Jump to content
CCleaner Community Forums
GuitarSmokr

[FileHippo.com] Am I the only one noticing this Spyware/Malware/Bloatware trick?

Recommended Posts

Their argument is that some people actually want the software they provide. Problem is they often bring 'friends' along with them.

 

Many bring along other malware, doesn't take long to get a system badly infected.

Share this post


Link to post
Share on other sites

Hi, GuitarSmokr. 

Thanks for pointing out this situation. 

 

What I did here was try all the links in post #1, all work normally here. 

I downloaded every one of the available files twice, they check out OK here. 

 

The page for Filehippo here to doesn't look like your screenshot. 

 

That last link, now inert, led me to some sort of download manager junkware.

That is why I posted as I did, didn't want some unwary person to get junkware by accident. 

 

So I don't know what is different with your computer, but the 1st 3 links are OK here. 

 

So the only conclusion I can draw is something is "wrong" with my PC/Browser/GUI/OperatingSys?????

Share this post


Link to post
Share on other sites

You were possibly infected by downloading and installing what the advertisement had in it.

 

You can get your system checked by a malware removal expert:

Scroll down to the #10 item in the forum rules, and choose any one of the forums/sites listed there and they can help determine if your system is clean or if it needs disinfected.

Share this post


Link to post
Share on other sites

+1 what Andavari said, it won't hurt, might help. 

 

Nergal says in post 21:  "ON A NON-HOST-RESTRICTED MACHINE AND BROWSER THE EXTRA LINKS DO APPEAR". 

Nergal wouldn't be wrong about that, even though It does not happen on this machine, win xp, no special HOSTS file etc, etc as I stated before.. 

 

That may be because this machine starts fresh each time, that is, no leftovers such as cookies, index.dat, internet history, nothing like that.

 

So A malware checkup might be in order.  Don't get too upset yet, it may be trivial or nothing at all.  But the only thing a checkup will cost is time. 

Share this post


Link to post
Share on other sites

Oh wow, I was just getting another download off C|net and it clicked and I saw what was happening. It is a rectangular shaped

advertisement but the color pallet for the backdrop has been matched to the background of host site for the advertisement so the buttons on the banner look as if they are hard coded into the host website.

 

:o *FireWorks* :o

Edited by GuitarSmokr

Share this post


Link to post
Share on other sites

Don't download from CNET, they wrap some installers in an adware package. I know it will be impossible to download some software in saying that though since some publishers still use CNET exclusively.

Share this post


Link to post
Share on other sites

i don't have any problem listing Filehippo as alternative download(for older version listing) but i prefer to remove cnet and maybe replace it with Majorgeeks

maybe its just me but i don't see any "Download" ads there

hope piriform can do this changes

Share this post


Link to post
Share on other sites

Softpedia is also good - but this can also change.

 

Softonics is VERY high in the Google etc. results when looking for any software,

but is MOST UNTRUSTWORTHY.

I recognised that that size of the package was wrong so chose to refrain from installing,

but some how they sneaked in a "manifest" which caused repeated "Side-by-Side" errors,

and the only solution was to restore a partition image backup that I created a few days earlier.

Share this post


Link to post
Share on other sites

Softpedia is also good - but this can also change.

 

 
They're fine and I find myself always going there for screenshots, user reviews, their review, changelogs, and to see if something is compatible with my OS. I'd imagine something could slip under the radar even for them unintentionally of course such as their installed antivirus not detecting something, although such things can be reported to them.
 
And Softonics I block in my HOSTS file and in my adblocking add-ons/extensions.

Share this post


Link to post
Share on other sites

I'm a complete newbie to this forum (or any forum for that matter), but after having an experience with filehippo while updating my ccleaner (which I've used forever) I felt compelled to post.  I came across this forum and this particular thread after having been duped while completing an update.  Turns out a misclick from my fingerpad (wish I had an old school mouse now) bit me after a little detective work on my part.  It seems to "click" at times when I don't actually click anything.  Anyway, I'm usually paranoid about downloading anything, but since I was sure I had clicked on the correct button to update ccleaner (the get the latest version button) I downloaded and ran the Setup.exe file that was referenced in the original post in this thread.  ....and yes, I did feel especially stupid after reading that post lol.  Reading the rest of the messages I figured out that you guys know what the heck you're talking about so I figured I'd look for some help/reassurance here.  For one, I now have adblocker plus (why did I not know about that little gem before?).

 

What worries me is that (in my sleep deprived state) since I downloaded and then ok'd the setup.exe to "change my computer" (or whatever the typical windows user warning says) and do its' thing that I've done something terrible to my computer or security.  Norton symantec said setup.exe was "safe" and subsequent scans have been clean.  I also downloaded and scanned with lavasoft adaware AV and malwarebytes antimalware which both came back clean with no issues.  I still had concern though not knowing if "accepting changes to my computer" during that download would make it impossible for those programs to catch anything.  I know, that's probably stupid but again I'm a complete novice. 

 

The button that was accidentally hit was immediately below the "real" one (with adblocker off of course) and is from "downloadnex.com".  Thinking originally that I had hit the correct button and that this was just now how ccleaner had to be updated, I went through the steps for this "free download manager."  Through more detective work I've now found that I think this "fusion install" is just bundleware??  It did ultimately get me to the ccsetup file that I was accustomed to and I didn't download any of the additional freeware that was offered by the program. 

 

Thanks guys for any reassurance anyone may be able to give.  I don't want to have to throw my computer against a wall as the original poster suggested.  I've learned for darn sure to just go to piriform.com for future updates!!

Share this post


Link to post
Share on other sites

Hi Joe, and welcome to the forum.

 

If you have any doubts as to whether you may still have something unwanted on your computer, the best advice is to visit one of the "Malware Removal" forums listed in post #10 of the forum rules.

 

All of these sites have properly trained malware removal staff, are extremely helpful and patient, and it's all for free of course ...

 

http://forum.piriform.com/index.php?showannouncement=15&f=13

 

You could also bookmark this site and call in now and again. You can probably learn a bit of stuff and we're always happy to help out with anything other than malware removal. Untrained folk can usually do more damage than good in that particular field.

 

Hope that helps.

:)

Share this post


Link to post
Share on other sites

If you and your friend had adblock software installed in all of your web browsers (Adblock Plus for Firefox based browsers, or Adblock for Chrome based browsers), along with a HOSTS file like MVPS HOSTS File this maybe would've never happened to begin with - that dubious/trickery advertisement would've been blocked.

Please can you tell me what this Hosts File is, or does? I have Adblock in Firefox but have never done anythig with a hosts file.

Is it OK to put it in my computer regardless what protection software (ESET), connection mothod Normal network or/and (SwissVPN), I have?

Sorry to be so dumb buit I've never even heard of a hosts file and I don't want to have the problems like the subject of this post.

Share this post


Link to post
Share on other sites

 

Please can you tell me what this Hosts File is, or does? I have Adblock in Firefox but have never done anythig with a hosts file.

Is it OK to put it in my computer regardless what protection software (ESET), connection mothod Normal network or/and (SwissVPN), I have?

Sorry to be so dumb buit I've never even heard of a hosts file and I don't want to have the problems like the subject of this post.

 

 

Perfectly safe. All a host file does is re-address an ad's webpage from where the page is back to your own Computer.

Badically adblock for your whole computer, without using as much processing power.

So usually a webpage goes to

pulls an advertisement from company X; your computer asks the naming server of your network (DNS) where compay X lives (IP address). The DNS replies that company X is at yyy.yyy.yyy.yyy; after which your computer goes there and get the advertisment. With a HOSTS file your computer ignores that the Naming Server and tells the website that the address is 127.0.0.1. This address (called Localhost) is actually just your own computer. The webpage believe the answer and displays whatever exists on the web address of localhost; usually, this is blank so you get nothing and see no advertisement.

 

It should be noted that this is not set once and done. Advertisers go in and out of business, new ones are found etc; you need to update your host file (we have a thread on this board where members will note an update a post). IMHO it helps to have an editor program (such as hostXpert)

 

Share this post


Link to post
Share on other sites

Nice, I forgot there was malicious site blocking too, that's a major reason for keeping it updated, so I'm glad you caught that omission.

An advanced answer can also include that you can name home servers in your local network too

Ex placing the line

10.10.10.15 pc3

will allow you to acess the computer called "pc3" at the address 10.10.10.15 (let's pretend it's a local server you use ro play music from) by typing pc3 into the browser's address bar.

 

Share this post


Link to post
Share on other sites

network routing from what I understand was actually the original intent of the hosts file. Everything else is incidental

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...