Softpedia

Discussion in 'malware problems & news' started by Joxx, Feb 11, 2014.

Thread Status:
Not open for further replies.
  1. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    Today I went to Softpedia to download a copy of Daemon Lite
    During installation I took care of unchecking unwanted stuff
    Right after installation Process Hacker tells me there are services
    being created and Comodo pops up an alert of virus found
    I run MBAM and you can see the result down the post
    I reboot and get a Comodo HIPS alert

    I finally decide on a Macrium image and say to myself:
    Fxxx you very much Softpedia
     

    Attached Files:

    • CAV.PNG
      CAV.PNG
      File size:
      13.5 KB
      Views:
      29
    • CIS.PNG
      CIS.PNG
      File size:
      67.2 KB
      Views:
      421
    • mal.PNG
      mal.PNG
      File size:
      208 KB
      Views:
      420
  2. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    I also have to thank Comodo for nicely creating
    a bunch of allow outbound rules by in the FW
    It seems CIS defaults leave to be desired
     

    Attached Files:

    • CFW.PNG
      CFW.PNG
      File size:
      89.1 KB
      Views:
      7
  3. 1PW

    1PW Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    702
    Location:
    North of the 38th parallel.
    Hello Joxx:

    Along with MBAM's suggested removals, you might consider following up with AdwCleaner & JRT.

    Some great individual anti-virus/anti-malware/anti-spyware tools just can't do it all.

    Also, hpHosts currently flags daemon-tools.cc, as a medium risk, for misleading marketing:

    -http://hosts-file.net/?s=daemon-tools.cc&x=21&y=6-

    HTH :)
     
    Last edited: Feb 11, 2014
  4. guest

    guest Guest

    If you are certain that this is not an FP, you can report it as a malware.
    hxxp://www.softpedia.com/progReportSpyware/DAEMON-Tools-Report-5319.html
     
  5. Inside Out

    Inside Out Registered Member

    Joined:
    Sep 17, 2013
    Posts:
    421
    Location:
    Pangea
    Et tu Softpedia?
     
  6. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    Go here next time before you download a program you might want:http://www.techsupportalert.com/best-free-cd-emulator.htm. I'm surprised un-checking the "offers" and bundled stuff didn't work. That might mean Daemon has crossed over from a good program with bundled stuff, to malware. That would be too bad, as it used to be a fantastic program with few worthy competitors. If you by chance decide to try out MagicDisc, be aware that while it does work as advertised, it can be a bit difficult to remove should you decide to. Last thing, don't trust any of these download places too much. Just because people here and at other reputable forums recommend Softpedia, MajorGeeks, etc, it doesn't mean these places are perfect and balls can't be dropped.
     
  7. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    Thanks, I've sent them my mail and a link to this thread

    This situation has got me really ~ Snipped as per TOS ~ off...
     
    Last edited by a moderator: Feb 17, 2014
  8. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    The list in MBAM looks pretty legit to me, in fact I think I've seen that somewhere before. By the way, the best thing to do with Comodo is get rid of it if it is doing that. That kind of behavior renders the program pointless, and you'll have no luck complaining on their forum.
     
  9. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    Not to me because I didn't ask for it
    I'm looking for an alternative as we speek...
    Or maybe I'll harden it
     
  10. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,718
    I can understand the frustration but how is this any fault of Softpedia? It clearly states that the program is ad-supported. There is even warning (in red text) at the bottom advising users to pay attention during installation. The download page even states that they cannot "guarantee 100% that they are clean".

    As for the MBAM scan results, it clearly shows detection of PUP, not malware per se.

    If anything, it's more likely to be an error from opt-out during installation. Newer ad-bundled installers try their best to trick users....sometimes the opt-out feature itself may not work (and claimed as accidental). If anything, one should throw the curses at Conduit, OpenCandy or even Daemon itself, not Softpedia.
     
  11. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    What I meant was that the MBAM list didn't look like an FP.
     
  12. Dave0291

    Dave0291 Registered Member

    Joined:
    Nov 17, 2013
    Posts:
    553
    Location:
    U.S
    Perhaps because Softpedia should strive to be a better, safer place for quality paid and free software..like their reputation from forums such as this claims Softpedia to be? By allowing it in their repository, they are encouraging and supporting it, whether they intend to make that statement or not.
     
  13. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    per se or per me it's malware to me
    I asure you it's not
    In fact I even had instaled Daemon a couple of months ago
    from Softpedia itself
    and I remembered the opt out options
    Right now I throw at everyone
    starting with Softpedia and Comodo...
     
  14. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I installed it in a virtual machine, and didn't see the "extra" files you got installed. There are a few windows during installation where you must click "Skip" instead of "Next" if you don't want "extras" installed.
     
  15. mick92z

    mick92z Registered Member

    Joined:
    Apr 27, 2007
    Posts:
    499
    Location:
    Nottingham
    I am surprised by this. I downloaded from your link. I installed, unchecking all options for " extra's " and nothing extra seemed to install.I was sandboxed, and i do not have comodo
    I installed, with all extras , the first time, the extras installed, but with no speedypc, mbam found 3 pups. The second install, speedypc was installed, mabm found 4 pups.
    So I think, every install ,invites different extras ( more revenue for daemon tools )
    However I think you have mistakenly installed the pups, by not unchecking the boxes.
    I do not think softpedia is loading anything maliciously

    EDIT I also installed from filehippo, and the same pups were offered
     

    Attached Files:

    Last edited: Feb 11, 2014
  16. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    I scanned (Quick Scan) with Malwarebytes' Anti-Malware Free v1.75.0.1300; there was 1 PUP in a temp folder, but I believe it's not actually loaded by the program when it's run.
     
  17. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    I've installed again, this time inside Sandboxie
    everything equal during installation
    no strange happenings afterwards

    There must be different files available at Softpedia
    (and others, I suspect)
    and I got the wrong one in the download lottery
     
  18. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    File hashes for my download:
    MD5 CE9F84F734CBB6A29EEE377112D9E5CF
    SHA-1 8A72F448F17C026A1B2A59686DE720079CCBA08F
    SHA-256 83E0573EE48D46A67C554D5E45890B173D20075CC8B7AC0115E1B40BCF6C3687
     
  19. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    I just saw mick92z snapshots...
    I never had those during my installs
     
  20. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    The installer downloads different possible "extras" during installation.
     
  21. ald4r1s

    ald4r1s Registered Member

    Joined:
    Apr 8, 2013
    Posts:
    51
    Downloading from sites such as cnet, softpedia or softonic is one of the worst ideas ever, all it takes is a little distraction to install shitton of shady useless applications. Just stick to vendor official sites...
     
  22. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    Two of the three in your quote plays in a different PUA league :D
     
  23. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,248
    But, the issue in this case was with the original installer, so it would have made zero difference if it was downloaded from the official site.
     
  24. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    Ditto. The title of the thread is misleading.

    There are some download portals that wrap installers with adware, but that's not the case of Softpedia.
     
  25. roady

    roady Registered Member

    Joined:
    Mar 27, 2005
    Posts:
    262
    Does the commandline switch /NOCANDY not work anymore for those pests??
     
Thread Status:
Not open for further replies.