Unsolved
This post is more than 5 years old
2.5K Posts
0
63856
Not to confuse the issue, but!
For reasons that I do not wish to go into I scanned my PC four times today. Two scan ESET and MBAM reported the same results
C:\Users\Administrator\AppData\Local\Temp\ICReinstall\cnet2_revosetup_exe.exe a variant of Win32/InstallCore.D application
C:\Users\Administrator\Downloads\cnet2_revosetup_exe.exe a variant of Win32/InstallCore.D application
The two other scans Panda Active Scan and Symnatec Enterprise report no problems, except Panda reports 16 tracking cookies. Who do I believe, and why? There is no detectable evidence of any malware, no slow downs, no firewall activity etc. All the AV software I used is the latest versions with the latest signature files.
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
January 10th, 2012 12:00
More information:
CNet betrays its users’ trust by bundling software http://thundercloud.net/infoave/new/?p=2864
CNET Accused of Serving Software Bundled with Trojans http://news.softpedia.com/news/CNET-Accused-of-Serving-Software-Bundled-With-Trojans-238621.shtml
Popular network tool Nmap in CNET security brouhaha http://nakedsecurity.sophos.com/2011/12/06/popular-security-tool-nmap-at-the-middle-of-a-security-brouhaha/
Links courtesy of BugBatter, RedDawn, and Joe53 respectively.
(Sorry about any awkward formatting here. i was doing a copy/paste, and settings changed around.)
ky331
3 Apprentice
3 Apprentice
•
15.2K Posts
0
January 10th, 2012 12:00
Mike,
Did MBAM classify these entries as PUPs (Potentially Unwanted Programs)??
Cnet has begun "wrapping" downloads in a proprietary installer.... If the downloaded filename begins with “cnet_” then [you should] look elsewhere for the ["pure"] download.
quoting from http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations
It’s a serious slap in the face to users, who wind up not with a clean, genuine version of the installer they tried to download but a modified beast that [potentially] shoves toolbars, home page, and default search engines changes down their throats.
But it gets worse. Cnet knows that there’s something wrong with what they’re doing, and they’re trying to deceive developers and users. On the Upload.com FAQ, there’s a note posted to let developers know why the bundling is taking place: “for the users.” Yes, Cnet thinks we’re clueless enough to believe that their motivation is really to provide users with a less painful download and installation process. Because opt-out toolbars and homepage changes make software setup less annoying.
If the installer was designed so that users could opt-in to the toolbar install or browser setting changes, things might be a little different. The way it stands now what Download.com is doing is totally unacceptable.
msgale
2.5K Posts
0
January 10th, 2012 14:00
Response From MBAM
C:\Users\Administrator\AppData\Local\Temp\ICReinstall\cnet2_revosetup_exe.exe (PUP.CNET.Adware.Bundle) -> No action taken.
C:\Users\Administrator\Downloads\cnet2_revosetup_exe.exe (PUP.CNET.Adware.Bundle) -> No action taken.
Response from ESET
C:\Users\Administrator\AppData\Local\Temp\ICReinstall\cnet2_revosetup_exe.exe a variant of Win32/InstallCore.D application
C:\Users\Administrator\Downloads\cnet2_revosetup_exe.exe a variant of Win32/InstallCore.D application
Actually I now remember why I have the file, I downloaded the file, but after starting the install, I stopped it because of all the options for aditional included products.