listing in their databases. Note this product doesn't CONTAIN the trojan, it actually dials home and picks it up, then tries to install it on your system in the background. So the MD5 hash won't contain anything at the surface, which is 5e3a8a61bd6ad02bf238302f94c13ff1 But if we examine RKverify which this product offloads onto your system, it's a different story; rkverify.exe 1fb9cb60b11165df3298dee55b59517e3ed15957b820b19b4ca0d8f9f2e20173 otherwise known as Trojan/W32.Agent.381968.C

So what's your excuse for this?

 

Man, this is like Groundhog Day. - We had this discussion already with a certain composer born in 1770 and others before:

If you don't like the sponsor "Relevant Knowledge" (or whatever RK stands for), why aren't you using one of the NON-sponsored versions as all other people do including me? - This is pretty much a non-issue and no, you didn't discover the most secret conspiracy thanks to your beloved Saint Bullguard. You just proved that you don't read before installing something. I use SUMO for years and I did NEVER (!) install the RK version! Why? Because I was curious what NON-RK meant and of course took that. Later the lite and now for a long time the zipped version. But by all means, make a fuzz about it AGAIN and save the world!

 

Ok so the developer supposedly offers a version without the trojans, then places the download button so tiny most people won't notice it, next to a 'giant' button which is ingeniously placed to make it look like the little icons are describing the file type? Seriously? You are further taking this to new levels by ASSUMING I downloaded it from the developers website, instead of one of the hundred repositories it is on, not realizing the developer shoves out the trojan version to every repository, and seemingly makes the trojan free one only on his website (and somewhat obfuscated). So let's assume I grabbed it off of one of my trusted repositories, which was what the post above was addressing, which is what the majority of downloaders would run into.

Also note, this stuff is listed in several threat lists as suspicious, or potentially threatening.
http://www.prevx.com/filenames/1532815007381991560-X1/SUMO.EXE.html

Also, have you considered that there may be ethics involved with offering trojan loaded versions to begin with? For me, I avoid all products that attempt toolbars, adware, or trojan loaders, not sure about anyone else. It's a principles thing here. Go ahead and use it, be my guest. But don't rage at me for pointing out the facts, and the facts here give off a pretty bad stench.

Mind you, all of the repositories out there the trojan loaded one.
http://www.brothersoft.com/sumo-70143.html
http://www.techspot.com/downloads/4754-sumo.html
http://software.informer.com/discovered/Sumo_Software_Informer
http://www.bestsoftware4download.com/software/k-auto-update-t-free-sumo-download-brcawebv.html
http://www.softoxi.com/sumo.html
http://www.filecluster.com/downloads/SUMo.html
http://fileforum.betanews.com/detail/SUMo/1187948884/1?all_reviews

Furthermore, hphosts lists the server cluster this software development website on as implicated in malware distribution. Trend Micro Site Safety lists it as a malware server, and MPAT lists it as a higher threat matrix, and WOT has a warning on it. A SIGNIFICANT number of Red-Level threat websites are hosted from the same IP as the developer. Also I checked some of the IPs on his same rack, and found a few listed as 'disease vectors'. Check for yourself.

 

Don't confuse trojan with adware.

 

Loose differentiation. An installer that offers an unwanted file, meets my definition as a trojan itself. But a program that harvests information, also meets that definition. Depending on which AV or threat matrix, adware often appears as trojans for some, and adware for others. Semantics really, still trash.

 

The installer offers something that may be unwanted. You are generalizing. Also, this "something" doesn't open the computer to other more dangerous threats.

You want to spread panic and calumnies, so you will generalize and confuse definitions in order to better accomplish your intent.

 

Right. Or adware with trojan. - You can btw google what RK is. It's no virus. Or they say so. - Of course we all don't know anyone who would install such stuff if they would know what they are doing. And I don't know why the developer doesn't drop RK addition finally, the revenues of that replaced by a small or not so small donation of users who like this product (not RK, but SUMO of course!), because most AV-solutions will tell the users: ALARM!!! WE FOUND SOMETHING!!! (RK)

But it's his decision. And you made a few mistakes too. You didn't read while installing it (as I am pretty sure RK is in the EULA etc.) and you didn't get this from developer directly (why?).

I trust only Filehippo and all other things not available there I get of course from the developers homepage. Now you know why, right?

And again: I NEVER USED THE RK VERSION AND NEVER WOULD! - And I don't know anyone who appreciates that this version (you call it trojan, I call it adware) exists! But it is as it is and the simple solution is to uninstall RK and install the sponsor-free version and tell the developer that it is not a good idea to bundle something that AV-solutions will detect as "bad". And that cannot be good for business, right?

Hey, it's christmas .. where can I finally donate for Sumo? You have earned that a long time ago!

 

I'm not here to convince anyone not to use this turkey. People are never convinced of anything they don't want to believe. It's a waste of breath, I gave up on that a long time ago. However I will continue to report facts, and I have already reported those so there is no further need to elaborate any further, nor do I care to be the target of fanboy ire.. People can use their common sense.

 

The fact that a software and service (because SUMo is nothing without its online server to track latest versions of software) of this usefulness remains free is remarkable. Stop attacking the few unobtrusive ways to generate money from this costly conjunct that SUMo's developer have found.

 

No. You only wanted to save the world and at the same time brag a little bit about Bullguard, right?

You can believe me: it's completely SAFE to use the sponsor-free version. But I let you be convinced of the evilness of SUMO or it's developer. It's your choice.

You could forgive yourself, making the faults I told you and just use this great program. It helps a lot to find all the updates and shows more than the Filehippo client which I use also.

Good then, end of story (which never was a story anyway).

There wasn't any need to talk about that in the first place because it was done already on this forum and maybe in this very thread. - The facts: you installed software bundled with some sort of adware. Nothing new under the sun. Not an ideal world, you know?

Well, I am not a fanboy of ANY software, certainly not of Bullguard (maybe because I never tried it). - No, I just don't like it when people confuse their very own errors (for example not reading while installing and not downloading from developer directly and then bragging how great their beloved AV-product again worked ) with the (non) existence of an (not) on-going conspiracy and evilness of what iseems to me is a nice and good fellow (Kyle) with a great and even free product (SUMO).

Again, I would like to pay for SUMO. But so far I didn't find a button saying "Donate". Maybe I overlooked it. - So I use the free (regarding costs and adware) version and tell others to do the same if they have fear to get "infected". - That is the reason of my appearence, not to make you angry or anything else.

Merry Christmas!

 

I was curious what you didn't read and started the installation of the RK-version (Webroot didn't freak out btw, just wanted me to confirm internet connection for a temp-file). As you can see, even if the font is small - I give you that -, you were informed what was part of this installation (of the RK-version).

What do we learn here? - Don't click on accept if you do not.

 

Interesting, but I would like to point out the trojan actually was offloaded(or attempted offload) before the licensing agreement. Should I make a video to show the process? So what's your excuse for why they offload the trojan PRIOR to asking if you want it?

Again, this isn't difficult stuff to understand.

 

Well, I did download it from developer. I don't know or care where exactly you got it from. But I can assure you I wasn't "infected" with RK or anything else. - I did not "accept" of course and ended this installation process after making the screenshot.

You don't have to make a video, but of course you can. But my point is: never download stuff anywhere else, use developers / products homepage. At least if you want to be safe.

However, I don't suggest to install the RK-version at all, just use the "free" version. This is a non-issue, as I said already.

 

IMO, RK isn't the problem, since you can download the software without it.

I wouldn't use it because if they are willing to associate with RK, what are they willing to do with the data they collect from you PC? SUMo checks all your software and who knows what else?

To be honest, I've tried it some time ago. I was kinda in a hurry and installed it. Once I realized I had an adware/trojar(malware), I got pretty disappointed and removed it from my pc.

 

Answer 1 - Nothing alarming because that would ruin their business.

Answer 2 - Anyone who is willing to monitor its traffic with a tool like Fiddler.

 

Exactly.

I hope then you are not using cloud based AV protection? - I do. So that ship has sailed long ago. - You have a (privacy) point here, yes. - But are there any alternatives for RK to finance server costs? I don't want any toolbar or other addition, adware etc. Most people won't install such things (if they read before they click ). It's a free product for us but the developer has to pay for servers etc. So there has to be some "income". If you have a better idea (my idea is: have a "DONATE" button for a start) please inform Kyle.

Yes. That is what probably many people will do if their AV pops up. But he has to make this decision. How to finance this free product and what he thinks is the best way.

It's a matter of trust, especially for us mostly paranoid wilders users, what we install and from where, I get this.

And just in addition to what I said before: there were temp files left which for example MBAM will detect (PUP-Adware-RK, something like that). But after a REBOOT and then cleaning temp files with CCleaner -> all was gone. So no "infection" here, as I said.

 

I like the idea of the software, really.. BG has secunia built in, but I would like one for all of the installed products, like a Linux Repository which is sorely missing from Windows. However since any product such as this would have intimate knowledge of a PC, I have to be overly cautious.

Apparently even unchecking the toolbar stuff, it can still install malware;
http://www.kcsoftwares.com/forum/viewtopic.php?f=11&t=161

BTW even the 'lite' versions are showing up as PUA's or MalwarePackers with some scanners. Ouch!