Softpedia

Today I went to Softpedia to download a copy of Daemon Lite
During installation I took care of unchecking unwanted stuff
Right after installation Process Hacker tells me there are services
being created and Comodo pops up an alert of virus found
I run MBAM and you can see the result down the post
I reboot and get a Comodo HIPS alert

I finally decide on a Macrium image and say to myself:
Fxxx you very much Softpedia

 

I also have to thank Comodo for nicely creating
a bunch of allow outbound rules by in the FW
It seems CIS defaults leave to be desired

 

Hello Joxx:

Along with MBAM's suggested removals, you might consider following up with AdwCleaner & JRT.

Some great individual anti-virus/anti-malware/anti-spyware tools just can't do it all.

Also, hpHosts currently flags daemon-tools.cc, as a medium risk, for misleading marketing:

-http://hosts-file.net/?s=daemon-tools.cc&x=21&y=6-

HTH

 

If you are certain that this is not an FP, you can report it as a malware.
hxxp://www.softpedia.com/progReportSpyware/DAEMON-Tools-Report-5319.html

 

Et tu Softpedia?

 

Go here next time before you download a program you might want:http://www.techsupportalert.com/best-free-cd-emulator.htm. I'm surprised un-checking the "offers" and bundled stuff didn't work. That might mean Daemon has crossed over from a good program with bundled stuff, to malware. That would be too bad, as it used to be a fantastic program with few worthy competitors. If you by chance decide to try out MagicDisc, be aware that while it does work as advertised, it can be a bit difficult to remove should you decide to. Last thing, don't trust any of these download places too much. Just because people here and at other reputable forums recommend Softpedia, MajorGeeks, etc, it doesn't mean these places are perfect and balls can't be dropped.

 

Thanks, I've sent them my mail and a link to this thread

This situation has got me really ~ Snipped as per TOS ~ off...

 

The list in MBAM looks pretty legit to me, in fact I think I've seen that somewhere before. By the way, the best thing to do with Comodo is get rid of it if it is doing that. That kind of behavior renders the program pointless, and you'll have no luck complaining on their forum.

 

Not to me because I didn't ask for it

I'm looking for an alternative as we speek...
Or maybe I'll harden it

 

I can understand the frustration but how is this any fault of Softpedia? It clearly states that the program is ad-supported. There is even warning (in red text) at the bottom advising users to pay attention during installation. The download page even states that they cannot "guarantee 100% that they are clean".

As for the MBAM scan results, it clearly shows detection of PUP, not malware per se.

If anything, it's more likely to be an error from opt-out during installation. Newer ad-bundled installers try their best to trick users....sometimes the opt-out feature itself may not work (and claimed as accidental). If anything, one should throw the curses at Conduit, OpenCandy or even Daemon itself, not Softpedia.

 

What I meant was that the MBAM list didn't look like an FP.

 

Perhaps because Softpedia should strive to be a better, safer place for quality paid and free software..like their reputation from forums such as this claims Softpedia to be? By allowing it in their repository, they are encouraging and supporting it, whether they intend to make that statement or not.

 

per se or per me it's malware to me

I asure you it's not
In fact I even had instaled Daemon a couple of months ago
from Softpedia itself
and I remembered the opt out options

Right now I throw at everyone
starting with Softpedia and Comodo...

 

I installed it in a virtual machine, and didn't see the "extra" files you got installed. There are a few windows during installation where you must click "Skip" instead of "Next" if you don't want "extras" installed.

 

I am surprised by this. I downloaded from your link. I installed, unchecking all options for " extra's " and nothing extra seemed to install.I was sandboxed, and i do not have comodo
I installed, with all extras , the first time, the extras installed, but with no speedypc, mbam found 3 pups. The second install, speedypc was installed, mabm found 4 pups.
So I think, every install ,invites different extras ( more revenue for daemon tools )
However I think you have mistakenly installed the pups, by not unchecking the boxes.
I do not think softpedia is loading anything maliciously

EDIT I also installed from filehippo, and the same pups were offered

 

I scanned (Quick Scan) with Malwarebytes' Anti-Malware Free v1.75.0.1300; there was 1 PUP in a temp folder, but I believe it's not actually loaded by the program when it's run.

 

I've installed again, this time inside Sandboxie
everything equal during installation
no strange happenings afterwards

There must be different files available at Softpedia
(and others, I suspect)
and I got the wrong one in the download lottery

 

File hashes for my download:
MD5 CE9F84F734CBB6A29EEE377112D9E5CF
SHA-1 8A72F448F17C026A1B2A59686DE720079CCBA08F
SHA-256 83E0573EE48D46A67C554D5E45890B173D20075CC8B7AC0115E1B40BCF6C3687

 

I just saw mick92z snapshots...
I never had those during my installs

 

The installer downloads different possible "extras" during installation.

 

Downloading from sites such as cnet, softpedia or softonic is one of the worst ideas ever, all it takes is a little distraction to install shitton of shady useless applications. Just stick to vendor official sites...

 

Two of the three in your quote plays in a different PUA league

 

But, the issue in this case was with the original installer, so it would have made zero difference if it was downloaded from the official site.

 

Ditto. The title of the thread is misleading.

There are some download portals that wrap installers with adware, but that's not the case of Softpedia.

 

Does the commandline switch /NOCANDY not work anymore for those pests??